Description |
This article describe the configuration to verify if administrator could not run debug commands in FortiGate CLI.
In some environments, administrator can be restricted to perform debug/diagnostic but still allowed to perform configuration. |
Scope | FortiGate 6.4 |
Solution |
If the 'Unknown action 0' error appears when running the debug command as below:
diagnose debug application sslvpn -1
Check the user admin profile using the following command:
show full system accprofile
The administrator will not be allowed to run the diagnostic commands if 'system-diagnostics' is set to disable.
To allow the administrator to have right to perform diagnostic: (Only super admin can change this setting).
config system accprofile
Note:
config system accprofile
Related document: https://docs.fortinet.com/document/fortigate/7.4.2/cli-reference/003620/config-system-accprofile |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.