Hello all,

Currently running a pair of FortiMail VM02 5.4.0 GA. The cluster is a config master/slave but it tends to go out of sync.

diag sys ha showcsum will show a csum mismatch and when I check closer some entries will be mismatched e.g. 

FML1:

917: 4f5e...d0 (name) 513: c2d0...08 (<name>) 513: 48e8...29 (<name>) 513: 7c3e...f5 (<name>) <---- Mismatch 513: d88b...db (<name>) 513: 20e0...a7 (<name>) 513: 54a8...c7 (<name>)

FML2:

917: 4f5e...d0 (name) 513: c2d0...08 (<name>) 513: 48e8...29 (<name>) 513: 5d26...03 (<name>) <---- Mismatch 513: dca9...91 (<name>) 513: 211d...c3 (<name>)

When I try to query this value I am getting error: cmf_query_create error for 513

The second FML will then try multiple reboots but eventually goes out of sync.

This happens quite often after making changes. Is there any way to force a configuration overwrite from the master to all the slaves?

EDIT:

Sorry I forgot to mention that I did the following also to troubleshoot:

- Compare full-config from both FortiMail. There is no difference except things like hostname and IP address.

- Wipe the FML-02 and have it sync to the primary FML-01. Same problem, config goes out of sync after some time with csum mismatch.