Dedicated-mgmt interface : syslog and snmp not compliant with documentation

Forum|Forum|4 years ago
November 10, 2021
1 reply
6040 views

Hello,

I'm setting up a cluster of FG101F for a client and I'm having the following issues :

- syslog is not going out throught dedicated-mgmt interface. Instead, it uses a production interface to join the syslog server.

- snmp is going out throught dedicated-mgmt interface AND the production interface to join the snmp server.

And the documentation is crystal clear about it :

"By default SNMP trap and syslog/remote log should go out of a FortiGate from the dedicated management port"

https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD39809

I tried it in 6.4.4, 6.4.6 and 6.4.7 to find the same behaviour. Anyone has an idea about it ?

Regards

Jacques

Markus

New Member

For syslog, you can try -> in syslogd settings -> set source ip -> if ip of Oob

JackXAuthor

New Member

unfortunately not because when the mgmt interface is in dedicated-management mode it is put in some sort of OOB VDOM (but VDOM-mode is not activated on my unit)

DEPOT-FW1 (setting) # set source-ip 10.100.2.97 10.100.2.97 does not match any interface ip in vdom root.

Here is my problem...

I will open a case soon.

Regards

Jacques

Kangming

Staff

Technical Note: Sending messages (logs, SNMP, RADIUS) directly from HA management interface

https://kb.fortinet.com/k...=1%200%20263826864%27)

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded