Created on 09-23-2022 02:24 PM Edited on 10-03-2022 07:56 AM By Anonymous
Description |
This article describes the behavior where the Secondary Server is not accessible via port 8443 unless a failover occurs. The behavior occurs with appliances configured for High Availability with a Shared IP /Virtual IP address.
Note: For appliances running version 9.1 and lower, see KB article 197197.
The Secondary Server's admin UI web service must be started manually in order to access Configuration Wizard. In some cases, additional modifications may be needed depending upon how the /etc/hosts file is configured. Secondary Server appliances where 'nac' appears on the shared IP entry will not be accessible by default.
Example: > cat /etc/hosts |
Scope | Version: 9.2.3 and greater |
Solution |
1) Login to the Secondary Server CLI as root and modify /etc/hosts.
2) Move the 'nac' entry from the shared IP entry to the Secondary server IP entry. This will enable the secondary server IP address to be accessible.
4) Access the Secondary Server Configuration Wizard using the following URL
https://<Secondary Server name or IP>:8443
5) Navigate to System - > Config wizard.
6) After configuration Wizard is run and changes are complete, stop the web service.
Important: If the service is not stopped, UI won't be accessible on fail-over.
7) Once Configuration Wizard is run, the /etc/hosts file will be auto-corrected. Example
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.