| Description | The article describes how to address reasons why interface-based HA failover may not occur. |
| Scope | FortiGate. |
| Solution |
In some scenarios, one of the interfaces in the HA link monitor goes down, but the HA failover still does not occur. The HA failover is set on the passive device, and the same option is unset on the active device.
An error is thrown as the EXE_FAIL_OVER flag is set on the peer member.
Run the following command to verify the status of the failover flag on the secondary device.
FGT2 # execute ha failover status
This flag (EXE_FAIL_OVER) is only recommended for testing purposes; remove it after a failover test. The flag appears once the forced failover has been performed in the cluster unit with the CLI command 'execute ha failover set <cluster_id>'. It is recommended to test the failover by removing one of the monitored interfaces.
Solution: Keep the HA failover unset on both devices. To unset the failover flag use the CLI command 'execute ha failover unset <cluster_id>'. Which will remove the forced failover status from the cluster unit.
Technical Tip: How to use failover flag to change Active unit |
