Every firewall and Panorama management server
has a default master key that encrypts all the private keys and passwords
in the configuration to secure them (such as the private key used
for SSL Forward Proxy Decryption).
In a high availability
(HA) configuration, ensure both firewalls or Panorama management
servers in the pair use the same master key. If the master keys
differ, HA configuration synchronization will not work properly.
if you are using Panorama to manage your firewalls, you must use
the same master key on Panorama and all managed firewalls so that
Panorama can push configurations to the firewalls.