Need help... I currently dont have access to the boxes and Im tempted to just call support but trying to avoid it. (Not saying there is anything wrong with calling support but I know Im missing something basic!)
Here are my steps (Im resetting everything):
1. Device Groups >(device group previously setup) put both boxes back to available.
2. Delete the existing device group.
3. Reset Device Trust. Choose Generate New Self-Signed Authority.
4. Device Trust>Peer list. Establish peering. (It is able to see peer no problem.)
5. Create device groups. "test-sync-failover". Put both devices in "includes". and check Network Failover.
6. Confirm both devices are in the Device List area.
7. Overview>(click self device)>choose "Sync Device to Group">Choose "Overwrite Configuration">Sync
Boxes are showing disconnected. What can I check? Are there a specific log I can look at to find out why they cannot sync? Should I reset the whole darn configuration and start from scratch again?
Just wanted to pass this along, we tried this process for an initial setup and it worked. But we also found out that we had to have the admin passwords matching on both systems prior to sync setup.
Found this topic while troubleshooting HA issues in our lab. I would put emphasis on two things:
1) Use NTP server(s) for both peers.
2) Make sure when adding a peer that you're using it's HA VLAN dedicated IP. Verify currently configured confisync-ip (list cm device DEVICE_NAME configsync-ip) - I believe this was the main reason our configuration wasn't working.
In our case we had an IP from our internal VLAN listed there (from 172.16.x.x range in our case), and even though we were able to "dicover" peer by using its HA VLAN address (from 192.168.x.x range) the devices stayed out-of-sync (Disconnected state).
Once we changed configsync-ip configuruation to match HA VLAN address it worked like a charm.
