Hi,
So our fortigate cluster restarted last night. We got the following messages over SNMP :
FortiGate: Device has been replaced (new serial number received)
FortiGate: System name has changed (new name: xxx-fw1-n1.xxx.net)
FortiGate: xxx-fw1 has been restarted (uptime < 10m)
This also meant one of our VPN tunnels went down and which generated an alarm. What might have happened here?
Solved! Go to Solution.
Hi
This looks like a fail-over.
Some possible reasons are: manual restart, hardware failure, interface down (if interface monitoring is enabled), or firmware update (in case auto firmware update is enabled).
You may need to check the system logs on both nodes for more information.
When you say cluster restarted, do you mean it failed over? If so, the new serial number is of the old backup node.
Regarding VPN tunnels flap, its expected with cluster failover.
Hi Suraj,
Yeah, it seems it did fail over due to an automatic update. Thanks!
Hi
This looks like a fail-over.
Some possible reasons are: manual restart, hardware failure, interface down (if interface monitoring is enabled), or firmware update (in case auto firmware update is enabled).
You may need to check the system logs on both nodes for more information.
Hi Aek,
Yeah it did fail over due to an automatic firmware update. We didn't know it was turned on, probably happened after last firmware update, so I've turned it off again. Thanks!
User | Count |
---|---|
1922 | |
1144 | |
769 | |
447 | |
277 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.