Troubleshooting - FortiGate Cloud Management issue

Issue

Forticloud management connection was lost after connecting to Acreto.

Description

When FortiGate is set up to route all traffic through Acreto, it may lose connection with FortiGuard/FortiCloud management servers.

Reason

When the default route is set towards Acreto, FortiGate sends all the FortiCloud connections through Acreto. However, while sending these requests, FortiGate uses its WAN IP as the source of the connection, which may not be allowed in Acreto EcoSystem.

To fix the issue, apply the solutions listed below:

Solution: Changes in FortiGate ( from the Customer side)

Alternatively, this issue can be resolved at the Customer location by setting Fortigate’s LAN IP as the source address for Fortiguard by following the steps below :

  1. Login to Fortigate Dashboard

  2. Goto Network > Interfaces > select the LAN interface

  3. Copy the IP address of the LAN interface of FortiGate (Gateway IP for the LAN network)

    Lan_IP Lan_IP

  4. Login to CLI of FortiGate.

  5. Run the following commands:

config system fortiguard
set source-ip <ip_address_lan_interface>
end

Any one of the above solutions will restore the connection with FortiCloud.