Sometimes after performing a Firmware upgrade on FortiGate HA pairs, I find that after sometime the cluster still stays out of sync and won’t synchronise. I usually find this is because the checksums of the config files on each or some members are different. To quickly check if this is the case, fire up the CLI and run the following command that will output the HA checksum.
# diag sys ha checksum cluster
If the output don’t match and we’re happy with the configuration of the primary we can issue a checksum recalculate by issuing the following command
# diag sys ha checksym recalculate
Just entering the command without options recalculates all checksums. You can specify a VDOM name to just recalculate the checksums for that VDOM.
More Posts
Over the years I’ve come across a number of different environments with many running Active Directory in many different states. Replication is an important part of ensuring that your AD environment is healthy and highly available to service end users. I’ve compiled some notes around Active Directory Replication commands and gathering information. Firstly, just give […]
There have been a few times recently where I’ve had end users do some weird things to either their desktops or development servers they have been working on. If they’re on Dev servers we usually just restore the servers from backup but sometimes we just need to do a quick fix. The most common issues […]
I was trying to log into an APC UPS with the correct login but still received an error, The maximum number of web connections has been reached or simply Maximum connections reached. Knowing I had the right login credentials, and that no one else was logged into, I was a little perplexed. There is a […]
Leave a Reply