I'm setting up a cluster of FG101F for a client and I'm having the following issues :
- syslog is not going out throught dedicated-mgmt interface. Instead, it uses a production interface to join the syslog server.
- snmp is going out throught dedicated-mgmt interface AND the production interface to join the snmp server.
And the documentation is crystal clear about it :
"By default SNMP trap and syslog/remote log should go out of a FortiGate from the dedicated management port"
I tried it in 6.4.4, 6.4.6 and 6.4.7 to find the same behaviour. Anyone has an idea about it ?
For syslog, you can try -> in syslogd settings -> set source ip -> if ip of Oob
________________________________________________________--- NSE 4 ---________________________________________________________
unfortunately not because when the mgmt interface is in dedicated-management mode it is put in some sort of OOB VDOM (but VDOM-mode is not activated on my unit)
DEPOT-FW1 (setting) # set source-ip 10.100.2.97
10.100.2.97 does not match any interface ip in vdom root.
Here is my problem...
I will open a case soon.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.