This article describes how to check the routes configured using the HA reserved management interface on the FortiGate HA setup.

The HA direct management interface and the route can be configured from the GUI as follows:

Go to System -> HA, edit Master FortiGate -> Management Interface Reservation, and enable this option.

In this example, a 0.0.0.0/0 route has been configured via the reserved interface, but when checking the routing table under vsys_hamgmt VDOM, this will not be visible. As it is possible to see in the below output, the routing table will only show the connected route for the reserved management interface and not any other routes specified under the Destination Subnet.

To access vsys_hamgmt, use the following command:

execute enter vsys_hamgmt

This is expected behavior and it is necessary to use 'get router info kernel' to view the routes active via the reserved management interface.

In case, an IPv6 IP is assigned on the reserved management interface, use 'get router info6 kernel' to view the routes active via the reserved management interface.

If multi-vdom is enabled, the vsys_hamgmt VDOM 'get' commands will only be accessible if executing the command 'execute enter vsys_hamgmt' from another VDOM except global as the commands are not available from global.

config vdom

    edit root

execute enter vsys_hamgmt

get router info routing-table all

get sys arp

Note:
To exit the vsys_hamgmt VDOM:

execute enter root