FMG v5.6.0 how to disconnect a fortigate from FMG

Forum|Forum|8 years ago
September 22, 2017
1 reply
10375 views

Does anybody have a quick to just temporary disable a FGT from FMG.? I'm not looking at unregistering. When we set the type to "none" we get the following message

" Please unregister-device from FortiManager first"

Any ideals or is this only controlled by the set allowacces fgfm?

Ken

chall_FTNT

Staff

> set allowacces fgfm

This would prevent FGM from connecting.

Also:

To prevent FGT from attempting to contact FMG, you'd have to remove the FMG IP from the FGT.

To drop the current connection, you'd have to kill the fgfmd process on the FGT. Out of curiosity. Why do you want to do this? This is quite an unusual request.

emnocAuthor

New Member

We tried the set allowaccess and it did not work. I believe the FMG re-push the cfg but we didn't kill the fgfmd process

The reason why, v5.6.0 has strange issues that we want to re-evaluate by removing the FGT from management and then later re-connecting it.

Issues noted;

[ul]

pre-exempt was not working correctly or even at all for various users

webGUI would not display devices, no matter what browser or after repetitive logout and re-login

script executions was good, but install-policies was taking 10-30mins, when it should have been 2mins or less[/ul]

This investigating these issues after an associate has upgraded the unit.

Ken

scao_FTNT

Staff

pls try below workaround see if works for your case

on FGT, config a source IP from a different interface

conf sys central-management

set fmg-source-ip

wrong source IP will fail the tunnel setup between FMG and FGT

Thanks

Simon

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded