Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Agent_1994
Contributor

FortiGate 5.6.2 always in a conflict state.

Hello,

 

 I have a situation on a FortiManager lab: i've added a FortiGate 70D version v5.6.2 build1486 (GA) to the latest and fresh-installed FortiManager version, v5.6.0-build1557 170727 (GA). When i first add the device there are no conflicts nor errors, then i modify -via FMG- a tiny object and when i try to apply the changes i see lots of stuff being updated, such as:

[ul]
  • VPN Certificate CA (root_Internal_CA)
  • UUIDs for IPv4 addresses: SSLVPN_TUNNEL_ADDR1, all.
  • UUIDs for IPv6 addresses: SSLVPN_TUNNEL_IPv6_ADDR1, all
  • Settings for the webproxy custom service.
  • Settings for switch controller security policy 802-1X-policy-default
  • Settings for lots of wtp-profiles: FAP221E-default, FAP222E-default, FAP223E-default, FAPS221E-default, FAPS223E-default, FAPU221EV-default, FAPU223EV-default, FAPU321EV-default, FAPU323EV-default.[/ul]

     This fails. I've attached the log to this post. After that the device is always in a "conflict" state. 

     

     FWIW, when i imported it, i said that FMG should use the settings from the device.

     

     "diagnose dvm supported-platforms list" shows, to my understanding, that it should be supported:

     

    fmg.druidics.local # diagnose dvm supported-platforms list product abbrev fdsid support-versions

    FortiGate: Supported Versons: version: 500, mr: 0, branchpt: 1-484 version: 500, mr: 2, branchpt: 485-891 version: 500, mr: 4, branchpt: 892-1390 version: 500, mr: 6, branchpt: 1391-2000

    [...]

    FortiGate-70D FGT70D FGT70D v5.0/5.2/5.4/5.6 FortiGate-70D-POE FG70DP FG70DP v5.0/5.2/5.4/5.6

     

     Any clues? Thanks in advance.

  • 1 Solution
    lkorbasiewicz_FTNT

    Hello,

     

    As you can find in FortiManager Compatibility chart

    http://docs.fortinet.com/uploaded/files/2902/fortimanager-compatibility.pdf

    FortiOS 5.6.2 is targeted to support in an upcoming FortiManager release - FortiManager 5.6.0 only supports FortiOS 5.6.0

     

    Best Regards,

    Lukasz Korbasiewicz

    Fortinet ETAC Lead Engineer

    Fortinet NSE7 Certified

    To reach support on call:

    http://www.fortinet.com/support/contact_support.html

     

    Helpful links:

    http://kb.fortinet.com

    http://video.fortinet.com

    http://docs.fortinet.com

     

    Lukasz Korbasiewicz,

    Fortinet TAC Support

    View solution in original post

    2 REPLIES 2
    lkorbasiewicz_FTNT

    Hello,

     

    As you can find in FortiManager Compatibility chart

    http://docs.fortinet.com/uploaded/files/2902/fortimanager-compatibility.pdf

    FortiOS 5.6.2 is targeted to support in an upcoming FortiManager release - FortiManager 5.6.0 only supports FortiOS 5.6.0

     

    Best Regards,

    Lukasz Korbasiewicz

    Fortinet ETAC Lead Engineer

    Fortinet NSE7 Certified

    To reach support on call:

    http://www.fortinet.com/support/contact_support.html

     

    Helpful links:

    http://kb.fortinet.com

    http://video.fortinet.com

    http://docs.fortinet.com

     

    Lukasz Korbasiewicz,

    Fortinet TAC Support

    Agent_1994

     

     Thanks Lukasz  i guess that i should wait... unless there is a public beta around