Fortinet white logo
Fortinet white logo

Administration Guide

Adding online devices using Discover mode

Adding online devices using Discover mode

The following steps describe how to add an online device by using the Add Device wizard and Discover mode.

For FortiGates, you can use the new authorization method described in this topic with FortiOS 7.0.0 and later. If FortiGate is running FortiOS 6.4.x and earlier, the wizard automatically switches to the legacy login. See also Adding online devices using Discover mode and legacy login.

For FortiAnalyzer, you cannot use the Add Device wizard to add FortiAnalyzer to FortiManager. You must use the Add FortiAnalyzer wizard instead. See Add FortiAnalyzer.

Use the Discover option for devices that are currently online and discoverable on your network. When the wizard completes, the device is added to FortiManager and authorized.

Adding an online device does not result in an immediate connection to the device. Device connection happens only when you successfully synchronize the device.

FortiManager cannot communicate with FortiGate when offline mode is enabled. Enabling offline mode prevents FortiManager from discovering devices.

To add a device using Discover mode:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Device Manager > Device & Groups.
  3. Click Add Device. The wizard opens.

  4. Discover and authorize the device for management by FortiManager:
    1. Select Discover Device.
    2. In the box, type the management port IP address for the device, and click Next.

      If you are adding a FortiGate running FortiOS 6.4.x or earlier, the wizard automatically switches to legacy device login where you also type the username and password for the device in the wizard.

      A login window for the device is displayed. If the login window is not displayed, see How Security Fabric authorization works.

    3. Type the username and password for the device, and click Login.

      An authorization request window for the device is displayed.

    4. Click Allow, and then OK to authorize management by FortiManager.

      Authorization proceeds, and the device discovery process is initiated.

      After the device discovery process completes, the following page of information is displayed.

  5. Configure the following settings, and click Next:

    Name

    Type a unique name for the device. The device name cannot contain spaces or special characters.

    Description

    Type a description of the device (optional).

    System Template

    System templates can be used to centrally manage certain device-level options from a central location. If required, assign a system template using the dropdown menu. Alternatively, you can configure all settings per-device inside Device Manager. For more information, see Provisioning Templates.

    Override Profile Value

    After selecting a system template, click to override values in the template.

    Add to Folder

    Select to add the device to any predefined folders.

    Add to Device Group

    Select to add the device to any predefined groups.

    More information about the device is checked.

    After the wizard completes the checks, you are asked to choose whether to import policies and objects for the device now or later.

  6. Click Import Later to finish adding the device and close the wizard.

    If you click Import Now, the wizard continues. The next step in the wizard depends on whether you are importing a FortiGate VDOM.

    If you are importing a FortiGate VDOM, the following page is displayed with import options for the VDOM. Select an option, and click Next.

    If you are not importing a FortiGate VDOM, the following page is displayed.

  7. Set the following options, and click Next:
    1. Select Import Policy Package.
    2. If you have FortiAP and/or FortiSwitch units connected to the device, select Import AP Profiles or FortiSwitch Templates.

    The Import Device page is displayed.

  8. Set the following options, then click Next:
    1. In the Policy Selection section, select Import All or Select Policies and Profile Groups to Import.
    2. In the Object Selection section, select Import only policy dependent objects or Import all objects.
    3. Check the device interface mappings.
    4. Select or clear the Add mappings for all unused device interfaces checkbox.

    The list of objects that will be updated is displayed.

  9. Click Next.

    A detailed summary of the import is shown. Click Download Import Report to download a report of the import. The report is only available on this page.

  10. Click Finish to finish adding the device and close the wizard.

Adding online devices using Discover mode

Adding online devices using Discover mode

The following steps describe how to add an online device by using the Add Device wizard and Discover mode.

For FortiGates, you can use the new authorization method described in this topic with FortiOS 7.0.0 and later. If FortiGate is running FortiOS 6.4.x and earlier, the wizard automatically switches to the legacy login. See also Adding online devices using Discover mode and legacy login.

For FortiAnalyzer, you cannot use the Add Device wizard to add FortiAnalyzer to FortiManager. You must use the Add FortiAnalyzer wizard instead. See Add FortiAnalyzer.

Use the Discover option for devices that are currently online and discoverable on your network. When the wizard completes, the device is added to FortiManager and authorized.

Adding an online device does not result in an immediate connection to the device. Device connection happens only when you successfully synchronize the device.

FortiManager cannot communicate with FortiGate when offline mode is enabled. Enabling offline mode prevents FortiManager from discovering devices.

To add a device using Discover mode:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Device Manager > Device & Groups.
  3. Click Add Device. The wizard opens.

  4. Discover and authorize the device for management by FortiManager:
    1. Select Discover Device.
    2. In the box, type the management port IP address for the device, and click Next.

      If you are adding a FortiGate running FortiOS 6.4.x or earlier, the wizard automatically switches to legacy device login where you also type the username and password for the device in the wizard.

      A login window for the device is displayed. If the login window is not displayed, see How Security Fabric authorization works.

    3. Type the username and password for the device, and click Login.

      An authorization request window for the device is displayed.

    4. Click Allow, and then OK to authorize management by FortiManager.

      Authorization proceeds, and the device discovery process is initiated.

      After the device discovery process completes, the following page of information is displayed.

  5. Configure the following settings, and click Next:

    Name

    Type a unique name for the device. The device name cannot contain spaces or special characters.

    Description

    Type a description of the device (optional).

    System Template

    System templates can be used to centrally manage certain device-level options from a central location. If required, assign a system template using the dropdown menu. Alternatively, you can configure all settings per-device inside Device Manager. For more information, see Provisioning Templates.

    Override Profile Value

    After selecting a system template, click to override values in the template.

    Add to Folder

    Select to add the device to any predefined folders.

    Add to Device Group

    Select to add the device to any predefined groups.

    More information about the device is checked.

    After the wizard completes the checks, you are asked to choose whether to import policies and objects for the device now or later.

  6. Click Import Later to finish adding the device and close the wizard.

    If you click Import Now, the wizard continues. The next step in the wizard depends on whether you are importing a FortiGate VDOM.

    If you are importing a FortiGate VDOM, the following page is displayed with import options for the VDOM. Select an option, and click Next.

    If you are not importing a FortiGate VDOM, the following page is displayed.

  7. Set the following options, and click Next:
    1. Select Import Policy Package.
    2. If you have FortiAP and/or FortiSwitch units connected to the device, select Import AP Profiles or FortiSwitch Templates.

    The Import Device page is displayed.

  8. Set the following options, then click Next:
    1. In the Policy Selection section, select Import All or Select Policies and Profile Groups to Import.
    2. In the Object Selection section, select Import only policy dependent objects or Import all objects.
    3. Check the device interface mappings.
    4. Select or clear the Add mappings for all unused device interfaces checkbox.

    The list of objects that will be updated is displayed.

  9. Click Next.

    A detailed summary of the import is shown. Click Download Import Report to download a report of the import. The report is only available on this page.

  10. Click Finish to finish adding the device and close the wizard.