There are two ports on the FortiGate-VMX Service Manager. The MGMT port was configured through the CLI to enable access to the Web-based user interface. This section covers configuration of the sync network. The sync network is only used for communication between FortiGate-VMX Security Nodes and the FortiGate-VMX Service Manager.
Fortinet recommends the sync network to be a closed network, only used by FortiGate-VMX components for communication. While a corporate DHCP server may be used for enabling IP addresses on FortiGate-VMX Security Nodes, the FortiGate-VMX Service Manager has those capabilities built into it. Setting a static IP address on the ‘sync’ interface and using the interface DHCP server is the preferred approach.
To configure the 'sync' network, log into the FortiGate-VMX Service Manager and go to Global > Network > Interfaces.
- Set the Addressing Mode to Manual.
- Enable the DHCP Server function by checking the Enable box.
- Select Create New to define an address-range scope that is large enough to handle the likely number of VMX instances that you are going to be creating. Choose an IP addressing scheme and starting point that will allow for growth beyond the number of initial FortiGate-VMX licenses acquired.