Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
salemneaz
Staff
Staff

Created on ‎12-27-2022 08:37 AM

Article Id 241179

Technical Tip: Set Source IP for SYSLOG in HA Cluster in VDOM environment

Description This article describes how to set Source IP for SYSLOG in HA Cluster.
Scope FortiGate.
Solution

At the '# config system ha' under the global VDOM, it is necessary to check if HA direct enable is enabled or not.

If HA direct is enabled, the firewall will source the IP from the HA reserved management interface by default, and it will not be possible to override the source IP from the VDOM using the command '# config log syslogd override-setting'.

So the solution would be to disable the 'set ha-direct disable'.

 

# config system ha

    set group-id <string>

    set group-name "Name"

    set mode a-p

    set password ENC "Password"

    set hbdev "ha1" <string>

    set session-pickup enable

    set ha-mgmt-status enable

    set priority <string>

    set monitor "port X" "port X"

    set ha-direct enable <----- Disable.

end

 

Related article:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Change-Source-IP-for-SYSLOG/ta-p/230218
1117
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.