Connection information of the traffic running on a tier-1 SR (Service Router) is synchronized to its peer tier-1 SR in active-standby HA mode.
Note: State synchronization is not supported for TLS Inspection and IDPS.
Note the following about state synchronization:
- State synchronization is supported for Gateway Firewall, Identity Firewall, NAT, IPSec VPN, DHCP, FQDN analysis, and URL filtering.
- If new sessions were going through a tier-1 SR just before a failover, it might happen that those sessions were not synchronized on the standby tier-1 SR and potentially affect the traffic for those sessions.