Device Configurations – FortiManager 5.2

Device Configurations

The FortiManager system maintains a configuration repository to manage device configuration revisions. After modifying device configurations, you can save them to the FortiManager repository and install the modified configurations to individual devices or device groups. You can also retrieve the current configuration of a device, or revert a device’s configuration to a previous revision.

This section contains the following topics: l Checking device configuration status l Managing configuration revision history

Checking device configuration status

In the Device Manager tab, when you select a device, you can view that device’s basic information under the device dashboard. You can also check if the current configuration file of the device stored in the FortiManager repository is in sync with the one running on the device.

If you make any configuration changes to a device directly, rather than using the FortiManager system, the configuration on the device and the configuration saved in the FortiManager repository will be out of sync. In this case, you can re synchronize with the device by retrieving the configuration from the device and saving it to the FortiManager repository.

You can use the following procedures when checking device configuration status on a FortiGate, FortiCarrier, or FortiSwitch.

To check the status of a configuration installation on a FortiGate unit:

  1. Go to the Device Manager tab, then select the ADOM and device group.
  2. In the All FortiGate page, select the FortiGate unit that you want to check the configuration status of. The device dashboardof for that unit is shown in the right content pane.
  3. In the dashboard, locate the Configuration and Installation Status
  4. Verify the status in the Installation Tracking

Configuration and installation status widget

Checking device configuration status

The following information is shown:

Device Profile The device profile associated with the device. Select Change to set this value.
Database Configuration Select View to display the configuration file of the FortiGate unit.
Total Revisions Displays the total number of configuration revisions and the revision history. Select Revision History to view device history.
Sync Status The synchronization status with the FortiManager.

Synchronized: The latest revision is confirmed as running on the device.

Out_of_sync: The configuration file on the device is not synchronized with the FortiManager system.

Unknown: The FortiManager system is unable to detect which revision (in revision history) is currently running on the device.

Select Refresh to update the Installation Status.

Warning Displays any warnings related to configuration and installation status.

None: No warning.

Unknown configuration version running on FortiGate: FortiGate configuration has been changed!: The FortiManager system cannot detect which revision (in Revision History) is currently running on the device.

Unable to detect the FortiGate version: Connectivity error! l Aborted: The FortiManager system cannot access the device.

Installation Tracking  
Device Settings Status Modified: Some configuration on the device has changed since the latest revision in the FortiManager database. Select Save Now to install and save the configuration.

UnModified: All configuration displayed on the device is saved as the latest revision in the FortiManager database.

Installation Preview Select icon to display a set of commands that will be used in an actual device configuration installation in a new window.
Last Installation Last Installation: The FortiManager system sent a configuration to the device at the time and date listed.
Scheduled Installation Scheduled Installation: A new configuration will be installed on the device at the date and time indicated.
Script Status Select Configure to view script execution history.
Last Script Run Displays the date when the last script was run against the managed device.
Scheduled Script Displays the date when the next script is scheduled to run against the managed device.

This entry was posted in Administration Guides, FortiManager and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.