FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
acvaldez
Staff
Staff
Article Id 257184
Description

This article describes how to manage FortiGate in the FortiCloud environment.

Scope

FortiGate and FortiCloud Management.

Solution

Select 'Activate the FortiGate Cloud pane' on the Dashboard Status of the FortiGate.

 

imahe uno.png

Fill the username and password with the FortiGate Cloud username and password. 

 

imahe dos.png

 

The FortiGate Cloud on FortiGate is now activated.

 

imahe tres.png

By accessing the FortiGate Cloud, the FortiGate is part of the device-managed list.

 

imahe kwatro.png

 

Note:

On a no-subscription plan, there is only read-only access, which means it is possible to view the FortiGate settings but cannot make any changes to the Firewall.

This may result in the CLI being disabled, compared to the full version, which requires a separate entitlement that allows to make changes to the Firewall from FortiCloud. Reach out to the Customer Service Team or Sales to avail of this full subscription service.

 

Debugging:

 

diag debug reset

diag debug disable

diag debug app console timestamp

diag debug app forticldd -1

diag debug enable

 

Sample debug output of Forticldd:

 

2023-05-19 14:53:01 [870] tcps_connect: 173.243.132.27:443 -- ret 1, state 0x12(SSL-Connecting) -> 0x12(SSL-Connecting)
2023-05-19 14:53:01 [385] __bio_mem_dump: OCSP status good

2023-05-19 14:53:01 [360] __ssl_crl_verify_cb: Cert error 20, unable to get local issuer certificate. Depth 0
2023-05-19 14:53:01 [870] tcps_connect: 154.52.4.171:443 -- ret 1, state 0x12(SSL-Connecting) -> 0x12(SSL-Connecting)
2023-05-19 14:53:01 [385] __bio_mem_dump: OCSP status good

2023-05-19 14:53:01 [360] __ssl_crl_verify_cb: Cert error 20, unable to get local issuer certificate. Depth 0
2023-05-19 14:53:01 [870] tcps_connect: 154.52.4.172:443 -- ret 1, state 0x12(SSL-Connecting) -> 0x12(SSL-Connecting)
2023-05-19 14:53:01 [755] __tcps_ssl_connect: SSL connected.
2023-05-19 14:53:01 [870] tcps_connect: 173.243.132.27:443 -- ret 0, state 0x12(SSL-Connecting) -> 0x5(Established)
2023-05-19 14:53:01 [491] fds_https_connect: https_connect(173.243.132.27:443) is established.
2023-05-19 14:53:01 [300] fds_svr_default_on_established: message-controller has connected to ip=173.243.132.27:443
2023-05-19 14:53:01 [307] fds_svr_default_on_established: server-message-controller handles cmd-101
2023-05-19 14:53:01 [128] fds_pack_objects: number of objects: 1
2023-05-19 14:53:01 [98] fds_print_msg: FCPC: len=182
2023-05-19 14:53:01 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:01 [105] fds_print_msg: Command=UpdateMsg
2023-05-19 14:53:01 [105] fds_print_msg: Firmware=FGVMK6-FW-7.02-1396
2023-05-19 14:53:01 [105] fds_print_msg: SerialNumber=FGVM04TM22008837
2023-05-19 14:53:01 [105] fds_print_msg: TimeZone=8
2023-05-19 14:53:01 [105] fds_print_msg: TimeZoneInMin=480
2023-05-19 14:53:01 [105] fds_print_msg: DataItem=CurrentServer:208.91.113.184:443
2023-05-19 14:53:01 [105] fds_print_msg: Status:unknown
2023-05-19 14:53:01 [98] fds_print_msg: http req: len=261
2023-05-19 14:53:01 [105] fds_print_msg: POST https://173.243.132.27:443/FCPService/Controller HTTP/1.1
2023-05-19 14:53:01 [105] fds_print_msg: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
2023-05-19 14:53:01 [105] fds_print_msg: Host: 173.243.132.27:443
2023-05-19 14:53:01 [105] fds_print_msg: Cache-Control: no-cache
2023-05-19 14:53:01 [105] fds_print_msg: Connection: close
2023-05-19 14:53:01 [105] fds_print_msg: Content-Type: application/octet-stream
2023-05-19 14:53:01 [105] fds_print_msg: Content-Length: 374
2023-05-19 14:53:01 [495] fds_https_connect: http request to 173.243.132.27:443: header=261, ext=374.
2023-05-19 14:53:01 [235] fds_https_send: sent 261 bytes: pos=0, len=261
2023-05-19 14:53:01 [242] fds_https_send: 173.243.132.27:443: sent 261 byte header, now send 374-byte body
2023-05-19 14:53:01 [235] fds_https_send: sent 374 bytes: pos=0, len=374
2023-05-19 14:53:01 [250] fds_https_send: sent the entire request to server: 173.243.132.27:443
2023-05-19 14:53:01 [755] __tcps_ssl_connect: SSL connected.
2023-05-19 14:53:01 [870] tcps_connect: 154.52.4.171:443 -- ret 0, state 0x12(SSL-Connecting) -> 0x5(Established)
2023-05-19 14:53:01 [491] fds_https_connect: https_connect(154.52.4.171:443) is established.
2023-05-19 14:53:01 [300] fds_svr_default_on_established: log-controller has connected to ip=154.52.4.171:443
2023-05-19 14:53:01 [307] fds_svr_default_on_established: server-log-controller handles cmd-111
2023-05-19 14:53:01 [128] fds_pack_objects: number of objects: 1
2023-05-19 14:53:01 [98] fds_print_msg: FCPC: len=173
2023-05-19 14:53:01 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:01 [105] fds_print_msg: Command=Update
2023-05-19 14:53:01 [105] fds_print_msg: Firmware=FGVMK6-FW-7.02-1396
2023-05-19 14:53:01 [105] fds_print_msg: SerialNumber=FGVM04TM22008837
2023-05-19 14:53:01 [105] fds_print_msg: TimeZone=8
2023-05-19 14:53:01 [105] fds_print_msg: TimeZoneInMin=480
2023-05-19 14:53:01 [105] fds_print_msg: DataItem=AccountID:acvaldez@fortinet.com
2023-05-19 14:53:01 [105] fds_print_msg: Vdom:root
2023-05-19 14:53:01 [98] fds_print_msg: http req: len=257
2023-05-19 14:53:01 [105] fds_print_msg: POST https://154.52.4.171:443/FCPService/Controller HTTP/1.1
2023-05-19 14:53:01 [105] fds_print_msg: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
2023-05-19 14:53:01 [105] fds_print_msg: Host: 154.52.4.171:443
2023-05-19 14:53:01 [105] fds_print_msg: Cache-Control: no-cache
2023-05-19 14:53:01 [105] fds_print_msg: Connection: close
2023-05-19 14:53:01 [105] fds_print_msg: Content-Type: application/octet-stream
2023-05-19 14:53:01 [105] fds_print_msg: Content-Length: 365
2023-05-19 14:53:01 [495] fds_https_connect: http request to 154.52.4.171:443: header=257, ext=365.
2023-05-19 14:53:01 [235] fds_https_send: sent 257 bytes: pos=0, len=257
2023-05-19 14:53:01 [242] fds_https_send: 154.52.4.171:443: sent 257 byte header, now send 365-byte body
2023-05-19 14:53:01 [755] __tcps_ssl_connect: SSL connected.
2023-05-19 14:53:01 [870] tcps_connect: 154.52.4.172:443 -- ret 0, state 0x12(SSL-Connecting) -> 0x5(Established)
2023-05-19 14:53:01 [491] fds_https_connect: https_connect(154.52.4.172:443) is established.
2023-05-19 14:53:01 [300] fds_svr_default_on_established: Contract-controller has connected to ip=154.52.4.172:443
2023-05-19 14:53:01 [307] fds_svr_default_on_established: server-Contract-controller handles cmd-4
2023-05-19 14:53:01 [128] fds_pack_objects: number of objects: 1
2023-05-19 14:53:01 [98] fds_print_msg: FCPC: len=319
2023-05-19 14:53:01 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:01 [105] fds_print_msg: Command=UpdateMgr
2023-05-19 14:53:01 [105] fds_print_msg: Firmware=FGVMK6-FW-7.02-1396
2023-05-19 14:53:01 [105] fds_print_msg: SerialNumber=FGVM04TM22008837
2023-05-19 14:53:01 [105] fds_print_msg: TimeZone=8
2023-05-19 14:53:01 [105] fds_print_msg: TimeZoneInMin=480
2023-05-19 14:53:01 [105] fds_print_msg: DataItem=AccountID:acvaldez@fortinet.com
2023-05-19 14:53:01 [105] fds_print_msg: ManagementID:00000000-0000-0000-0000-000000000000
2023-05-19 14:53:01 [105] fds_print_msg: Address:10.47.17.64
2023-05-19 14:53:01 [105] fds_print_msg: Hostname:FGT_Cloud_Test
2023-05-19 14:53:01 [105] fds_print_msg: System:FGT
2023-05-19 14:53:01 [105] fds_print_msg: Platform:VM64-KVM
2023-05-19 14:53:01 [105] fds_print_msg: BuildNum:1396
2023-05-19 14:53:01 [105] fds_print_msg: Release:MR02-P4
2023-05-19 14:53:01 [98] fds_print_msg: http req: len=257
2023-05-19 14:53:01 [105] fds_print_msg: POST https://154.52.4.172:443/FCPService/Controller HTTP/1.1
2023-05-19 14:53:01 [105] fds_print_msg: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
2023-05-19 14:53:01 [105] fds_print_msg: Host: 154.52.4.172:443
2023-05-19 14:53:01 [105] fds_print_msg: Cache-Control: no-cache
2023-05-19 14:53:01 [105] fds_print_msg: Connection: close
2023-05-19 14:53:01 [105] fds_print_msg: Content-Type: application/octet-stream
2023-05-19 14:53:01 [105] fds_print_msg: Content-Length: 511
2023-05-19 14:53:01 [495] fds_https_connect: http request to 154.52.4.172:443: header=257, ext=511.
2023-05-19 14:53:01 [235] fds_https_send: sent 365 bytes: pos=0, len=365
2023-05-19 14:53:01 [250] fds_https_send: sent the entire request to server: 154.52.4.171:443
2023-05-19 14:53:01 [235] fds_https_send: sent 257 bytes: pos=0, len=257
2023-05-19 14:53:01 [242] fds_https_send: 154.52.4.172:443: sent 257 byte header, now send 511-byte body
2023-05-19 14:53:01 [235] fds_https_send: sent 511 bytes: pos=0, len=511
2023-05-19 14:53:01 [250] fds_https_send: sent the entire request to server: 154.52.4.172:443
2023-05-19 14:53:01 [286] fds_https_recv: read 716 bytes: pos=716, buf_len=8192
2023-05-19 14:53:01 [308] fds_https_recv: received the header from server: 173.243.132.27:443, [HTTP/1.1 200
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/octet-stream
Content-Length: 311
Date: Fri, 19 May 2023 06:53:01 GMT
Connection: close]
2023-05-19 14:53:01 [371] fds_https_recv: Do memmove buf_len=311, pos=311
2023-05-19 14:53:01 [381] fds_https_recv: server: 173.243.132.27:443, buf_len=311, pos=311
2023-05-19 14:53:01 [425] fds_https_recv: received a packet from server-173.243.132.27:443: sz=311, objs=1
2023-05-19 14:53:01 [643] fds_https_stop_server: 173.243.132.27:443
2023-05-19 14:53:01 [205] __ssl_data_ctx_free: Done
2023-05-19 14:53:01 [1047] ssl_free: Done
2023-05-19 14:53:01 [197] __ssl_cert_ctx_free: Done
2023-05-19 14:53:01 [1057] ssl_ctx_free: Done
2023-05-19 14:53:01 [1038] ssl_disconnect: Shutdown
2023-05-19 14:53:01 [454] fds_https_recv: obj-0: type=FCPR, len=119
2023-05-19 14:53:01 [333] fds_svr_default_on_response: server-message-controller handles cmd-101
2023-05-19 14:53:01 [98] fds_print_msg: fcpr: len=115
2023-05-19 14:53:01 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:01 [105] fds_print_msg: Response=202
2023-05-19 14:53:01 [105] fds_print_msg: ResponseItem=HomeServer:208.91.113.184
2023-05-19 14:53:01 [105] fds_print_msg: Contract:19691231
2023-05-19 14:53:01 [105] fds_print_msg: NextRequest:86400
2023-05-19 14:53:01 [105] fds_print_msg: Quota:0
2023-05-19 14:53:01 [105] fds_print_msg: Used:0
2023-05-19 14:53:01 [426] fds_free_tsk: cmd=101; req.noreply=0
2023-05-19 14:53:02 [286] fds_https_recv: read 858 bytes: pos=858, buf_len=8192
2023-05-19 14:53:02 [308] fds_https_recv: received the header from server: 154.52.4.171:443, [HTTP/1.1 200
Set-Cookie: JSESSIONID=DA633870B741D75C732CA702A99F523C; Path=/; HttpOnly
X-FRAME-OPTIONS: SAMEORIGIN
Date: Fri, 19 May 2023 06:53:01 GMT
Keep-Alive: timeout=60
Server: FortiCloud
Content-Type: application/octet-stream
Content-Length: 576
Connection: close]
2023-05-19 14:53:02 [371] fds_https_recv: Do memmove buf_len=576, pos=576
2023-05-19 14:53:02 [381] fds_https_recv: server: 154.52.4.171:443, buf_len=576, pos=576
2023-05-19 14:53:02 [425] fds_https_recv: received a packet from server-154.52.4.171:443: sz=576, objs=1
2023-05-19 14:53:02 [643] fds_https_stop_server: 154.52.4.171:443
2023-05-19 14:53:02 [205] __ssl_data_ctx_free: Done
2023-05-19 14:53:02 [1047] ssl_free: Done
2023-05-19 14:53:02 [197] __ssl_cert_ctx_free: Done
2023-05-19 14:53:02 [1057] ssl_ctx_free: Done
2023-05-19 14:53:02 [1038] ssl_disconnect: Shutdown
2023-05-19 14:53:02 [454] fds_https_recv: obj-0: type=FCPR, len=384
2023-05-19 14:53:02 [333] fds_svr_default_on_response: server-log-controller handles cmd-111
2023-05-19 14:53:02 [98] fds_print_msg: fcpr: len=380
2023-05-19 14:53:02 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:02 [105] fds_print_msg: Response=202
2023-05-19 14:53:02 [105] fds_print_msg: Firmware=FAZ-4K-FW-2.50-100
2023-05-19 14:53:02 [105] fds_print_msg: SerialNumber=FAMS000000000000
2023-05-19 14:53:02 [105] fds_print_msg: Persistent=false
2023-05-19 14:53:02 [105] fds_print_msg: ResponseItem=HomeServer:173.243.132.34:514
2023-05-19 14:53:02 [105] fds_print_msg: AlterServer:173.243.132.121:514
2023-05-19 14:53:02 [105] fds_print_msg: APTServer:173.243.132.34:514
2023-05-19 14:53:02 [105] fds_print_msg: APTAlterServer:173.243.132.121:514
2023-05-19 14:53:02 [105] fds_print_msg: AccountType:regular
2023-05-19 14:53:02 [105] fds_print_msg: Contract:20230915
2023-05-19 14:53:02 [105] fds_print_msg: ContractType:Basic
2023-05-19 14:53:02 [105] fds_print_msg: NextRequest:86400
2023-05-19 14:53:02 [105] fds_print_msg: Disk:500000000
2023-05-19 14:53:02 [105] fds_print_msg: Used:0.0
2023-05-19 14:53:02 [105] fds_print_msg: Volume:1000000
2023-05-19 14:53:02 [105] fds_print_msg: Archive:True
2023-05-19 14:53:02 [105] fds_print_msg: Domain:GLOBAL
2023-05-19 14:53:02 [753] log_update_res: Got rsp: Home=173.243.132.34:514 Alter=173.243.132.121:514 Contract=20230915 Disk=500000000 Used=0 Vol=1000000 Arch=1 next-up
d=86400 Domain=GLOBAL AccountType=regular FAZCLOUD=
2023-05-19 14:53:02 [426] fds_free_tsk: cmd=111; req.noreply=0
2023-05-19 14:53:02 [3315] fds_handle_request: Received cmd 116 from pid-2135, len 0
2023-05-19 14:53:02 [470] fds_send_reply: Sending 8 bytes data.
2023-05-19 14:53:02 [3315] fds_handle_request: Received cmd 116 from pid-2135, len 0
2023-05-19 14:53:02 [470] fds_send_reply: Sending 8 bytes data.
2023-05-19 14:53:06 [286] fds_https_recv: read 769 bytes: pos=769, buf_len=8192
2023-05-19 14:53:06 [308] fds_https_recv: received the header from server: 154.52.4.172:443, [HTTP/1.1 200
Set-Cookie: JSESSIONID=9A754DEFC3B9FC9C6DB1FAA9029C021F; Path=/; HttpOnly
X-FRAME-OPTIONS: SAMEORIGIN
Date: Fri, 19 May 2023 06:53:05 GMT
Keep-Alive: timeout=60
Server: FortiCloud
Content-Type: application/octet-stream
Content-Length: 487
Connection: close]
2023-05-19 14:53:06 [371] fds_https_recv: Do memmove buf_len=487, pos=487
2023-05-19 14:53:06 [381] fds_https_recv: server: 154.52.4.172:443, buf_len=487, pos=487
2023-05-19 14:53:06 [425] fds_https_recv: received a packet from server-154.52.4.172:443: sz=487, objs=1
2023-05-19 14:53:06 [643] fds_https_stop_server: 154.52.4.172:443
2023-05-19 14:53:06 [205] __ssl_data_ctx_free: Done
2023-05-19 14:53:06 [1047] ssl_free: Done
2023-05-19 14:53:06 [197] __ssl_cert_ctx_free: Done
2023-05-19 14:53:06 [1057] ssl_ctx_free: Done
2023-05-19 14:53:06 [1038] ssl_disconnect: Shutdown
2023-05-19 14:53:06 [454] fds_https_recv: obj-0: type=FCPR, len=295
2023-05-19 14:53:06 [333] fds_svr_default_on_response: server-Contract-controller handles cmd-4
2023-05-19 14:53:06 [98] fds_print_msg: fcpr: len=291
2023-05-19 14:53:06 [105] fds_print_msg: Protocol=2.0
2023-05-19 14:53:06 [105] fds_print_msg: Response=202
2023-05-19 14:53:06 [105] fds_print_msg: Firmware=FAZ-4K-FW-2.50-100
2023-05-19 14:53:06 [105] fds_print_msg: SerialNumber=FAMS000000000000
2023-05-19 14:53:06 [105] fds_print_msg: Persistent=false
2023-05-19 14:53:06 [105] fds_print_msg: ResponseItem=HomeServer:208.91.113.23:443
2023-05-19 14:53:06 [105] fds_print_msg: AlterServer:208.91.113.23:443
2023-05-19 14:53:06 [105] fds_print_msg: AccountType:regular
2023-05-19 14:53:06 [105] fds_print_msg: Contract:20230915
2023-05-19 14:53:06 [105] fds_print_msg: NextRequest:86400
2023-05-19 14:53:06 [105] fds_print_msg: UploadConfig:False
2023-05-19 14:53:06 [105] fds_print_msg: ManagementMode:Local
2023-05-19 14:53:06 [105] fds_print_msg: ManagementID:852002003
2023-05-19 14:53:06 [1994] ctrl_upd_res: Reset management servers and id
2023-05-19 14:53:06 [1378] fds_svr_add_server: Server 'manager' addr '208.91.113.23' is added.
2023-05-19 14:53:06 [1362] fds_svr_add_server: Server 'manager' addr '208.91.113.23' already in list.
2023-05-19 14:53:06 [643] fds_https_stop_server:
2023-05-19 14:53:06 [145] fds_svr_default_pickup_server: manager: 208.91.113.23:443
2023-05-19 14:53:06 [1361] fds_set_schedule: Set schedule off, type=0
2023-05-19 14:53:06 [1361] fds_set_schedule: Set schedule off, type=1
2023-05-19 14:53:06 [1361] fds_set_schedule: Set schedule off, type=2
2023-05-19 14:53:06 [426] fds_free_tsk: cmd=4; req.noreply=0
2023-05-19 14:53:07 [3315] fds_handle_request: Received cmd 116 from pid-2135, len 0
2023-05-19 14:53:07 [470] fds_send_reply: Sending 8 bytes data.
2023-05-19 14:53:07 [3315] fds_handle_request: Received cmd 116 from pid-2135, len 0
2023-05-19 14:53:07 [470] fds_send_reply: Sending 8 bytes data.