Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Welcome 2026 Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate Cloud
FortiGate Cloud provides cloud-based management for FortiGate devices.
- Fortinet Community
- Knowledge Base
- FortiGate Cloud
- Customer Service Note: FortiGate Cloud Frequently ...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Anonymous
Not applicable
Created on
04-19-2019
03:17 AM
Edited on
11-30-2024
09:52 PM
By
Anthony_E
Article Id
198320
Description
This article provides a list of frequently asked questions concerning FortiGate Cloud.
Scope
FortiGate Cloud.
Solution
Q: What to do when receiving an "Invalid Username or Password" or "FortiGate CloudInternal Error" message while activating FortiGate Cloudon FortiGate?
Q: How to switch FortiGate Cloud account ID from A to B (where B does not exist in FortiGate Cloud as an account ID)?
Q: How to transfer FortiGate devices in account A to account B within the same domain?
Q: How to activate FortiGate Cloud on HA-paired FortiGate devices?
Q: How to bring management tunnel status up online on the FortiGate device>
Q: How come no matter what I do, the management tunnel is still down.
Q: What to do if the FortiGate device stays in an inactive state for more than 24 hours?
Q: What to do if the "Device is already in inventory" message is seen when trying to add a device by key?.
Q: What to do if the report key cannot be used to add a FortiGate device (an invalid key message is received).
Answer: Some possible causes are:
- FortiGate Cloud account and FortiGate device must be within the same domain (global or Europe)
- Password must be less than 20 characters in length
- For FortiOS v5.4 or lower, special characters in password are not supported by FortiOS
- Devices in HA pair must be activated individually: disable HA setting > activate each device > reform the HA pair
- If all of conditions above are fulfilled, check the network settings, make sure nothing is blocking port 443 and that it is possible to telnet to logctrl1.fortinet.com
- In CLI, enable FortiGate Cloud debug then manually update log server config by typing in the following:
# diag debug app forticldd -1
# diag debug enable
# diag fdsm log-controller-update
Q: How to switch FortiGate Cloud account ID from A to B (where B does not exist in FortiGate Cloud as an account ID)?
Answer:
- Login to FortiGate Cloud portal with email A
- Add a new admin user with email B
- After activating B, set B as Primary User of the account
- Login with email B and delete user A
- On the FortiGate WebUI , logout from A then login with B.
Q: How to transfer FortiGate devices in account A to account B within the same domain?
Answer:
- Login to FortiGate Cloud portal with A
- Go to the home page > FortiGate > click on the gear wheel logo > select Authorise New Account > enter account email B
- Login locally into FortiGate device's UI
- Logout from A, then login with B
- Historical data will be preserved
- If Authorise New Account is not set, or it is set but customer tries to login with account other than B, the device will be RMAed under account A, no historical data will be presented under the new account
- If Authorise New Account is set, but the customer undeploy the device prior to logging in with B, historical data will be erased completely.
Q: How to activate FortiGate Cloud on HA-paired FortiGate devices?
Answer:
- FortiGate WebUI > System > HA, click icon `Disconnect from cluster` of a FortiGate
- Choose proper interface and input proper IP, and click OK
- Connect to IP input at step 2 to activate FortiGate Cloud
- Repeat above to activate FortiGate Cloud in all FortiGates in the HA
- FortiGate > Dashboard > HA Status, click link Configure to reform the HA pair
Q: How to bring management tunnel status up online on the FortiGate device>
A: In CLI, type in the following:
# config system central-management
# set mode backup
# set type fortiguard
# end
# exec reboot
Q: How come no matter what I do, the management tunnel is still down.
Answer: If the FortiGate device has just been removed from a FortiGate Cloud , it may take up to 10 minutes for it to be added back to FortiGate Cloud . In this case, if the regular operations cannot bring the management tunnel up online, logout from FortiGate Cloud and wait for 10 minutes then re-activate FortiGate Cloud on the device.
Q: What to do if the FortiGate device stays in an inactive state for more than 24 hours?
Answer: Check the network settings and make sure nothing is blocking port 443. Verify it is possible to telnet to logctrl1.fortinet.com through port 443. Logout from FortiGate Cloud within device's UI then login again.
Q: What to do if the "Device is already in inventory" message is seen when trying to add a device by key?.
Answer: If the device is either undeployed, or there is no log being uploaded to FortiGate Cloud , remove that device from inventory then try again.
Q: What to do if the report key cannot be used to add a FortiGate device (an invalid key message is received).
Answer: Try to login locally to device's WebUI, and activate FortiGate Cloud by Login. If you do not have local access to the device, then verify the key is consistent with record in key list on dispatcher. Reset key validity flag to 1 on https://logctrl1.fortinet.com/com.fortinet.dispatcher.gwt.Main/Main.html.
Q: How to move an AP from account A to account B (received AP is already in inventory message)
Answer: The AP has to be removed completely from account A before it can be added to account B.First, login to account A, find the AP from AP network, then remove it from the AP network.Go to AP Inventory and delete the AP from the inventory.Login to account B, deploy the AP into an AP network with its FortiGate Cloud key.
Q: What to do if FortiGate Cloud activation is successful on device but cannot see it in portal?
Answer: When a new device is added to FortiGate Cloud, it can be dispatched to the global or the European FortiGate Cloud service by its IP geo-location. User may click on the switch service icon (double arrow besides logout) to see if the device has been deployed to another service.If the device is running on FortiOS version supporting domain selection at login, then user may go directly to global (www.forticloud.com) or Europe (europe.forticloud.com)
Q: How to switch a device from global service to Europe service, or vice versa?
Answer: Login to FortiGate Cloud portal and find the device to be moved. Click on the gearwheel-shape Config icon and select Data Center Location from the drop-down list. Select Move to and submit.
Please note that user needs to logon to the device's webUI and re-activate FortiGate Cloud to actually see the device in account under desired service. The device can also be moved back with the same steps under the new service. Existing logs will be stored under the old service and newly uploaded logs will be stored under the new service.
Q: Why am I able to log into FortiGate Cloud portal but cannot activate FortiGate Cloud on a FortiGate device with the same set of credentials?
Answer: When using FortiOS v5.4 or lower, special characters in password are not supported by FortiOS, so it will send garbage data to FortiGate Cloud when trying to activate FortiGate Cloud support special characters in password without any problems.
A solution may be to either remove special characters in password, or upgrade FortiGate device's firmware to v5.6 or newer.
Q: What happens if storage contract expires?
Answer: Data older than 7 days will be purged permanently.
Labels:
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2026 Fortinet, Inc. All Rights Reserved.