HA - firmware version mismatch with peer device

Hi,

Below the Prerequisites for XG firewall HA Implementation.

• Both devices in the HA cluster (i.e. Primary Device and Auxiliary Device) must be the same model and revision.
• Both devices must be registered.
• Both devices must have the same number of interfaces.
• Both devices must have the same firmware version installed. This includes maintenance releases and hot-fixes.
• Active-Active: Two separate licenses are required; one for the Primary Device and other for the Auxiliary Device. Both devices must have the same subscription modules enabled.
• Active-Passive: One license is required for the Primary Device. No license is needed for the Auxiliary Device.
• The same subscription modules must be enabled on both the devices.
• Cables to all the monitored ports on both devices must be connected. Connect the dedicated HA link port of both the devices with either a crossover or straight through cable.
• On both devices, the Dedicated HA link port must be a member of the same zone with the type DMZ, and must have a unique IP Address.
• Device Access over SSH on the DMZ Zone must be enabled for both devices; refer to Step 1 below.
• DHCP and PPPoE configuration must be disabled before attempting HA Active-Active configuration. See HA Behaviour below for details.
• Wireless XG (w) models do not support HA.

Please check for any mismatch as revision number etc and if everything is fine then try with Reboot both devices.

Hi,

Below the Prerequisites for XG firewall HA Implementation.

• Both devices in the HA cluster (i.e. Primary Device and Auxiliary Device) must be the same model and revision.
• Both devices must be registered.
• Both devices must have the same number of interfaces.
• Both devices must have the same firmware version installed. This includes maintenance releases and hot-fixes.
• Active-Active: Two separate licenses are required; one for the Primary Device and other for the Auxiliary Device. Both devices must have the same subscription modules enabled.
• Active-Passive: One license is required for the Primary Device. No license is needed for the Auxiliary Device.
• The same subscription modules must be enabled on both the devices.
• Cables to all the monitored ports on both devices must be connected. Connect the dedicated HA link port of both the devices with either a crossover or straight through cable.
• On both devices, the Dedicated HA link port must be a member of the same zone with the type DMZ, and must have a unique IP Address.
• Device Access over SSH on the DMZ Zone must be enabled for both devices; refer to Step 1 below.
• DHCP and PPPoE configuration must be disabled before attempting HA Active-Active configuration. See HA Behaviour below for details.
• Wireless XG (w) models do not support HA.

Please check for any mismatch as revision number etc and if everything is fine then try with Reboot both devices.

Also possible the "missmatch" in the Order of the Firmware. 

You can see, the MR2 is on top and bot - So most likely a missmatch because the appliance needs to update correctly in case of a HA update which would most likely went wrong. 

So maybe install MR2 on the second appliance on the top firmware load of SFloader and try it again.