Hi
i m using a cluster of 1500D running 5.2.11
and from time to time one member silently crash
there s nothing on the console , nothing in the log.
the only way to get it back to life is to pull off power cord.
when it reboot i got a mesage that i need to make a fsck but nothing else.
The only log i got is from the partner in the cluster who said that his companion is not there anymore.
Oct 13 13:55:04 cns-fw date=2017-10-13 time=13:55:04 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037901 type=event subtype=ha level=critical vd="root" logdesc="Heartbeat device interface down" msg="Heartbeat device(interface) down" ha_role=slave hbdn_reason="neighbor-info-lost" devintfname="port40" Oct 13 13:55:04 cns-fw date=2017-10-13 time=13:55:03 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037893 type=event subtype=ha level=critical vd="root" logdesc="Virtual cluster member dead " msg="Virtual cluster detected member dead" vcluster=1 ha_group=100 sn="FG1K5D3I15803589" Oct 13 13:55:04 cns-fw date=2017-10-13 time=13:55:03 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037893 type=event subtype=ha level=critical vd="root" logdesc="Virtual cluster member dead " msg="Virtual cluster detected member dead" vcluster=2 ha_group=100 sn="FG1K5D3I15803589" Oct 13 13:55:04 cns-fw date=2017-10-13 time=13:55:04 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037901 type=event subtype=ha level=critical vd="root" logdesc="Heartbeat device interface down" msg="Heartbeat device(interface) down" ha_role=master hbdn_reason="neighbor-info-lost" devintfname="mgmt1" Oct 13 13:55:04 cns-fw date=2017-10-13 time=13:55:04 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037901 type=event subtype=ha level=critical vd="root" logdesc="Heartbeat device interface down" msg="Heartbeat device(interface) down" ha_role=master hbdn_reason="neighbor-info-lost" devintfname="mgmt2" Oct 13 13:55:06 cns-fw date=2017-10-13 time=13:55:06 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037892 type=event subtype=ha level=notice vd="root" logdesc="Virtual cluster member state moved" msg="Virtual cluster's member state moved" ha_role=master vcluster=1 vcluster_state=work vcluster_member=0 hostname="fw-G1" sn="FG1K5D3I15803586" Oct 13 13:55:06 cns-fw date=2017-10-13 time=13:55:06 devname=fw-G1 devid=FG1K5D3I15803586 logid=0108037892 type=event subtype=ha level=notice vd="root" logdesc="Virtual cluster member state moved" msg="Virtual cluster's member state moved" ha_role=master vcluster=2 vcluster_state=work vcluster_member=0 hostname="fw-G1" sn="FG1K5D3I15803586"
the fortigate support is really of no use
how can i investigate on this problem?
I don't remember well because it was long time ago when we were running our 1500D clusters with 5.2.x and experienced similar issue. It happens only to slave/passive units and we dealt with Fortinet TAC quite some time and they eventually put a patch on the OS.
I recommend you open a case with Fortinet TAC. It's probably specific to your HA setting.
Thanks for your answer
I will do that
Be patient until get it escalated up to Level 2 or 3. The solution might be only available on 5.4.x or 5.6.x though.
It looks like there was an issue with the 1500D in FOS v5.2 with a crashing daemon process. Customer support had a patch but the issue resurfaced in v5.4, 5.4.1, 5.6 and 5.6.1 according to this thread: https://forum.fortinet.com/tm.aspx?m=118706
Hello,
You may look at CSB-170130-1 (FortiGate 1500D SSD Sleep mode)
we re running 5.2.11
Hello,
If you don't see anything in the comlog (check it is enabled), if you run 5.2.11, and as it looks like this unit is the slave then you may have a hardware issue
Created on 09-18-2019 12:40 PM
I have the same problem with fortigate 1000D,
any idea how to solve it
Regards
Just out of curiosity, what OS are you running your 1500D now?
We still have one cluster on 5.2.9 and the rest is on 5.4.5.
User | Count |
---|---|
2674 | |
1410 | |
810 | |
702 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.