- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate VM Sync Issue with FortiToken Cloud
Hello,
My Fortigate VM isn't syncing with FortiToken Cloud. When I try to synchronize using "exec fortitoken-cloud sync local," it fails :
"FGVMEV167DQDX5F5 # exec fortitoken-cloud sync local
Cannot retrieve user information from FortiToken Cloud!
Command fail. Return code -1"
After investigating, I found the issue lies in the SSL handshake not completing between the Fortigate and FortiToken Cloud. The SSL minimum protocol version is currently set to TLSv1:
"FGVMEV167DQDX5F5 (global) # get | grep ssl-min-proto-version
ssl-min-proto-version: TLSv1 "
I need to change this to TLSv1.2, but the option isn't available :
"FGVMEV167DQDX5F5 # config system global
FGVMEV167DQDX5F5 (global) # set ssl-min-proto-version
SSLv3 SSLv3.
TLSv1 TLSv1.
FGVMEV167DQDX5F5 (global) #
"
Any help or solution would be appreciated.
Solved! Go to Solution.
- Labels:
-
FortiGate
Created on ‎03-24-2024 09:50 AM Edited on ‎03-24-2024 09:51 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Hamza_derbali ,
When i look at your serial number. I see you use an eval license.
The eval license has some limitations about encryption. Because of that, you can't activate TLS 1.2 on your unit.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/441460
NSE 4-5-6-7 OT Sec - ENT FW
Created on ‎03-24-2024 09:50 AM Edited on ‎03-24-2024 09:51 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Hamza_derbali ,
When i look at your serial number. I see you use an eval license.
The eval license has some limitations about encryption. Because of that, you can't activate TLS 1.2 on your unit.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/441460
NSE 4-5-6-7 OT Sec - ENT FW
