Thank you. I'm sharing the commands, and as additional information:

I'm sending the commands from FW1, which I can still access despite its Down state.

The firewall was forcibly set to Down state to redirect traffic through FW2 for testing purposes only. However, I now want to return it to Standby status."

BOSQUES-FW01> cphaprob roles

ID Role

1 (local) Non-Master
2 Master

BOSQUES-FW01> cphaprob state

Cluster Mode: High Availability (Active Up) with IGMP Membership

ID Unique Address Assigned Load State Name

1 (local) 10.253.252.1 0% DOWN BOSQUES-FW01
2 10.253.252.2 100% ACTIVE(!) BOSQUES-FW02

Active PNOTEs: FWD, LPRB

Last member state change event:
Event Code: CLUS-111205
State change: ACTIVE(!) -> DOWN
Reason for state change: FWD PNOTE
Event time: Wed Apr 30 21:22:26 2025

Last cluster failover event:
Transition to new ACTIVE: Member 1 -> Member 2
Reason: FWD PNOTE
Event time: Wed Apr 30 21:21:30 2025

Cluster failover count:
Failover counter: 22
Time of counter reset: Wed Mar 26 12:48:34 2025 (reboot)

BOSQUES-FW01> cpjaprob -i list
CLINFR0329 Invalid command:'cpjaprob -i list'.
BOSQUES-FW01> cphaprob -i list

Registered Devices:

Device Name: fwd
Registration number: 4
Timeout: 30 sec
Current state: problem
Time since last report: 7900.9 sec
Process Status: NOT UP

Device Name: Local Probing
Registration number: 7
Timeout: none
Current state: problem
Time since last report: 7877.7 sec

BOSQUES-FW01> cphaprob -a if

CCP mode: Manual (Unicast)
Required interfaces: 6
Required secured interfaces: 1

Interface Name: Status:

eth1 UP
eth5 (P) UP
eth2 UP
eth3 UP
eth4 UP
Sync (S) UP
Mgmt Non-Monitored

S - sync, HA/LS - bond type, LM - link monitor, P - probing

Virtual cluster interfaces: 5

eth1 X.X.X.X
eth5 10.X.X.X
eth2 X.X.X.X
eth3 10.X.X.X
eth4 10.X.X.X

BOSQUES-FW01> cphaprob syncstat

Delta Sync Statistics

Sync status: OK

Drops:
Lost updates................................. 0
Lost bulk update events...................... 0
Oversized updates not sent................... 0

Sync at risk:
Sent reject notifications.................... 0
Received reject notifications................ 0

Sent messages:
Total generated sync messages................ 49202273
Sent retransmission requests................. 0
Sent retransmission updates.................. 0
Peak fragments per update.................... 2

Received messages:
Total received updates....................... 10654913
Received retransmission requests............. 0

Sync Interface:
Name......................................... Sync
Link speed................................... 1000Mb/s
Rate......................................... 34060 [Bps]
Peak rate.................................... 1220 [KBps]
Link usage................................... 0%
Total........................................ 102493[MB]

Queue sizes (num of updates):
Sending queue size........................... 512
Receiving queue size......................... 256
Fragments queue size......................... 50

Timers:
Delta Sync interval (ms)..................... 100

Reset on Wed Apr 2 18:23:16 2025 (triggered by fullsync).

K, never mind then, you can do clusterXL_admin up command on it.

Andy

Not with FWD being down. I would suggest rebooting the gateway for a clean start and checking again.

Now Im curious about fwd state, will test it in the lab tomorrow.

Andy

Right, the usually solve this. What is in the fwd.elg?

As always, you were 100% correct! I tested in the lab, and fwd stays up when doing clusterXL_admin down, so reboot definitely sounds like a logical step.

Andy

Perform reboot, but only change state to secondary

ID               Unique Address      Assigned Load   State      Name

1                 10.253.252.1           100%                    ACTIVE  BOSQUES-FW01
2 (local)     10.253.252.2            0%                       DOWN    BOSQUES-FW02

What does cphaprob -a if show now?

Andy

Hello @SecdetKrypton ,

You've said that you forcibly set the FW01 to DOWN. What did you do actually ?

"The firewall was forcibly set to Down state to redirect traffic through FW2 for testing purposes only. However, I now want to return it to Standby status."

Also as we see, previously FW02 was the ACTIVE node and when you reloaded the FW01, that became ACTIVE and the other DOWN. That is weird for me, or you reloaded both of them ? 
It can be that in the Cluster set-up, "Cluster-XL and VRRP", you have an option (in the lower part) "Maintain current  active Cluster Member". We use that option, so it's not flapping/flipping over each time you reload a node/member. 

Ty,