Troubleshooting Tip: FortiGate cannot connect to FortiAnalyzer (Error - No devices are available for approval)
| Description | This article describes how to resolve the issue when FortiGate shows FortiAnalyzer as 'Unauthorized,' and the Authorization page states 'No devices are available for approval.'.
|
| Scope | FortiGate, FortiAnalyzer. |
| Solution | Verify the routing for the FortiAnalyzer IP and check its outgoing interface. If this issue occurs, more likely that the traffic might be passing through the tunnel. Adjust the MTU size on the Tunnel interface to resolve this issue.
From CLI:
config system interface Use the below command to verify the MTU size:
fnsysctl ifconfig <tunnel-name>
Output:
test-tunnel Link encap:Unknown UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1350 Metric:1 RX packets:415 errors:0 dropped:0 overruns:0 frame:0 TX packets:555 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:25226 (25.2 KB) TX bytes:21780 (21.7 KB)
Ping test can be used from FortiAnalyzer to FortiGate or vice-versa to check the connectivity from the GUI and the CLI of the FortiGate.
exec log fortianalyzer test-connectivity
In another case scenario, this error 'No devices are available for approval.' is also observed after entering the credentials when FortiGate version and FortiAnalyzer version are not compatible. Make sure FortiGate and FortiAnalyzer versions are compatible using this Compatibility Tool
Related articles: Troubleshooting Tip: How to find the device responsible for fragmentation along the network path Troubleshooting Tip: Using PING options from the FortiGate CLI |
