Hi,
Does anyone have any solution or idea on this?
Standalone fortigate on 7.2.5.
Added the TACACS configuration as per the guide in this forum.
When we check the route, it is passing through another data port, not the dedicated mgmt port.
I had found quite a lot on HA direct but our setup is only Standalone.
We had try input source-ip but having this issue.
node_check_object fail! for source-ip x.x.x.x
@StevenT
Normally in HA you can reserve mgmt interface to be dedicated only to management.
This means that it is only reserved for that purpose.
In HA, routing table is handled by primary node. Secondary node has no active routing table and for this purpose, you have to configure mgmt port on HA settings and add a default route so that port can use different path than normal traffic and not depending on normal FGT routing table.
In Standalone FGT this issue is not present, so you dont have to create an isolated routing table for Mgmt interface.
For your issue, can you please check if tacacs is reachable from MGMT interface?
do a simple ping with source option and see what is happening.
Do you have routing in place?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.