One of our FGTs managed by FMG somehow lost connection to the FMG. It has two internet, wan1 and wan2. But probably when wan1 went down the FMG changed connection to wan2, then wan2 went down. Currently wan1 is up and operational, but somehow the central-management config has lost orignal config and had:
config system central-management
set type fortanalyzer
end
So I changed it back to:
config system central-management
set type fortimanager
set fmg x.x.x.x
end
Then changed IP address at FMG under Device&Group->Edit Device to have this wan1 IP on the FMG side.
Based on my sniffing at the FGT, the FMG is trying to re-connect via this wan1 IP but the FGT seems to be ignoring the "SYN" packets from the FMG.
I know I can wipe out this FGT from the FMG and start over re-registering. But is there any easy way to just re-connect it?
By the way our FMG-VM is running v6.4.8 now.
Thanks,
Toshi
Hello Toshi,
Thank you for using the Community Forum. ( And thanks a lot for your help :)!)
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hello Toshi,
We are still looking an answer for your question.
We will come back to you ASAP.
Regards,
Thank you for your effort Anthony.
Based on what I can see, it seems that the FGT side newly tried to get registered at FMG because I manually/directly configured "config sys central-managment" with the FMG's IP again (I deleted the request at root ADOM), then waiting for its acceptance/response from the FMG. On the other hand, the FMG is just trying to re-connect for a device that is already registered and in the DB.
Toshi
Hello Toshi,
Thank you for sharing these information!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.