Technical Tip: FortiGate HA Out-of-sync issue on v7.6.3

akanibek · ‎07-25-2025

Description

This article provides a workaround for the HA Out-of-Sync issue observed on firmware version 7.6.3. The issue can occur in both Active-Active and Active-Passive HA configurations.

Scope

FortiGate v7.6.3 GA.

Solution

Zero-day malware stream scanning, which allows FortiGate devices to receive IOCs using a new daemon ‘fortimq’. However, this can cause an out-of-sync state between HA cluster members:

2025-07-17 17_47_18-FortiGate - fgt01 — Mozilla Firefox.png

Solution:

This is a known issue, tracked under reported ID: 1165798, which has been resolved on FortiOS version 7.6.4 and the upcoming version 8.0.0.

Workaround:
Disabling the '0-day malware stream scanning' can be implemented as a workaround:

Go under FortiGate Primary GUI -> Security Profiles -> AntiVirus -> Select profile, where the feature is enabled -> Virus Outbreak Prevention, and disable ‘Use 0-day malware stream scanning’.
Select 'OK' to save profile changes.

If required, manually resynchronize the HA cluster by following the KB article: Technical Tip: Procedure for manual synchronization for HA out-of-sync issue.

Related article:
Troubleshooting Tip: HA synchronization issues: Antivirus profile mismatch

Technical Tip: FortiGate HA Out-of-sync issue on v7.6.3

You are leaving our website