This article provides an example of how to configure a FortiManager v5.0 in back up mode to ensure that configuration revisions are automatically retrieved by the FortiManager whenever the FortiGate configuration changes.
Note: In FortiOS 5.0, when using backup mode and pointing the FortiGate to FortiManager, you must also use FortiManager for FortiGuard services as well. Starting in FortiOS 5.2, it is possible to use public FortiGuard servers.
Test Auto-Retrieve
1) Log into to FortiGate and create a test object (firewall
address)
Example:
config firewall address
edit "FMG-Test"
set subnet <xxx.xxx.xxx.xx x/subnet>
next
2) Log out of the FortiGate.
3) Check the FortiManager under
Managed Devices > All FortiGate > FortiGate > Menu > Revision
history > "Auto-Retrieved" by FMG
Useful Debugs for monitoring this process if you encounter problems:
diagnose debug reset
diagnose debug application fgfm -1
diagnose debug console timestamp enable
diagnose debug enable
On the FMG:
diagnose debug application depmanager 255
diagnose debug enable
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.