Technical Tip: Sending messages (logs, SNMP) directly from the HA management interface

hrahuman_FTNT · ‎01-29-2018

Description

This article describes that when HA-direct is enabled, FortiGate uses the HA management interface to send log messages to FortiAnalyzer and remote syslog servers, sending SNMP traps or connecting to FortiSandbox or FortiCloud.

Scope

FortiGate: logging, management interface.

Solution

Once the HA management interface has been configured, enable HA-direct globally:

config system ha

set ha-direct enable

end

The default value of the 'ha-direct' is set to 'disable' under HA system configuration in CLI.

In many cases, HA-direct can also be enabled only for appropriate features. For example, in SNMPv3:

config system snmp user

edit snmpv3-user

set ha-direct enable

Notes:

This setting alters the traffic flow. Enabling it may cause timeouts to occur due to an unresponsive FortiGate. This occurs because the response to a request is sent on a different interface, where the packet may not be routed back to the requester, resulting in a request timeout.
If the HA-Direct is enabled for the Syslogs Server, the FortiGate will use the MGMT interface to communicate with the Syslog Server and in the FortiGate, it is not possible to specify the Source IP in the Syslog configuration.

Technical Tip: Sending messages (logs, SNMP) directly from the HA management interface

You are leaving our website