Device Manager – FortiManager 5.2

Configuring devices
You can configure the FortiGate units in three ways:
Per device, from the Device Manager dashboard toolbar. Per VDOM, from the Device Manager dashboard toolbar. Per provisioning template.
This section contains the following topics:
Configuring a device
Configuring virtual domains (VDOMs)
Configuring a device
Configuring a FortiGate unit using the Device Managerdashboard toolbar is very similar to configuring FortiGate units using the FortiGate Web-based Manager. You can also save the configuration changes to the configuration repository and install them to other FortiGate units at the same time.
This document does not provide detailed procedures for configuring FortiGate units. See the FortiGate documentation for complete information. The most up-to-date FortiGate documentation is also available in the Fortinet Document Library .
To configure a FortiGate unit:
1. In the Device Manager tab, select the ADOM from the drop-down list.
2. Select the unit you want to configure on the tree menu.
3. Select an option for that unit in the dashboard toolbar.
4. Configure the unit as required.
The configuration changes are saved to the FortiManager device database instead of the FortiManager repository represented by the RevisionHistory window.
You can rename and reapply firewall objects after they are created and applied to a firewall policy. When you do so, the FortiManager system will: delete all dependencies, delete the object, recreate a new object with the same value, and recreate the policy to reapply the new object.
Firewall policy reordering on first installation
On the first discovery of a FortiGate unit, the FortiManager system will retrieve the unit’s configuration and load it into the Device Manager. After you make configuration changes and install them, you may see that the FortiManager system reorders some of the firewall policies in the FortiGate unit’s configuration file.
This behavior is normal for the following reasons:
l The FortiManager system maintains the order of policies in the actual order you see them and manipulate them in the Web-based Manager, whereas the FortiGate unit maintains the policies in a different order (such as order of creation).
l When loading the policy set, the FortiManager system re-organizes the policies according to the logical order as they are shown in the web-based user interface. In other words, FortiManager will group all policies that are organized within interface pairs (internal -> external, port1 -> port3, etc.).
The FortiManager system does not move policies within interface pairs. It will only move the configuration elements so that policies with the same source/destination interface pairs are grouped together.
This behavior would only be seen:
On the first installation.
When the unit is first discovered by the FortiManager system. If using the FortiManager system to manage the FortiGate unit from the start, you will not observe the policy reordering behavior.

One thought on “Device Manager – FortiManager 5.2

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.