Technical Tip: New Health Checks for High Availability introduced in v9.4.7

FortiElie · ‎04-25-2025

Description

This article explores the new System Health Checks for High Availability introduced in FortiNAC v9.4.7.

Scope

FortiNAC v9.4.7, 7.2.8 and 7.4.1.

Solution

Starting from FortiNAC v9.4.7, new system health checks were introduced to FortiNAC that might trigger a failover to the secondary if these services fail. The new health checks verify the status of the following services:

AdminGUI
AgentServer
radiusd

To disable these system checks, the following commands can be used:

globaloptiontool -name highAvail.radiusCheckEnabled -set false

globaloptiontool -name highAvail.adminguiCheckEnabled -set false

globaloptiontool -name highAvail.agentServerCheckEnabled -set false

To enable them:

globaloptiontool -name highAvail.radiusCheckEnabled -set true

globaloptiontool -name highAvail.adminguiCheckEnabled -set true

globaloptiontool -name highAvail.agentServerCheckEnabled -set true

Note:

For setups that are running on FortiNAC-OS before applying these commands, enter the shell first:

execute enter-shell

Troubleshooting:

Under the output.processManager log file (tail -f /bsc/logs/output.processManager), the following output indicates that these health checks were successful:

yams.CampusManager INFO :: 2025-04-25 10:20:00:895 :: #1 :: checkProtocol for AdminGUI final result true
yams.CampusManager INFO :: 2025-04-25 10:20:00:895 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI result:true

yams.CampusManager INFO :: 2025-04-25 10:20:00:980 :: #1 :: checkProtocol for AgentServer final result true
yams.CampusManager INFO :: 2025-04-25 10:20:00:981 :: #1 :: checkService(AgentServer) check protocol for AgentServer result:true

yams.CampusManager INFO :: 2025-04-25 10:20:01:001 :: #1 :: checkProtocol for radiusd final result true
yams.CampusManager INFO :: 2025-04-25 10:20:01:001 :: #1 :: checkService(radiusd) check protocol for radiusd result:true

The following output indicates that the AdminGUI service has failed and a failover was triggered:

yams.CampusManager INFO :: 2025-04-25 10:25:52:789 :: #1 :: checkProtocol for AdminGUI final result false
yams.CampusManager INFO :: 2025-04-25 10:25:52:789 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI failed, current count(retry) 3 will return true
yams.CampusManager INFO :: 2025-04-25 10:25:52:789 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI result:true

yams.CampusManager INFO :: 2025-04-25 10:26:24:705 :: #1 :: checkProtocol for AdminGUI final result false
yams.CampusManager INFO :: 2025-04-25 10:26:24:705 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI failed, current count(retry) 4 will return true
yams.CampusManager INFO :: 2025-04-25 10:26:24:705 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI result:true

yams.CampusManager INFO :: 2025-04-25 10:26:56:614 :: #1 :: checkProtocol for AdminGUI final result false
yams.CampusManager INFO :: 2025-04-25 10:26:56:614 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI failed, current count(retry) is max 5 will return fail
yams.CampusManager INFO :: 2025-04-25 10:26:56:614 :: #1 :: checkService(AdminGUI) check protocol for AdminGUI result:false
yams.CampusManager INFO :: 2025-04-25 10:26:56:614 :: #1 :: ******* System Check Failed! *******
yams.CampusManager INFO :: 2025-04-25 10:26:56:614 :: #1 :: ******* Changing status to - Secondary In Control *******
yams.CampusManager INFO :: 2025-04-25 10:26:56:615 :: #1 :: Sending Force Failover to trigger other servers

yams.CampusManager INFO :: 2025-04-25 10:26:57:812 :: #1 :: ******* Shutting Down - Secondary In Control *******

Related documents:

Technical Tip: Configure Custom Health Check for High Availability on FortiNAC F v7.6

High Availability Guide

Technical Tip: New Health Checks for High Availability introduced in v9.4.7

You are leaving our website