Hi.
I am using a policy route in my HA cluster. When I create a new policy route, it works fine. However, when the device is rebooted or system switchover occurs twice, the "diag firewall proute list" check shows two sets of policy route lists with broken priority, and communication breakdown occurs. Can someone please tell me how to solve this?
The only temporary solution is to purge the policy route, reboot both systems, and then create a new policy route.
Is this a bug in policy routes in HA clusters?
Was the configuration of the cluster members 100% in sync. Did you double check by using checksum diags? Sounds like a sync issue for me...
FCNSA 5, FCNSP 5, NSE 4
Hi Hirose,
Well, it may be a sync issue as well as #Troubleshooter_73 pointed, but I also see a possibility of a corrupt flash on primary where the config would be saved. As you mentioned, issue occurs when the device is rebooted, did the policy route config stay after reboot?
best regards,
Jin
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.