Web UI on passive device in HA cluster Fortiweb

anatol_ro · ‎02-14-2025

Hello everyone! I have 2 Fortiweb devices in active-passive ha cluster. Now I can connect via HTTPS to the mgmt interface active device of the HA cluster, there is no access to the passive device, while using the cli I have access to the mgmt interface of the passive device fortiweb too. Can I use the web UI on a passive cluster device, such as on fortigate devices?
Thanks.

AEK · ‎02-14-2025

Hi Anatol

I have FWB 7.4.5 and it has the possibility to configure a reserved mgt interface. If you do so you should be able to access the passive node.

AEK

anatol_ro · ‎02-16-2025

Hi AEK! Thanks for your feedback. My version FWB is 6.4 and in cli passive device i see that
set ha-mgmt-status enable
set ha-mgmt-interface mgmt2
as on an active device.
can this behavior be related to the fortiweb version ?

AEK · ‎02-16-2025

It seems the right command

ha-mgmt-status {enable | disable}

Specifies whether the network interface you select provides administrative access to this appliance when it is a member of the HA cluster.

When this option is selected, you can access the configuration for this cluster member using the IP address of the specified network interface. The interface configuration, including administrative access and other settings, is not synchronized with other cluster members.

You can configure up to eight reserve management ports in each HA cluster. You cannot configure routing for the port you select.

disable

ha-mgmt-interface "<interface_name>"

Specifies the network interface that provides administrative access to this appliance when it is a member of the HA cluster.

No default.

Ref: https://docs.fortinet.com/document/fortiweb/7.4.5/cli-reference/352695/system-ha

AEK

anatol_ro · ‎02-20-2025

thanks, I will try to upgrade and see how it will be on version 7.4.

Web UI on passive device in HA cluster Fortiweb

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website