Getting Started
 |
Some FortiSwitch units might have a sticker on them with an outdated procedure. Use the procedures in the FortiEdge Cloud Administration Guide instead of procedures on the sticker. |
NOTE: The following are the requirements to use all of the features of FortiEdge Cloud:
- Register your FortiSwitch units with Fortinet Support (https://support.fortinet.com).
- Check that your FortiSwitch units are running FortiSwitchOS 6.0.0 or later.
- Check that your FortiSwitch units are connected to the Internet.
- Subscribe to FortiCare (https://www.fortinet.com/support-and-training/support-services/forticare-support.html).
- Purchase a Management license for each FortiSwitch unit through authorized Fortinet resellers and distributors. For information on the FortiEdge Cloud license offering, see Licensing.
- After you purchase a FortiSwitch Management license, you need to register it in your FortiCare account.
- FortiEdge Cloud will automatically import the license from your FortiCare account during its regular license check. Depending on when the license was registered, there might be a delay before the license is available in FortiEdge Cloud.
- Set your FortiSwitch units to the standalone mode.
- Check that the system time on your FortiSwitch units is accurate. To set the time on your FortiSwitch unit, see the FortiSwitchOS Administration Guide—Standalone Mode.
Supported models
FortiEdge Cloud supports all FortiSwitch units running FortiSwitchOS Release 6.0.0 or later
To get started using FortiEdge Cloud, follow these procedures:
Checking your Cloud configuration
To check your Cloud configuration, use the following commands:
S524DF4K15000024 # config system flan-cloud S524DF4K15000024 (flan-cloud) # get
interval : 45 name : fortiswitch-dispatch.forticloud.com port : 443 status : enable
| Option | Description |
|---|---|
| interval | The time in seconds allowed for domain name system (DNS) resolution. The default is 15 seconds. The range of values is 3-300 seconds. |
| name | The domain name for FortiEdge Cloud. By default, this field is set to fortiswitch-dispatch.forticloud.com. |
| port | Port number used to connect to FortiEdge Cloud. The default is port 443. |
| status | Whether access to FortiEdge Cloud is enabled or disabled. By default, the status is set to enable. |
To check your connections to FortiEdge Cloud, use the get system flan-cloud-mgr connection-info command.
The State-Machine field is set to FSMGR_STATE_READY when your FortiSwitch unit is being managed by FortiEdge Cloud. The SSL tunnel is the secure communication channel between your FortiSwitch unit and FortiEdge Cloud. FortiEdge Cloud uses the Socket Secure protocol (SOCKS) to communicate with your FortiSwitch units.
For example:
S524DF4K15000024 # get system flan-cloud-mgr connection-info User Account-ID: : 012345 Dispatch Service : IP= xx.xx.xx.xx SSL verify Code : ok Access Service : IP= xx.xx.xx.xx, Port= 443, Connected on: 2018-11-28 10:59:32 Bootstrap Service : hostname= xxxxxxxxxx, Port= 8000 Remote Assistance : Disabled. State-Machine : State= FSMGR_STATE_READY, Event= EV_READY_HBEAT_GOOD SSL Local End-Point : Interface: mgmt, IP: xx.xx.xx.xx SSL Tunnel Uptime : Days: 0 Hours: 2 Mins: 22 [Connected @2018-11-28 10:59:32] SSL Tunnel stats : restart-count= 4, Reason= Configuration Change Stats: ======== Switch Keep Alive Tx/Reply := 45 / 45 Manager Keep Alive Rx/Error := 45 / 0 Socks Req Rx/Last Stream-ID := 224 / 14 Reset Req Rx/last Stream-ID := 8 / 12 Goaway Req Rx := 0 Unknown Req Rx := 0 Syslog FD/Tx/Err := 8 / 3 / 0 Used SOCKS stream-id: ======================= SID SockFd State Description ___ ______ _____ _______________ 18 10 DATA REST REQ 5 0 DATA SYSLOG DATA
Enabling and disabling cloud management
To allow your FortiSwitch unit to be managed by FortiEdge Cloud, use the following commands:
config system flan-cloud
set status enable
end
If you want to remove a FortiSwitch unit from FortiEdge Cloud, use the following commands:
config system flan-cloud
set status disable