When you add a new device to an active NSRP cluster, you must synchronize the configuration and files (such as PKI public/private key files) from the master of the VSD group or groups to the new device. After the configurations and files are synchronized, you must then synchronize the run-time objects (RTOs). You must also synchronize configurations, files, and RTOs after a member of a cluster becomes unsynchronized for any reason.
NSRP RTO Synchronization and NSRP Session Synchronization: Select either or both options if you want the device to send and receive RTOs and sessions.
NSRP Backup Session Timeout Acknowledge: After a session is established on the master device and synchronized to the backup, throughput continues to refresh the timeout value on the master. However, there is no traffic flowing through the backup to refresh the session timeout there. Although the timeout for a session on the backup is 8 times longer than that on the master, there is a chance that a very long session can timeout on the backup although it is still active on the master. Select this option if you want the backup to refresh its sessions before they time out by sending a L2 ACK packet over the HA link to the master when the timeout value for the session on the backup approaches zero. If the session is still active on the master, it will signal the backup to refresh the session timeout.
Non-vsi Session Synchronization: Select this option so that sessions using local interfaces get synchronized among NSRP cluster members. (By default only sessions using virtual security interfaces (VSIs) are synchronized among NSRP cluster members.
Click Apply to save your settings.