I’m planning to setup an environment for the customer, where there are multiple sites and I was thinking that site installation would happen with USB stick, where there is a base configuration and right firmware from where fortigate reboots. Configuration would include fortimanager IP address, so I would only need to authorize remote site fortigate when it is online.
But when I was investigating on the configuration, it is not possible to use fortimanager serialnumber in the configuration file and also when default login password is changed, fortimanager would not be able to authorize the device even it is in the list.
How have you done this kind of setups where there are many site installations happening all the time?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I believe you are talking about Zero Touch Provisioning (ZTP) and the process/setps are explained here - https://community.fortinet.com/t5/FortiManager/Technical-Tip-ZTP-basic-configuration-and-troubleshoo...
You may use the batch script as suggested in the article to configure FortiManager serial number.
Note:
The FortiManager Serial Number must be configured in the FortiGate to authenticate the incoming FortiGate's FortiManager management request in all of the ZTP scenarios.
In the example below, a batch mode script is used on FortiGate to configure the central management settings and the serial number, because the serial number cannot be set in normal CLI mode.
# exe batch start
# config system central-management
set type fortimanager
set fmg x.x.x.x <----- IP address or FQDN of the FortiManager.
set serial "FMG-Serial-Number" <----- If the Serial Number is not set, the FortiGate will be unable to authenticate the FortiManager request.
end
# exe batch end
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.