HOWTO: to determine in a ACT-ACT Fortigate HA cluster which unit is handing traffic

HERE's a few tips/tricks on  locating the ACT fortigate in a HA ACT vcluster1 & 2  setup where you have  vdoms  over clustered units

First you have to use the  ha management command ( similar to switch context  in  a cisco ASA )

e.g

execute ha manage <id#>

1:  You can  use the cli diag debug flow command

2:or the cli cmd  diag system session list  ( which filters if you have a lot of traffic ) will reflect  if that unit is active

and lastly,

3: And with any  remote logging ,  the devname=YYYYYYY and devid=XXXXXXX will be populated of the fortigate unit chassis  that handle that particular session.

Ken
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \