FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
srajeswaran
Staff
Staff
Article Id 255819
Description

This article describes how to check the routes configured using the HA reserved management interface on the FortiGate HA setup.

Scope FortiGate HA.
Solution

The HA direct management interface and the route can be configured from the GUI as follows:


Go to System -> HA, edit Master FortiGate -> Management Interface Reservation, and enable this option.

 

Reserve-Management-route.png

 

In this example, a 0.0.0.0/0 route has been configured via the reserved interface, but when checking the routing table under vsys_hamgmt VDOM, this will not be visible. As it is possible to see in the below output, the routing table will only show the connected route for the reserved management interface and not any other routes specified under the Destination Subnet.

 

To access vsys_hamgmt, use the following command:

 

execute enter vsys_hamgmt

 

Reserve-Management-route1.png

 

This is expected behavior and it is necessary to use 'get router info kernel' to view the routes active via the reserved management interface.

 

Reserve-Management-route2.png

 

In case, an IPv6 IP is assigned on the reserved management interface, use 'get router info6 kernel' to view the routes active via the reserved management interface.

Note:
To exit the vsys_hamgmt VDOM:

 

execute enter root