Separate interface for management in Fortimail

bram_pangestu · ‎02-14-2024

Hello,

Is it possible if i want to create separate interface for management in Fortimail?
Example: i want to use ETH1 only as Management interface and ETH2 for traffic.

Thanks,

Bram

AEK · ‎02-14-2024

Hi Bram

I prefer avoid this because FML doesn't have policy routing. So yes you can do that but you have to configure the right static routes. Example below:

- Default route must be via eth2

- Add route to admin users subnets via eth1

- Add route to admin users VPN subnet via eth1

AEK

View solution in original post

AEK · ‎02-14-2024

Hi Bram

I prefer avoid this because FML doesn't have policy routing. So yes you can do that but you have to configure the right static routes. Example below:

- Default route must be via eth2

- Add route to admin users subnets via eth1

- Add route to admin users VPN subnet via eth1

AEK

bram_pangestu · ‎02-15-2024

Hi AEK,

Noted with thanks for explanation

Jakob-AHHG · ‎02-15-2024

Hmm, if you have an interface with IP in a management interface, and one in a DMZ, you can simply disable HTTP(S)/SSH/SNMP on the DMZ interface.

But maybe you should use Interface1 as the mail interface, and then add Interface2 with the iprange/vlan connection for your management network..?

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK

Separate interface for management in Fortimail

Nominate a Forum Post for Knowledge Article Creation