Description
This article explains how allowing remote administrators to log to the Slave unit (HA) from the master unit by running the command ' # execute ha manage <ID>'.
Solution
Allow the remote administrators to log to the Slave unit, adding the link local address 169.254.0.x to the trusted hosts.
For example:
edit 'adminldad'
set remote-auth enable
set trusthost1 172.16.110.0 255.255.255.0
set trusthost2 192.168.12.0 255.255.255.0
set trusthost3 192.168.157.0 255.255.255.0
set trusthost4 169.254.0.0 255.255.255.0 <----- Link local address.
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set wildcard enable
set remote-group "ADMINS_FGT"
set allow-remove-admin-session enable
set accprofile-override disable
set radius-vdom-override disable
next
end
