Hot!mgmt port gw

Author
marypoppins
New Member
  • Total Posts : 12
  • Scores: 2
  • Reward points: 0
  • Joined: 2021/07/22 04:11:30
  • Status: offline
2021/09/27 05:56:42 (permalink)
0

mgmt port gw

Dear All,
 
 
On my fortigate I have a mgmt interface with ip 10.10.0.1/24 in vlan10, which is also the reserved HA management interface and here in HA there is a gateway for this: 10.10.0.254. 
If I work from the ip 192.168.0.50 and administer the HA cluster from this ip, and I add a static route for this 192.168.0.0/24 subnet via 10.20.0.254 in vlan20 then is it right that:
a) local management traffic from 192.168.0.50 to the mgmt interface remains undisturbed and flow backwards via the HA gateway 10.10.0.254)?
b) while all forwarded traffice whic is not local to the mgmt interface and has ip destination in the 192.168.0.0/24 subnet will be change and use the new 10.20.0.254 gateway in vlan20 ?

thank you very much
#1

2 Replies Related Threads

    Benoit_Rech_FTNT
    Bronze Member
    • Total Posts : 60
    • Scores: 11
    • Reward points: 0
    • Joined: 2013/06/04 02:38:46
    • Location: Sophia Antipolis (France)
    • Status: offline
    Re: mgmt port gw 2021/09/27 06:57:28 (permalink)
    0
    Hello,
    you can check the routing table using 'get router info routing-table all' and then confirm your assumptions.
    If you are not sure, copy/paste the output of the commands in the thread.
    Best regards
    Benoit
    #2
    marypoppins
    New Member
    • Total Posts : 12
    • Scores: 2
    • Reward points: 0
    • Joined: 2021/07/22 04:11:30
    • Status: offline
    Re: mgmt port gw 2021/09/27 15:10:09 (permalink)
    0
    I don't want to try it in a production environment.
    The routing table doesn't include any info about the gateway included in the HA section. Also I can not find it in any policy routing. I'm not sure when it is used and why not shown in the routing table, but I feel it is only for management interface local traffic (so traffic originated from the management interface with its ip address as a source ip, maybe).
    Can somebody tell give me little explanation?
     
    thank you for answering me
    post edited by marypoppins - 2021/09/27 15:11:12
    #3
    Jump to:
    © 2021 APG vNext Commercial Version 5.5