|
The FortiGate to FortiManager management tunnel and FortiGate to FortiGate Cloud management tunnel both use the same events with logid 53400 and 53401 to track the tunnel connectivity. Starting in v7.0.12, the log fields are updated to be specific to the management type in use.
When FortiGate Cloud is in use, the logs appear as follows.
Logid 0100053400:
Log Message Reference: 53400 - LOG_ID_FMG_TUNNEL_UP (v7.6.0)
Log Description v7.0.11 and earlier: 'FortiManager tunnel connection up'
Log Description v7.0.12: 'Central Management connectivity is active'
Message v7.0.11 and earlier: 'Connected to FortiManager <A.B.C.D>'
Message v7.0.12: 'Connected to FortiGate Cloud <A.B.C.D>'
Logid 0100053401:
Log Message Reference: 53401 - LOG_ID_FMG_TUNNEL_DOWN (v7.6.0)
Log Description v7.0.11 and earlier: 'FortiManager tunnel connection down'
Log Description v7.0.12: 'Central Management connectivity is inactive'
Messages v7.0.11 and earlier: 'Failed to connect FortiManager <A.B.C.D>', 'Tunnel to FortiManager is down'
Messages v7.0.12: 'Failed to connect Central-management <A.B.C.D>', 'Tunnel to FortiManager is down'
Note that v7.0.12 still has 'Tunnel to FortiManager is down' as a possible log when Central-management type FortiGate Cloud.
With the following configuration FortiGate will attempt to build a management tunnel to FortiGate Cloud, and can generate 'Tunnel to FortiManager is down' events.
config system central-management
set type fortiguard
end
To stop this event from appearing in logs, central management type can be set to 'none' as below. Note this configuration will disable the FortiGate management tunnel to FortiGate Cloud, if any. This should not be done without another method of administering the FortiGate.
config system central-management
set mode normal
set type none
end
See 'How to disable management tunnel to FortiGate Cloud' for more details on the effects of disabling FortiGate management tunnel to FortiGate Cloud.
|
