Skip to main content
yusuf
yusuf
New Member
January 14, 2020
Solved

Learning Mode in Fortigate 6.2.2

  • January 14, 2020
  • 2 replies
  • 8816 views

Hi all,

I have a question about a feature in fortigate.

I cannot activate the feature via cli.

 

This is a Video for FGT Version 5.4:

https://www.youtube.com/watch?v=LI3bW2eO-ck

 

config system settings set gui-policy-learning [enable | disable] end

command parse error before 'gui-policy-learning' Command fail. Return code -61

get the error message.

 

in gui i couldn't find the function in features either, so I can turn it on.

I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?

if so, how can I proceed?

i want to create new policys with the information of the connections that have taken place.

a described here:

https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-whats-new-54/Top-policy-learning.htm

 

Thanks,

Yusuf

    Best answer by Fullmoon

    yusuf wrote:

     

    https://www.youtube.com/watch?v=LI3bW2eO-ck

     

    config system settings set gui-policy-learning [enable | disable] end

    command parse error before 'gui-policy-learning' Command fail. Return code -61

    get the error message.

     

    in gui i couldn't find the function in features either, so I can turn it on.

    I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?

    if so, how can I proceed?

    i want to create new policys with the information of the connections that have taken place.

    a described here:

     

    per TAC statement

    "The "LEARN" option in the IPv4 policy is no longer available. This feature was removed from version 6.2.0 because the feature was not widely used and it also caused extra maintenance work to continue to support it."

    2 replies

    yusuf
    yusufAuthor
    New Member
    January 20, 2020

    nobody has an info or an idea?

    Thanks

    lobstercreed
    lobstercreed
    New Member
    May 21, 2020

    I'm no help because I use extensive logging with FortiAnalyzer to build my policies.  Start with an allow all at the bottom and then just keep adding specific policies as you see traffic matching that policy until eventually no (legitimate) traffic hits the allow all, then turn it off.  FortiAnalyzer is worth its weight in gold.

    yusuf
    yusufAuthor
    New Member
    May 25, 2020

    Thanks. did it like this

    Fullmoon
    FullmoonAnswer
    New Member
    May 27, 2020

    yusuf wrote:

     

    https://www.youtube.com/watch?v=LI3bW2eO-ck

     

    config system settings set gui-policy-learning [enable | disable] end

    command parse error before 'gui-policy-learning' Command fail. Return code -61

    get the error message.

     

    in gui i couldn't find the function in features either, so I can turn it on.

    I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?

    if so, how can I proceed?

    i want to create new policys with the information of the connections that have taken place.

    a described here:

     

    per TAC statement

    "The "LEARN" option in the IPv4 policy is no longer available. This feature was removed from version 6.2.0 because the feature was not widely used and it also caused extra maintenance work to continue to support it."

    Terms & ConditionsAccessibility statement