Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akumar02
Staff
Staff

Created on ‎01-24-2024 09:35 PM Edited on ‎12-03-2024 01:07 AM By Moderator

Article Id 295906

Technical Tip: Unable to add a dedicated Management (MGMT) interface in FortiGate Policy

Description

This article describes how to add the management interface to the FortiGate Policy. 

This is mainly used for routing when devices/servers are behind the MGMT interface and users cannot create a policy to reach those servers. 
Scope FotiGate.
Solution

By default, the 'Dedicated Management Port' option in the MGMT port of FortiGate is enabled.

This option allows the customer to add the 'Trusted Hoststo access the FortiGate using the management IP address and gives the User the highest management access priority. Management port can be used to manage the HA units as well. 

 
 

MGMT.png

 

mgmt1.png

 

This Management Interface will not be visible in the Policy incoming/Outgoing Interface if the 'Dedicated Management Port' is enabled on the 'MGMT' port:

 

mgmt2.png

 

Once the 'Dedicated Management Port' is disabled from FortiGate GUI, adding the 'MGMT' interface to the Firewall policy is possible.

 

config system interface

    edit mgmt
        set dedicated-to none <----- Default is management.
    next
end

 

mgmt3.png
2183
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.