Good morning and thanks in advance.
I have deployed a FM with v7.2.1 and two FG HA cluster with v7.0.2
I added FG to FM with the Add Device wizard. All devices have been discovered and added, policies and objects sync'd ok with FM. When modifying rules on the FM the modifications are pushed OK to FGs.
I also activated Fortianalyzer Features on FM and FG are sending logs OK to FM.
Everything seems OK, BUT on both FG clusters, within Security Fabric > Fabric Connectors > FM Connection is shown in Red and "Not Managed" and the notification reads as: Unable to Connect to FM
But when checking by CLI all the platforms, the FGFM tunnels are established and up:
On FM:
ES1FMG01BKT2 # diagnose fgfm session-list
ES1FW03BKT2_FG (260) sn(******************) ip(192.168.177.124) <-- FG HA Cluster2
state(tunnel) tunnel (169.254.0.2) uptime:Mon Oct 24 00:07:56 2022
ES1FW03BKT1_FG (233) sn(******************) ip(192.168.177.140) <-- FG HA Cluster1
state(tunnel) tunnel (169.254.0.3) uptime:Mon Oct 24 00:07:56 2022
Session count = 2 (tunnel 2)
ES1FMG01BKT2 #
On FGs:
ES1FW03BKT2_FG (global) # diagnose fdsm central-mgmt-status
Connection status: Up
Registration status: Registered
ES1FW03BKT2_FG (global) #
ES1FW03BKT1_FG (global) # diagnose fdsm central-mgmt-status
Connection status: Up
Registration status: Registered
ES1FW03BKT1_FG (global) #
Any idea why on the FG GUI the connection to FM is shown as Not Established (Devices Not Managed by FM) when the CLI says the tunnels are up and the devices seem to be managed OK?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
This is a known bug in 7.0.2 (756420) and fixed in 7.0.3:
https://docs.fortinet.com/document/fortigate/7.0.3/fortios-release-notes/236526/known-issues
Based on the major security vulnerability released recently, I would urge you to upgrade to 7.0.7 or 7.0.8 as soon as possible. This is a critical vulnerability that is being actively exploited.
https://www.fortiguard.com/psirt/FG-IR-22-377
This is a known bug in 7.0.2 (756420) and fixed in 7.0.3:
https://docs.fortinet.com/document/fortigate/7.0.3/fortios-release-notes/236526/known-issues
Based on the major security vulnerability released recently, I would urge you to upgrade to 7.0.7 or 7.0.8 as soon as possible. This is a critical vulnerability that is being actively exploited.
https://www.fortiguard.com/psirt/FG-IR-22-377
Thanks for the answer.
Just checked the release notes, and yes, it's exactly the bug id 756420 you say. It appears as a Known Issue in release v7.0.2 within the GUI section:
https://docs.fortinet.com/document/fortigate/7.0.2/fortios-release-notes/236526/known-issues
But as a Resolved Issued it appears in the release v7.0.4:
https://docs.fortinet.com/document/fortigate/7.0.4/fortios-release-notes/289806/resolved-issues
We just applied the workaround for the FG-IR-22-377 vulnerability, but having the bug 756420 and also the FORTINET-FG-IR-22-377_Auth-Bypass, it's quite probable we finally upgrade to v7.0.7 or v7.0.8
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.