Policy Status Unknown in FM/Device Manager/Policy Package Status

Forum|Forum|6 years ago
April 16, 2020
1 reply
5969 views

Fortimanager VM-64 / 6.2.3

Upgraded several FGT-60D and 100D from 5.4.4 <-> 6.0.8 following suggested upgrade path

In FM Device Manager under Policy Package Status –the policies of these Fortigates have grey question mark with status= unknown. I tried a refresh but it didn’t changes the status, I can’t import policy b/c I get the error message : import policy is not executed b/c devices firmware version is different with ADOM version. I have one ADOM for 5.4.4 and read somewhere I could upgrade the fortigates to a higher FortiOS and when all the Fortigates have been upgraded then I can just edit the ADOM name..But the other Fortigates in this ADOM will be upgraded over the next few weeks. But I’d rather have these policies not in an unknown state until then. Any suggestions? Should I try to re-install the policy?

localhost

Visitor III

You have two options:

- Upgrade all Fortigates in your vdom to 6.x and afterwards upgrade the ADOM version in FortiManager.

If the Fortigate version does not match the ADOM version in FortiManager you are unable to import/deploy any settings for that specific Fortigate. There are some exceptions, see table below.

- Create a new 6.0 ADOM. Import the upgraded device into the new ADOM and for time being use two different ADOMs for managing your Fortigates.

There is limited support if the versions are just one major release apart:

Nonetheless, I personally prefer going the 'new adom' route.

Technical Tip: How to upgrade an ADOM on FortiManager:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD47857

fortimanager.JPG

vlw38Author

New Member

I took your suggestion and went the new ADOM route.

Everything good. Thank you

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded