Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Dante_De_Luca_FTNT
Staff
Staff

Created on ‎04-29-2016 07:03 AM

Article Id 193369

Technical Note: HA cluster members listed as separate devices in FortiManager / FortiAnalyzer

Purpose
This article discusses the case where two HA cluster members are listed on the FortiManager (or FortiAnalyzer) as separate devices.

Scope
FortiGate, FortiManager running 5.2+

Expectations, Requirements
-

Configuration
This can happen for a number of reasons, for example:
  • If the devices were added as separate devices before deciding to use them as a cluster
  • If the secondary device requests to be managed before it syncs to the HA cluster, when it is first installed, and an admin authorizes it believing that this is the correct way to add it.

When this occurs, the HA cluster may appear to be managed correctly, but should it fail over then the new master will be unable to connect to the FortiManager.

Debugs may be seen such as:
# diag debug application fgfm -1
# diag debug enable

Response:
{ "id": 32053, "result": [ { "status": { "code": 5, "message": "device serial number conflicted" }, "url": "start\/tunnel" } ] }
When this occurs, it is necessary to delete the cluster member from the FortiManager. This can be done using the following command:
# diag dvm delete <adom name> <device name>

To find out what ADOM or device name it has, given its serial number, use the following command:
# diag dvm device list

3615
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.