Communication between management server and specific devices not working-fortinet-FortiOS
Vendor: fortinet
OS: FortiOS
Description:
A management server needs to communicate with its managed devices at all times. indeni will alert if the communication is broken.
Remediation Steps:
Troubleshoot any possible connectivity issues.
How does this work?
This script logins to the FortiGate using SSH and retrieves the connectivity status with the fortimanager by using the FortiOS command “diagnose fdsm central-mgmt-status”. The “diagnose fdsm central-mgmt-status” command provides connectivity and registration status of the ForitGate with the FortiManager.
Why is this important?
This metric is used to identify the connectivity status of the FortiGate device with the FortiManager. The FortiManager unit provides remote management of a FortiGate unit over TCP port 541. In particular, the FortiManager appliance provides centralized policy-based provisioning, configuration, and update management, as well as end-to-end network monitoring for added control. Check the link below for more information: http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-system-administration-54/Central%20Management/central_mgmt.htm
Without Indeni how would you find this?
An admin would need to log into the Fortinet firewall and manually check the current status.This information can be provided via SNMP and logging.
fortios-diagnose-fdsm-central-mgmt-status
name: fortios-diagnose-fdsm-central-mgmt-status
description: Fortinet Firewall FortiManager connectivity and registration status
type: monitoring
monitoring_interval: 10 minutes
requires:
vendor: fortinet
os.name: FortiOS
product: firewall
comments:
trust-connection-state:
why: |
This metric is used to identify the connectivity status of the FortiGate device with the FortiManager. The
FortiManager unit provides remote management of a FortiGate unit over TCP port 541. In particular, the
FortiManager appliance provides centralized policy-based provisioning, configuration, and update management, as
well as end-to-end network monitoring for added control. Check the link below for more information:
http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-system-administration-54/Central%20Management/central_mgmt.htm
how: |
This script logins to the FortiGate using SSH and retrieves the connectivity status with the fortimanager by
using the FortiOS command "diagnose fdsm central-mgmt-status". The "diagnose fdsm central-mgmt-status" command
provides connectivity and registration status of the ForitGate with the FortiManager.
can-with-snmp: true
can-with-syslog: true
fortios-fortimanager-register-status:
why: |
This metric is used to identify the registration status of the FortiGate device with the FortiManager. The
FortiManager unit provides remote management of a FortiGate unit over TCP port 541. In particular, the
FortiManager appliance provides centralized policy-based provisioning, configuration, and update management, as
well as end-to-end network monitoring for added control. Check the link below for more information:
http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-system-administration-54/Central%20Management/Adding%20a%20FortiGate%20to%20FortiManager.htm
how: |
This script logins to the FortiGate using SSH and retrieves the registration status with the Fortimanager by
using the FortiOS command "diagnose fdsm central-mgmt-status". The 'diagnose fdsm central-mgmt-status command
provides connectivity and registration status of the FortiGate with the FortiManager.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: diagnose fdsm central-mgmt-status
parse:
type: AWK
file: diagnose_fdsm_central_mgmt_status.parser.1.awk
cross_vendor_connection_from_mgmt_to_device
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_connection_from_mgmt_to_device.scala