随时保存配置
config system globalset admintimeout 480set alias "FortiGate-VM64-KVM"set gui-auto-upgrade-setup-warning disableset hostname "FG-Slave"set revision-backup-on-logout enableset revision-image-auto-backup enableset timezone "Asia/Shanghai"
end
因为不同 AZ 的地址段是不一样的,因此下面的配置不需要同步
config system vdom-exceptionedit 1set object system.interfacenextedit 2set object router.staticnextedit 3set object firewall.vipnextedit 4set object firewall.ippoolnext
end
FortiGate port1 是外网接口,对应的是由外向内的数据;
FortiGate port2 对应的是由内向外的数据,安全组要全放通;
FortiGate port3 是 HA 接口,互通的是 HA 交换的数据,安全组;
FortiGate port4 是 MGMT 接口,用于管理,放通 HTTPS,SSH 和 ICMP。
config system haset group-id 10set group-name "fgha"set mode a-pset password fortinetset hbdev "port3" 50 set ha-mgmt-status enableconfig ha-mgmt-interfacesedit 1set interface "port4"set gateway 10.197.3.1nextendset override disableset priority 200set unicast-hb enableset unicast-hb-peerip 10.197.12.11
endconfig system haset group-id 10set group-name "fgha"set mode a-pset password fortinetset hbdev "port3" 50 set ha-mgmt-status enableconfig ha-mgmt-interfacesedit 1set interface "port4"set gateway 10.197.13.1nextendset override disableset priority 100set unicast-hb enableset unicast-hb-peerip 10.197.2.11
end
![[JAVAEE] 多线程的案例(三) - 线程池](https://i-blog.csdnimg.cn/direct/5d033cb6365e4f739a3e1e7757771b22.png)
