HA Active/Passive, Registration of Auxiliary FW

To configure a Software HA, you need to select the option in the beginning of the wizard. There is a option to connect to a HA: 

So, after installing the firmware on the auxiliary, when it's first accessed via web GUI there is an HA option?

Thats correct. Before you continue to configure anything, there should be a option to configure HA. 

See:

before I get to that config screen and click on "connect as HA spare", I need to change the interface assignments. Port2 needs to be LAN, not the default which is Port1. Then, i need to configure that IP to be in the subnet of the primary firewall.

I can change the IP on the CLI console, but not the port/zone assignment. How would I do that?

When I just leave it as-is, and complete the HA entries, I finishes applying config. but nothing happens. I have the dedicated HA ports of each device connected with an ethernet cable, and they both have 192.168.4.0/30 IPs.

What am I missing here?

Just circle back to this. 

If you connect a Aux to the HA, it will take over the entire config of primary. Therefore there should not be a need to reconfigure the interfaces in the first place. 

Sounds like something in your scenario is not working in the HA configuration process.

Could you check the logs on both appliances: 

use: Advanced Shell(5/3) grep ha: /log/app.log | less 

I dont' have app.log, but I do have applog.log

grep ha: /log/applog.log | less

Fri Oct 23 09:13:47 CDT 2020 ha: trackdevice.sh: start tracking the device done
Oct 23 09:13:47 enableha: enableha on peer failed !!!
Oct 23 09:13:48 ha: fwm:revertha successfully done

I also specified static 192.168.4.1/30 IP on the port4 primary. At this point, HA is NOT CONFIGURED on primary.

I then reset aux. to default config, then complete the "Configure as HA Spare" screen on the initial wizard of aux, I enter the serial of the primary, specify a passphrase, then specify port4 as HA link port, and give it 192.168.4.2/30 IP.

I make sure the HA link (port4 on each box) is connected with ethernet cable.

The "finish conf." screen of aux init config wizard completes sucessfully, but when I go to the aux. console:system ha show detail, it says "HA disabled". Which I find Odd. I also see that the default "port1" is still specified as LAN, and has the default IP of 172.16.16.16. So, nothing has sync'd at this point, because primary has Port2 as LAN, and admin. IP of primary is 10.10.1.1

But, I proceed anyway...back on the primary, I go to system services/HA and enter the below. But this fails. This is where I'm confused. Peer Admin Port should be port2, but since nothing on aux has sync'd, it's actually port1. Same with peer admin. IP. It should be 10.10.1.x, but since nothing has sync'd, it's actually 172.16.16.16. But you can't specify a peer admin. IP thats not inside the primary admin IP subnet of 10.10.1.x