Fortinet black logo

Cloud Deployment

Home FortiManager Cloud 7.4.2 Cloud Deployment

Using FortiZTP with FortiManager Cloud

7.4.2
7.4.2
7.2.5
7.2.4
7.0.11
6.4.1
Copy Link
Copy Doc ID 2feb06f4-bade-11ee-8673-fa163e15d75b:552626
Download PDF

Using FortiZTP with FortiManager Cloud

FortiZTP is a centralized zero-touch provisioning platform for FortiCloud cloud product services. The service supports individual or bulk device provisioning to the target on-premise or cloud services, including FortiManager Cloud.

You can provision devices from FortiZTP with or without preconfiguration on FortiManager Cloud.

  • With preconfiguration, you must create a model device in FortiManager Cloud before provisioning using FortiZTP. The provisioned FortiGate will auto-link to the model device.
  • Without preconfiguration, you must manually authorize the FortiGate device from the unregistered list on FortiManager Cloud after provisioning from FortiZTP.

Below is an example diagram of the workflow for using FortiZTP with FortiManager Cloud:

To provision a FortiGate to FortiManager Cloud:

  1. (Optional) Create the model device on FortiManager Cloud when using the preconfiguration method.

  2. Provision the FortiGate using FortiZTP.

    1. Go to the FortiZTP portal.

    2. On the UNPROVISIONED tab, do the following:

      • To provision a single FortiGate, click the Provision icon.

      • To provision multiple FortiGates, select the checkboxes for the desired FortiGates, then click the PROVISION button.

    3. Under TARGET LOCATION in the Provision devices dialog, select FortiManager Cloud.

    4. Click PROVISION NOW.

  3. Reboot the FortiGate. For physical FortiGate devices, you must perform a factory reset.

  4. Complete the onboarding of the managed device:
    When provisioning with preconfiguration:

    1. After the FortiGate comes online, the FGFM tunnel is established.

    2. The auto-link process is performed automatically, and the FortiGate is added as a managed device.

    When provisioning without preconfiguration:

    1. After the FortiGate comes online, FortiZTP will set the FortiManager Cloud serial number on the FortiGate to establish the FGFM tunnel. The FortiGate is added to the Unauthorized Devices menu on FortiManager Cloud.

    2. Authorize the FortiGate to add it as a managed device.

Note

For more information about the use of FortiZTP, see the FortiZTP Administration Guide.
Tooltip

Deprovisioning a device from the FortiZTP portal will not delete the device from FortiManager Cloud. The device must be manually deleted.

Previous
Next

Using FortiZTP with FortiManager Cloud

FortiZTP is a centralized zero-touch provisioning platform for FortiCloud cloud product services. The service supports individual or bulk device provisioning to the target on-premise or cloud services, including FortiManager Cloud.

You can provision devices from FortiZTP with or without preconfiguration on FortiManager Cloud.

  • With preconfiguration, you must create a model device in FortiManager Cloud before provisioning using FortiZTP. The provisioned FortiGate will auto-link to the model device.
  • Without preconfiguration, you must manually authorize the FortiGate device from the unregistered list on FortiManager Cloud after provisioning from FortiZTP.

Below is an example diagram of the workflow for using FortiZTP with FortiManager Cloud:

To provision a FortiGate to FortiManager Cloud:

  1. (Optional) Create the model device on FortiManager Cloud when using the preconfiguration method.

  2. Provision the FortiGate using FortiZTP.

    1. Go to the FortiZTP portal.

    2. On the UNPROVISIONED tab, do the following:

      • To provision a single FortiGate, click the Provision icon.

      • To provision multiple FortiGates, select the checkboxes for the desired FortiGates, then click the PROVISION button.

    3. Under TARGET LOCATION in the Provision devices dialog, select FortiManager Cloud.

    4. Click PROVISION NOW.

  3. Reboot the FortiGate. For physical FortiGate devices, you must perform a factory reset.

  4. Complete the onboarding of the managed device:
    When provisioning with preconfiguration:

    1. After the FortiGate comes online, the FGFM tunnel is established.

    2. The auto-link process is performed automatically, and the FortiGate is added as a managed device.

    When provisioning without preconfiguration:

    1. After the FortiGate comes online, FortiZTP will set the FortiManager Cloud serial number on the FortiGate to establish the FGFM tunnel. The FortiGate is added to the Unauthorized Devices menu on FortiManager Cloud.

    2. Authorize the FortiGate to add it as a managed device.

Note

For more information about the use of FortiZTP, see the FortiZTP Administration Guide.
Tooltip

Deprovisioning a device from the FortiZTP portal will not delete the device from FortiManager Cloud. The device must be manually deleted.

Previous
Next