Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
davekall
New Contributor

Forticlient won't register with FG300D over Extreme switched network

We just installed a FG 300D to an existing network with Extreme switches.  The forticlient will not register with the FG.  It keeps coming back saying "a Fortigate or Forticlient Enterprise Manager Server" cannot be found.  Also it does not detect the FG through the broadcast either.  I can ping the LAN interface and I can get into the GUI for the FG from the computer I am trying to register.  I did try and enable the bootprelay (ip helper for Extreme) and didn't do anything.  Was wondering if anyone has seen this before? 

6 REPLIES 6
neonbit
Valued Contributor

Just throwing it out there, have you enabled FortiClient admin access on the FortiGate interface?

davekall

Unfortunately yes......

emnoc
Esteemed Contributor III

What version of  forticlient because changes did take place in the port numbers in use. I would do the following,

 

1: make sure the interface is allowed for forticlients

 

2: diag sniffer packet on the interface your expecting and see what ports is being used tcp/8013 )

 

3: manually specify  the  fortigate in your register input box.

 

http://socpuppet.blogspot.com/2015/10/forticlent-registering.html

 

edit:

 

if the port is not tcp/8013 you can add the port number in the register input box

 

ie.

 

1.1.1.1:8010

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
davekall
New Contributor

Ok, I just did a sniffer on port 8013 and this is the message I got "

TPS_FG_300D # id=20085 trace_id=101 func=print_pkt_detail line=4423 msg="vd-root received a packet(proto=6, 10.16.1.25:58150->10.250.20.10:8013) from port1. flag , seq 2823615983, ack 0, win 8192"
id=20085 trace_id=101 func=init_ip_session_common line=4572 msg="allocate a new session-000833f3"
id=20085 trace_id=101 func=fw_local_in_handler line=381 msg="iprope_in_check() check failed on policy 0, drop"
emnoc
Esteemed Contributor III

Take a look at the following rls notes and ports used registering; http://docs.fortinet.com/...dows-release-notes.pdf

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
davekall
New Contributor

It is version 5.4.0.0780

 

Not sure which port it should be using?

 

Should this work over VLANs?  As I said I can ping, telnet and use GUI on computer I am trying to do this on.

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors