Fortinet black logo

FortiGate-7000 Handbook

Home FortiGate-7000 5.4.9 FortiGate-7000 Handbook
5.4.9
6.2.3
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.9

Managing individual FIMs and FPMs

Managing individual FIMs and FPMs

When you log into the GUI or CLI using the mgmt interface IP address you are actually connected to the primary (or master) FIM in slot 1 (the address of slot 1 is FIM01). To verify which module you have logged into, the GUI header banner or CLI prompt shows the hostname of the module you are logged into plus the slot address in the format <hostname> (<slot address>).

In some cases you may want to connect to individual modules. For example, you may want to view the traffic being processed by a specific FPM. You can connect to the GUI or CLI of individual modules in the chassis using the system management IP address with a special port number.

For example, if the system management IP address is 192.168.1.99 you can connect to the GUI of the FIM in slot 1 using the system management IP address (for example, by browsing to https://192.168.1.99). You can also use the system management IP address followed by the special port number, for example https://192.168.1.99:44301.

The special port number (in this case 44301) is a combination of the service port (for HTTPS the service port is 443) and the chassis slot number (in this example, 01). The following table lists the special ports to use to connect to each chassis slot using common admin protocols:

FortiGate-7000 special administration port numbers
Slot Number Slot Address HTTP (80) HTTPS (443) Telnet (23) SSH (22) SNMP (161)
5 FPM05 8005 44305 2305 2205 16105
3 FPM03 8003 44303 2303 2203 16103
1 FIM01 8001 44301 2301 2201 16101
2 FIM02 8002 44302 2302 2202 16102
4 FPM04 8004 44304 2304 2204 16104
6 FPM06 8006 44306 2306 2206 16106

For example:

  • To connect to the GUI of the FIM in slot 3 using HTTPS you would browse to https://192.168.1.99:44303.
  • To send an SNMP query to the FPM in slot 6 use the port number 16106.

The FortiGate-7000 configuration is the same no matter which modem you log into. Logging into different modules allows you to use FortiView or Monitor GUI pages to view the activity on that module. Even though you can log into different modules, you should only make configuration changes from the primary FIM; which is the FIM in slot 1.

Managing individual modules from the CLI

From the CLI you can use the following command to switch between chassis slots and perform different operations on the modules in each slot:

execute load-balance slot {manage | power-off | power-on | reboot} <slot-number>

Use manage to connect to the CLI of a different module, use power-off, power-on, and reboot to turn off or turn on the power or reboot the module in <slot-number>.

Previous
Next

Managing individual FIMs and FPMs

When you log into the GUI or CLI using the mgmt interface IP address you are actually connected to the primary (or master) FIM in slot 1 (the address of slot 1 is FIM01). To verify which module you have logged into, the GUI header banner or CLI prompt shows the hostname of the module you are logged into plus the slot address in the format <hostname> (<slot address>).

In some cases you may want to connect to individual modules. For example, you may want to view the traffic being processed by a specific FPM. You can connect to the GUI or CLI of individual modules in the chassis using the system management IP address with a special port number.

For example, if the system management IP address is 192.168.1.99 you can connect to the GUI of the FIM in slot 1 using the system management IP address (for example, by browsing to https://192.168.1.99). You can also use the system management IP address followed by the special port number, for example https://192.168.1.99:44301.

The special port number (in this case 44301) is a combination of the service port (for HTTPS the service port is 443) and the chassis slot number (in this example, 01). The following table lists the special ports to use to connect to each chassis slot using common admin protocols:

FortiGate-7000 special administration port numbers
Slot Number Slot Address HTTP (80) HTTPS (443) Telnet (23) SSH (22) SNMP (161)
5 FPM05 8005 44305 2305 2205 16105
3 FPM03 8003 44303 2303 2203 16103
1 FIM01 8001 44301 2301 2201 16101
2 FIM02 8002 44302 2302 2202 16102
4 FPM04 8004 44304 2304 2204 16104
6 FPM06 8006 44306 2306 2206 16106

For example:

  • To connect to the GUI of the FIM in slot 3 using HTTPS you would browse to https://192.168.1.99:44303.
  • To send an SNMP query to the FPM in slot 6 use the port number 16106.

The FortiGate-7000 configuration is the same no matter which modem you log into. Logging into different modules allows you to use FortiView or Monitor GUI pages to view the activity on that module. Even though you can log into different modules, you should only make configuration changes from the primary FIM; which is the FIM in slot 1.

Managing individual modules from the CLI

From the CLI you can use the following command to switch between chassis slots and perform different operations on the modules in each slot:

execute load-balance slot {manage | power-off | power-on | reboot} <slot-number>

Use manage to connect to the CLI of a different module, use power-off, power-on, and reboot to turn off or turn on the power or reboot the module in <slot-number>.

Previous
Next