Access to FortiGate via GUI from FortiManager

jsaab05 · ‎01-25-2018

Hello everyone. I have the following question: Can I access a FortiGate from the FortiManager by GUI? If so, where do I find this option?

I thank you in advance for your attention.

aagrafi · ‎01-26-2018

No. The only options you have is the device manager/policy manager, which is FMG's GUI, not FG's.

baker_gt · ‎02-08-2018

You can access a FG via FortiCloud in this way.

You can also access a FG Via CLI from FM, so there must be a way. We are getting onto our account manager to get his sorted for us.

ergotherego · ‎03-05-2018

I don't think there is or will be a way. The FMG webUI effectively replaces the FGT webUI for managed firewalls.

What you are asking for is essentially for FMG to be a proxy for webUI sessions against FGTs, which is just not something that it does.

Your best bet would probably be to use readonly user accounts that permit directly connectivity to FGTs.

tuxerl · ‎03-07-2018

You might set up a Site2Site IPSEC VPN between your central site and remote FGTs. Using FMG's "VPN Manager" this is pretty easy.

Over this VPN you could also access the remote FGT Web UIs.

baker_gt · ‎03-07-2018

Forti Cloud allows it. That isnt a full doing the same management, but does allow some things.

For all our Mikrotik routers, we have a SSTP tunnel coming back to us, and a route to them, this works really well.

Problem is when a unit goes to 4g. These are non real world IPs. So getting into them some other way would be great!!

We could use VPN Manager, but it does remove ALL VPNs from the units when you set that up. Its something we could do easy enough, but there is an amount of work needed to make it happen, and we would need 2x VPNs, one from the 4g and one from their main connection.

the FGFM tunnel creates on its own, and is there. i can SSH over it from FMG, just need a way of exposing the routing table and forward table from the FMG (making it a router when its really not a router)