I was skeptical about your outcome so I tested the same with our office 60Es in HA A-P cluster with four FAPs. After swapping over, I could get connected to one of tunnel mode SSIDs within 2-3 min (internet path took that long to recover) and confirmed all of them are "online" (took me another minute or two to get on the GUI since our RADIUS servers are not local). Definitely much less than 10-15 min.
Is your HA operation normal? Are they in sync (What's in "get sys ha status")? I suspect something is wrong with HA.
# config wireless-controller global# set max-retransmit 3 <<<< default - please input integer value (0-64) ---> increase to 25# config wireless-controller timers# set echo-interval <1-255> ---> increase to 100# end
This can be the reason why it may takes more time to switch to the new master... ???
2 FGT 100D + FTK200
3 FGT 60E
some FAP 210B/221C/223C/321C/421E
The adjustment is not a problem itself. Instead you have a problem causing the FGT having hard time communicating with FAPs. You need to find & fix that problem(s). Maybe on the cable that might be aggregated, or have multiple APs with mesh (no wire) with long distance, or else.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.