Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
lcamilo
Staff
Staff

Created on ‎11-01-2024 10:45 AM Edited on ‎11-03-2024 10:56 PM By Community Manager

Article Id 352402

Troubleshooting Tip: Unable to set the persistence option under virtual-server when NGFW policy-mode is enabled

Description

This article describes why the option to set 'persistence' is not displayed in the GUI or CLI under the virtual-server configuration when the NGFW mode is set to policy-mode. 

config system settings

    set ngfw-mode policy-based

end

config firewall VIP
    edit "virtual_server_001"
        set type server-load-balance
        set server-type HTTP
        set extip 172.16.50.10
        set extintf "port1"
        set ldb-method least-session
        set extport 80
        config realservers
              edit 1
                    set ip 192.168.13.10
                    set port 80
              next
        end
    end
end

FG-760-GA # config firewall vip

FG-760-GA (vip) # edit virtual_server_001

FG-760-GA (virtual_server_001) # set persistence

command parse error before 'persistence'
Command fail. Return code -61
Scope FortiGate.
Solution

This is a limitation when using NGFW set in policy-mode. The option is available when using NGFW in profile-based mode.

 

Configure the below commands to set profile-based.

 

1.jpg

 

When the NGFW set to profile-based the application and web-filtering are configured using a profile applied to policy entries.

 

182
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.