What is the best approach to set a port on the Fortigate for remote management by a FortiManager appliance? I am in a situation where if I make a change via FM, I will lose remote connectivity. For example, I am trying to get SD-WAN policy working but in order to do so, have to change the default route and move my interfaces out of the zone they are in.
Is there a way to configure the FGs remotely so that when a network change is needed, you can still manage them without losing access?
Solved! Go to Solution.
Hi 1ryan1.
The FMG delivers the configuration to the FGT. If it is found that the FGT cannot connect to the FMG because of the configuration delivered this time, the FGT automatically rolls back to the previous configuration after 15 minutes.
Not an elegant or recommended by someone solution, but when the risk is high, I do changes on the local Fortigate, then, having made sure all works fine, sync/import the changes to the Fortimanager.
Hi 1ryan1.
The FMG delivers the configuration to the FGT. If it is found that the FGT cannot connect to the FMG because of the configuration delivered this time, the FGT automatically rolls back to the previous configuration after 15 minutes.
I tested this by removing the default route via FMG and it did restore access shortly afterwards.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.