Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chrisp
New Contributor

routing to HA management interface

Hi,

 

I am quite new to Fortigate and I have a design/best practice/config issue.

I have a FGVM cluster in Active-Passive HA mode. I did setup a specific IP for each member. 

Now I have a station connected to port1 LAN.

 

I would like to connect FGVM GUI from that station. Basically that is what is detailed in the drawing attached.

any clue?

 

thank you for your support

chris

3 REPLIES 3
Ralph1973
Contributor

Hi, so you have configured a dedicated mgmt port on each ha member?

Edit the settings of that port so that you can connect via https (or http if you have an evaluation vm) by checking the box next to https.

Then, under administrators, make sure that, if you have 'trusted ip's' enabled (this is not the default), that the ip you connect from is on that list.

Now you should be able to connect via the gui.

 

Regards,

Ralph

 

MikePruett

Ralph covers it pretty well here. Regardless of what interface you are trying to use, that interface you are accessing it by will need to allow the administrative access you are wanting. (https, ssh, telnet, ping, etc)

 

Chances are, unless you created a true OOBM network you will need to have the inside interface accessible.

Mike Pruett Fortinet GURU | Fortinet Training Videos
chrisp

yep, thanks for your replies guys.

 

Main issue as I discovered was that the Cluster Management Interface is in a sort of Null mode, not even root. I reckon my diagram isn't clear, but in clear text from any hosts connected to any interfaces on a Firewall, there is no option you can reach the Firewall HA interface through the same Firewall.

 

It has to be routed to another L3 device.

Top Kudoed Authors