| Description | This article describes configuring application control on devices with 2GB RAM on FortiGate 7.6.0. |
| Scope |
FortiGate 7.6.0. |
| Solution |
First, verify the RAM in the FortiGate:
get hardware status Model name: FortiGate-xxx ASIC version: xxx CPU: ARMv8 Number of CPUs: 8 RAM: 1917 MB EMMC: 3662 MB(MLC) /dev/mmcblk0 Hard disk: not available USB Flash: not available Network Card chipset: FortiASIC NP6XLITE Adapter (rev.)
This behavior for 2GB FortiGates on 7.6.0 is a bug, there is a CLI-based workaround for the time being there is an associated Issue ID #1060562 and a plan to fix it. The configuration is not available in the GUI. It must be configured in the CLI.
config application list edit test12345 get name : test12345 comment : replacemsg-group : extended-log : disable other-application-action: pass app-replacemsg : enable other-application-log: disable enforce-default-app-port: disable force-inclusion-ssl-di-sigs: disable unknown-application-action: pass unknown-application-log: disable p2p-block-list : deep-app-inspection : enable options : allow-dns entries: == [ 1 ] id: 1 control-default-network-services: disable
************************************ config firewall policy edit 3 set name "test2" set uuid 0f122354-2550-51eb-e1e2-fe81a4725eea set srcintf "internal5" set dstintf "wan1" set action accept set srcaddr "all" set dstaddr "all" set schedule "always" set service "ALL" set utm-status enable set ssl-ssh-profile "deep-inspection" set av-profile "default" set webfilter-profile "default" set application-list "test12345" set nat enable next end
Related document: |
