Troubleshooting Tip: The configuration changes not reflecting on the secondary device in HA
| Description | This article describes that the changes made on the primary firewall will not sync with the secondary device. |
| Scope | FortiGate, HA (A-A) (A-P). |
| Solution | If the changes made on the primary firewall are not syncing with the secondary device, it will cause HA to go out of sync. It is possible to try and get the changes to synchronize by following these steps: Stop the synchronization first on both devices and restart again by using the below commands.
execute ha synchronize stop execute ha synchronize start
Recalculate the checksums by running this command on each device in the cluster:
diagnose sys ha checksum recalculate
After that, run the following command and compare the checksum of both units:
In some cases manual intervention is needed to get the cluster to go back in sync. It is recommend to follow this article: Technical Tip: Procedure for manual synchronization for HA out-of-sync issue Related article: Troubleshooting Tip: How to troubleshoot HA synchronization issue using GUI |