FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This articles explains how to set up a management IP without a dedicated HA management interface.
Scope
Any FortiGate cluster.
Solution
With an HA management interface (see this article for more information), cluster devices can be queried separately by an SNMP server. However, this requires a free interface to use as a HA management interface.
An alternative solution is to set up a management IP on one interface:
# config sys interface
edit xy
set management-ip x.x.x.x/yy
next
end
Note: A management IP can only be set after the cluster is already formed.
After configuring the management IP, it will be possible to set up an HA management interface. This will allow for querying the cluster devices separately.
The management IP will not be synced between the devices. Set another IP on the other device's interface and query both IPs at the same time.
