Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Hirose
New Contributor

Policy route issues in HA cluster

Hi.

I am using a policy route in my HA cluster. When I create a new policy route, it works fine. However, when the device is rebooted or system switchover occurs twice, the "diag firewall proute list" check shows two sets of policy route lists with broken priority, and communication breakdown occurs. Can someone please tell me how to solve this?

The only temporary solution is to purge the policy route, reboot both systems, and then create a new policy route.

Is this a bug in policy routes in HA clusters?

2 REPLIES 2
Troubleshooter_73
New Contributor III

Was the configuration of the cluster members 100% in sync. Did you double check by using checksum diags? Sounds like a sync issue for me...



FCNSA 5, FCNSP 5, NSE 4

FCNSA 5, FCNSP 5, NSE 4
jintrah_FTNT
Staff
Staff

Hi Hirose,

 

Well, it may be a sync issue as well as #Troubleshooter_73 pointed, but I also see a possibility of a corrupt flash on primary where the config would be saved. As you mentioned, issue occurs when the device is rebooted, did the policy route config stay after reboot?

 

best regards,

Jin

Labels
Top Kudoed Authors