FortiGate to FortiManager: FGFM Protocol flow

Question

I was trying to understand about FGFM protocol and it is used to onboard FGT into FMG or enabling communication between FGT & FMG to manage the FGT via FMG centrally.

I have below list of queries to understand more about this protocol. can anyone knows more about this protocol ?

What is Fortinet recommended setup to establish a FGFM communication between FGT to FMG or vice versa over Internet? Using Public IP or Using SDWAN overlay with Private IP?
How is the FGFM communication secured over internet?
If FortiGate uses broadband connection with shared Public IP, then how to make secure connectivity with FortiManager over BB? & How it is secured?
Is CLI commands pushed to FGT from FMG using JSON script? Or CLI commands pushed to FGT directly from FMG?
What is the use case of JSON script & RTM protocol between FGT & FMG?

6. FGFM tunnel (This tunnel is established between FGT & FMG, Is it secure?) using BIOS certificate & TLS tunnel using Fortinet CA certificate. please confirm the same

Anthony_E · Answer

Hello Kavi,

I have found these documents which explain the FGFM protocol:

https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/373486/fgfm-fortigate-to-fortimanager-protocol

https://community.fortinet.com/t5/FortiManager/Technical-Tip-How-to-verify-FortiGate-to-FortiManager-FGFM/ta-p/213707

Could you please tell me if it helps?

Regards,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded