Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
jasonhong
Staff & Editor
Staff & Editor

Created on ‎02-16-2025 11:03 PM Edited on ‎09-02-2025 02:08 AM By Community Manager

Article Id 376874

Troubleshooting Tip: Unable to add VM into FortiManager due to 'Unsupported device model'

Description

This article describes how to troubleshoot the issue when the user cannot add a VM (FortiGate-VM/FortiCarrier-VM/ FortiProxy-VM/ FortiFirewall-VM) into FortiManager.
Scope FortiManager v7.2.10, v7.4.7, v7.6.3.
Solution
  1. Starting from FortiManager v7.2.10, v7.4.7, and v7.6.3, the connection between VM and FortiManager is restricted for security. By default, FortiManager will not allow VM platform connection in FGFM.

 

This applies to the following products:

  • FortiGate-VM.
  • FortiAnalyzer-VM.
  • FortiCarrier-VM.
  • FortiProxy-VM.
  • FortiFirewall-VM.

 

  1. The below sample scenario shows a user attempting to add FortiGate-VM into FortiManager (v7.2.10), but is prompted with a pop-up where FortiGate-VM cannot connect to FortiManager.

 

fgtdisable.png

 

On the FortiManager FGFM debug, FortiManager effectively rejects the FGFM connection from the FortiGate-VM device, and a response of 'Unsupported device model' can be seen.

 

Request [/bin/fgfmsd:3207:1]:

{ "client": "\/bin\/fgfmsd:3207", "id": 1, "method": "exec", "params": [{ "data": { "create_unreg": 1, "device": { "beta": -1, "branch_pt": 1706, "build": 1706, "conn_mode": 0, "dev_status": 0, "faz.perm": 15, "flags": 1, "hostname": "FortiGate-VM", "ip": "10.47.XXX.XXX", "maxvdom": 10, "mgmt_mode": 1, "mgmt_uuid": "00000000-0000-0000-0000-000000000000", "mr": 2, "name": "Tiara-kvm05", "os_type": 0, "os_ver": -1, "patch": 10, "platform_id": -1, "platform_str": "FortiGate-VM64-KVM", "sn": "FGVM01TMXXXXXX", "source": 1, "tab_status": "<unknown>", "version": 700}, "from": 1}, "url": "dvm\/cmd\/manage\/device"}], "session": -1}

Response [unknown]:

{ "id": 1, "result": [{ "status": { "code": -20026, "message": "Unsupported device model"}, "url": "dvm\/cmd\/manage\/device"}]}

 

  1. To allow VM platform connection in FGFM, enter the following command in the FortiManager CLI:

 

FMG# config system global

FMG# set fgfm-allow-vm enable

FMG# end

 

Note:

The FortiGate tries to register with the FortiManager cloud, but if the fgfm-deny-unknown setting is enabled, the FortiManager Cloud cannot accept the request from the FortiGate. Disable the fgfm-deny-unknown on the FortiManager Cloud.

 

(global)# set fgfm-deny-unknown disable

(global)# end

 

  1. Subsequently, FortiManager will allow the FGFM connection from the respective VM device, and the VM device will appear under the Unauthorized List in FortiManager Device Manager. Users can then authorize the VM device to be fully managed by FortiManager.

 

fgtenabled.png

 

unathdev.png

 

Related article:

Troubleshooting Tip: How to troubleshoot connectivity issues between FortiGate and FortiManager

 

5158
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.