Fortinet Document Library

Version:


Table of Contents

21.1.0
Download PDF
Copy Link

FortiCloud and FortiDeploy keys

The following table summarizes the differences between FortiCloud and FortiDeploy key usage:

Account type

Key type

Key reuse policy

Autojoin policy

Regular

FortiCloud

Valid until a new device is deployed

24 hours from first autojoin (grace period)

If join request is from the same IP address: 15 minutes after reenabling autojoin.

FortiDeploy

Valid only once

Always

Multitenancy

FortiCloud

Valid until a new device is deployed

Always

FortiDeploy

Valid only once

Always

You can reenable autojoin for a device in Network Overview or Inventory.

FortiCloud key

A FortiCloud key is printed on a sticker attached to the top surface of a FortiGate/FortiWiFi. You can use this key for one of the following:

  • Directly add a new individual device to a FortiGate Cloud account.
  • Import the key to a FortiGate Cloud account inventory.

See To deploy a FortiGate/FortiWifi to FortiGate Cloud using the FortiCloud key:

Either action allows the next autojoin request from the device. After the device successfully connects to FortiGate Cloud, its FortiCloud key becomes invalid.

If you load a device by FortiCloud key to a regular account, FortiGate Cloud always allows the device's autojoin request if the source IP address is the same as the last time it autojoined. If the device source IP address is different than the last time it successfully autojoined, you have the option to reenable autojoin for 15 minutes. You must reboot the device within that time to finish the autojoin process. You have a maximum of five attempts to reenable autojoin and reboot the device. After you reach five attempts, you must contact Customer Service & Support to reset the number of attempts. When the device successfully completes the autojoin process, this resets the number of attempts.

For multitenancy accounts, autojoin is always allowed.

FortiDeploy key

A FortiDeploy key is purchased with a SKU to load one or multiple new FortiGate/FortiWiFi(s) to a FortiGate Cloud account inventory. See To deploy multiple FortiGate/FortiWifi devices to FortiGate Cloud using a FortiDeploy bulk key:. This load action allows autojoin requests from all devices on the FortiDeploy key. Once you use a FortiDeploy key to load devices to a FortiGate Cloud account, you cannot reuse it to reload the devices. Autojoin is always allowed for a device added by FortiDeploy key.

FortiCloud and FortiDeploy keys

The following table summarizes the differences between FortiCloud and FortiDeploy key usage:

Account type

Key type

Key reuse policy

Autojoin policy

Regular

FortiCloud

Valid until a new device is deployed

24 hours from first autojoin (grace period)

If join request is from the same IP address: 15 minutes after reenabling autojoin.

FortiDeploy

Valid only once

Always

Multitenancy

FortiCloud

Valid until a new device is deployed

Always

FortiDeploy

Valid only once

Always

You can reenable autojoin for a device in Network Overview or Inventory.

FortiCloud key

A FortiCloud key is printed on a sticker attached to the top surface of a FortiGate/FortiWiFi. You can use this key for one of the following:

  • Directly add a new individual device to a FortiGate Cloud account.
  • Import the key to a FortiGate Cloud account inventory.

See To deploy a FortiGate/FortiWifi to FortiGate Cloud using the FortiCloud key:

Either action allows the next autojoin request from the device. After the device successfully connects to FortiGate Cloud, its FortiCloud key becomes invalid.

If you load a device by FortiCloud key to a regular account, FortiGate Cloud always allows the device's autojoin request if the source IP address is the same as the last time it autojoined. If the device source IP address is different than the last time it successfully autojoined, you have the option to reenable autojoin for 15 minutes. You must reboot the device within that time to finish the autojoin process. You have a maximum of five attempts to reenable autojoin and reboot the device. After you reach five attempts, you must contact Customer Service & Support to reset the number of attempts. When the device successfully completes the autojoin process, this resets the number of attempts.

For multitenancy accounts, autojoin is always allowed.

FortiDeploy key

A FortiDeploy key is purchased with a SKU to load one or multiple new FortiGate/FortiWiFi(s) to a FortiGate Cloud account inventory. See To deploy multiple FortiGate/FortiWifi devices to FortiGate Cloud using a FortiDeploy bulk key:. This load action allows autojoin requests from all devices on the FortiDeploy key. Once you use a FortiDeploy key to load devices to a FortiGate Cloud account, you cannot reuse it to reload the devices. Autojoin is always allowed for a device added by FortiDeploy key.