Hi,
I am quite new to Fortigate and I have a design/best practice/config issue.
I have a FGVM cluster in Active-Passive HA mode. I did setup a specific IP for each member.
Now I have a station connected to port1 LAN.
I would like to connect FGVM GUI from that station. Basically that is what is detailed in the drawing attached.
any clue?
thank you for your support
chris
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi, so you have configured a dedicated mgmt port on each ha member?
Edit the settings of that port so that you can connect via https (or http if you have an evaluation vm) by checking the box next to https.
Then, under administrators, make sure that, if you have 'trusted ip's' enabled (this is not the default), that the ip you connect from is on that list.
Now you should be able to connect via the gui.
Regards,
Ralph
Ralph covers it pretty well here. Regardless of what interface you are trying to use, that interface you are accessing it by will need to allow the administrative access you are wanting. (https, ssh, telnet, ping, etc)
Chances are, unless you created a true OOBM network you will need to have the inside interface accessible.
Mike Pruett
yep, thanks for your replies guys.
Main issue as I discovered was that the Cluster Management Interface is in a sort of Null mode, not even root. I reckon my diagram isn't clear, but in clear text from any hosts connected to any interfaces on a Firewall, there is no option you can reach the Firewall HA interface through the same Firewall.
It has to be routed to another L3 device.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1516 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.