This article describes that it is not possible to make HA settings changes to manage the FortiGate HA cluster from FortiManager and how to troubleshoot it.
Scope
FortiManager.
Solution
Step 1: For this example, a FortiGate HA cluster is added into FortiManager and FortiManager can learn/retrieve the HA settings from the managed FortiGate HA Cluster.
Step 2: To change the managed device’s hostname, a CLI script will be created with the following script details.
config system global set hostname fortigate-cluster-01 end
Step 3: However, the script will fail to run and errors out with the following output.
Script hostname executed on the local db of Tiara-kvm06 failed. Reason: invalid value – [line 2] > set hostname fortigate-cluster-01 [HA configuration is not allowed to be changed in HA mode]
Step 4: The reason no changes can be made to the HA settings is that FortiManager only learns (read-only) about the HA settings from the managed FortiGate HA cluster. FortiManager does not manage (read-write) the HA settings of the FortiGate HA cluster. Essentially, FortiManager only has read-only privileges when it comes to the managed device’s HA settings.
Step 5: However, if a FortiGate HA cluster is created through the FortiManager model HA device, its HA configuration can be modified: Configuring model HA cluster members