Hi
I have big doubt.
I don't know when I activate Fortigate Cloud on my Fortigate Firewall can I manage device via cli or via local LAN?
Or, is it locked and I must manage it only by Cloud enviroment?
Thank you
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello marc,
This can be better explained by a staff, but from my experience with Fortigates, you would still able to manage your device from local LAN (cli & gui).
The benefit of Fortigate Cloud is that you can check health, logs & subscriptions for your Fortinet products overall.
Hope this answer clarifies some concerns of yours.
Regards
We have enabled FortiCloud on all our FGT. I can still manage every FGT via Webinterface,Cli or FortiManager from local lan or vpn here.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hello marc,
This can be better explained by a staff, but from my experience with Fortigates, you would still able to manage your device from local LAN (cli & gui).
The benefit of Fortigate Cloud is that you can check health, logs & subscriptions for your Fortinet products overall.
Hope this answer clarifies some concerns of yours.
Regards
We have enabled FortiCloud on all our FGT. I can still manage every FGT via Webinterface,Cli or FortiManager from local lan or vpn here.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi guys and thank you.
Which is the Fortinet Cloud Application that lock local configurations? FortiManager?
FortiManager (Cloud or on-premise) does lock local configuration in a way - when you log in via GUI, you are presented with a warning, and need to decide to access in view-only mode or in read-write mode, and if you access in read-write mote you need to confirm a warning that this may cause FortiGate to go out of sync with FortiManager.
After accepting this, you can still make changes on FortiGate directly. Those changes could revert if you install configurations from FortiManager without ensuring the FortiGate syncs any changes you made locally, but if you're not using FortiManager, this is not really relevant.
The question is born because many other brands block any change of config when cloud licenses expired. And your answer is important when you want to manage Fortigate over expiration time.
Hey marconet,
as elsantas mentioned, you can still access your FortiGate locally (via GUI or CLI) and make whatever changes you want. You can enable management via FortiCloud if you want (this is optional, not mandatory), and this is NOT automatically enabled when you register the FortiGate in FortiCloud. The only things that are enabled by default is logging to FortiCloud, and FortiGate provides some generaly system information to FortiCloud.
I would say FMG does not lock the config you could still change the config on your fgt but you might lose it when you depoly the config/policy package with FMG next time. However parts can be pulled into fmg when you change it on the fgt. This is the thing FortiNet calls device config. That's e.g. IPSec VPN or the interface and sd-wan config.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.