Disabling override (recommended)
FGCP clusters dynamically respond to network conditions. With override enabled, the same FortiGate is always the primary FortiGate. However, the cluster might negotiate more often to keep the same FortiGate as the primary FortiGate, potentially increasing traffic disruptions.
If you disable override, the backup FortiGate might become the primary FortiGate. We recommend disabling override unless its important that the same FortiGate remains the primary FortiGate
To see how enabling override can cause minor traffic disruptions, enable override and then set up a continuous ping through the cluster. Disconnect power to the backup unit. You will likely notice a brief disruption in the ping traffic. Try the same thing with override disabled and you shouldn't see this traffic disruption.
With override enabled, the disruption is minor and shouldn't be noticed by most users. For smoother operation, the best practice is to disable override.
To disable override on the primary FortiGate, ensure the checksums are identical and then enter the following commands:
config system ha
set override disable