Does anybody have a quick to just temporary disable a FGT from FMG.? I'm not looking at unregistering. When we set the type to "none" we get the following message
" Please unregister-device from FortiManager first"
Any ideals or is this only controlled by the set allowacces fgfm?
> set allowacces fgfm
This would prevent FGM from connecting.
To prevent FGT from attempting to contact FMG, you'd have to remove the FMG IP from the FGT.
To drop the current connection, you'd have to kill the fgfmd process on the FGT.
Out of curiosity. Why do you want to do this? This is quite an unusual request.
We tried the set allowaccess and it did not work. I believe the FMG re-push the cfg but we didn't kill the fgfmd process
The reason why, v5.6.0 has strange issues that we want to re-evaluate by removing the FGT from management and then later re-connecting it.
This investigating these issues after an associate has upgraded the unit.
pls try below workaround see if works for your case
on FGT, config a source IP from a different interface
conf sys central-management
wrong source IP will fail the tunnel setup between FMG and FGT