Created on 08-24-2022 10:18 PM
This article describe the configuration to verify if administrator could not run debug commands in FortiGate CLI.
In some environments, administrator can be restricted to perform debug/diagnostic but still allowed to perform configuration.
If the 'Unknown action 0' error appears when running the debug command as below:
# diagnose debug application sslvpn -1Unknown action 0
Check the user admin profile using the following command:
# show full system accprofile
Administrator will not be allowed to run the diagnostic commands if 'system-diagnostics' is set to disable.
To allow the administrator to have right to perform diagnostic:
(Only super admin can change this setting).
# config system accprofile set system-diagnostics enableend
