Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mayar
New Contributor II

Created on ‎09-30-2024 06:20 AM Edited on ‎09-30-2024 08:59 AM

set banned-cipher prevents pushing the device configuration on trial Fortigate VM

Hi there,

 

I'm having issue in a lab (build by me) that i've created with trial version of FortiGate VMs (x2), FortiManager (x1) and FortiAnalyzer (x1).

I've added two FortiGates to the FortiManager, and everything was working without issues, untill the first device installation.

The FortiManager keeps showing error in the installation of device configuration, after digging around, i found out that the issue occurs because of the "set banned-cipher" command. This command seems to be not available in the trial fortivm, and in the FortiManager I wasn't able to remove the setting from the CLI configuration (because it requires at least 1 cipher that has to be banned).

The running versions of the devices are;

FortiGate VMs KVM 7.4.4 build 2662 (Feature)

FortiManager v7.4.3-build2487 240514 (GA)

FortiAnalyzer (while it doesn't have to do with the issue) v7.4.3-build2487 240514 (GA)

2024-09-30 15_08_25-gns3@gns3vm - TightVNC Viewer.png2024-09-30 15_09_18-gns3@gns3vm - TightVNC Viewer.png2024-09-30 15_11_04-gns3@gns3vm - TightVNC Viewer.png

 

When i deselect the banned-cipher and click apply (in the CLI configuration of the device) the ciphers SHA1, SHA256 and SHA384 are reselected again!

2024-09-30 15_17_02-gns3@gns3vm - TightVNC Viewer.png

Did anyone encounter this issue?

is there a solution for this issue?

Labels:
870
0 Kudos
12 REPLIES 12
AmedBoti
New Contributor

Created on ‎11-10-2024 10:57 PM

Guys, any update on this issue?

113
0 Kudos
funkylicious
SuperUser
SuperUser
In response to AmedBoti

Created on ‎11-10-2024 11:17 PM

I dont think its an issue per-say more a limitation of the trial VM, those params might not apply.

https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/441460/permanent-trial-mode-...

  • Support for low encryption operation only, except for GUI management access and FortiManager communications

 

"jack of all trades, master of none"
"jack of all trades, master of none"
105
0 Kudos
AmedBoti
New Contributor
In response to funkylicious

Created on ‎11-11-2024 01:10 AM

I see now, it must be that.. well not much to operate and enjoy together with fortimanager.

85
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.