In a FGCP cluster trying to get session sync traffic over the dedicated interface with the set session-sync-dev command. But the corresponding diagnose output seems to indicate it doesn't work.
fgt1 (root) # diagnose sys ha session-sync-dev
HA sessync ports: 1
dmz probe: HA probe, Standalone connected, peer_mac = 00:00:00:00:00:00
HB pkts: rx=0, tx=508298
SES pkts: rx=0, tx=0
Seems to indicate HB packets are send, but none received. Also the status remains probe for HA.
The cluster is connect with a direct cable, no switch in between or such.Tried with other interfaces also, wan1, internal4, ...
Anyone has this working and different command (diagnose sys ha session-sync-dev) output? What are your counters and status?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
You are saying the hatalk is not working, hatalk is the one responsible for the heartbeat. Please check the crashlog "di de crashlog read" to see if the demon is failing. You can restart the process by using the command "fnsysctl killall hatalk". Run the following debug on both the Firewall to see the process
diag debug hatalk -1
diag debug console timestamp en
diag debug enable
To stop the debug use the command given below;
diag debug disable
diag debug reset
Article Reference:
---------------------------------------
Article Related to Session Sync;
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.