FortiManager supports FortiPAM license validation and central packages download 7.2.5
FortiManager supports FortiPAM license validation and central packages download.
Configuring license validation and central package download
To configure FortiPAM to use FortiManager for license validation and central package download:
- In the FortiPAM CLI, enter the following:
config system central-management
config server-list
edit 1
set server-type update rating
set server-address <FMG IP>
next
end
set include-default-servers disable
end
- On FortiManager, FortiPAM can be authorized from the Unauthorized Devices list.
FortiManager supports FortiPAM license validation and central package downloads in the following scenarios:
- Scenario 1: FortiManager is able to connect to the FDS server and download the FortiPAM contracts directly from FDS.
- Scenario 2: FortiManager is configured in a closed network, and the administrator uploads the entitlement file to FortiManager for the FortiPAM contracts.
Confirming license information in the CLI
To view contract information:
- Using the FortiManager CLI, you can view the FortiPAM contract information:
dianose fmupdate dbcontract <serial number>
FPAVULTM********* [SERIAL_NO]
AccountID: *****@****.com
Industry: Technology
Company: Fortinet Canada
Contract: 10
AVDB-1-06-202*****
AVEN-1-06-202*****
COMP-1-20-202*****
ENHN-1-20-202*****
FMWR-1-06-202*****
FPAM-1-06-202*****
FRVS-1-06-202*****
FURL-1-06-202*****
NIDS-1-99-202*****
SPRT-1-20-202*****
Contract Raw Data:
Contract=AVDB-*********
- Cconfirm the license validity on FortiManager:
dianose fmupdate vm-license
VM License Cache Size: 1
Cache Entry Key=***********
Serial: =***********
UID : =***********
status: 200
Active Time: UTC 1694819991 Local 2023/09/15 16:19:51
Register Time: UTC 1694819991 Local 2023/09/15 16:19:51
FMG side see FortiPAM VMSetup, FDNSetup and update request
2023/09/15_16:19:51.488 info fds_svrd[2066]: [FMG-->FDS] Request: Protocol=3.0|Command=VMSetup|Firmware=FPAV64-FW-1.01-0432|SerialNumber==***********|Connection=Internet|Address==***********:0|Language=en-US|TimeZone=-7|UpdateMethod=1|Uid==***********|VMPlatform=VMWARE^M ^M
2023/09/15_16:19:51.643 info fds_svrd[2066]: __devobj_set_vmlic_status,651: for =***********, set vmlic_status=200
2023/09/15_16:21:27.181 info fds_svrd[2066]: [FMG-->FDS] Request: Protocol=3.4|Command=FDNSetup|Firmware=FPAV64-FW-1.01-0432|SerialNumber==***********|Language=en-US|TimeZone=-7|Sequence=0|HAList==***********|AuthList=FMG-=***********
2023/09/15_16:48:55.860 info fds_worker[2369]: [FGT-->FMG] Request: Protocol=3.2|Command=Update|Firmware=FPAV64-FW-1.01-0432|SerialNumber==***********|UpdateMethod=1|AcceptDelta=1|Uid==************************************
- On FortiPAM, you can confirm that the license is validated and updated:
get system status
Version: FortiPAM-VM64 v1.1.2,build0432,230825 (GA)
License: Active, seat 10, active seat 10, expiry date 2024-09-07
Virus-DB: 91.06991(2023-09-15 15:26)
Extended DB: 91.06991(2023-09-15 15:25)
Extreme DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 2.12719(2023-09-15 14:45)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 6.00741(2015-12-01 02:30)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
Serial-Number: ***************
License Status: Valid
VM Resources: 1 CPU, 1992 MB RAM
Log hard disk: Available
Hostname: 238-FortiPAM
Private Encryption: Disable
Operation Mode: NAT
FIPS-CC mode: disable
Current HA mode: Standalone
Branch point: 0432
Release Version Information: GA
FortiPAM x86-64: Yes
System time: Fri Sep 15 17:05:53 2023
Last reboot reason: power cycle