HRP information that can be synchronized in hot standby deployment on the USG6000

1. HRP configurations that can be backed up on the USG6000 include:
a. Policies: security policy, NAT policy, bandwidth management, authentication policy, attack defense, blacklist, and ASPF.
b. Objects: address, area, service, application, user, authentication server, time range, URL category, keyword group, mail address group, signature, security profile (for antivirus, intrusion prevention, URL filtering, file blocking, data filtering, application behavior control, and mail filtering).
c. Network: new logical interface, security zone, DNS, IPSec, SSL VPN, TSM interworking, and static route (supported in V100R001C30SPC100 and later versions only).
d. System: administrator and log configuration.
Note: In most cases, display, reset, and debugging commands cannot be backed up.
Based on the preceding descriptions, we can see that basic network configurations of the firewall, such as interface addresses and routes, cannot be backed up. All these configurations need to be configured before the hot standby status is successfully established. As for the preceding configurations that can be backed up, configure them only on the active device after the hot standby status is successfully established.
2. USG status information that can be backed up is as follows:
a. Session table
b. Server map table
c. IP monitoring table
d. Fragment cache table
e. GTP table
f. Blacklist
g. PAT-based port mapping table
h. NO-PAT-based address mapping table

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat To Google
Scroll to top