Hello All,
I want to show a customer the advantages of FortiManager. I installed FortiManager VM and a Fortigate VM using VM Workstation. When I try and add the Fortitgate device to the FortiManager I get "Probe Failed" message.
Both FortiManager and Fortigate are running 5.6 and are in there Trial license period. I have network connectivity to the Fortigate as I can ping it from FortiManager. I have Centralised Management on the Fortigate set to FortiManager:
When I check in the logs I can see a successful connection using TCP/541 from the FortiManager to the Fortigate. The only blocked traffic I see is on TCP/542 from the FortiManager to the Fortigate.
TCP/542 is not listed in the Local In Policy. Checking the Fortinet Documentation about TCP/542, this port seems to be related to IPv6.
If someone can offer some assistance as to why adding the device is failing. It would be appreciated.
Solved! Go to Solution.
> FortiManager and Fortigate are running 5.6
FortiManager 5.6.0 only support FortiOS 5.6.0 but not any later FortiOS patches like 5.6.1 & 5.6.2. This will be addressed with the release of FortiManager 5.6.1. What patch of FortiOS is loaded on the FortiGate VM?
for 5.6 FGT, if no license, then is in LENC mode. 5.6 LENC FGT is not supported by FMG 5.6.0, but will be supported by FMG 5.6.1.
Thanks
Simon
> FortiManager and Fortigate are running 5.6
FortiManager 5.6.0 only support FortiOS 5.6.0 but not any later FortiOS patches like 5.6.1 & 5.6.2. This will be addressed with the release of FortiManager 5.6.1. What patch of FortiOS is loaded on the FortiGate VM?
for 5.6 FGT, if no license, then is in LENC mode. 5.6 LENC FGT is not supported by FMG 5.6.0, but will be supported by FMG 5.6.1.
Thanks
Simon
Hi All,
Thanks for both of the feedback. There was a problem with version as in my VM environment I downloaded the lates Fortigate 5.6.2, not think that FortiManager is 5.6.0.
Also if the FortiManager does not support The Fortigate in "trial" mode, then this will never work and I will stop banging my head against the wall. I will have to go find a licensed Fortigate that I can use for my demonstration.
Many thanks
Probably you forgot to enableFMG Access on the corresponding interface. I ran into this issue several times and if this is the case the FMG will not be able to probe the FGT.
That might be the most common and easiest case ;)
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
I am having the same issue and looks like evaluation mode it won't even add device to FMG for testing?
Hi, Im having a same issue. I already enabled the FMG-access and still prompt "probe failed".
And running at the same Forti OS version.
Hello,
I've solved my problem, setting enc-algorithm of Fortigate to "default" and setting enc-algorithm of Fortianalyzer into "low". Also fgfm-ssl-protocol to "sslv3".
You can also refer to this link also "https://forum.fortinet.com/tm.aspx?m=173981".
Thanks.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.