Please add a configuration for port of API

[hACKrus]

The problem

Mine device have default port for management and API 1443. Port 443 already occupied by SSL-VPN. Could you please make settings for port? adding port in form host: 192.168.0.99:1443 not help.

What is version of Home Assistant Core has the issue?

core-2021.4.6

What was the last working version of Home Assistant Core?

core-2021.4.6

What type of installation are you running?

Home Assistant OS

Integration causing the issue

FortiOS

Link to integration documentation on our website

https://www.home-assistant.io/integrations/fortios/

Example YAML snippet

device_tracker:
  - platform: fortios
    host: 192.168.0.99
    token: token_from_rest_admin

Anything in the logs that might be useful for us?

With default config

Logger: homeassistant.components.fortios.device_tracker
Source: components/fortios/device_tracker.py:46
Integration: fortios (documentation, issues)
First occurred: 12:02:18 PM (1 occurrences)
Last logged: 12:02:18 PM

Failed to login to FortiOS API: HTTPSConnectionPool(host='192.168.0.99', port=443): Max retries exceeded with url: /api/v2/monitor/license/status?global=1 (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f4b45ab48e0>, 'Connection to 192.168.0.99 timed out. (connect timeout=12)'))

After adding :port

Logger: homeassistant.components.fortios.device_tracker
Source: components/fortios/device_tracker.py:97
Integration: fortios (documentation, issues)
First occurred: 11:50:15 AM (5 occurrences)
Last logged: 11:50:15 AM
Name not found in client data: 'host'

Additional information

No response

[probot-home-assistant[bot]]

Hey there @kimfrellsen, mind taking a look at this issue as its been labeled with an integration (fortios) you are listed as a codeowner for? Thanks! _{^{(message by CodeOwnersMention)}}

[kimfrellsen]

Hi, Thanks for your request. Good idea. I am working on an update to support FortiOS 7.0. I'll add custom port option to the next version.

[hACKrus]

@kimfrellsen Hello, as I'm see, release with FortiOS 7.0 support was merged, but I'm still have same problem with port on core-2021.8.0

Logger: homeassistant.components.fortios.device_tracker Source: components/fortios/device_tracker.py:46 Integration: fortios (documentation, issues) First occurred: 3:22:48 PM (1 occurrences) Last logged: 3:22:48 PM

Failed to login to FortiOS API: HTTPSConnectionPool(host='192.168.0.99', port=443): Max retries exceeded with url: /api/v2/cmdb/system/status?global=1 (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f05a506d490>, 'Connection to 192.168.0.99 timed out. (connect timeout=12)'))

Logger: homeassistant.components.device_tracker Source: components/device_tracker/legacy.py:271 Integration: Device tracker (documentation, issues) First occurred: 3:22:48 PM (1 occurrences) Last logged: 3:22:48 PM

Error setting up platform legacy fortios

[kimfrellsen]

Hi!

Yes, I see. Hope I understand your issue correctly. I have not added support for other tcp ports. It defaults to 443, so no need to specify a port.

/Kim

On Wed, Aug 4, 2021 at 2:48 PM hACKrus @.***> wrote:

@kimfrellsen https://github.com/kimfrellsen Hello, as I'm see, release with FortiOS 7.0 support was merged https://github.com/home-assistant/core/pull/51640, but I'm still have same problem with port on core-2021.8.0

Logger: homeassistant.components.fortios.device_tracker Source: components/fortios/device_tracker.py:46 Integration: fortios (documentation, issues) First occurred: 3:22:48 PM (1 occurrences) Last logged: 3:22:48 PM

Failed to login to FortiOS API: HTTPSConnectionPool(host='192.168.0.99', port=443): Max retries exceeded with url: /api/v2/cmdb/system/status?global=1 (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f05a506d490>, 'Connection to 192.168.0.99 timed out. (connect timeout=12)'))

Logger: homeassistant.components.device_tracker Source: components/device_tracker/legacy.py:271 Integration: Device tracker (documentation, issues) First occurred: 3:22:48 PM (1 occurrences) Last logged: 3:22:48 PM

Error setting up platform legacy fortios

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/home-assistant/core/issues/50229#issuecomment-892628694, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD7LXYY3PM6OT2NRBZ3TOGTT3EZIFANCNFSM44JKY6IA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email .

[hACKrus]

No, by default it's 1433.

[github-actions[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[hACKrus]

Please, do not close. Problem is actual.

[kimfrellsen]

Hi, It is relatively easy to add port number to the integration. I'll check if fortiosapi supports portnumber as part of the IP variable. hang on :) /Kim

[github-actions[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[hACKrus]

Issue still not solved, but developer decided to drop support of FortiOS 6.2, so this integration become useless for me.

[kimfrellsen]

Have you tried as documented here https://www.home-assistant.io/integrations/fortios/

Hostname or IP address of the FortiGate. Optionally port name can be added like this “10.10.10.10:443”. Remember quotes if port number is added. < The fortios api has supported this way back so it should work both in the previous and new version of this integration.

[hACKrus]

Logger: homeassistant.components.fortios.device_tracker
Source: components/fortios/device_tracker.py:120
Integration: fortios (documentation, issues)
First occurred: 2:55:58 PM (4 occurrences)
Last logged: 2:55:58 PM

Name not found in client data: 'host'

Tried with and without quotes.

[kimfrellsen]

Have you checked the port number? The API port number is the same as the web gui. So if you do not specify anything it is port 443.

Here is my working config from configuration.yaml with specified port number. Using hass 2022.2.3 and FortiOS 7.0.4GA.

device_tracker:
  - platform: fortios
    host: "192.168.1.1:443"
    token: !secret fortios_token

[hACKrus]

device_tracker:
  - platform: fortios
    host: "192.168.0.99:1443"
    token: ****

HA 2021.12.10 FortiOS 6.0.12

[kimfrellsen]

you can use curl to verify API access: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Use-REST-API-Access-FortiGate/ta-p/196540

[kimfrellsen]

or just test it in your browser like this: https://<YOUR-FORTGATE-ADDRESS>/api/v2/cmdb/firewall/address/?access_token=<YOUR-API-TOKEN>

[hACKrus]

$ curl -k -i -X GET https://192.168.0.99:1443/api/v2/cmdb/router/static -b headers.txt
HTTP/1.1 200 OK
Date: Mon, 07 Feb 2022 12:22:06 GMT
Server:
Set-Cookie: ***
ETag: ***
Cache-Control: no-cache, must-revalidate
Content-Length: 1916
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
X-UA-Compatible: IE=Edge

{
  "http_method":"GET",
  "revision":"11.0.0.3660170358.1632997179",
  "results":[
    {
      ***
    }
  ],
  "vdom":"root",
  "path":"router",
  "name":"static",
  "status":"success",
  "http_status":200,
  "serial":"***",
  "version":"v6.0.12",
  "build":419

[kimfrellsen]

looks good. Then API access works from the host you ran curl from. Assuming you use the same token as you have handed to HASS. Do you have any trusted host configured? You could curl from HASS if you are on hass.io to test from hass's ip addr. I can see it is FortiOS 6.0.12. I have not tested FortiOS 6.0.x for a long time, but I am surprised that it does not work at all. The API should be the same for 6.0.x, 6.2.x and 6.4.0-6.4.2. The reason to drop support for FortiOS 6.0 & 6.2 & 6.4.0-6.4.2 is there is a new API for device detection in FOS6.4.3 and the support for the old device detection api is dropped from FOS7.0, the integration code was pretty cluttered and the amount of effort to test on multiple API's and SW versions was more than the time I had to do. From the FortiOS device detection integration perspective I recommend a more recent version of FortiOS. Note: FYI FOS6.0 is also going out of support in september.

[hACKrus]

Trusted hosts configured, HA is allowed. Same result from HassOS shell.

Found error in Fortigate logs:

Message meets Alert condition
The following critical firewall event was detected: Admin login failed.
date=2022-02-07 time=15:53:55 devname=***devid=FGT60D4614051773 logid="0100032002" type="event" subtype="system" level="alert" vd="root" eventtime=1644238435 logdesc="Admin login failed" sn="0" user="zbxt**********************0nsf" ui="https(192.168.0.133)" method="https" srcip=192.168.0.133 dstip=192.168.0.99 action="login" status="failed" reason="too_many_attempts" msg="Administrator zbxt**********************0nsf login failed from https(192.168.0.133) because of max login failures exceeded" 

It's not a API key issue, I tried to regenerate it.

I can understand reason to bump API, but see no reason to change expensive equipment while it can serve my needs. It is unlikely that I will need more than 1 Gbps Intenet bandwidth at home in the near future. Mine device doesn't support FortiOS 7.0.

[github-actions[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[kimfrellsen]

Port number is configurable. Is it OK to close the case?

[issue-triage-workflows[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[frenck]

Thank you for reaching out. We use GitHub for tracking issues, not for providing support or tracking feature requests.

If you want to suggest a feature, you should try our Community Forum: Feature Requests.

If you have additional questions, feel free to join our Discord chat server.

Thanks! 👍