Explorer

Solved

FortiAuthenticator HA issue

Forum|Forum|1 year ago
November 28, 2024
1 reply
4321 views

Hello,

i have an issue on FortiAuthenticator HA on virtual machine,

when trying to create HA Active-Passive between two virtual machine the HA status on the two nodes become primary with one has high priority and the second has low priority but no sync happen between the both devices

i have attached a copy of the config of the ha setting on both devices Screenshot 2024-11-28 105359.png

Screenshot 2024-11-28 105136.png Screenshot 2024-11-28 105221.png Screenshot 2024-11-28 105302.png

FortiAuthenticator

Best answer by sjoshi

detail about FAC VM license can be found here

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-FortiAuthenticator-VMs-HA-license/ta-p/190004

sjoshi

Staff

Hi,

Try to collect below logs and see if you get any error

https://<fac>/debug/slony

Your HA itself is not forming.

Also you can take pcap on the FAC on udp port 720 and for config snyc on tcp port 5432

Thanks, Salon

ElkomyAuthor

Explorer

hello,

i hope you do well

kindly note that i have error on ha log and i will attach the log file and when i try to capture traffic over port 720 and view it on wireshark it found that the source and destination is from APIPA and the error Screenshot 2024-11-28 115221.png Screenshot 2024-11-28 115235.png

sjoshi

Staff

can you also check if you are able to ping the FAC Node IP from each other

Thanks, Salon

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded