This article explains a scenario where the user has an HA cluster with interface monitoring to trigger an HA fail-over when a monitored interface link goes down.

The fail-over causes the cluster to renegotiate and re-select the primary unit.

However, fail-over is not happening when one of the monitored interfaces goes down:

config system ha

    set group-name "NAME"

    set mode a-p

    set password ENC

    set hbdev "a" 0 "b" 0

    set route-ttl 60

    set hb-interval 6

    set hello-holddown 30

    set session-pickup enable

    set session-pickup-connectionless enable

    set override enable

    set priority 200

    set override-wait-time 120

    set monitor "internal" "wan2" <----- Failover is not happening when WAN2 is  down.

Check the ha failover status on the unit:

SDWAN-PRI # execute ha failover status
failover status: unset

SDWAN-SEC # execute ha failover status
failover status: set <----- Unset this.

To disable it:

execute ha failover unset 1

2. In a scenario where the HA-cluster does not initiate a failover when the 'wan2' interface goes down on the primary device, it can be because the number of interfaces down on the secondary device is higher or equal to the number of interfaces down on the primary device.

It is recommended to ensure that the number of monitoring interfaces down on the secondary device is lower than on the primary device to trigger an HA failover.

get sys ha status 

HA Health Status:
WARNING: FG2XXXXXXX has mondev down; <- Secondary has more number of interface in down state. 

MONDEV stats:
FG2XXXXXXX (updated 1 seconds ago):
wan2: physical/00, down, rx-bytes/packets/dropped/errors=2589/265879/0/0, 
internal: physical/00, down, rx-bytes/packets/dropped/errors=8634/274869/0/0,

diag sys ha history read