Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tled
New Contributor II

1100e crashed after restoring edited .conf

I edited a backup .conf file and restored it through the webGUI. This apparently crashed the firewall and powered it off. After uploading the .conf and clicking enter, the webGUI said "Rebooting system" followed by "System reboot is taking longer than expected". Now, I can no longer access the webGUI or ping the device, and a console server it's connected to says it's disconnected.

 

I have no physical access to the device until next week.

 

I have a rescue backup .conf file. I'm just curious what I should expect next week. Did it crash because I edited a .conf instead of doing it through the cli/gui? Will it boot to the last working config - if at all - or is it in some sort of error state? 

 

Basically, is it recoverable?

1 Solution
Toshi_Esumi
Esteemed Contributor III

What I would do in that kind of situation is to get in the boot menu, flush the boot partition, upload the same image via TFTP, then boot it up with the default config. And then upload the backup config to recover the state before the crash.

 

For the cause of the crash, it would depend on what exactly you changed. We sometimes have to do config file edit and upload when we need to swap interface names, etc., which are already referenced by many places, and at least I never experienced a crash.

Also, the console output while it was booting up right before the crash should tell something what might have caused it.

 

Toshi

 

View solution in original post

6 REPLIES 6
Toshi_Esumi
Esteemed Contributor III

What I would do in that kind of situation is to get in the boot menu, flush the boot partition, upload the same image via TFTP, then boot it up with the default config. And then upload the backup config to recover the state before the crash.

 

For the cause of the crash, it would depend on what exactly you changed. We sometimes have to do config file edit and upload when we need to swap interface names, etc., which are already referenced by many places, and at least I never experienced a crash.

Also, the console output while it was booting up right before the crash should tell something what might have caused it.

 

Toshi

 

tled
New Contributor II


@Toshi_Esumi wrote:

For the cause of the crash, it would depend on what exactly you changed


Right. I guess I was just curious if anything outside of changing something in the config would cause it to crash, as the only thing we were doing was switching some interfaces and IPs. As soon as it crashed, I was thinking maybe there is some formatting/syntax withing the .conf that the device didn't know what to do with (i.e. extra spaces, odd characters, etc)? However, surely there's an error check performed.

 

Anyways, I will attempt your suggestion. Thank you.

tled
New Contributor II

Did all of this today and was able to restore my rescue config. Looking through the config, nothing gives an indication as to why it powered off. I tried to reproduce the issue by restoring again, but it rebooted just fine. Weird...

 

Anyways, thanks for the help! Ill accept this as the solution.

Toshi_Esumi
Esteemed Contributor III

Speaking of "format of the file", it's just an ASCII file. Extra spaces (whitespace) would be ignored. It would be very difficult to even intentionally crash it with that method. Just keep watching/logging console output when you try next time.

ede_pfau
Esteemed Contributor III

From dreaded experience, make sure that the edited file is plain ASCII - it should never contain non-ASCII characters. Last week I came across a config in which the (former) admin entered German umlauts into comments (policy, routes). Looked nice in GUI but on restore the FGT barfed and discared the object completely. The umlaut had been transformed on import into a multi-byte sequence which I could not even search for in my editor.

 

And of course, everyone following this thread is assuming that the backup file is not encrypted.

 

BTW, you can freely comment the config if you start the line with a hash (#). FortiOS will ignore these comments, that is, they will not be save either. But sometimes useful in the config file to be restored.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
tled
New Contributor II

Will keep this is mind. Thank you!