Help
FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
Ahmed_Galal
Staff
Staff

Created on ‎06-26-2025 09:01 AM

Article Id 398454

Troubleshooting Tip: How to resolve a non-working HA from the VM platform itself

Description This article describes how to troubleshoot a non-working HA from the VM platform itself such as vSphere.
Scope FortiADC.
Solution

The following issues may occur when the HA is configured on the FortiADC units while the virtual machine is not configured as expected:

 

  • FortiADC does not respond to the incoming SYN packets.
  • Many CLI commands are missing.
  • FortiADC does not generate any outputs upon running the following HA debug commands:

 

diagnose debug ha all
diagnose debug enable

Troubleshooting the HA at the virtual machine:

  1. The HA interface must be configured with its own unique VLAN and not a shared VLAN.
  2. If the dedicated management interface is enabled, ensure that Promiscuous mode is set to 'Accept' in the security options of the Vswitch. 
 
Picture1.png

 

  1. Ensure that the security options of the HA vlan is set to accept for the MAC Address Changes and Forged Transmits.

     

 

Note: While configuring the security options of the HA vlan Promiscuous mode should be set to 'Reject' when MAC Learning is enabled for the Distributed Virtual Port Group connected to the management interface.

 

Ahmed_Galal_0-1750945889733.jpeg


Related document:
Configuring the management interface - FortiADC 7.4.7 handbook
91
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.