Dear All,
when i am adding fortinet firewall 300C with firmware 5.2.4 or 5.2.5 to FortiManager 200D with firmware 5.2.4, i am getting error massage " Failed to reload Configuration" and data base not loading.
I have attached the screen-shot for same.
Please suggest the solution asap.
Regards...
Rahul
9968210761
Hi Rahul,
This is a known bug, caused by a specific command in the firewall configuration. To solve this, the problematic command needs to be removed on the firewall before adding it to the FortiManager. Log in on the firewall and perform these command's:
config webfilter profile edit default config ftgd-wf config filters show
Then look for entries that contain "category 32", such as:
edit <number> set action warning set category 32 next end
Delete every entry that contains "category 32":
Delete <number> end
To confirm that all entries are removed, download the FortiGate backup file and search for "category 32", no entry should be found. Once all "category 32" entries are removed, adding the FortiGate to the FortiManager should succeed.
Hi,
I have done these all step and still i am able to add my firewall to fortimanager.
1) Remove firewall from fortimanger
2) then run command on firewall
config webfilter profile edit default config ftgd-wf config filters show
3) No showing any "category 32"
I have attached screen shot for same.
Please help me asap.
pls search all FGT CLI config for "category 32" (you can backup config on FGT and then search in the file). not just default, see if can find it
Thanks
Simon
Hi, Simon,
Thanks for support. I have added the firewall to fortimanager, but we are facing the new issue. I have created some user in firewall for VPN, but in fortimanager users are now showing.
Please suggest the solutions asap.
so you configured user on FGT and that user only used by VPN IPsec? and you do not use FMG VPN Manager for VPN IPSec (interface based) setup?
you need to retrieve config to FMG and import policy, when import, select to import all object, not just policy used object, then after import, you will see these users in policy object list
Thanks
Simon
Hi,
We created user for IP Sec. VPN. I am not very use too with fortimanger. can you guide me ? how can i import policy in fortimanger.
from your 1st attached pic, I think your FMG does not enable ADOM function, so from "Device Manager", for your config changed device, pls check device list, "Config Status" column, if device shows green synced or auto-updated, if not, pls double click device name and enter device config menu, system - dashboard, find "Configuration and Installation Status" widget and "Total Revisions" line, click for "Revision History" page, and do a "Retrieve", to update FMG device database config with remote FGT config, this revision history page keeps all retrieved and installed revision (for each time you do config install on FMG)
and after retrieve config done, back to Device Manager, you will see "Config Status" now shows green synced status, and then right click on that device, there has a right click menu, in menu bottom, there has an "Import Policy" function, which is to import FGT policy to FMG "Policy & Objects" as a policy package (and then you should do policy related config change from "Policy & Objects" and install to FGT)
in 2nd step of import wizard, "Import Policy Database",
Object SelectionImport only policy dependent objectsImport all objectshere select "Import all objects", then FMG will import all object config into policy database, including those not used, or used not by policy (like only by ipsec VPN)
after import finish, then in policy & objects page, check for your config
also, for IPSec VPN change, if you do not use FMG VPN Manager function, you still can do changes from Device Manager, we have a per device config menu for VPN config
Thanks
Simon
Hi,
Thanks for you support. I have done it. :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.