This article describes how to manage a lower version of FortiGate (6.4 in this example) using FortiManager Cloud.
On FortiManager Cloud, the user is using the latest version.
In general, the FortiGate version should match the ADOM version in order to import policies and objects.
As FortiManager Cloud does not support multiple ADOMs, it is not possible to create a new 6.4 ADOM.
For example, FortiManager Cloud on v7.0.x or 7.2.x with policy package version 7.0 or 7.2:
|Scope||FortiManager Cloud, FortiGate.|
Reset the ADOM version on FortiManager Cloud to v6.4.
Use the below command to reset the ADOM version to 6.4:
# execute reset adom-settings <adom_name> 6 4 0
This will wipe out the ADOM level configuration (policies and objects) completely. In addition, run this command the ADOM must be empty.
But if there are already some FortiGates already added to FortiManager Cloud, it is necessary to reconfigure all the FortiGates to point to FortiManager Cloud again.
Therefore, to avoid this, it is possible to change the FortiManager Cloud mode to offline so when the FortiGates are deleted, the FortiManager Cloud configuration will not be removed from the FortiGates.
Then, once the ADOM is on v6.4, it is simply possible to disable the offline mode and authorize the FortiGates from the unauthorized device list.
Change to offline mode:
Go to System settings -> Advanced Settings -> Offline Mode and select 'Enable'.
Delete all the managed devices if any, go to device manager, select all the managed devices and delete.
Then reset the ADOM to 6.4:
# execute reset adom-settings root 6 4 0
Verify the ADOM version is 6.4:
Disable offline mode:
Go to System settings -> Advanced Settings -> Offline Mode and select 'Disable'.
Authorize the device/s and now, as the ADOM version matches, it is possible to import the configuration.