Overview
FortiGate-VM for Google Cloud Marketplace supports using the FortiGate Clustering Protocol (FGCP) in unicast form to provide an active-passive clustering solution for deployments in GCP. This feature shares a majority of the functionality, including configuration and session synchronization, that FGCP on FortiGate hardware provides with key changes to support GCP software-defined networking (SDN).
This solution works with two FortiGate instances configured as a primary and secondary pair, and requires that you deploy each instance with four network interfaces, within the same availability zone. These FortiGate instances act as a single logical instance and share interface IP addressing.
The main benefits of this solution are:
- Fast and stateful failover of FortiOS and GCP SDN without external automation/services
- Automatic GCP SDN updates to route targets and IP addresses
- Native FortiOS session synchronization of firewall, IPsec/SSL VPN, and voice over IP sessions
- Native FortiOS configuration synchronization
- Ease of use as the cluster is treated as a single logical FortiGate
You can configure FortiGate high availability (HA) on GCP using one of the following methods:
- Using the GCP GUI console. See Deploying FortiGate HA using the GCP GUI.
- Using Google Cloud command interface. See Deploying FortiGate HA using the Google Cloud command interface.
For information on FGCP, see the High Availability chapter in the FortiOS Handbook.
