Troubleshooting Tip: Secondary FortiGate unable to connect to FortiAnalyzer Cloud after firmware upgrade to 7.4.9 or later

When using FortiOS 7.4.8 and earlier on a FortiGate HA cluster, logs from the secondary unit are successfully received by FortiAnalyzer Cloud.

The output of the command 'execute log fortianalyzer-cloud test-connectivity' displays successful connectivity results on both units.

Primary:

execute log fortianalyzer-cloud test-connectivity
FortiAnalyzer Host Name: FAZ-K8S-CLOUD
FortiAnalyzer Adom Name: root
FortiGate Device ID: FG****
Registration: registered
Connection: allow
***
IPS Packet Log: Tx & Rx
Content Archive: Tx & Rx
Quarantine: Tx & Rx

Secondary:

execute log fortianalyzer-cloud test-connectivity
FortiAnalyzer Host Name: FAZ-K8S-CLOUD
FortiAnalyzer Adom Name: root
FortiGate Device ID: FG****
Registration: registered
Connection: allow
***
IPS Packet Log: Tx & Rx
Content Archive: Tx & Rx
Quarantine: Tx & Rx

After upgrading FortiGate HA cluster to 7.4.9 or later, the secondary FortiGate is unable to send logs to FortiAnalyzer Cloud.

No issues are observed when testing connectivity to FortiAnalyzer Cloud using ping and telnet.

execute ping fortianalyzer.forticloud.com
PING fortianalyzer.forticloud.com.geo.fortinet.net (154.52.22.162): 56 data bytes
64 bytes from 154.52.22.162: icmp_seq=0 ttl=54 time=12.6 ms
64 bytes from 154.52.22.162: icmp_seq=1 ttl=54 time=12.5 ms
64 bytes from 154.52.22.162: icmp_seq=2 ttl=54 time=12.5 ms
64 bytes from 154.52.22.162: icmp_seq=3 ttl=54 time=12.5 ms
64 bytes from 154.52.22.162: icmp_seq=4 ttl=54 time=12.5 ms

--- fortianalyzer.forticloud.com.geo.fortinet.net ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 12.5/12.5/12.6 ms

execute telnet fortianalyzer.forticloud.com 514
Trying 154.52.22.162...
Connected to 154.52.22.162.

The following system event log is still generated for the secondary FortiGate.

date=2026-XX-XX time=09:57:52 devname=Scorp-fw02 devid=FG101FTXXXXXXXXX eventtime=1770850672855603554 tz="+1100" logid="0100022903" type="event" subtype="system" level="critical" vd="root" logdesc="FortiAnalyzer connection failed" action="connect" status="failure" reason="connection timeout" msg="Failed to connect FortiAnalyzer fortianalyzer.forticloud.com"

The secondary unit is unable to connect to FortiAnalyzer Cloud, while no connectivity issues are observed on the Primary FortiGate, as shown in the output below:

execute log fortianalyzer-cloud test-connectivity
Failed to get FortiAnalyzer Cloud's status. Invalid error number (0).(0)

execute log fortianalyzer-cloud test-connectivity
FortiAnalyzer Host Name: FAZ-K8S-CLOUD
FortiAnalyzer Adom Name: root
FortiGate Device ID: FG****
Registration: registered
Connection: allow
***
IPS Packet Log: Tx & Rx
Content Archive: Tx & Rx
Quarantine: Tx & Rx

This issue is currently under investigation by Engineering and only impacts connectivity to FortiAnalyzer Cloud. No issues have been reported with connectivity to an on-premises FortiAnalyzer.