Configure the management address setting on a FortiManager that is behind a NAT device so the FortiGate can initiate a connection to the FortiManager. By configuring the management address setting in the CLI, FortiManager knows the public IP and can configure it on the FortiGate.
When a FortiGate is discovered by a FortiManager that is behind a NAT device, the FortiManager does not automatically set the IP Address on the FortiGate. This prevents the FortiGate from pointing to the FortiManager's private IP address and initiating the FortiGate-FortiManager (FGFM) tunnel to the FortiManager.
You can use the CLI to configure the management address when the NAT device in front of the FortiManager has a static 1:1 NAT rule.
config systems admin setting
set mgmt-addr <FMG_VIP>