FortiGate 5.6.2 always in a conflict state.

Question

Hello,

I have a situation on a FortiManager lab: i've added a FortiGate 70D version v5.6.2 build1486 (GA) to the latest and fresh-installed FortiManager version, v5.6.0-build1557 170727 (GA). When i first add the device there are no conflicts nor errors, then i modify -via FMG- a tiny object and when i try to apply the changes i see lots of stuff being updated, such as:

[ul]

VPN Certificate CA (root_Internal_CA)

UUIDs for IPv4 addresses: SSLVPN_TUNNEL_ADDR1, all.

UUIDs for IPv6 addresses: SSLVPN_TUNNEL_IPv6_ADDR1, all

Settings for the webproxy custom service.

Settings for switch controller security policy 802-1X-policy-default

Settings for lots of wtp-profiles: FAP221E-default, FAP222E-default, FAP223E-default, FAPS221E-default, FAPS223E-default, FAPU221EV-default, FAPU223EV-default, FAPU321EV-default, FAPU323EV-default.[/ul]

This fails. I've attached the log to this post. After that the device is always in a "conflict" state.

FWIW, when i imported it, i said that FMG should use the settings from the device.

"diagnose dvm supported-platforms list" shows, to my understanding, that it should be supported:

fmg.druidics.local # diagnose dvm supported-platforms list product abbrev fdsid support-versions

FortiGate: Supported Versons: version: 500, mr: 0, branchpt: 1-484 version: 500, mr: 2, branchpt: 485-891 version: 500, mr: 4, branchpt: 892-1390 version: 500, mr: 6, branchpt: 1391-2000

[...]

FortiGate-70D FGT70D FGT70D v5.0/5.2/5.4/5.6 FortiGate-70D-POE FG70DP FG70DP v5.0/5.2/5.4/5.6

Any clues? Thanks in advance.