Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
londonin
New Contributor

Created on ‎10-13-2023 01:40 AM

Connecting Fortiguard with ha-mgmt-interface.

Hello

 

I want to connect to fortiguard using ha-mgmt-interface.

 

Is it possible??

 

When I tested it, it went to the interface set to default routing rather than ha-mgmt-interface.

(I also enabled ha-direct.)

 

Please let me know if this is possible.

And if possible, please tell me how.

 

Thanks.

한겨레
한겨레
Labels:
1660
0 Kudos
5 REPLIES 5
AEK
SuperUser
SuperUser

Created on ‎10-13-2023 02:20 AM

Hello

It should be possible but your routing has to be correct.

AEK
AEK
1644
0 Kudos
londonin
New Contributor

Created on ‎10-13-2023 02:28 AM

ha-mgmt-interface is not accept in static route.

 

ex)

config system ha

set ha-mgmt-status enable
config ha-mgmt-interfaces
edit 2
set interface "internal2"
set gateway x.x.x.x
next
end

 

config router static

edit 1

set gateway x.x.x.x

set device internal1 <-- internal2 Not applicable.

end

한겨레
한겨레
1640
0 Kudos
AEK
SuperUser
SuperUser
In response to londonin

Created on ‎10-13-2023 02:55 AM

It looks strange but as per admin guide it seems that FortiGuard is not included.

 

The following management features will then use the HA reserved management interface:

https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/313152/out-of-band-managemen...

 

 

AEK
AEK
1634
0 Kudos
pbangari
Staff
Staff

Created on ‎10-13-2023 02:51 AM

Hi,

Yes, you cannot use ha-mgmt-interface under the normal routing configuration.

1635
0 Kudos
gsekar
Staff
Staff

Created on ‎10-13-2023 05:26 AM

Hi,

When HA-direct is enabled, FortiGate uses the HA management interface to send log messages to FortiAnalyzer and remote syslog servers, sending SNMP traps, access to remote authentication servers (for example, RADIUS, LDAP), and connecting to FortiManager, FortiSandbox, or FortiCloud.

The Fortiguard updates will use the management vdom to download the updates. 
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Sending-messages-logs-SNMP-RADIUS-directly...

1581
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.