- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
Error "Login failed as the serial numbers do not match" when adding a unit to GMS.
03/26/2020 
1,037 People found this article helpful
43,470 Views
Description
When adding a unit to GMS, the error ‘Login failed as the serial numbers do not match’ may occur:
Resolution
The error ‘Login failed as the serial numbers do not match’ may occur when GMS tries to acquire the appliance. During unit acquisition, the GMS Agent (Scheduler service) logs into the appliance, downloads the settings file, parses the settings file, then uploads the settings to several tables in the SGMSDB database. If the ‘Login failed as the serial numbers do not match’ error occurs, try the following:
- If the unit is to be managed via site-to-site VPN or Management SA, then enable Fragmentation on the managed unit at VPN | Advanced, but DISable ‘Ignore DF Bit’.
- Enable Fragmentation on the GMS Gateway at VPN | Advanced, but DISable ‘Ignore DF Bit’.
- Enable Fragmentation on the managed unit at Network | Interfaces - WAN Interface, but DISable ‘Ignore DF Bit’.
- Enable Fragmentation on the GMS Gateway at Network | Interfaces - WAN Interface, but DISable ‘Ignore DF Bit’.
- Enable NTP on the managed unit at System | Time.
- Enable NTP on the GMS Gateway at System | Time.
- At System | Administration, the default Firewall Name is the serial number of the appliance. The error above can occur if the Firewall Name was changed to something other than the serial number. This can happen if a prefs file was exported from one appliance and imported onto another appliance; the Firewall Name will be the serial of the original appliance. Change the Firewall Name to the correct serial number of the appliance, and make sure it matches the serial shown at System | Status.
- Agents using management tunnels to acquire and manage even a single firewall cannot share a GMS Gateway.
Agents not using management tunnels to manage devices can instead use the NAT Device option during role configuration.
Note: A GMS Gateway is not the same as a Default Gateway. A Default Gateway is needed for networking purposes. A GMS Gateway has additional roles. Check the GMS Administrator’s Guide for details.
If two Agents are behind one GMS Gateway and one is not configured to use NAT Device for its gateway setting the error above can occur, preventing unit acquisition. To correct this, do one of the following:
- Select NAT Device for the gateway setting (System interface under Deployment > Roles) on one of the agents NOT managing any devices via the Management Tunnel method.
- Install a GMS Gateway for the second Agent, so that each Agent has its own GMS Gateway.
Once the steps above have been taken and corrected, restart the GMS services then add the unit to GMS again.
Related Articles
- Can we make changes to a firewall config acquired on NSM directly through the firewall?
- Perform Restart of firewall from NSM.
- Requirement is to push cfs settings from one firewall to a group of Firewalls in NSM.
YES
NO