Fortinet black logo

FortiGate-7000 Handbook

Home FortiGate-7000 6.0.4 FortiGate-7000 Handbook
6.0.4
6.2.3
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.9

Using data interfaces for management traffic

Using data interfaces for management traffic

The FortiGate-7000 supports basic management communication through the FortiGate-7000 FIM front panel data interfaces. To enable management connections to these interfaces, configure the VDOM that the data interfaces are included in to allow traffic forwarding to the primary FIM.

For example, to allow management communication for interfaces in the root VDOM, edit the root VDOM from the CLI and enable both icmp and admin:

config vdom

edit root

config system settings

set motherboard-traffic-forwarding icmp admin

end

The icmp option is enabled by default and allows you to log into primary FIM from one of the MGMT interfaces and use the execute ping command to ping an address through one of the data interfaces. The interface used depends on the routing configuration.

The admin option allows Telnet, SSH, HTTP, and HTTPS management connections to a data interface in the VDOM. You cannot configure data interfaces to accept management connections using non-standard ports.

You can enable both icmp and admin traffic forwarding or just one or the other.

note icon Currently, the admin option is in development and not recommended.
Previous
Next

Using data interfaces for management traffic

The FortiGate-7000 supports basic management communication through the FortiGate-7000 FIM front panel data interfaces. To enable management connections to these interfaces, configure the VDOM that the data interfaces are included in to allow traffic forwarding to the primary FIM.

For example, to allow management communication for interfaces in the root VDOM, edit the root VDOM from the CLI and enable both icmp and admin:

config vdom

edit root

config system settings

set motherboard-traffic-forwarding icmp admin

end

The icmp option is enabled by default and allows you to log into primary FIM from one of the MGMT interfaces and use the execute ping command to ping an address through one of the data interfaces. The interface used depends on the routing configuration.

The admin option allows Telnet, SSH, HTTP, and HTTPS management connections to a data interface in the VDOM. You cannot configure data interfaces to accept management connections using non-standard ports.

You can enable both icmp and admin traffic forwarding or just one or the other.

note icon Currently, the admin option is in development and not recommended.
Previous
Next