Technical Tip: HA not synced after 'config firewal...

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 402829

Description

This article describes how to fix when HA not synced after 'config firewall schedule onetime' when 'set cfg-save manual'.

Scope

FortiGate.

Solution

HA will not sync automatically in the steps below:

Setup cfg-save manual:

config system global
set cfg-save manual
end

Edit 'onetime' schedule object for firewall policy:

config firewall schedule onetime
    edit "test"
        set start 15:13 2025/06/04
        set end 16:13 2025/06/17
    next
end

config firewall policy
    edit 2
        set name "1111"
        set srcintf "port10"
        set dstintf "port11"
        set action accept
        set srcaddr "all"
        set dstaddr "all"
        set schedule "test"
        set service "ALL"
        set logtraffic disable
        set nat enable
    next
end

HA will not automatically sync after selecting 'Save staged changed' from GUI.

Workaround:

Run the below CLI command in HA master:

diagnose sys ha checksum recalculate

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: HA not synced after 'config firewall schedule onetime' when 'set cfg-save manual'

You are leaving our website