Fortimanager version 7.4 and Fortigate version 7.4.3. Fortigate is 40F.
While pushing any config to Fortigate below line automatically come sin the config preview. The installation faisl due to this config too.
config web-proxy global
set proxy-fqdn "default.fqdn"
end
below is the error getting. Any idea to fix this please.
------ Start to retry --------
40F-TEST $ config web-proxy global
40F-TEST (global) $ set proxy-fqdn "default.fqdn"
40F-TEST (global) $ end
---> generating verification report
(vdom root: web-proxy global:proxy-fqdn)
remote original:
to be installed: "default.fqdn"
<--- done generating verification report
install failed
Solved! Go to Solution.
Yes, upgraded FMG firmware to version 7.4.4 and the issue got fixed.
Can you try "Device Manager - CLI objects CLI > system > global > proxy-and-explicit-proxy to enable" as suggested in https://www.reddit.com/r/fortinet/comments/15ococs/comment/jvwr6oq/
Thank you, which config are you referring to. Attached screenshot.
Hi @ceForti ,
The screenshot don't show the option mentioned in the discussion forum, I checked my LAB device and even I don't see the option. On further checking I could see this issue is being investigated by our engineering team under 1033653. The fix is expected from 7.4.4 release. I can see the workaround is to use 7.4.3 on Fortigate (I haven't tested this in LAB).
1033653 |
FortiManager is trying to install and configure " Affected FortiGates: Only some low-end FortiGates have encountered this issue. This case is still under the investigation. |
https://docs.fortinet.com/document/fortimanager/7.4.3/release-notes/454729/known-issues
Same problem here with 2x40F.
There is also a Script one can try, but it don't works for me:
config web-proxy global
unset proxy-fqdn
end
Hi,
As mentioned in previous replies, the issue correlates with bug 1033653 and it will be fixed in the upcoming FMG v7.4.4.
Kindly perform the following workaround to see if it helps:
1. Perform a "Retrieve Config" revision on FortiManager > Device Manager > Select the FortiGate > Device Dashboard > "Configuration and Installation" widget > Revision History > Retrieve Config. This will synchronize the syntax on the device-level database. After the Retrieve Config is done, you may perform the policy package installation again.
https://community.fortinet.com/t5/FortiManager/Technical-Tip-FortiGate-is-Out-of-sync-on-Device-Mana...
2. If Step (1) does not work, disable the Verify Installation setting under FortiManager > System Settings > Advanced > Misc Settings > Disable verify installation. After that, try to install again.
3. If the above steps do not work, proceed to downgrade FGT to v7.4.3 GA.
Fortigate support responded it as bug (BUG: 1033653) and is expected to resolve in FMG 7.4.4 versions.
Is there any update on the issue?
Yes, upgraded FMG firmware to version 7.4.4 and the issue got fixed.
But the 7.4.4 is not available for upgrade yet.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.