FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes that it is not possible to specify source-ip in syslogd setting once the ha-direct enabled.
Scope
FortiGate v7.0.
Solution
There is no option to set up the interface-select-method below.
# config log syslogd setting
(setting) # show full-configuration config log syslogd setting set status enable set server "10.15.9.12" set mode udp set port 514 set facility local7 set format default set priority default set max-log-rate 0 end
There is no option to set up interface-select-method under syslogd configuration because the ha-direct is enabled.
# config system ha set mode a-p set hbdev "ha" 0 set session-pickup enable set ha-mgmt-status enable config ha-mgmt-interfaces edit 1 set interface "mgmt" set gateway 10.15.255.254 next end set override disable set priority 250 set monitor "Lacp-Internal1" set ha-direct enable <----- end
Once this parameter is enabled, all Syslog, SNMP, RADIUS, etc. are sent individually from each HA unit through their ha-mgmt-interfaces.
