Dear People,
I have some trobule with FabricConnectors FortiManager over CLI
I set up the
config system central-management
set type fortimanager
set fmg "fortimanager.forticloud.com"
end
exe central-mgmt register-device *serialnumber* *fmg-register-password*
Then I can see the FG to Authorization in Fortimanager
So I start the authorization with error:
"Cannot communicate with remote device (tunnel is down)"
There is a solution to set the EMC to low (set enc-algorithm high), but this depends all VPN Tunnels.
*fmg-register-password* I use here the login password for Fortimanager. Is that correct or must I create a register password? If yes, how does I create it?
Not sure what's going on other than suspecting the quality of connection over the internet. But I can at least tell the "password" at the end of the command is currently not used by FMG (AFAIK with 6.4.7) so we use any dummy one like "preshared-key" or whatever. You just need to have something there.
Just make sure fgfm(CLI)/FMG-access(GUI) is enabled on the wan interface(s) and test quality of connection with pinging from both ends.
Toshi
Hello Toshi,
thanx for your answer.
I tried it with a dummy password. You are right. I have a new device for authorization but the follow is the same. The authorization hangs.
If I do this over the GUI, there are no problems.
I am not sure that I understod you about "Just make sure fgfm(CLI)"
I was talking about the FGT local config.
config sys int
edit wan1
set allowaccess ping fgfm
next
end
In the GUI, under Network->Interface->wan1 under Administrative Access section then FMG-Access checkbox for IPv4 and IPv6.
After factory Reset I check it. This settings are default.
But my problem are the same:-)
Now I try it over gui; there is no problem.
Just curiosity. What version of FortiOS running on the FGT(s)? And what's the version of FMG?
FG: 6.4.8
FMG 7.0.5
I found
https://community.fortinet.com/t5/FortiManager/Technical-Tp-How-to-register-a-FortiGate-to-a-FortiMa...
You can set a register-password on Fortimanager, but there are no change
I would recommend opening a case at TAC.
I will do it
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.