FortiGate HA not synchronized

FortiGate HA not synchronized

^{Created: 2024-11-11 02:12:27 | Last modified: 2024-11-11 07:19:53}
^{Access: Read}^{| Views: 44}^{| Rating: N/A}^{| Tags:}
Steps to resolve an issue when HA in a cluster of FortiGates are not synchronized

We had an issue with a cluster of FortiGate's going out of sync. The rules on the primary FortiGate weren't being applied to the passive node. As per the image below, the fw1b had a red cross next to it.

We've originally been advised that the configuration files between the active and passive units need to be lined up and reapplied, however running some commands worked the best.

These commands will debug, stop and restart the synchronization process.

To resolve the issue, run the following list of commands.

# For the synchronization procedure.
# You may try to run below commands(this will force the configs of the primary firewall to the secondary one):

diagnose debug reset
execute ha synchronize stop
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug application hatalk -1
diagnose debug application hasync -1
execute ha synchronize start

# Wait for 5-6 minutes

diagnose debug disable
diagnose debug reset