Hiho,
I have an FMG here that I had set up as a vm. This FMG manages 16 FGTs (which are physical devices), distributing device settings and also one standard policy package for them all. This all worked fine so far and it did survive several firmware update without any malfunctions.
Now I upgraded the FMG again from v5 build 1187 to v5 build 1225 (which is one step since there is nothing between those builds) in order to support v5.4.6 on the FGTs.
Since I did that I am unable to deploy device settings and/or policy packages to any of the FGTs. It don't matter which firmware they run atm (some still have 5.4.3, some 5.4.4 or 5.4.5 and some already are updated to 5.4.6).
Deployment starts when I trigger it but fails on the pre install checks and then is cancelled.
The only error I get is "-2 invalid Server". There is no more information.
I performed the DB Integrity checks all without any errors.
So far this looks to me if something in build 1225 is pretty broken and will render your FMG rather useless so far.
Maybe someone already hat that and knows a solution?
greets
Sebastian
P.S.: I also opened a ticket at Fortinet Support but did not yet get any response from them so far.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
pls send me the ticket ID, I will review your ticket and I may need your db config to provide workaround solution, we can use ticket system to track this
Thanks
Simon
Hi Simon,
Thanks. I meanwhile got a repsonse from EMEA TAC and we will arrange a remote session.
Ticket # is 2451719 btw.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
After a detailed analysis of our FMG config the EMEA TAC finally found the solution:
There is an Option called like "polling servr" in the Single-Sign-On Settings which by default is empty. This then caused the problem. As ist is a global option and not a device setting I guess it was added with the last build of the FMG Firmware since from then on we encountered the problem.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1665 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.