We are configuring a two firewall HA pair using 2600-series and want to be able to log into each separately. This documentation appears to describe the configuration (https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/313152/out-of-band-managemen...), but when I go to System > HA > Primary Firewall, under the Management Interface Reservation, port17 isn't available to be selected, which is the management interface. It's on a different VRF than the other ports; however, I put another port into that particular VRF, and it shows up. I'm currently logged into the firewall using port17, so is that the problem? Could there be something else? Thank you.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes,need to remove the static route. You may configure the mgmt subnet route under HA settings under destination subnet.
Can you run "show | grep port17 -f", this will show if port17 is referenced in any other hierarchy other than "config system interface" and if it is referenced it cannot be configured as dedicated management interface.
Thanks for your response srajeswaran. Does that include routes?
FTG2600 # show | grep port17 -f
config system interface
edit "port17" <---
set vdom "root"
set vrf 1
set ip 10.2.66.115 255.255.255.0
set allowaccess ping https ssh snmp fgfm
set type physical
set mediatype sr
set snmp-index 17
set speed 10000full
next
end
config router static
edit 67
set dst 172.16.0.0 255.255.0.0
set gateway 10.2.66.1
set device "port17" <---
next
edit 22
set dst 10.5.19.20 255.255.255.255
set gateway 10.2.66.1
set device "port17" <---
next
end
FTG2600 #
Yes,need to remove the static route. You may configure the mgmt subnet route under HA settings under destination subnet.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1714 | |
1093 | |
752 | |
447 | |
232 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.