Fortinet white logo
Fortinet white logo

FortiGate-7000 Handbook

Special management port numbers

Special management port numbers

In some cases, you may want to connect to individual FIMs or FPMs to view status information or perform a maintenance task such as installing firmware or performing a restart. You can connect to the GUI or CLI of individual FIMs or FPMs in a FortiGate-7000 using the SLBC management interface IP address with a special port number.

You use the following command to configure the SLBC management interface:

config global

config load-balance setting

set slbc-mgmt-intf <interface>

end

Where <interface> becomes the SLBC management interface.

Note

To enable using the special management port numbers to connect to individual FIMs and FPMs, the SLBC management interface must be connected to a network, have a valid IP address, and have management or administrative access enabled. To block access to the special management port numbers, disconnect the mgmt interface from a network, configure the SLBC management interface with an invalid IP address, or disable management or administrative access for the SLBC management interface.

You can connect to the GUI of CLI of individual FIMs or FPMs using the SLBC management interface IP address followed by a special port number. For example, if the SLBC management interface IP address is 192.168.1.99, to connect to the GUI of the FPM in slot 3, browse to:

https://192.168.1.99:44303

The special port number (in this case 44303) is a combination of the service port (for HTTPS, the service port is 443) and the slot number (in this example, 03).

You can view the special HTTPS management port number for and log in to the GUI of an FIM or FPM from the Configuration Sync Monitor.

The following table lists the special port numbers to use to connect to each FortiGate-7000 slot using common management protocols.

Note

You can't change the special management port numbers. Changing configurable management port numbers, for example the HTTPS management port (which you might change to support SSL VPN), does not affect the special management port numbers.

FortiGate-7000 special management port numbers (slot numbers in order as installed in the chassis)
Slot Number Slot Address HTTP (80) HTTPS (443) Telnet (23) SSH (22) SNMP (161)
5 FPM05 8005 44305 2305 2205 16105
3 FPM03 8003 44303 2303 2203 16103
1 FIM01 8001 44301 2301 2201 16101
2 FIM02 8002 44302 2302 2202 16102
4 FPM04 8004 44304 2304 2204 16104
6 FPM06 8006 44306 2306 2206 16106

For example, to connect to the GUI of the FIM in slot 2 using HTTPS you would browse to https://192.168.1.99:44302.

To verify which FIM or FPM you have logged into, the GUI header banner and the CLI prompt shows its hostname. The System Information dashboard widget also shows the host name and serial number. The CLI prompt also shows the slot address in the format <hostname> [<slot address>] #.

Logging in to different FIMs or FPMs allows you to use dashboard widgets, FortiView, or Monitor GUI pages to view the activity of that FIM or FPM. Even though you can log in to different modules, you can only make configuration changes from the primary FIM; which is usually the FIM in slot 1.

Special management port numbers

Special management port numbers

In some cases, you may want to connect to individual FIMs or FPMs to view status information or perform a maintenance task such as installing firmware or performing a restart. You can connect to the GUI or CLI of individual FIMs or FPMs in a FortiGate-7000 using the SLBC management interface IP address with a special port number.

You use the following command to configure the SLBC management interface:

config global

config load-balance setting

set slbc-mgmt-intf <interface>

end

Where <interface> becomes the SLBC management interface.

Note

To enable using the special management port numbers to connect to individual FIMs and FPMs, the SLBC management interface must be connected to a network, have a valid IP address, and have management or administrative access enabled. To block access to the special management port numbers, disconnect the mgmt interface from a network, configure the SLBC management interface with an invalid IP address, or disable management or administrative access for the SLBC management interface.

You can connect to the GUI of CLI of individual FIMs or FPMs using the SLBC management interface IP address followed by a special port number. For example, if the SLBC management interface IP address is 192.168.1.99, to connect to the GUI of the FPM in slot 3, browse to:

https://192.168.1.99:44303

The special port number (in this case 44303) is a combination of the service port (for HTTPS, the service port is 443) and the slot number (in this example, 03).

You can view the special HTTPS management port number for and log in to the GUI of an FIM or FPM from the Configuration Sync Monitor.

The following table lists the special port numbers to use to connect to each FortiGate-7000 slot using common management protocols.

Note

You can't change the special management port numbers. Changing configurable management port numbers, for example the HTTPS management port (which you might change to support SSL VPN), does not affect the special management port numbers.

FortiGate-7000 special management port numbers (slot numbers in order as installed in the chassis)
Slot Number Slot Address HTTP (80) HTTPS (443) Telnet (23) SSH (22) SNMP (161)
5 FPM05 8005 44305 2305 2205 16105
3 FPM03 8003 44303 2303 2203 16103
1 FIM01 8001 44301 2301 2201 16101
2 FIM02 8002 44302 2302 2202 16102
4 FPM04 8004 44304 2304 2204 16104
6 FPM06 8006 44306 2306 2206 16106

For example, to connect to the GUI of the FIM in slot 2 using HTTPS you would browse to https://192.168.1.99:44302.

To verify which FIM or FPM you have logged into, the GUI header banner and the CLI prompt shows its hostname. The System Information dashboard widget also shows the host name and serial number. The CLI prompt also shows the slot address in the format <hostname> [<slot address>] #.

Logging in to different FIMs or FPMs allows you to use dashboard widgets, FortiView, or Monitor GUI pages to view the activity of that FIM or FPM. Even though you can log in to different modules, you can only make configuration changes from the primary FIM; which is usually the FIM in slot 1.