I'm new to Fortinet/Fortigate and am using a 40F as a lab learning device. I have just a few configs that is causing the push install to fail. All it is :
All three error out with message:
"The entry is used by other 1 entries. Command fail. Return code -23"
So how do I undo these commands? I can't figure it out.
Solved! Go to Solution.
Try to retrieve configuration so that you update device layer
Device manager > Managed devices > Double click on your FGT > Configuration and Installation > Revision > Total revisions > Revision History > Retrieve config
Once retrieve, try again
Try to retrieve configuration so that you update device layer
Device manager > Managed devices > Double click on your FGT > Configuration and Installation > Revision > Total revisions > Revision History > Retrieve config
Once retrieve, try again
No change. Same error.
Do I need to do anything after I "Retrieve Config" ?
Retrieving should recover from the errors. But what exactly tried to configure? Those three interfaces are "lan" hard-switch members by default so they're not in "config system interface". Even if you broke the hard-switch to individual interfaces, those physical individual interfaces can not be removed.
Whatever you tried to configure, the FMG should not try removing those physical interfaces, unless you specifically used CLI templates or CLI scripts to "delete" them.
Toshi
I did not use CLI templates or CLI scripts. I'm not sure how I got to my current state, to be honest. I guess I'll try to retrieve the earliest version.
So i went back in time to original config a "Retrieve"d it and now it works. Thanks for help.
My recommendation is if you want to change "hard-switch" (including removing "a" port from "fortilink") or create new "soft-switch" on 40F, do it directly on the device without using the FMG. Then "Retrieve Config" to pull everything from the device into the FMG, or don't register the 40F until that point. Then use the retrieved config as the "baseline" config.
Modifying those from FMG is tricky in my experience.
I think I 'retrieved' an older version that was successful.
"Retrieve Config" AX meant is to retrieve the current config from the device and create a new revision at the FMG. Going back to the older version is "Revert" in the menu under "More" in Revision screen.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.