FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article discusses about HA devices that are out of sync after a firmware upgrade.
Scope FortiGate.

While upgrading HA using Uninterrupted upgrade, both devices should upgrade simultaneously:,Uninter...


After the upgrade device may be out of sync when the following occurs:


1) Only one of the devices is upgraded to the next firmware version.


For example: if upgrading HA devices from 7.0.1 to 7.0.3, the primary gets upgraded to 7.0.3 and the secondary stays in 7.0.1 then:


    a) Boot primary device to the previous version by selecting the alternate firmware version to boot.




   b) Remove the secondary from the cluster (, upgrade the secondary device and join it back to the cluster.

2) Due to configuration differences, recalculate HA checksum using : diag sys ha checksum recalculate

Wait for 5 mins, if the issue is still not resolved, open a ticket to technical support.