This article explains a scenario where the user has an HA cluster with interface monitoring to trigger an HA fail-over when a monitored interface link goes down.

The fail-over causes the cluster to renegotiate and re-select the primary unit.

However, fail-over is not happening when one of the monitored interfaces goes down:

config system ha

    set group-name "NAME"

    set mode a-p

    set password ENC

    set hbdev "a" 0 "b" 0

    set route-ttl 60

    set hb-interval 6

    set hello-holddown 30

    set session-pickup enable

    set session-pickup-connectionless enable

    set override enable

    set priority 200

    set override-wait-time 120

    set monitor "internal" "wan2" <----- Failover is not happening when WAN2 is  down.

1. Check the ha failover status on the secondary unit:

execute ha failover status

failover status: set  <----- Need to be disabled.

To disable:

execute ha failover unset 1

2. In a scenario where the HA-cluster does not initiate a failover when the 'wan2' interface goes down on the Master device, it can be because the number of interfaces down on the Slave device is higher or equal to the number of interfaces down on the Master device.

It is recommended to ensure that the number of monitoring interfaces down on the Slave device is lower than on the master device to trigger an HA failover.

# get sys ha status 

HA Health Status:
WARNING: FG2XXXXXXX has mondev down; <- Slave has more number of interface in down state. 

MONDEV stats:
FG2XXXXXXX (updated 1 seconds ago):
wan2: physical/00, down, rx-bytes/packets/dropped/errors=2589/265879/0/0, 
internal: physical/00, down, rx-bytes/packets/dropped/errors=8634/274869/0/0,

# diag sys ha history read