The passive node should only accept traffic addressed to the mgmt ip addresses on the device. If you are sure the policy counts are incrementing while the device is passive, I would start by running through this test procedure.
this will verify that the configuration and RTO sync on your devices and that failover occures correctly. And will help identify any errors.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB9810