Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
michael_horne
New Contributor II

Probe Failing when adding device

Hello All,

 

I want to show a customer the advantages of FortiManager. I installed FortiManager VM and a Fortigate VM using VM Workstation.  When I try and add the Fortitgate device to the FortiManager I get "Probe Failed" message. 

 

 

  

 

Both FortiManager and Fortigate are running 5.6 and are in there Trial license period. I have network connectivity to the Fortigate as I can ping it from FortiManager. I have Centralised Management on the Fortigate set to FortiManager:

 

When I check in the logs I can see a successful connection using TCP/541 from the FortiManager to the Fortigate. The only blocked traffic I see is on TCP/542 from the FortiManager to the Fortigate. 

TCP/542 is not listed in the Local In Policy. Checking the Fortinet Documentation about TCP/542, this port seems to be related to IPv6.

 

If someone can offer some assistance as to why adding the device is failing. It would be appreciated.

 

 

3 Solutions
chall_FTNT
Staff
Staff

> FortiManager and Fortigate are running 5.6

 

FortiManager 5.6.0 only support FortiOS 5.6.0 but not any later FortiOS patches like 5.6.1 & 5.6.2.  This will be addressed with the release of  FortiManager 5.6.1.  What patch of FortiOS is loaded on the FortiGate VM?

Chris Hall
Fortinet Technical Support

View solution in original post

scao_FTNT

for 5.6 FGT, if no license, then is in LENC mode. 5.6 LENC FGT is not supported by FMG 5.6.0, but will be supported by FMG 5.6.1.

 

Thanks

 

Simon

View solution in original post

michael_horne

Hi,

 

FMG access not being enabled was not the issues:

 

View solution in original post

8 REPLIES 8
chall_FTNT
Staff
Staff

> FortiManager and Fortigate are running 5.6

 

FortiManager 5.6.0 only support FortiOS 5.6.0 but not any later FortiOS patches like 5.6.1 & 5.6.2.  This will be addressed with the release of  FortiManager 5.6.1.  What patch of FortiOS is loaded on the FortiGate VM?

Chris Hall
Fortinet Technical Support
scao_FTNT

for 5.6 FGT, if no license, then is in LENC mode. 5.6 LENC FGT is not supported by FMG 5.6.0, but will be supported by FMG 5.6.1.

 

Thanks

 

Simon

michael_horne

Hi All,

 

Thanks for both of the feedback. There was a problem with version as in my VM environment I downloaded the lates Fortigate 5.6.2, not think that FortiManager is 5.6.0.

 

Also if the FortiManager does not support The Fortigate in "trial" mode, then this will never work and I will stop banging my head against the wall. I will have to go find a licensed Fortigate that I can use for my demonstration.

 

Many thanks

sw2090
Honored Contributor

Probably you forgot to enableFMG Access on the corresponding interface. I ran into this issue several times and if this is the case the FMG will not be able to probe the FGT.

That might be the most common and easiest case ;)

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
michael_horne

Hi,

 

FMG access not being enabled was not the issues:

 

MERANA
New Contributor

I am having the same issue and looks like evaluation mode it won't even add device to FMG for testing? 

rhoneil_manahan

Hi, Im having a same issue. I already enabled the FMG-access and still prompt "probe failed". 

And running at the same Forti OS version. 

rhoneil_manahan

Hello,

I've solved my problem, setting enc-algorithm of Fortigate to "default" and setting enc-algorithm of Fortianalyzer into "low". Also fgfm-ssl-protocol to "sslv3".

You can also refer to this link also "https://forum.fortinet.com/tm.aspx?m=173981".

 

Thanks.

Labels
Top Kudoed Authors