Verifying devices with private data encryption enabled
FortiManager supports the private data encryption settings on FortiOS. FortiGates with the private-data-encryption
setting enabled can be managed by FortiManager.
When a FortiGate with the private-data-encryption
setting enabled is added to FortiManager, FortiManager requires the FortiGate encryption key to be entered in FortiManager to successfully install device configuration settings and manage the added FortiGate. To know more about adding devices to FortiManager, see Add devices.
FortiManager does not support enabling or disabling the If the |
To verify an added FortiGate with its encryption key on FortiManager:
- Go to Device Manager > Device & Groups. The Device Manager prompts with a Warning dialog that requires the FortiGate encryption key to be entered:
- Enter the correct encryption key into the Private Data Encryption Key field for each of the listed FortiGates. The Warning dialog lists all the FortiGates for which the respective encryption keys are required.
- Click Verify. If the encryption key matches, the device is verified.
If the encryption key does not match, the verification fails, and you may try again with the correct key.
Once the added FortiGates are verified, you may start managing the added devices.
Every time you try to install configuration settings to the managed FortiGates, FortiManager checks if the FortiGate encryption is correct. If the encryption key is incorrect, the added device is disabled for installation.
You may verify devices again from the Device Manager by entering the correct encryption keys for the disabled FortiGates.