I am struggling with an issue since a while now, let me start with explaining the topology:
We have a virtual FMG (v6.2.3) and 2 pair of FortiGate 100F and 600E in failover both running v6.2.3 on them.
We have virtual Fortianalyzer as well v6.2.3
the 100F was registered on the FMG and now issues with it
the 600E was registered on the FAZ and no issues with it logging to FAZ.
We have the 100F ADOM on the FMG and wanted to register the FAZ for this ADOM. We disabled the FAZ services on the FMG and added the FAZ as a unit on the FMG. The 100F firewall and the ADOM got imported into the FAZ as well and everything seemed fine. On the FMG, we provisioned a template with the log settings to Managed Fortianalyzer, with real time upadates.
But we are not seeing any changes to the logs being sent to the fortianalyzer. it show up as red in the FAZ and logs are being queued to the FGT but not sent to FAZ.
exec log fortianalyzer test-connectivity
gives and error.
somehow there is some connectivity issue with the FAZ.
IF I go to 100F GUI, Fabric > settings > select fortianalyzer > set the IP > test connectivity > it gives me an error that FMG needs to have FAZ services enabled.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.