|
When trying to set source-ip for FortiManager in the Central-mgmt settings of FortiGate gives the below error:
config sys central-management
set fmg-source-ip 192.168.1.1
192.168.1.1 does not match any interface ip in vdom root.
node_check_object fail! for fmg-source-ip 192.168.1.1
value parse error before '192.168.1.1'
Command fail. Return code -8
Upon checking the VDOM on that interface does not show any, however, can see for other interfaces to be set as ‘root’.
config system interface
edit "mgmt"
set ip 192.168.1.1 255.255.255.0
set allowaccess ping https fgfm
set type physical
set alias "Management"
set snmp-index 3
next
end
That is because this interface is being used as management-interface for HA and in the background, FortiGate creates a hidden VDOM called vsys_hamgmt for this interface which means it cannot belong to any other VDOM. That explains that the IP address of the interface being used for HA management cannot be used as source-IP in any configuration.
The solution would be to either set a different source-IP for FortiManager or use a different interface as ha-mgmt.
Related article:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-HA-Reserved-Management-Interface-s-hidden-...
|
