Staff

Troubleshooting Tip: Unable to set the persistence option under virtual-server when NGFW policy-mode is enabled

Forum|Forum|1 year ago
November 1, 2024
0 replies
568 views

Description

This article describes why the option to set 'persistence' is not displayed in the GUI or CLI under the virtual-server configuration when the NGFW mode is set to policy-mode.

config system settings

set ngfw-mode policy-based

end

config firewall VIP
edit "virtual_server_001"
set type server-load-balance
set server-type HTTP
set extip 172.16.50.10
set extintf "port1"
set ldb-method least-session
set extport 80
config realservers
edit 1
set ip 192.168.13.10
set port 80
next
end
end
end

FG-760-GA # config firewall vip

FG-760-GA (vip) # edit virtual_server_001

FG-760-GA (virtual_server_001) # set persistence

command parse error before 'persistence'
Command fail. Return code -61

Scope

FortiGate.

Solution

This is a limitation when using NGFW set in policy-mode. The option is available when using NGFW in profile-based mode.

Configure the below commands to set profile-based.

When the NGFW set to profile-based the application and web-filtering are configured using a profile applied to policy entries.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded