Description
This article describes how to establish FGFM tunnel from FortiAnalyzer to FortiCloud, in order to remotely access FortiAnalyzer via the FortiCloud web interface.
Scope
FortiAnalyzer 7.2 or above.
Solution
The region that will be used to connect to the FortiGate Cloud can be found under the FortiGate Cloud -> Account Setting.
FortiAnalyzer configuration:
execute cloud-remote-access login <Account id> <password> <domain> <email confirm>
Note: Commands are case-sensitive. Quotes are always used around the parameters like in this example 'my_Account'.
config system central-management
set type fortigatecloud
end
Update: Under the FortiAnalyzer 7.2.2 the option is changed to the following format:
config system central-management
set type cloud-management
end
Troubleshooting commands:
diagnose debug application forticldd 255
diagnose test application forticldd
curtime : sec=1677502545
Forticldd Diag Test Usage:
1: Daemon info (PID, meminfo, backtrace ...)
2: switch on/off debug messages
3: dump Contract Controller status
4: Update contract controller
5: Show fgfm status
6: Recover fgfm
99: restart forticldd
diagnose fmnetwork interface list
diagnose system admin-session list
Example:
From FortiGate Cloud:
'Services' -> 'Asset Management' -> 'Products' -> 'Product List' -> 'your FortiAnalyzer SN number' -> 'Remote Access' icon. This is the only operation that is supported.
Note that the FortiAnalyzer device needs to be registered with FortiCare under the same account to show up under the 'Asset Management' portal.
Related documents:
