FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 194255
Article

Description

FortiGate units in an HA cluster exchange information using heartbeat communications. Each FortiGate unit's heartbeat interface is automatically assigned an IP address. This article provides technical information about heartbeat communication.

Components

  • FortiOS v3.0
  • Any cluster of FortiGate units

Information

The FGCP (FortiGate Clustering Protocol) heartbeat operates on TCP port 703. The default time interval between HA heartbeats is 200 ms. The primary unit heartbeat device IP address is 10.0.0.1. Subordinate units are assigned heartbeat device IP addresses 10.0.0.2, 10.0.0.3, and so on.

Both HA heartbeat and data traffic are supported on the same FortiGate interface. All heartbeat communication takes place on a separate VDOM called vsys_ha. Heartbeat traffic uses a virtual interface called port_ha in the vsys_ha VDOM. Although the heartbeat uses the 10.0.0.x subnet, you can assign addresses in this subnet to your interfaces without conflict. Data and heartbeat traffic use the same physical interface, but they're logically separated into separate VDOMs.