Technical Tip: Configuration is partially lost after upgrade

In multi-VDOM, the errors would look like this:

config" "firewall policy46" @ root:command parse error (error -61)

config" "firewall policy64" @ GUEST:command parse error (error -61)

set override" "enable" @ PRODUCTION.log.syslogd.override-setting:command parse error (error -61)

Note: The commands 'config firewall policy64' and 'config firewall policy46' are supported only in FortiOS versions 6.2.x through 7.0.0.

In FortiOS 7.0.1, these commands were removed, and their functionality was merged into the firewall policy for simplified configuration: FortiOS 7.0.1 FortiOS 7.0.1 Release Notes | Add interface for NAT46 and NAT64 to simplify policy and routing configurations.

In this document, each VDOM is highlighted in BLUE color for reference, such as root, GUEST, and PRODUCTION.

The first two errors refer to firewall policy64 and policy46 that were being used to create IPV6 to IPV4 and IPv4 to IPV6 policy.

The last error refers to attribute ‘set override’ in configuration of  log.syslogd.override-setting as follows :

config log syslogd override-setting

    set override enable

…

There could be a case where there is a change in CLI for a reason, and it will be possible to find such changes in release notes of particular FortiOS firmware versions under the section 'changes in CLI'.

It is even possible to compare the configuration file to examine any configuration lost during the upgrade.

Note:

Versions 4.0 up to 6.4 are out of engineering support, so these commands might be different on higher versions. Consider upgrading the device's firmware level to a supported version (v7.0 up to v7.6). Check the firmware path and compatibility depending on the hardware.