Managing individual FIMs and FPMs
When you log into the GUI or CLI using the mgmt interface IP address you are actually connected to the primary (or master) FIM in slot 1 (the address of slot 1 is FIM01). To verify which module you have logged into, the GUI header banner or CLI prompt shows the hostname of the module you are logged into plus the slot address in the format <hostname> (<slot address>).
In some cases you may want to connect to individual modules. For example, you may want to view the traffic being processed by a specific FPM. You can connect to the GUI or CLI of individual modules in the chassis using the system management IP address with a special port number.
For example, if the system management IP address is 192.168.1.99 you can connect to the GUI of the FIM in slot 1 using the system management IP address (for example, by browsing to https://192.168.1.99). You can also use the system management IP address followed by the special port number, for example https://192.168.1.99:44301.
The special port number (in this case 44301) is a combination of the service port (for HTTPS the service port is 443) and the chassis slot number (in this example, 01). The following table lists the special ports to use to connect to each chassis slot using common admin protocols:
FortiGate-7000 special administration port numbers
Slot Number | Slot Address | HTTP (80) | HTTPS (443) | Telnet (23) | SSH (22) | SNMP (161) |
---|---|---|---|---|---|---|
5 | FPM05 | 8005 | 44305 | 2305 | 2205 | 16105 |
3 | FPM03 | 8003 | 44303 | 2303 | 2203 | 16103 |
1 | FIM01 | 8001 | 44301 | 2301 | 2201 | 16101 |
2 | FIM02 | 8002 | 44302 | 2302 | 2202 | 16102 |
4 | FPM04 | 8004 | 44304 | 2304 | 2204 | 16104 |
6 | FPM06 | 8006 | 44306 | 2306 | 2206 | 16106 |
For example:
- To connect to the GUI of the FIM in slot 3 using HTTPS you would browse to https://192.168.1.99:44303.
- To send an SNMP query to the FPM in slot 6 use the port number 16106.
The FortiGate-7000 configuration is the same no matter which modem you log into. Logging into different modules allows you to use FortiView or Monitor GUI pages to view the activity on that module. Even though you can log into different modules, you should only make configuration changes from the primary FIM; which is the FIM in slot 1.
Managing individual modules from the CLI
From the CLI you can use the following command to switch between chassis slots and perform different operations on the modules in each slot:
execute load-balance slot {manage | power-off | power-on | reboot} <slot-number>
Use manage
to connect to the CLI of a different module, use power-off
, power-on
, and reboot
to turn off or turn on the power or reboot the module in <slot-number>
.