Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
caunon
Staff
Staff

Created on ‎07-30-2024 09:45 AM Edited on ‎07-17-2025 08:40 AM By Moderator

Article Id 329136

Troubleshooting Tip: How to fix the 'Unable to connect to central management' message after upgrading firmware version

Description

This article describes how to resolve a situation where the 'Unable to connect to central management' message appears after upgrading the firmware version of FortiGate.
Scope

FortiGate v7.x.
Solution

After upgrading the firmware version, FortiGate may show a notification in the top right that states 'Unable to connect to central management'.

 

When this occurs, FortiGate/FortiManager Cloud settings become unavailable.

 

1.png

 

This can be fixed via the GUI or CLI commands.

 

In the GUI:

Check the DNS settings and make sure that the DNSs are not 'Unreachable'.

 

 1.jpg

 

 

In the CLI:

 

Check the DNS settings and make sure that the DNSes are not 'Unreachable'.

 

diagnose test application dnsproxy 2
worker idx: 0
worker: count=1 idx=0
retry_interval=500 query_timeout=1495
DNS latency info:
vfid=0 server=96.45.45.45 latency=-1 updated=105
vfid=0 server=96.45.46.46 latency=-1 updated=105
SDNS latency info:
DNS_CACHE: alloc=0, hit=0
RATING_CACHE: alloc=0, hit=0
DNS query: alloc=7

 

From the Firewall CLI:

 

config system dns

set primary 96.45.45.45
set secondary 96.45.46.46
set protocol dot <----- Set protocol cleartext.
set interface-select-method specify <----- Set interface-select-method auto.
set interface "port3"

end

 

config system dns

set primary 96.45.45.45
set secondary 96.45.46.46
set protocol cleartext
set interface-select-method auto 

end

 

2.jpg

If the issue persists, try to restart the FortiCloud daemon.

 

# fnsysctl killall forticldd

 

If this does not work, go to Security Fabric -> Fabric Connectors -> Security Fabric Connectors -> Central Management.

 

2.png

 

Select 'Central Management' and select Edit.

 

3.png

Go to Central Management Settings -> Settings -> Status: Select 'Disabled' -> OK.

 

4.png

Try to select another tab and select Security Fabric -> Fabric Connectors, or log out and log in again. The 'Unable to connect to central management' error message in the top right will disappear after doing so.

 

5.png

Via CLI commands:

 

Run the following commands in the FortiGate CLI:

 

config system central-management

set type none

end

 

Log out and log in again. The 'Unable to connect to central management' error message in the top right will disappear after doing so.

 

FortiManager Cloud:

 

In some scenarios, the DNS resolves fortimanager.forticloud.com but FortiManager Cloud connection fails or is not managed, and the debug shows no output:

 

diagnose debug application fgfmd -1

diagnose debug enable

 

If this is the case, check the interface used for traffic. If SD-WAN is configured, try using SD-WAN and review the debug output to see if it resolves the issue.

 

config system central-management

set interface-select-method sdwan

end

 

For further troubleshooting between FortiGate and FortiManager Cloud, see Troubleshooting Tip: How to connect FortiGate to FortiManager Cloud and troubleshoot connectivity is....

 

Related articles:

Technical Tip: FortiGuard Flags and Meanings 

Technical Tip: FortiGate Central Management: FortiGate Cloud connection status 'Not Managed' 

Troubleshooting Tip: Unable to connect to FortiGuard servers 
11191
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.