FortiGate SecurityFabric with different FortiAnalyzer

 Problem

We have a security fabric with two FortiGates. Each FortiGate has its own FortiAnalyzer at the site. Therefore, the logs should also be sent to the respective FortiAnalyzer. How can this be achieved?

Solution

Normally, the FortiAnalyzer, FortiSandbox and FortiManager settings are synchronized from the SecurityFabric root to the member FortiGates.
For this reason, the GUI and CLI normally cannot be used to change these settings.
To achieve this requirement, synchronization must first be turned off. This requires the following change via the CLI:
config system csf
    set synchronisation local
end

Once the setting is set to "local", the settings will no longer be synchronized - but the current values will be kept - and another FortiAnalyzer can be configured:
config log fortianalyzer settings
    set server 172.16.51.12
end


Comments

Popular posts from this blog

FortiGate BGP dual-home with multiple ISP

FortiGate as DNS Server or DNS Proxy

FortiGate and Windows L2TP / IPsec with Split Tunneling