When you log in to an unauthorized, downstream FortiGate device, the log in prompt includes the option to authorize the device on the root FortiGate device.
When the Security Fabric is disabled on the FortiGate, and a neighboring FortiGate is detected on the same network using LLDP, the log in prompt gives the option to join the Security Fabric.
A downstream FortiGate device's authorization status can also be reviewed from Fabric Connectors gutter page.
- Log in to the unauthorized, downstream device.
- On the Fabric Setup step, click Review authorization on root FortiGate.
A pop-up window opens to a log in screen for the root FortiGate.
- Enter the log in credentials for the root FortiGate, then click Login.
A list of pending authorizations is shown.
- Select Allow and then click OK to authorize the downstream FortiGate. You can also select Deny to reject the authorization, or Later to postpone the decision to the next time that you log in.
When authorization is allowed, the pop-up window closes, and the log in prompt shows that the downstream FortiGate has been authorized.
- Click Done to log in to the downstream FortiGate.
- Log in to the device.
- On the Fabric Setup step, enable Join Existing Fabric.
- Authorize the FortiGate, as previously shown.
- Go to Security Fabric > Fabric Connectors.
- In the gutter on the right side of the screen, click Review authorization on root FortiGate.
The root FortiGate pop-up window shows the state of the device authorization.