Description | This article describes some information about issues while setting up source-ip for FortiManager in Central-mgmt. |
Scope | FortiGate, all firmware. |
Solution |
When trying to set source-ip for FortiManager in the Central-mgmt settings of FortiGate gives the below error:
config sys central-management set fmg-source-ip 192.168.1.1 192.168.1.1 does not match any interface ip in vdom root. node_check_object fail! for fmg-source-ip 192.168.1.1
value parse error before '192.168.1.1' Command fail. Return code -8
Upon checking the VDOM on that interface does not show any, however, can see for other interfaces to be set as ‘root’.
config system interface edit "mgmt" set ip 192.168.1.1 255.255.255.0 set allowaccess ping https fgfm set type physical set alias "Management" set snmp-index 3 next end
That is because this interface is being used as management-interface for HA and in the background, FortiGate creates a hidden VDOM called vsys_hamgmt for this interface which means it cannot belong to any other VDOM. That explains that the IP address of the interface being used for HA management cannot be used as source-IP in any configuration.
The solution would be to either set a different source-IP for FortiManager or use a different interface as ha-mgmt.
Related article: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.