FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Dirty_Wizard_FTNT
Article Id 190199

Description


This article describes how to fix the following error that displays when going through the Add Device wizard on the FortiManager:

'Failed to reload configuration. 'datasrc invalid. object: webfilter profile ftgd-wf filters category. detail: 32. solution: data not exist'.

 

Or:

 

'Failed to reload configuration. 'datasrc invalid. object: webfilter profile ftgd-wf filters.92:category. detail: 100. solution: data not exist'.


Scope

 

FortiManager.

 

Solution

 

Attempts to add the FortiGate to the FortiManager succeed but the initial retrieval of the device config fails due to Web Filter FortiGuard Category 32/100 being present on the FortiGate but not on the FortiManager.

Category 32 is a deprecated category that no longer exists but has lingered on the FortiGate from previous upgrades.

Category 100 is likely present in a newer version but the FortiGate has been downgraded to a previous major release (e.g 7.4 -> 7.2)

In order to add the device successfully on the FortiManager, any reference to FortiGuard category 32/100 must be deleted from the FortiGate.
In the case of category 100, from the error message, it is part of filter 92. It is recommended to export the config to search for the actual webfilter profile(s) that contains this reference.

In the FortiGate CLI:
 
config vdom
edit <vdom_name>  <- Replace with name of VDOM. If VDOMs are not configured, proceed to the next command.
config webfilter profile
edit <profile_name>  <- Replace with the name of the Web Filter Profile.
config ftgd-wf
config filters
show  <- Show to see where the unrecognized category is set, if at all. Alternatively, use 'show | grep 32' to search the filters for the number 32.
delete <ID>  <- Replace with the entry number that category 32 was set on.
end
end
end
 
Optionally, backup the FortiGate configuration file and search for instances of 'set category xx' in a text editor.
 
Once all entries are removed, the FortiGate can be added successfully to the FortiManager.