Synchronizing the configuration (and settings that are not synchronized)
The FGCP uses a combination of incremental and periodic synchronization to make sure that the configuration of all cluster units is synchronized to that of the primary unit. This means that in most cases you only have to make a configuration change once to have it synchronized to all cluster units. This includes special configuration settings that include extra information (for example, 3rd party certificates, replacement message text files and graphics and so on).
Some configuration settings are not synchronized to support some aspects of FortiGate operation. The following settings are not synchronized among cluster units:
- The FortiGate unit host name. Allows you to identify cluster units.
- HA override.
- HA device priority.
- Virtual cluster 1 and Virtual cluster 2 device priorities.
- The HA priority (ha-priority) setting for a ping server or dead gateway detection configuration.
- The system interface settings of the FortiGate interface that becomes the HA reserved management interface.
- The default route for the reserved management interface, set using the ha-mgmt-interface-gateway option of the config system ha command.
- The dynamic weighted load balancing thresholds and high and low watermarks.
In addition licenses are not synchronized since FortiGate must be licensed separately. This includes FortiCloud activation, FortiClient, and FortiToken licensing, and entering a license key if you purchased more than 10 Virtual Domains (VDOMS).
Hi, thanks for sharing this information, however I wanted to make a query, that timer is only modified when there is a drop in monitored ports and does not increase over time is fixed? My question is why in his example I see that when the monitored port is reconnected, the teacher’s time is shorter in 136 seconds.
Thanks and forgive my english but use google translate
Sorry, I don’t think I understand exactly what you are asking here.