Good morning and thanks in advance.
I have deployed a FM with v7.2.1 and two FG HA cluster with v7.0.2
I added FG to FM with the Add Device wizard. All devices have been discovered and added, policies and objects sync'd ok with FM. When modifying rules on the FM the modifications are pushed OK to FGs.
I also activated Fortianalyzer Features on FM and FG are sending logs OK to FM.
Everything seems OK, BUT on both FG clusters, within Security Fabric > Fabric Connectors > FM Connection is shown in Red and "Not Managed" and the notification reads as: Unable to Connect to FM
But when checking by CLI all the platforms, the FGFM tunnels are established and up:
ES1FMG01BKT2 # diagnose fgfm session-listES1FW03BKT2_FG (260) sn(******************) ip(192.168.177.124) <-- FG HA Cluster2state(tunnel) tunnel (169.254.0.2) uptime:Mon Oct 24 00:07:56 2022ES1FW03BKT1_FG (233) sn(******************) ip(192.168.177.140) <-- FG HA Cluster1state(tunnel) tunnel (169.254.0.3) uptime:Mon Oct 24 00:07:56 2022Session count = 2 (tunnel 2)ES1FMG01BKT2 #
ES1FW03BKT2_FG (global) # diagnose fdsm central-mgmt-status Connection status: UpRegistration status: RegisteredES1FW03BKT2_FG (global) #
ES1FW03BKT1_FG (global) # diagnose fdsm central-mgmt-status Connection status: UpRegistration status: RegisteredES1FW03BKT1_FG (global) #
Any idea why on the FG GUI the connection to FM is shown as Not Established (Devices Not Managed by FM) when the CLI says the tunnels are up and the devices seem to be managed OK?
Go to Solution.
This is a known bug in 7.0.2 (756420) and fixed in 7.0.3:
Based on the major security vulnerability released recently, I would urge you to upgrade to 7.0.7 or 7.0.8 as soon as possible. This is a critical vulnerability that is being actively exploited.
View solution in original post
Thanks for the answer.
Just checked the release notes, and yes, it's exactly the bug id 756420 you say. It appears as a Known Issue in release v7.0.2 within the GUI section:
But as a Resolved Issued it appears in the release v7.0.4:
We just applied the workaround for the FG-IR-22-377 vulnerability, but having the bug 756420 and also the FORTINET-FG-IR-22-377_Auth-Bypass, it's quite probable we finally upgrade to v7.0.7 or v7.0.8
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.