How to set up management, main host, and external IP addresses using CLI
Use the following CLI commands to set up external management IPs on Security Event Manager Controller and the other hosts.
Prerequisite
Access the Security Event Manager Controller.
Setting up management IP address on the Security Event Manager Controller
To set management IP/mask and gateway information on the Security Event Manager Controller, run the following command.
fazbdctl set addr {external IP/mask} [<gateway>] --management
To allow the DHCP server to assign external IP/mask on the Security Event Manager Controller, run the following command.
fazbdctl set addr dhcp --management
Setting up main host IP address on the Security Event Manager Controller
The main host IP address only needs to be set up when using a FortiAnalyzer-BigData-VM. |
To set main host IP/mask and gateway information on the Security Event Manager Controller, run the following command.
fazbdctl set addr {external IP/mask} [<gateway>] --mainhosts
Setting up external IP address on a single host
To explicitly set external IP/mask and gateway information on a host, run the following command.
fazbdctl set addr -H <internal IP> <external IP/mask> [<gateway>]
To allow the DHCP server to assign external IP/mask on a host, run the following command.
fazbdctl set addr -H <internal IP> dhcp
Setting up external IP addresses on all hosts
To set external IP/mask and gateway information on all hosts, run the following command.
fazbdctl set addr <external IP/mask> [<gateway>] -A
An optional flag is used to set external IP addresses on all hosts from the Security Event Manager Controller. In this case, the The remaining hosts are assigned external IP addresses incrementally from the starting external IP address within the network subnet, wrapping around when the boundary of network subnet is reached. This optional flag does not support DHCP. |
Example
In the following example cluster configuration:
Role Address Ext Address controller 10.0.1.2 member 10.0.1.32 member 10.0.1.33 member 10.0.1.34 member 10.0.1.35 member 10.0.1.36
After running CLI command
fazbdctl set addr 10.106.2.173/24 10.106.2.254 -A
The new cluster configuration becomes:
Role Address Ext Address controller 10.0.1.2 10.106.2.173 member 10.0.1.32 10.106.2.174 member 10.0.1.33 10.106.2.175 member 10.0.1.34 10.106.2.176 member 10.0.1.35 10.106.2.177 member 10.0.1.36 10.106.2.178
Clearing external IP addresses on hosts
To clear external IP/mask and gateway information on a host, run the following command.
fazbdctl unset addr -H <internal IP>
To clear external IP/mask information on all hosts, run the following command.
fazbdctl unset addr -A
Displaying external IP addresses on Security Event Manager Controller and hosts
To display external IP address information on the Security Event Manager Controller and hosts, run the following command.
fazbdctl show members