Created on 12-19-2022 12:19 AM
While upgrading HA using Uninterrupted upgrade, both devices should upgrade simultaneously:
https://docs.fortinet.com/document/fortigate/6.2.3/cookbook/247944#:~:text=upgrade%2Dtool).-,Uninter...
After the upgrade device may be out of sync when the following occurs:
1) Only one of the devices is upgraded to the next firmware version.
For example: if upgrading HA devices from 7.0.1 to 7.0.3, the primary gets upgraded to 7.0.3 and the secondary stays in 7.0.1 then:
a) Boot primary device to the previous version by selecting the alternate firmware version to boot.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Selecting-an-alternate-firmware-for-the-ne...
OR
b) Remove the secondary from the cluster (https://community.fortinet.com/t5/FortiGate/Technical-Note-Disconnecting-a-member-from-a-cluster/ta-...), upgrade the secondary device and join it back to the cluster.2) Due to configuration differences, recalculate HA checksum using : diag sys ha checksum recalculate
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Troubleshooting-a-checksum-mismatch-in-a-F...
Wait for 5 mins, if the issue is still not resolved, open a ticket to technical support.
