Skip to main content
AlexFerenX
AlexFerenX
New Member
July 11, 2025
Question

LLDP neighbor/port printout for Reserved HA Management interface not shown

  • July 11, 2025
  • 2 replies
  • 651 views

Hi!

I've enabled receive/transmit LLDP globally and confirmed on adjacent (Cisco) switches that this works for all Fortigate interfaces.

However, on Fortigate, "diagnose lldprx port neighbor" shows expected information, except that it excludes the interface (mgmt1) I provisioned as a Reserved HA Management interface.

How to show LLDP neighbor for ha-mgmt-interfaces?

Thanks!

2 replies

kaman
Staff
kaman
Staff
July 11, 2025

Hi @AlexFerenX,

When you enable HA reserved management, FortiGate configures that interface as out‑of‑band management and removes it from the regular routing/VDOM so it won't function like a normal data interface.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Reserved-Management-Interface/ta-p/190132


FortiGate creates a hidden VDOM named vsys_hamgmt for reserved management interfaces. These interfaces are isolated—they don't participate in normal traffic flows or routing in the root VDOM


https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Reserved-Management-Interface-s-hidden-VDOM/ta-p/214783


LLDP neighbor detection on FortiGate runs within the main forwarding/routing (root VDOM) not within vsys_hamgmt—the interface mgmt1 is excluded from LLDP discovery and isn't shown by CLI command: diagnose lldprx port neighbor


You can use a regular interface (not HA reserved) for LLDP visibility.


Regards,
Aman

    AlexFerenX
    AlexFerenXAuthor
    New Member
    July 11, 2025

    Hi @kaman 
    thanks for writing a lot, but none of it answers the question - again: “How to show LLDP neighbor [information] for ha-mgmt-interfaces?”  

    Do you know the answer?

    Thanks!

    Terms & ConditionsAccessibility statement