Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vishal
New Contributor

Individual management of FGT devices

Hello All, Need to manage 2 FGT in my organisation running as Active-standby mode with their dedicated management port (MGT 1 or MGT 2). Is it possible to manage them individually with different ip address like 172.16.20.1/24 to MGT 1 Port of Primary device and 172.16.20.2/24 to MGT 1 Port of Secondary device. Thanks in advance
5 REPLIES 5
Toshi_Esumi
Esteemed Contributor

In below doc, the port8 is the dedicated management interface on both unit.

https://docs.fortinet.com...-management-interfaces

vishal

Thanks Toshi, I have assigned dedicated mgmt 1 Port of both active and primary units but unable to access secondary device from mgmt 1 Port. Also I have observed one thing that when I change my secondary device mgmt 1 Port to ip address 192.168.1.101 it auto changes primary mgmt 1 with same ip. Attaching image for your reference. Please guide any way out to manage both devices individually with dedicated mgmt port
Toshi_Esumi
Esteemed Contributor

Then "config system ha" is not properly configured. Check/share the config especially under "config ha-mgmt-interfaces" as in the admin guide.

 

vishal

I'm using pre-defined physical Management port comes with device named as Management not any normal data port for management reservation. Would be possible to take dedicated device management from dedicated management port or need to use/define port in config system ha Config ha-mgmt-interfaces
Toshi_Esumi
Esteemed Contributor

The admin guide shows just an example. Just need to change the port that applies to your setting. Your case is actually more standard using mgmt1 than the guide's for the models that comes with MGMT1/2 ports.

 

config system ha

 ...

  config ha-mgmt-interface

    edit 1

      set interface "mgmt1"

      set gateway [your_gw_ip]

    next

  end

 ...

end