Technical Tip: FortiGate in HA mode unable to connect to FortiToken Cloud

hbac · ‎01-06-2025

Description

This article describes an issue where a pair of FortiGate in HA mode cannot connect to FortiToken Cloud and the FortiGate GUI is showing as no license when trying to activate FortiToken Cloud.

Scope

FortiGate, FortiToken Cloud.

Solution

Example debug outputs from the CLI:

diagnose debug reset

diagnose fortitoken-cloud debug enable

diagnose debug enable

{"error_code": 403, "error_message": "Error ID: 86911c40-c8ed-401e-acf4-14f0d965809b, the sn FGT60FTKBBBBBBBB doesn't belong to the customer 1111111", "error_name": 403}
fas_ssl_recv_rsp[464]: fas_ssl_recv_rsp() is done!
fas_comm_https_req_rsp[524]: fas_ssl_recv_rsp() done with code: 403
fas_comm_https_req_rsp[526]: fas_comm_disconnect() done!
fas_get_service_info[499]: Failed to get service information from FTC server: 403!

To stop debug:

diagnose debug disable

diagnose debug reset

As shown in the debug the serial number FGT60FTKBBBBBBBB which is the secondary HA unit does not belong to the same FortiCloud account as the primary HA unit.

To resolve the issue, make sure both HA units are registered under the same FortiCloud account.

If FortiGate was transferred from another FortiToken Cloud account, make sure to delete it from the old account as mentioned in this article: Technical Tip: Unable to connect to FortiToken Cloud after moving FortiGate or FortiAuthenticator fr....

Related articles:

Technical Tip: How to provision FortiToken cloud

Technical Tip: Verifying FortiToken Cloud Connection/Contract Information/Token Balance

Technical Tip: The HA Cluster requirements

Technical Tip: How to register and activate a FortiCloud account

Technical Tip: FortiGate in HA mode unable to connect to FortiToken Cloud

You are leaving our website