Fortinet white logo
Fortinet white logo

GCP Administration Guide

FGCP in public cloud

FGCP in public cloud

The FortiGate clustering protocol (FGCP) is a proprietary protocol used to create high availability clusters in hardware and virtual FortiGate deployments. Due to the way cloud networks work, you cannot take full advantage of the protocol capabilities and must use its unicast version, limiting the functionality to an active-passive cluster of two instances.

FGCP provides automatic synchronization of connection tables as well as synchronization of configuration from the primary to the secondary instance. You must apply all configuration changes to the primary instance. Using the priority option to statically assign the primary and secondary roles in the cluster is recommended.

For a more detailed description of the architecture, see GitHub.

The following provides the configuration steps for this deployment:

  1. Predeployment steps
  2. Deploying FortiGate-VM instances
  3. Reserving internal addresses
  4. Creating instance groups
  5. Creating the external LB
  6. Creating the internal LB
  7. Creating a custom route
  8. Configure FortiGates networking
  9. Configuring FortiGate clustering
  10. Configure health check probe responders
  11. Best practices and next steps

FGCP in public cloud

FGCP in public cloud

The FortiGate clustering protocol (FGCP) is a proprietary protocol used to create high availability clusters in hardware and virtual FortiGate deployments. Due to the way cloud networks work, you cannot take full advantage of the protocol capabilities and must use its unicast version, limiting the functionality to an active-passive cluster of two instances.

FGCP provides automatic synchronization of connection tables as well as synchronization of configuration from the primary to the secondary instance. You must apply all configuration changes to the primary instance. Using the priority option to statically assign the primary and secondary roles in the cluster is recommended.

For a more detailed description of the architecture, see GitHub.

The following provides the configuration steps for this deployment:

  1. Predeployment steps
  2. Deploying FortiGate-VM instances
  3. Reserving internal addresses
  4. Creating instance groups
  5. Creating the external LB
  6. Creating the internal LB
  7. Creating a custom route
  8. Configure FortiGates networking
  9. Configuring FortiGate clustering
  10. Configure health check probe responders
  11. Best practices and next steps