Fortinet black logo

FortiGate-7000 Handbook

Home FortiGate-7000 6.0.4 FortiGate-7000 Handbook

Setting up management connections

6.0.4
6.2.3
6.0.10
6.0.9
6.0.8
6.0.6
6.0.4
5.6.14
5.6.12
5.6.11
5.6.7
5.4.9
Copy Link
Copy Doc ID bf67d868-679e-11e9-81a4-00505692583a:927790
Download PDF

Setting up management connections

When your FortiGate-7000 first starts up, the MGMT1 to MGMT4 interfaces of both of the FIMs are part of a static 802.3 aggregate interface with a default IP address of 192.168.1.99. On the GUI or CLI the 802.3 aggregate interface is named mgmt.

Example mgmt interface configuration

Setting up a single management connection

You can configure and manage your FortiGate-7000 by connecting an Ethernet cable to any of the MGMT1 - 4 interfaces of the FIM in slot 1 or slot 2 and logging into the GUI using HTTPS or the CLI using SSH. Usually you would connect to the MGMT1 interface.

Setting up redundant management connections

You can set up redundant management connections to your FortiGate-7000 by adding a static 802.3 aggregate interface to a switch and setting up multiple connections between the switch and the FIM MGMT ports. Then connect the switch to your network.

Note LACP is not supported for the mgmt aggregate interface.

You do not have to change the configuration of the FortiGate-7000 to set up redundant management connections. The following example shows connections between the MGMT1 interfaces of each FIM to a switch. The switch is configured with a 802.3 static aggregate interface that includes two ports, one for each MGMT1 interface. The switch also connects the MGMT1 interfaces to a management network.

Example FortiGate-7000 redundant management connections

The following example shows redundant connections between both FIMs and the switch. In this case you need to add more switch ports to the static aggregate interface on the switch. You do not have to change the configuration of the FortiGate-7000 to set up this redundant management connection configuration.

Example FortiGate-7000 redundant management connections with redundant connections to each FIM

In either of these configurations, for additional redundancy you can use two switches. If you use two redundant switches, the static aggregate interface should span across both switches.

Previous
Next

Setting up management connections

When your FortiGate-7000 first starts up, the MGMT1 to MGMT4 interfaces of both of the FIMs are part of a static 802.3 aggregate interface with a default IP address of 192.168.1.99. On the GUI or CLI the 802.3 aggregate interface is named mgmt.

Example mgmt interface configuration

Setting up a single management connection

You can configure and manage your FortiGate-7000 by connecting an Ethernet cable to any of the MGMT1 - 4 interfaces of the FIM in slot 1 or slot 2 and logging into the GUI using HTTPS or the CLI using SSH. Usually you would connect to the MGMT1 interface.

Setting up redundant management connections

You can set up redundant management connections to your FortiGate-7000 by adding a static 802.3 aggregate interface to a switch and setting up multiple connections between the switch and the FIM MGMT ports. Then connect the switch to your network.

Note LACP is not supported for the mgmt aggregate interface.

You do not have to change the configuration of the FortiGate-7000 to set up redundant management connections. The following example shows connections between the MGMT1 interfaces of each FIM to a switch. The switch is configured with a 802.3 static aggregate interface that includes two ports, one for each MGMT1 interface. The switch also connects the MGMT1 interfaces to a management network.

Example FortiGate-7000 redundant management connections

The following example shows redundant connections between both FIMs and the switch. In this case you need to add more switch ports to the static aggregate interface on the switch. You do not have to change the configuration of the FortiGate-7000 to set up this redundant management connection configuration.

Example FortiGate-7000 redundant management connections with redundant connections to each FIM

In either of these configurations, for additional redundancy you can use two switches. If you use two redundant switches, the static aggregate interface should span across both switches.

Previous
Next