Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
jasonhong
Staff
Staff

Created on ‎04-15-2024 10:41 PM

Article Id 309894

Technical Tip: FortiManager/FortiAnalyzer-VM License Validation methods

Description

This article describes the different license validation methods for FortiManager/FortiAnalyzer-VM.
Scope

FortiManager, FortiAnalyzer.
Solution

FortiManager/FortiAnalyzer license can be validated in several methods.

 

Method 1: Online:

  • For online license validation, the FortiManager/FortiAnalyzer-VM must be able to reach the public FortiGuard servers by correctly resolving and connecting to fds1.fortinet.com (usfds1.fortinet.com).
  • To verify and troubleshoot FortiManager/FortiAnalyzer connectivity with FortiGuard, refer to the below KB article: Technical Tip: Verifying FortiGuard connectivity on FortiManager

 

Method 2: Offline:

  • In the case the FortiManager/FortiAnalyzer-VM operates in an offline or closed environment, the license validation falls back to the management IP check.
  • The FortiManager/FortiAnalyzer-VM’s management interface IP will be used to match against the management IP of the license file.
  • The management IP of the license file can be checked in the Fortinet support portal.
  • To verify and download the license file, refer to below KB article: Technical Tip: How to change the IP Address of the FortiManager/FortiAnalyzer VM License file

 

Method 3: Proxy:

  • FortiManager/FortiAnalyzer license and contract validation can also be done via a proxy server.
  • The below proxy configuration can only be done via CLI, it is used to validate the VM against the FortiCloud/FortiCare registration.

 

config system web-proxy

    set address <string>

    set mode {proxy | tunnel}

    set password <passed>

    set port <integer>

    set status {enable | disable}

    set username <string>

end

 

  • The AV-IPS and Web-Spam proxy is used for all services provided by fds1.fortinet.com (usfds1.fortinet.com).

 

config fmupdate av-ips web-proxy

    set address <string>

    set mode {proxy | tunnel}

    set password <password>

    set port <integer>

    set status {enable | disable}

    set username <string>

end

 

config fmupdate web-spam web-proxy

    set address <string>

    set mode {proxy | tunnel}

    set password <passed>

    set port <integer>

    set status {enable | disable}

end
102
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.