FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
jjahanshahi
Staff
Staff
Description
This article lists the debugs that should be collected when troubleshooting HA issues.


Solution
1. The following debugs should be collected for any HA related issues.
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug application hatalk -1   ------ HA formation issues
diagnose debug application hasync-1    ------ HA Sync issues

2. Run the following on both Master/Slave units and collect the info.
get system performance status
get system status
get system ha status
diagnose sys ha status
diagnose sys ha showcsum
execute ha synchro start
execute ha manage 0 or 1 ------ This command will switch from CLI of the Master to Slave
diagnose sys ha showcsum
diagnose sys ha dump 5

3.  Packet captures for seeing communication between HA ports.
diagnose hardware device nic <heart beats interface>
diagnose sniffer packet port_ha "" 4

4.  Collect the FortiGate’s HA and System EVENT logs for both units downloaded from the GUI/FortiAnalyzer or syslog (remote) server.

Contributors