Fortinet black logo

New Features

Home FortiManager 7.4.0 New Features
7.4.0
7.6.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0

Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during ZTP 7.4.2

Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during ZTP 7.4.2

Note

This information is also available in the FortiManager 7.4 Administration Guide:

The Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during zero-touch provisioning. When enabled, this option will provision the configuration to the real device, as is. Misconfiguration of the FortiGate management interface may cause the device to not be able to connect to the FortiManager.

To enforce device configuration during auto-linking:

  1. Go to Device Manager > Device & Group.

  2. The Enforce Device Configuration option is available when configuring device settings through the following methods:

    1. Add Device > Add Model Device

    2. Add Device > Add Model HA Cluster

    3. Add Device > Device Blueprint

  3. In the Add Device wizard, enable the Enforce Device Configuration option. This setting is disabled by default.

    When Enforce Device Configuration is enabled, you can change the FortiGate's management interface configuration, and the auto-link process will use the management interface configured on the device.

Example configuration using Enforce Device Configuration:

  1. Go to Device Manager > Device & Groups.

  2. Click Add Device > Add Model Device.

  3. Enable the Enforce Device Configuration option, and configure the remaining settings for the model device.

  4. Double click on the newly created model device to enter the device database, and then change the FortiGate's management interface configuration under Network: Interfaces.
    In this example, the management interface is configured to 10.3.106.96 255.255.0.0

  5. After the FortiGate comes online and connects to FortiManager, the auto-link process is completed, and the management interface configuration is installed to the FortiGate.

    config system interface

    edit "port1"

    set vdom "root"

    set ip 10.3.106.96 255.255.0.0

    set allowaccess ping https ssh http telnet fgfm

    set type physical

    set snmp-index 1

    next

    end

Previous
Next

Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during ZTP 7.4.2

Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during ZTP 7.4.2

Note

This information is also available in the FortiManager 7.4 Administration Guide:

The Enforce Device Configuration option allows auto-link to push changes on FortiGate management interface during zero-touch provisioning. When enabled, this option will provision the configuration to the real device, as is. Misconfiguration of the FortiGate management interface may cause the device to not be able to connect to the FortiManager.

To enforce device configuration during auto-linking:

  1. Go to Device Manager > Device & Group.

  2. The Enforce Device Configuration option is available when configuring device settings through the following methods:

    1. Add Device > Add Model Device

    2. Add Device > Add Model HA Cluster

    3. Add Device > Device Blueprint

  3. In the Add Device wizard, enable the Enforce Device Configuration option. This setting is disabled by default.

    When Enforce Device Configuration is enabled, you can change the FortiGate's management interface configuration, and the auto-link process will use the management interface configured on the device.

Example configuration using Enforce Device Configuration:

  1. Go to Device Manager > Device & Groups.

  2. Click Add Device > Add Model Device.

  3. Enable the Enforce Device Configuration option, and configure the remaining settings for the model device.

  4. Double click on the newly created model device to enter the device database, and then change the FortiGate's management interface configuration under Network: Interfaces.
    In this example, the management interface is configured to 10.3.106.96 255.255.0.0

  5. After the FortiGate comes online and connects to FortiManager, the auto-link process is completed, and the management interface configuration is installed to the FortiGate.

    config system interface

    edit "port1"

    set vdom "root"

    set ip 10.3.106.96 255.255.0.0

    set allowaccess ping https ssh http telnet fgfm

    set type physical

    set snmp-index 1

    next

    end

Previous
Next