Hello, I've got an active 60D and a second. They are identical hardware and purchased at the same time, but one has been upgraded repeatedly over the past few years and the other has been factory reset with 5.6.3 as of a few days ago. The live one is running 5.6.3 as well.
I'm trying to make them into an HA pair and am having an issue where the second never completes the config sync. I believe it's related to the first one having existed when the OS still had a concept of local storage on the 60D even though it has none. So in the config on the primary it has an empty "config system storage" in the config:
config system storage
and in the HA debugging, I can tell the checksums differ for the following:
Interrupt boot and format boot, leaving device without OS
TFTP original 60D firmware 5.0.1 onto device (from local network since remote tftp is broken)
Boot up - at his point, since Fortinet had not yet disabled local storage, the system partitioned and formatted the flash device with both a /dev/sda and /dev/sdb (the one that ultimately goes away), and after boot, 'config system storage' was now visible. Additionally, now 'diag sys ha checksum show global' spits out the previously missing system.storage, wanopt.forticache-service and wanopt.storage variables.
I re-connected to the primary 60D, confirmed via 'exec ha ignore-hardware-revision status' that hardware difference ignoring was NOT enabled where on my first attempt it had to be because the secondary simply shut down without that on.
Re-established HA and now things sync'd up and completed successfully on the first try.[/ul]
It appears that 60D which begin life post-5.0.7 will not have the missing 'config system storage' part of the config, or the related variables in the ha sync checksums, so they will never be able to sync up with a 60D that started out pre-5.0.7. So you have to take the mismatched one back to old firmware to get the /dev/sdb to be formatted and then you're good to go.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.