Technical Tip: Cannot communicate with remote unit error when configuration was done from CLI

This article describes how to correctly configure FortiGate to be managed by FortiManager from CLI.

By configuring FortiManager IP in central-management section FortiGate doesn't send a registration request by default resulting in a situation below:

- On FortiGate:

# config system central-management
    # set type fortimanager
    # set fmg "10.5.56.196"
# end

- On FortiManager:

# diag dvm device list

--- There are currently 1 devices/vdoms managed ---
--- There are currently 0 devices/vdoms count for license ---

TYPE OID SN HA IP NAME ADOM IPS FIRMWARE
unregistered 445 FGVMXXXXXXXXXX - 10.5.56.178 FGT-Branch_2 root 19.00208 (regular) 6.0 MR2 (1066)
|- STATUS: dev-db: unknown; conf: out of sync; cond: unregistered; dm: none; conn: unknown; FMGC
|- vdom:[3]root flags:0 adom:root pkg:[never-installed]

The current status of FortiGate is unregistered.

However if administrator tries to authorize it from FortiManager GUI the following error will be shown:

In addition to FortiManager IP configuration of FortiGate it is also necessary to send an authorization request using the following command:

# exec central-mgmt register-device<fmg-serial-no> <fmg-register-password>

It will show the output as below:

Start Registering ...
Registering request sent

After that FortiGate can be correctly authorized on FortiManager.