Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vrajendran
Staff
Staff

Created on ‎09-25-2019 08:07 AM Edited on ‎11-13-2024 05:16 AM By Moderator

Article Id 197110

Technical Tip: Managing individual cluster units with the CLI command 'execute ha manage'

Description

 

This article explains how to manage individual cluster units with the CLI command 'execute ha manage'.

 

Scope

 

FortiGate.


Solution

 

The following procedure describes how to use SSH to log into the primary unit CLI and from there use the 'execute ha manage' command to connect to the CLI of any other unit in the cluster.
The procedure is very similar if telnet is used, or the GUI dashboard CLI console.

Use the 'execute ha manage' command from the CLI of any cluster unit to log into the CLI of another cluster unit.
Usually, use this command from the CLI of the primary unit to log into the CLI of a subordinate unit.
However, if the user is logged into a subordinate unit CLI, the user can use this command to log into the primary unit CLI or the CLI of another subordinate unit.

Using SSH or telnet or the GUI dashboard CLI console permits to only log into the primary unit CLI.
Using a direct console connection to log into any cluster unit is possible.
In both cases 'execute ha manage' to connect to the CLI of other cluster units is possible.

 

  1. Use SSH to connect to the cluster and log into the primary unit CLI. 

    Connect to any cluster interface configured for SSH administrative access to log into the cluster.

  2. Enter the following command followed by a space and type a question mark (?):

 

FGT1# exec ha manage
<id> please input peer box index.
<0> Subsidiary unit FGXXXXXXXXXXXXXX

 

The CLI displays a list of all the subordinate units in the cluster. Each cluster unit is numbered as <id>. The information displayed for each cluster unit includes the unit serial number.

 

  1. Complete the command with the number of the subordinate unit and an administrator account to log into the CLI of the selected subordinate unit to log into.

For example, to log into subordinate unit 1, enter the following command:

 

FGT1# exec ha manage 0 admin

Warning: Permanently added '169.254.0.1' (ED25519) to the list of known hosts.

admin@169.254.0.1's password:
FGT2#

 

'Enter' to connect to and use. If this subordinate unit has a different hostname, the CLI prompt changes to this hostname.

Use CLI commands to manage this subordinate unit.
If any changes to the configuration of any cluster unit are done (primary or subordinate unit) these changes are synchronized to all cluster units.

Now use the 'execute ha manage' command to connect to any other cluster unit (including the primary unit).
Use the exit command to return to the primary unit CLI.

52373
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.