Fortinet white logo
Fortinet white logo

GCP Administration Guide

Troubleshooting GCP SDN Connector

Troubleshooting GCP SDN Connector

You can check if API calls are made successfully by running the following commands in the CLI:

diagnose debug enable

diagnose debug application gcpd -1

Wait a few minutes for the output. If the SDN connector was configured successfully, the API status shows 200 in communicating with the Google Cloud API server as shown. The host looks different depending on where you run the FortiGate instance (on or outside of GCP).

If the CLI shows a failure, check the following and see if any required configuration is missing or incorrect:

  • If using metadata IAM, can the FortiGate-VM access the API on Google Cloud Compute Engine?
  • If the service account is specified:
    • Is the project name correct?
    • Is the service account email address correct?
    • Is the service account key correct?
    • Does the service account have the appropriate role/permissions?

Troubleshooting GCP SDN Connector

Troubleshooting GCP SDN Connector

You can check if API calls are made successfully by running the following commands in the CLI:

diagnose debug enable

diagnose debug application gcpd -1

Wait a few minutes for the output. If the SDN connector was configured successfully, the API status shows 200 in communicating with the Google Cloud API server as shown. The host looks different depending on where you run the FortiGate instance (on or outside of GCP).

If the CLI shows a failure, check the following and see if any required configuration is missing or incorrect:

  • If using metadata IAM, can the FortiGate-VM access the API on Google Cloud Compute Engine?
  • If the service account is specified:
    • Is the project name correct?
    • Is the service account email address correct?
    • Is the service account key correct?
    • Does the service account have the appropriate role/permissions?