Dear Everyone,
I have a problem with FortiAnalyzer HA. My lab have two FortiAnalyzers, they are configured HA together. Port 1,2 on FortiAnalyzer01, 02 are configured port aggregation, they are heart beat interface. Port 3 on FortiAnalyzer01, 02 are configured cluster virtual IP. I have successfully configured HA on 2 devices, but when i test HA failover (shutdow FortiAnalyzer01-Primary) then FortiAnalyzer02-Secondary don't change Primary role, I can't ping virtual IP. To provide further clarity on the issue, I attached some images.
Please let me know what happend to my FortiAnalyzers.
Thank everyone so much.
Best Regards,
Hello
It seems your vrrp didn't work.
Are port3 on the two FAZs on the same L2?
Did you try manually set FAZ1 as primary?
Yes, port3 on the two FAZs are the same L2.
- I have set FAZ01 as primary but shutdown FAZ01 then FAZ02 doesn't change primary. the picture below is the status HA of FAZ02 after shutting down FAZ01. If you know the problem, please let me know. Thank you very much.
Additionally to what @AEK said.
Can you access the secondary node from CLI ? Can you verify the HA status from there ?
Yes, I have inserted the picture below. if you know the problem or need information , let me know. Thank you very much.
Hi
Can you try replace the current HA port with a non-aggregated port?
Created on 03-04-2024 08:01 AM Edited on 03-04-2024 08:02 AM
I tried but it doesn't work. It is so bad. I don't know why.
Hello @HungDT
Following tech tip seems a good troubleshooting technique for your case.
It is said that the tech tip if for Google Cloud's FAZ but I think it is applicable for any FAZ (I can see the faz-ha.log file on my FAZ).
You need to enable shell access first, then simulate a failover and check if any relevant logs in faz-ha.log.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.