Description

This article describes how to access to secondary unit, from the primary unit using 'execute ha manage'. The FortiGate units are configured in HA cluster A-P or A-A cluster, to gain access to secondary from the primary unit CLI console.

Scope

Version 6.2.1 onwards.

Solution

On previous versions of FortiGate, by using 'exe ha manage <index ID>', users were able to login to the secondary unit. However, from 6.2.1 onwards, the command syntax changed.

Use the following command:

execute ha manage <index-ID> <admin-username>

Find the index number from the get sys ha status command output.

For example:

get sys ha status
HA Health Status: OK
Model: FortiGate-600E
Mode: HA A-P
...
...
...
Primary : Primary-Fortigate , FG6H0ETB21900953, HA cluster index = 0
Secondary : Secondary-Fortigate , FG6H0ETB21900951, HA cluster index = 1
number of vcluster: 1
...
...

Alternatively, the following CLI command can show the index number of the secondary when it is run in the primary:

exec ha manage ?

<id> please input peer box index.
<1> Subsidiary unit FW81FDTK23000097
 

In this case, use the following command to log in to the secondary from the primary:

execute ha manage 1 admin

Press the Enter key, and a prompt will appear for a Password. Once the password is entered, access will be granted for the Secondary unit.