Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
NickStudi
New Contributor

Created on ‎02-01-2024 04:15 AM

FortiManager pxGrid Connection

I wanted to connect a FortiManager with pxGrid ISE according to the following Installation Guide: https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/466394/creating-cisco-pxg...

 

We have uploaded the certificate in FortiManager and created the pxGrid Connector under Fabric Connectors. The FortiManager is also already listed on the ISE server. But when I go to External Connectors -> the pxGrid Connector Apply & Refresh I get 2 errors (see screenshots). Does someone know what could be the reason for this error? In addition, the screenshots in the Administration Guide show an older software version of the Manager and the extra function "Single Sign On" is no longer available on the Manager V.6 & V7.

 

Thank You

 

 

update_group.PNGupdate_user.PNGProgress Report.PNG

Labels:
817
0 Kudos
4 REPLIES 4
adambomb1219
SuperUser
SuperUser

Created on ‎02-01-2024 05:29 AM

What version of ISE?  Has Fortinet updated this connector for pxGrid 2.0?  

804
NickStudi
New Contributor
In response to adambomb1219

Created on ‎02-02-2024 01:40 AM

Hi adambom1219, the Version of the ISE is V3.2.

764
0 Kudos
adambomb1219
SuperUser
SuperUser
In response to NickStudi

Created on ‎02-02-2024 05:13 AM Edited on ‎02-02-2024 05:14 AM

ISE 3.1 removed support for pxGrid 1.0.  I would open a Fortinet TAC case and ask if Fortinet updated the pxGrid code in FortiManager for pxGrid 2.0.  
If the FortiManager side still requires pxGrid 1.0, then you need your ISE server to be on version 3.0 which: https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/identity-service...

749
0 Kudos
vraev
Staff
Staff

Created on ‎02-02-2024 03:53 AM

Hi @NickStudi ,

 

Have you tried to made a packet capture?
diag sniffer packet any 'host 172.20.39.48 and host 172.20.39.45' 3 (example)
And debugs at the same time:

diag debug enable
diag debug app connector 255

Best,

V.R.
755
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.