Upgrade Firmware on HA cluster issue on fail over
Hi Guys,
I've upgrade my cluster of 2 Fortigates 100E from 5.4.2 to 6.0.9 and follow upgrade path to do this.
Cluster Ha are configure like this
4 VDOM + Root Vdom
2 vclusters
Root Vdom and 2 Vdom are on vcluster 0
2 others vdom are on vcluster1
Primary Master is master on vcluster0 and slave on vcluster1
Secondary Slave is master on vlcuster1 and slave on vcluster0
Pimary master and secondary slave are on 2 differents datacenters distants from less than 62 Miles and ping less or equal to 1 ms.
HA1 and HA2 are on differents vlan
As i'm in maintenance Windows, before i'll launch first upgrade i'll reboot the cluster, wait for cluster checksum are Ok, and let's go for upgrade.
If i understand the KB on upgrade the cluster
[ol]
The first upgrade and other take place like that,
1) load and upgrade slave
[ul]2) slave become master
[ul]3) master upgrade
[ul]4) Master become master
[ul]5) let's take a look a checksum before upgrade a new firmware,
get sys ha status
not the same, try a calculate
diagnose sys ha checksum recalculate
Ok cluster are in sync.
[size="2"]Humm, cluster have to warm up 
, let's go for the round two....[/size]
Same issue... round 3 same issue, round 4 same issue ...[size="2"]After 3 hours of interruptible upgrade 
i'm on 6.0.9. OK guy let's try a ha failover, connect on slave cli exec reboot, lost one ping... VPN are UP, device and equipement ping are OK. all seems good on two site [/size][size="2"]connect on master cli exec reboot lost one ping... VPN are UP, device and equipement ping are OK. all seems good on two site.[/size]
ha uninterruptible-upgrade are enable (default).
What i forgot to do before the upgrade ?
best regards