Hello,
It's me again with another strange problem. This happened on a customer's site. Any help will be appreciated.
[ul]
Both FG1000C should work in an active-passive cluster with link monitoring enabled on "LA-Catalyst" and "LA-Flex". At least in the active node these interfaces must be aggregates to their respective switches.
I configured the HA cluster and noticed that the passive node had a out of sync configuration... forever.
I dug and found that in the passive node was only one interface member per aggreate: port6 on LA-Catalyst and port18 on LA-Flex. The missing interfaces were nowhere to be found in the GUI: they were not listed as members of the aggregates, nor available for use. This was exactly the same in the CLI, though i "saw" then with show system interface portX.
Then, on the slave node, i tried to add the missing members (config system interface, edit xxx, set member blah) and it gave me this error: "entry not found in datasource"
FWIW, an update.
The customer couldn't find a maintenance window until yesterday. I re-created the cluster following these steps:
[ul]And voilá, it worked. I'd love to say "it was because of", but i cant. I did the same the last time i was at the customer's premises. I know that nothing was changed on the Fortigates, but i can't be certain that they change something on the switches.
The other possibility, but this is a longshot, it that the slave unit was licensed the very same day i was doing the initial configuration.
Greets,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.