This article describes one of the reasons why the FortiGate Session Life Support Protocol (FGSP) configuration is out of sync causing to set of heartbeat-dev interfaces wrongly.
Scope
FortiGate.
Solution
The following topology is one of the conditions of FortiGate appliances having two physical connections as the heartbeat of FGSP.
For example, standalone-cluster is configured to synchronize sessions using the interfaces port1 and port2 as shown below:
config system standalone-cluster set session-sync-dev port1 port2 end
But the HA settings heartbeat is accidentally or wrongly set to port1 only as shown below:
config system ha set hbdev port1 50 end
One of the unit’s ARPs will be missing as shown below:
Unit 1: 169.254.0.1 ARP is updated.
Unit 2: 169.254.0.2 will be missing.
So, once the port2 is added under HA settings as shown below, this configuration is not needed in FGSP.
config system ha set hbdev port1 50 port2 50 end
The ARP of Unit 2 will be updated immediately:
