FGCP in public cloud
The FortiGate clustering protocol (FGCP) is a proprietary protocol used to create high availability clusters in hardware and virtual FortiGate deployments. Due to the way cloud networks work, you cannot take full advantage of the protocol capabilities and must use its unicast version, limiting the functionality to an active-passive cluster of two instances.
FGCP provides automatic synchronization of connection tables as well as synchronization of configuration from the primary to the secondary instance. You must apply all configuration changes to the primary instance. Using the priority option to statically assign the primary and secondary roles in the cluster is recommended.
For a more detailed description of the architecture, see GitHub.
The following provides the configuration steps for this deployment:
- Predeployment steps
- Deploying FortiGate-VM instances
- Reserving internal addresses
- Creating instance groups
- Creating the external LB
- Creating the internal LB
- Creating a custom route
- Configure FortiGates networking
- Configuring FortiGate clustering
- Configure health check probe responders
- Best practices and next steps