Fortinet Document Library

Version:


Table of Contents

About FortiGate for GCP

Deploying FortiGate-VM on Google Cloud Marketplace

Deploying FortiGate-VM on Google Cloud Compute Engine

Deploying FortiGate-VM Using Google Cloud SDK

Use Case: High Availability for FortiGate on GCP

Security Fabric Connector Integration with GCP

Resources

Upgrade Path Tool
6.0.0
Copy Link

Troubleshooting GCP SDN Connector

You can check if API calls are made successfully by running the following commands in the CLI:

diagnose debug enable

diagnose debug application gcpd -1

Wait a few minutes for the output. If the SDN connector was configured successfully, the API status shows 200 in communicating with the Google Cloud API server as shown below. The host looks different depending on where you run the FortiGate instance (on or outside of GCP).

If the CLI shows a failure, check the following and see if any required configuration is missing or incorrect:

  • If using metadata IAM, can the FortiGate-VM access the API on Google Cloud Compute Engine?
  • If the service account is specified:
    • Is the project name correct?
    • Is the service account email address correct?
    • Is the service account key correct?
    • Does the service account have the appropriate role/permissions?

Resources

Troubleshooting GCP SDN Connector

You can check if API calls are made successfully by running the following commands in the CLI:

diagnose debug enable

diagnose debug application gcpd -1

Wait a few minutes for the output. If the SDN connector was configured successfully, the API status shows 200 in communicating with the Google Cloud API server as shown below. The host looks different depending on where you run the FortiGate instance (on or outside of GCP).

If the CLI shows a failure, check the following and see if any required configuration is missing or incorrect:

  • If using metadata IAM, can the FortiGate-VM access the API on Google Cloud Compute Engine?
  • If the service account is specified:
    • Is the project name correct?
    • Is the service account email address correct?
    • Is the service account key correct?
    • Does the service account have the appropriate role/permissions?