Skip to main content
mike_wu
mike_wu
New Member
June 18, 2020
Question

[fortigate] upload config script

  • June 18, 2020
  • 0 replies
  • 1973 views

Hello all,

 

I have enable fortigate vdom. So I can choose global and root page on fortigate UI.

I have two user and use different profile

1. name : admin, profile : super_admin

2. name : mike,   profile : prof_admin

 

I want to upload configuration scripts by shell script. There are my steps below:

Step1 : I use api to login fortigate by $fortigate_url/logincheck with admin user

Step2 : I use curl to upload Configuration Scripts by

curl -F source=upload -F filename=@$script_path -b $cookie_path -H "X-CSRFTOKEN:$csrftoken" -H Expect: -L -k [link]https://$fortigate_url/system/maint/confupload[/link]

 

My question is

those steps are working if I disable vdom mode

But I find something error in vdom mode.

There are three problem below.

Step2 not work if I enter fortigate UI first with "mike" user and stay in root page.

Step2 not work if I enter fortigate UI first with "admin" user and stay in root page. 

Step2 working if I enter fortigate UI first with "admin" user and stay in global page.

 

I get the error message about 

"

<html><head><title> No Access </title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="pragma" content="no-cache"><link href="/10dae176b6d87334023a74acd7380a60/css/legacy_style.css" rel="stylesheet" type="text/css"> <link href="/10dae176b6d87334023a74acd7380a60/css/legacy_dlg.css" rel="stylesheet" type="text/css"> <script type="text/javascript" src="/10dae176b6d87334023a74acd7380a60/js/es6-shim.js"></script> <script type="text/javascript" src="/10dae176b6d87334023a74acd7380a60/fweb_all.js"></script> <script type="text/javascript" src="/10dae176b6d87334023a74acd7380a60/js/legacy_error_validate.js"></script> <script type="text/javascript">$j(document).ready( initForm );</script> <script type="text/javascript" src="/10dae176b6d87334023a74acd7380a60/js/dialog.js"></script> </head><body class="" style="min-width:600px"><h1>No Access</h1><div class="dlg"><form method="post" name="noaccess" action="/login">You do not have permission to access the requested page.<div class="footer"><input type="hidden" name="CSRF_TOKEN" value="53DE693B598DFF5A191ACEC759B71F"> </div><input type=hidden name="redir" value="/system/maint/confupload?source=upload"> </form>"

I don't know how to handle this problem. Please tell me how to resolve this problem.

Maybe I need to use other method, but I don't know how to implement.

Please tell me if you have other method

 

Thank you !

 

ps. My Configuration Scripts file detail likes below

config vdom edit root config firewall address edit "XX_IP_v4_2.2.2.2_32"   set subnet "2.2.2.2/32" next

edit "XX_IP_v4_2.2.2.3_32"

  set subnet "2.2.2.3/32" next end config firewall addrgrp   edit "XX_List_v4_1"   set member XX_IP_v4_2.2.2.2_32 XX_IP_v4_2.2.2.3_32   next   edit "XX_List_v4"   set member XX_List_v4_1   next   edit "Group_v4"   append member XX_List_v4   next end end

    Terms & ConditionsAccessibility statement