FortiGate cluster - status: Not Synchronized

Question

We have a A-A cluster with two 500E FortiGates. The secondary unit is not actively in use, but should be synchronized - and it normally is.

Tried a firmware upgrade from 7.0.3 to 7.0.5 that kept on failing without any warnings or errors. Just kept spinning forever.

Noticed today a HA warning "Not synchronized". Looks like there are 4 tables out of sync:

Any suggestion where I start to fix this?

-PM

bpozdena_FTNT · Answer

Since FortiOS 7.0 shows what is not in sync, your job is a bit easier. There are several ways to identify the exact mismatch and to correct it. Probably the easiest options are:

A)Export configs from both units, compare them with diff and manually correct the differences. There will most likely be some missing dependencies in ISDB and replacement messages.

B)Load the config from primary unit to the secondary one. Just ensure to manually adjust settings that do not sync in the cluster (hostname, ha settings, dedicated management interfaces, etc.) prior to the actual import.

C)If unsure, open a support ticket and you will be helped there ;-).

HTH,

Boris

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded