Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akumar02
Staff
Staff

Created on ‎01-24-2024 09:35 PM Edited on ‎01-24-2024 09:36 PM By Community Manager

Article Id 295906

Technical Tip: Unable to add a dedicated Management (MGMT) interface in Fortigate Policy

Description

This article describes how to add the management interface to the Fortigate Policy. 

This is mainly used for routing when devices/servers are behind the MGMT interface and customers cannot create a policy to reach those servers. 
Scope FotiGate.
Solution

By default, the 'Dedicated Management Port' option in the MGMT port of FortiGate is enabled.

This option allows the customer to add the 'rusted Hoststo access the FortiGate using the management IP address and gives the highest management access priority to the User. Management port can be used to manage the HA units as well. 

 
 

MGMT.png

 

mgmt1.png

 

This Management Interface will not be visible in the Policy incoming/Outgoing Interface if the 'Dedicated Management Port' is enabled on the 'MGMT' port:

 

mgmt2.png

 

Once the 'Dedicated Management Port' is disabled from FortiGate GUI, it is possible to add the 'MGMT' interface to the Firewall policy.

 

config system interface

    edit mgmt
        set dedicated-to none <----- Default is  management.
    next
end

 

mgmt3.png
291
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.