Hi @miki_m ,
Thanks for contacting us on the Community Forum.
If the devices show as online on the FortiManager, would it be possible to try this one of the following workarounds and let me know if works:
You could try to run an execute ssh on the FMG CLI, first you will need to retrieve the fgfm tunnel IP of the device using the command:
diagnose fgfm session-list <device-id>
To get device ID, run the command:
diag dvm device list <device-name>
execute ssh <fgfm-tunnel-ip-of-the-device> <fgt-username>
In FMG CLI: "exec ssh-known-hosts remove-host x.x.x.x" allows to SSH in again when this occurs.
x.x.x.x needs to be the tunnel IP as well as the physical IP as it looks like the keys change on each fail over event.
This allows both the widget and exec SSH to function properly until next event
Please let me know how it goes.