I find my self with an issue while trying to manage a Fortigate HA Cluster (call it FG1) through Fortimanager.
I can correctly discover and add the device in Fortimanager, as well as import the config.
However when logging onto the Fortigate itself I see that it shows as "Unauthorized" under Fabric Management.
If I click "Authorize" and follow the procedure, the Fortimanager pop-up states that the device with that S/N is already authorized; this happens on both nodes of the cluster.
I have another Fortigate (single device, not cluster, call it FG2) in the same ADOM and it does not have this issue.
Could it be an issue of open ports between the devices? FG1 and FG2 are on different networks and traffic between them and FortiManager flows through different devices. Is there anything else I can check?
The issue you're experiencing with the FortiGate HA Cluster (FG1) appearing as "Unauthorized" in Fabric Management, despite being correctly discovered and added in FortiManager, could stem from a few reasons. Ensure that both the primary and secondary devices in the FG1 HA Cluster have consistent firmware versions with the FortiManager. Verify that all required ports, especially 514, 541, 443, and 22, are open between FG1 and FortiManager. It's also essential to ensure that the HA synchronization between FG1 nodes is healthy. Comparing the communication path of FG1 with that of FG2 might also reveal any intermediary devices that could be causing issues. Lastly, sometimes de-registering and re-adding the device in FortiManager can resolve such anomalies, but ensure you've backed up the configuration before doing so.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.