If you are working with a 14 day evaluation version of a virtual FortiGate firewall and would like to add it to your FortiManager you will be greeted with a vague SSL Error and the devices won’t be able to communicate. This is probably an issue you will run into with your lab environment but it’s anoying nontheless.

The issue is FortiManager requires a high level of encryption, something that’s not supported in the 14 day eval of a virtual FortiGate.

The fix would be done on the FortiManager from the CLI as shown below.

config system global
set fgfm-ssl-protocol tlsv1.0
set enc-algorithm low
end

WARNING: when you type end you will be warned that making this change will disconnect all active tunnels. Once you press Y it will disconnect all management tunnels. They will reconnect but it’s something to keep in mind if you are doing this in a production environment.