Recently I upgraded a FortiGate 100E from FortiOS 6.4.X to 7.0.X. Since then, I am no longer able to backup the configuration automatically. Here is a basic topology of my network.
when running the "execute backup config" command from CLI I get the error
"Send config file to ftp server via vdom root failed.
Command fail. Return code 5"
From CLI, when running "exec ping 192.168.2.10" I do not get a response. However, when I set the source of the ping to "192.168.1.2" I DO get a response.
I assume I need to source the exec backup config command as well. How do I route this properly?
Solved! Go to Solution.
Can you confirm the best route is via 192.168.1.1 ?
get router info routing-table details 192.168.2.10
If the best route is not via 192.168.1.1, the source IP may be of the corresponding intreface and the destination may not have a route back. Running below sniffer can confirm if the packet is leaving firewall and if there is return packet
execute ping to 192.168.2.10 from a terminal and collect sniffer on another terminal
diagnose sniffer packet any "host 192.168.2.10 and proto 1" 4
Can you confirm the best route is via 192.168.1.1 ?
get router info routing-table details 192.168.2.10
If the best route is not via 192.168.1.1, the source IP may be of the corresponding intreface and the destination may not have a route back. Running below sniffer can confirm if the packet is leaving firewall and if there is return packet
execute ping to 192.168.2.10 from a terminal and collect sniffer on another terminal
diagnose sniffer packet any "host 192.168.2.10 and proto 1" 4
I was not aware of this diagnosis command, thank you!
This showed me a rogue route that had been setup before that was no longer needed. Not sure why this issue only presented itself after the firmware update, but removing that rogue route has resolved the issue.
Thank you!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.