Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Verifying devices with private data encryption enabled

FortiManager supports the private data encryption settings on FortiOS. FortiGates with the private-data-encryption setting enabled can be managed by FortiManager.

When a FortiGate with the private-data-encryption setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. To know more about adding devices to FortiManager, see Add devices.

To verify an added FortiGate with its encryption key on FortiManager:
  1. Go to Device Manager > Device & Groups. The Device Manager prompts with a Warning dialog that requires the FortiGate encryption key to be entered:

  2. Enter the correct encryption key into the Private Data Encryption Key field for each of the listed FortiGates. The Warning dialog lists all the FortiGates for which the respective encryption keys are required.

  3. Click Verify. If the encryption key matches, the device is verified.

    If the encryption key does not match, the verification fails, and you may try again with the correct key.

Once the added FortiGates are verified, you may start managing the added devices.

Every time you try to install configuration settings to the managed FortiGates, FortiManager checks if the FortiGate encryption is correct. If the encryption key is incorrect, the added device is disabled for installation.

You may verify devices again from the Device Manager by entering the correct encryption keys for the disabled FortiGates.

Note

FortiManager does not support enabling or disabling the private-data-encryption setting on FortiOS. It must be done on the managed FortiGate. To learn more about it, see the FortiOS Administration Guide on the Docs Library.

If the private-data-encryption setting is enabled on an already managed FortiGate, you may need to manually retrieve device configuration settings again on FortiManager.

Verifying devices with private data encryption enabled

FortiManager supports the private data encryption settings on FortiOS. FortiGates with the private-data-encryption setting enabled can be managed by FortiManager.

When a FortiGate with the private-data-encryption setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. To know more about adding devices to FortiManager, see Add devices.

To verify an added FortiGate with its encryption key on FortiManager:
  1. Go to Device Manager > Device & Groups. The Device Manager prompts with a Warning dialog that requires the FortiGate encryption key to be entered:

  2. Enter the correct encryption key into the Private Data Encryption Key field for each of the listed FortiGates. The Warning dialog lists all the FortiGates for which the respective encryption keys are required.

  3. Click Verify. If the encryption key matches, the device is verified.

    If the encryption key does not match, the verification fails, and you may try again with the correct key.

Once the added FortiGates are verified, you may start managing the added devices.

Every time you try to install configuration settings to the managed FortiGates, FortiManager checks if the FortiGate encryption is correct. If the encryption key is incorrect, the added device is disabled for installation.

You may verify devices again from the Device Manager by entering the correct encryption keys for the disabled FortiGates.

Note

FortiManager does not support enabling or disabling the private-data-encryption setting on FortiOS. It must be done on the managed FortiGate. To learn more about it, see the FortiOS Administration Guide on the Docs Library.

If the private-data-encryption setting is enabled on an already managed FortiGate, you may need to manually retrieve device configuration settings again on FortiManager.