What happens after a HA cluster upgrading?

In an active-passive cluster, the secondary unit applies the upgrade first. Once it is finished it reboots and sets itself to primary. Once the secondary has taken over the primary role, the original primary applies the code and reboots. Once the primary has rebooted, it re-asserts itself and becomes the primary again. I have surfed the web while this is happening and experienced no disruption. I do, in most cases attempt to do this during low traffic or preventative maintenance windows, as I do not wish to tempt the techie gods into making my life miserable. As for active-active, it has been awhile since I used that mode and it is a bit more complex. I believe that some sessions are lost in the switchover, thus forcing a re-transmission. If that is the clustering mode you are using, encourage other forum members to share their experience. It is important to confirm, though, which code you are running as certain older codes are not so pretty.

How the cluster upgrades depends on the status of the " set uninterruptable-upgrade" command in the HA config on the firewall.

Hello, and thaks for your replies. I had an active-pasive cluster an the set uninterruptable-upgrade enable. But the upgrade didn' t work. When I upgraded via the button of webconsole, secondary upgraded and reloaded but primary didn' t, nor the upgrade neither the reload. After that both firewalls became master because they had different versions of firmware. So I must disconnect the primary, upgrade individually, and reconnect to the cluster. Any ideas of what happened that? Thanks again, Juan Enrique

what version did you upgrade from and to? did you follow the upgrade path in the release notes?

Hello, I upgraded from FGT60B-3.00-FW-build568-071026 (MR5 Patch 3) to FGT60B-3.00-FW-build670-080729 (MR6 Patch 3). I didn' t find anything remarkable in the release notes after read it and I assume that could upgrade directly from one version to another. Juan Enrique

Juanen, ran into the same problem here. After two failed remote cluster upgrades I was instructed to connect a tftp server directly to the devices and upgrade separately. Very inconvenient since the fortigates are in another state. This is the recommendation of Fortinet support but if anyone has any suggestions, I am open to hear it. The upgrade is from MR4 patch 2 to the latest version of MR4 (build 0483 I believe). After that, upgrade to MR6 patch 4.

I recently ran into the same issue and opened a ticket with Fortinet. Here is what they wrote me back on how to get them back in sync:

1- Isolate Master unit (running older firmware) physically from your network (unplug all network cables from internal and external switches and the heartbeat interface) 2 - Connect a laptop to one of the network interface, configure your laptop to match the interface subnet, and access it via GUI. Upgrade the unit from GUI. Make sure that the firmware has been upgraded after the reboot. 3 - Rejoin the Master unit into the network by pluggin all the network cables back in. Both units should sync up again.

This worked great. I' ve upgraded my cluster maybe 20 times and it' s always worked as advertised (slave updates, makes itself primary, old primary updates then takes back over from slave). This was the first time it blew up. Great thing is, my users never knew there was a problem.

I have surfed the web while this is happening and experienced no disruption. I do, in most cases attempt to do this during low traffic or preventative maintenance windows, as I do not wish to tempt the techie gods into making my life miserable.

I did find one issue and that was with anything that the firewall would issue a certificate for such as SSL VPN connections or user authentication. It will dump that session and the users will have to re-authenticate. At least that' s what I observed.