Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SL-Support
New Contributor

Source IP for Central Management v7.4

Hi All,

I've configured a Fortigate to Fortigate VPN, created a Loopback Address and assigned a Public IP.

The VPN uses BGP to advertise the Public IP and and receive the default route from the Hub.

 

The Spoke isn't able to connect to Central Management with this config (I've got Fortiguard connected and have also changed the source IP for DNS and confirmed DNS lookups are working)

 

I see there is supposed to be a command under config system central-management that would allow me to set a source IP, but this doesn't exist on my Firewall. Is this something that has been removed in v7.4 and is there another method I need to use for this? Or an I missing something that I need to enable for this?

 

These are the only options that I see:

 

(central-management) # set
mode Central management mode.
type Central management type.
schedule-config-restore Enable/disable allowing the central management server to restore the configuration of this FortiGate.
schedule-script-restore Enable/disable allowing the central management server to restore the scripts stored on this FortiGate.
allow-push-configuration Enable/disable allowing the central management server to push configuration changes to this FortiGate.
allow-push-firmware Enable/disable allowing the central management server to push firmware updates to this FortiGate.
allow-remote-firmware-upgrade Enable/disable remotely upgrading the firmware on this FortiGate from the central management server.
allow-monitor Enable/disable allowing the central management server to remotely monitor this FortiGate unit.
local-cert Certificate to be used by FGFM protocol.
vdom Virtual domain (VDOM) name to use when communicating with FortiManager.
fmg-update-port Port used to communicate with FortiManager that is acting as a FortiGuard update server.
enc-algorithm Encryption strength for communications between the FortiGate and central management.

 

Thanks,

Paul

1 Solution
hbac
Staff
Staff

Hi @SL-Support

 

There is no source-ip option under "config system central-management". Please try the following commands instead: 

config system fortiguard 

set source-ip x.x.x.x 

end 

 

Regards, 

View solution in original post

3 REPLIES 3
hbac
Staff
Staff

Hi @SL-Support

 

There is no source-ip option under "config system central-management". Please try the following commands instead: 

config system fortiguard 

set source-ip x.x.x.x 

end 

 

Regards, 

SL-Support

Thanks @hbac 

 

I have already set that which then allowed the connection to Fortiguard, but I was still reporting no connection to central management, even after a reboot.

Strangely enough, got in this morning and Central management is now reporting connected.

 

Thank you very much for getting back to me.

 

Regards,

Paul

anhtungaaa
New Contributor

Hi SL-Support

I face same issue.

Do you have any solution for this? 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors