Fortigate 30 has gone MAD

Question

HiOur 30E is crazyI tried to add a virtual IP and get the error that a duplicate entry exists.  Fine but there isn't.  There has never been a machine on the network with IP ending in 3 before, nor has there been any web servers operating on port 80.  So why oh why does it think there is a duplicate??  If it thinks there is a duplicate, wouldn't it be prudent to tell me where it thinks there is a duplicate? Be that as it may, there was 1 entry of the 3 virtual IP's that was no longer in use.  I opened that and renamed it to Tickets and the system accepted that.  I opened it again, changed the ip to 192.168.1.3 and applied and again, no errors.  I try add a new VIP and thumb suck a name and unused IP and get the same error, even with a custom port number specified, the same error of duplicate entry already exists. I decided to carry on with the renamed VIP item since all the details in it are correct.  I then create a new policy and then test.  All external connections fail.  Can somebody please help me before I play base block with this POS?

Toshi_Esumi · Answer

I know you're MAD at your FG30E since it's behaving unexpectedly. You can always open a case with TAC before you decide to throw through a window.

One thing I can recommend is "never try renaming an object via GUI". Instead delete/remove it once then re-create it again with a different name. You shouldn't be able to do it via CLI unless the object is re-namable, like admin user name. And GUI is sitting on top of CLI. VIPs are especially sticky. If you have any that you don't use, you should remove them.

Since you already renamed it, I suggest you reboot it and try adding a new one again hoping it works after a reboot.

If it still doesn't take it, it's time to open a case with TAC.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded