202000 - Failed to Connect to Fortinet Device
Agent error code #202000 indicates that the agent could not establish a connection to the Fortinet firewall or FortiManager. The connection attempt failed before any authentication could take place.
This error is distinct from authentication failures (#202001) or timeout errors (#202004). It indicates that the network path to the device is not functioning, or the target device is not reachable.
Common causes include:
- The hostname or IP address configured in Knocknoc is incorrect or unreachable
- The Fortinet management interface is not accessible from the agent's network
- The firewall or FortiManager device is offline or powered down
- A network firewall or access control list is blocking the connection
- The configured port number does not match the device's management port
Steps to Resolve
Verify the Hostname and Port
- Confirm the hostname or IP address configured in Knocknoc matches the Fortinet device's management interface
- Verify the port number is correct. The default management port for Fortinet devices is 443
- If using a non-standard port, ensure the correct port is specified in the Knocknoc configuration
Check Network Connectivity
- Verify the Fortinet device is powered on and operational
- Confirm the management interface is enabled and has a valid IP address
- Test connectivity from the agent's network to the Fortinet device using ping or telnet to the management port
- Ensure no intermediate network firewalls or routers are blocking traffic on the management port
Review Access Restrictions
- Log into the Fortinet device directly to check management access settings
- Verify the "Administrative Management" settings allow access from the agent's IP address
- Check if trusted hosts are configured and whether the agent's IP falls within the allowed range
- For FortiManager, verify the device is registered and the management IP is correctly configured
Still Having Issues?
We can help you out, contact us at support@knocknoc.io.