In flow-based inspection mode, FortiGate does not buffer traffic flowing through the policy. If FortiGate detects a violation in the traffic, it sends a reset packet to the receiver, which terminates the connection, and prevents the payload from being sent successfully.
+
+
+
+
Why was HQ-NGFW-1 elected as the primary?
+
+
In the primary election process, FGCP first checks the number of connected monitored ports. Because you did not configure monitored ports, FGCP then checks the next criterion.
+
+
Because the override setting is disabled, FGCP checks the HA uptime next. Because you enabled HA on both devices about the same time, the HA uptime difference is less than 5 minutes.
+
+
Therefore, FGCP checks the next criterion, which is priority.
+
+
HQ-NGFW-1 has a priority of 200, which is greater than the priority of HQ-NGFW-2, which is 100. The result is that FGCP elects HQ-NGFW-1 as the primary.
