FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
acardona
Staff
Staff
Article Id 340408
Description This article describes the error where the SDN connector shows the status in Down.
Scope FortiGate-vm-oci.
Solution

Execute the following commands to identify the error:

 

diagnose test application ocid 5
diagnose test application ocid 3

 

If the following error appears:

 

http response err: 401
{
"code" : "NotAuthenticated",
"message" : "The required information to complete authentication was not provided or was incorrect."
}
ocid fail to get tenancy id
ocid failed to list compartments from tenancy

 

Or:

 

code 401, retry 1: https://identity.sa-saopaulo-1.oraclecloud.com/183s9328/compartments/ocid1.compartment.oc1..aaaaaaaa................
ocid failed to get compart obj
OCID failed to check compartment ID in sdn config

 

This should match Engineering ID 1073016 and be fixed in 7.2.10 and 7.6.1. 

A fix is already included in 7.4.5 as mentioned in the FortiOS 7.4.5 release notes.

Workaround:

User/Certificate authentication is not affected by this bug. Disable use-metadata-iam and configure user-id/oci-cert in SDN config.

 

The method OCI SDN connector using the AMI role does not work for now. To request more information about this issue, open a ticket with TAC.

 

Related document:

How to configure oci-sdn-connector-using-certificates