Staff

Technical Tip: FortiGate device model fails CLI credential validation

Forum|Forum|5 years ago
November 30, 2020
0 replies
1387 views

Description

This article describes the following symptoms:

FortiGate fails credential validation in Network -> Inventory.
FortiSwitches in FortiLink mode are not added when FortiGate is discovered, or Re-sync Interfaces is selected in the FortiGate device model
Unable to L2 or L3 poll the FortiGate.

Scope

Version: FortiNAC v9.x, vF 7.x.

Solution

Verify the CLI account specified in the FortiGate Model Configuration in Inventory is a local System Administrator account that can access both SSH and REST API. Both SSH (TCP 22) and REST API (TCP 443 or as defined on the FGT) are used to communicate with FortiGate devices.

For details, refer to the appropriate reference manual in the Fortinet document library:

FortiGate Endpoint Management Integration

FortiSwitch FortiLink Integration

FortiAP Integration

FortiGate VPN Integration

Related articles:

Technical Tip: How to delete the ssh-known-hosts for Devices that use custom ports

Troubleshooting Tip: Troubleshooting CLI credential failure