Hi Team,
I have configured In-band management access for taking the access of both Pri and Sec devices from different network but I am only able to take access of primary device not secondary.
I had checked in the sniffer, traffic was coming from the management interface but it was returning back to the source.
Kindly suggest.
can you post some config of the inband management that you have ?
edit "internal1"
set vdom "root"
set management-ip 10.1.x.3 255.255.255.0
set allowaccess ping https ssh
set type physical
set alias "MGMT"
set snmp-index 4
next
Same 10.1.x.4 255.255.255.0 for secondary.
i guess that you have a static route back to your source on a different interface ?
Created on ā05-23-2025 10:52 PM Edited on ā05-23-2025 10:53 PM
Yes, it is pointing to internal3. but why traffic is coming from internal1. It should come via internal3.
can you share the sniffer output on the secondary device while trying to connect ?
also, get router info kernel from it.
I don't have access now. Will share in 1 or 2 days.
"FortiGate-60F # get router info kernel
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.1.119.0/32 pref=10.1.119.5 gwy=0.0.0.0 dev=8(internal1)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.1.119.4/32 pref=10.1.119.5 gwy=0.0.0.0 dev=8(internal1)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.1.119.5/32 pref=10.1.119.5 gwy=0.0.0.0 dev=8(internal1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.1.119.255/32 pref=10.1.119.5 gwy=0.0.0.0 dev=8(internal1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.10.10.0/32 pref=10.10.10.1 gwy=0.0.0.0 dev=7(dmz)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.10.10.1/32 pref=10.10.10.1 gwy=0.0.0.0 dev=7(dmz)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.10.10.255/32 pref=10.10.10.1 gwy=0.0.0.0 dev=7(dmz)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.91.0/32 pref=10.150.91.2 gwy=0.0.0.0 dev=10(internal3)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.91.2/32 pref=10.150.91.2 gwy=0.0.0.0 dev=10(internal3)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.91.127/32 pref=10.150.91.2 gwy=0.0.0.0 dev=10(internal3)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.92.0/32 pref=10.150.92.1 gwy=0.0.0.0 dev=12(internal5)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.92.1/32 pref=10.150.92.1 gwy=0.0.0.0 dev=12(internal5)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.92.7/32 pref=10.150.92.1 gwy=0.0.0.0 dev=12(internal5)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.255.1.0/32 pref=10.255.1.1 gwy=0.0.0.0 dev=22(fortilink)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.255.1.1/32 pref=10.255.1.1 gwy=0.0.0.0 dev=22(fortilink)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.255.1.255/32 pref=10.255.1.1 gwy=0.0.0.0 dev=22(fortilink)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->122.185.136.64/32 pref=122.185.136.66 gwy=0.0.0.0 dev=5(wan1)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->122.185.136.66/32 pref=122.185.136.66 gwy=0.0.0.0 dev=5(wan1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->122.185.136.71/32 pref=122.185.136.66 gwy=0.0.0.0 dev=5(wan1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->127.0.0.0/32 pref=127.0.0.1 gwy=0.0.0.0 dev=18(root)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->127.0.0.0/8 pref=127.0.0.1 gwy=0.0.0.0 dev=18(root)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->127.0.0.1/32 pref=127.0.0.1 gwy=0.0.0.0 dev=18(root)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->127.255.255.255/32 pref=127.0.0.1 gwy=0.0.0.0 dev=18(root)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.64/32 pref=169.254.0.66 gwy=0.0.0.0 dev=28(havdlink1)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.66/32 pref=169.254.0.66 gwy=0.0.0.0 dev=28(havdlink1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.127/32 pref=169.254.0.66 gwy=0.0.0.0 dev=28(havdlink1)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->192.168.1.0/32 pref=192.168.1.99 gwy=0.0.0.0 dev=23(internal)
tab=255 vf=0 scope=254 type=2 proto=2 prio=0 0.0.0.0/0.0.0.0/0->192.168.1.99/32 pref=192.168.1.99 gwy=0.0.0.0 dev=23(internal)
tab=255 vf=0 scope=253 type=3 proto=2 prio=0 0.0.0.0/0.0.0.0/0->192.168.1.255/32 pref=192.168.1.99 gwy=0.0.0.0 dev=23(internal)
tab=254 vf=0 scope=0 type=1 proto=18 prio=2147483649 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=122.185.136.65 dev=5(wan1)
tab=254 vf=0 scope=0 type=1 proto=17 prio=0 122.185.136.66/255.255.255.255/0->8.8.4.4/32 pref=0.0.0.0 gwy=122.185.136.65 dev=5(wan1)
tab=254 vf=0 scope=0 type=1 proto=17 prio=0 122.185.136.66/255.255.255.255/0->8.8.8.8/32 pref=0.0.0.0 gwy=122.185.136.65 dev=5(wan1)
tab=254 vf=0 scope=0 type=1 proto=18 prio=2147483649 0.0.0.0/0.0.0.0/0->10.1.1.0/24 pref=0.0.0.0 gwy=10.150.91.1 dev=10(internal3)
tab=254 vf=0 scope=0 type=1 proto=18 prio=2147483649 0.0.0.0/0.0.0.0/0->10.1.31.0/24 pref=0.0.0.0 gwy=10.150.91.1 dev=10(internal3)
tab=254 vf=0 scope=0 type=1 proto=18 prio=2147483649 0.0.0.0/0.0.0.0/0->10.1.100.0/24 pref=0.0.0.0 gwy=10.150.91.1 dev=10(internal3)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.1.119.0/24 pref=10.1.119.5 gwy=0.0.0.0 dev=8(internal1)
tab=254 vf=0 scope=0 type=1 proto=18 prio=2147483649 0.0.0.0/0.0.0.0/0->10.10.1.0/24 pref=0.0.0.0 gwy=10.150.91.1 dev=10(internal3)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.10.10.0/24 pref=10.10.10.1 gwy=0.0.0.0 dev=7(dmz)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.91.0/25 pref=10.150.91.2 gwy=0.0.0.0 dev=10(internal3)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.150.92.0/29 pref=10.150.92.1 gwy=0.0.0.0 dev=12(internal5)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->10.255.1.0/24 pref=10.255.1.1 gwy=0.0.0.0 dev=22(fortilink)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->122.185.136.64/29 pref=122.185.136.66 gwy=0.0.0.0 dev=5(wan1)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->169.254.0.64/26 pref=169.254.0.66 gwy=0.0.0.0 dev=28(havdlink1)
tab=254 vf=0 scope=253 type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/0->192.168.1.0/24 pref=192.168.1.99 gwy=0.0.0.0 dev=23(internal)
FortiGate-60F # diagnose sniffer packet any 'host 10.1.1.221' 44 0 l
interfaces=[any]
filters=[host 10.1.1.221]
2025-05-26 12:08:28.320985 10.1.1.221.64846 -> 10.1.119.4.22: syn 3027977194
2025-05-26 12:08:29.335648 10.1.1.221.64846 -> 10.1.119.4.22: syn 3027977194
2025-05-26 12:08:31.345141 10.1.1.221.64846 -> 10.1.119.4.22: syn 3027977194
2025-05-26 12:08:35.356931 10.1.1.221.64846 -> 10.1.119.4.22: syn 3027977194
2025-05-26 12:08:43.368013 10.1.1.221.64846 -> 10.1.119.4.22: syn 302797719"
Have you had a look at https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-implement-In-Band-Management-interf... ? It explains it pretty good.
The issue resolved. I used OOB and re-route management traffic via my LAN switch.
User | Count |
---|---|
2619 | |
1390 | |
804 | |
666 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.