Hi,
so strange, we did an update for a FG81E Cluster to 7.4.2 and in the CLI we cant do any sniffing:
FG_XXX_Master $ diag sniffer packet any "host 128.1.98.88" 4
Unknown action 0
Always the same, Unkown action 0
Other FGs with also 7.4.2 just work fine.
What can that be?
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
I just see that on this FG we dont have a super__admin. It seems that this is the problem. I have a prof-admin who has all rights but comparing with other FGs the super-admin you cant even change the rights.
So can we add again a new super admin?
Thanks,
Rland
Hi,
now I get it. We had some time ago a problem with an HA update so that we had to reset one FG and build the HA from scratch. I guess the problem is that we used a backupf file from a prof_user and not a super_user.
Any other chance to create a new super-user instead of using one old config file?
Thanks
Hi Roland
Yes this may happen when we restore a prof_admin backup.
Try reset the admin password via this procedure.
Otherwise if unsuccessful then you'll probably have to factory-reset and restore a valid backup.
Hi,
no we have now 7.4.2 and there is no option for maintainer :(
It is not a really important branch, but I dont get why we cant use diag with this prof-admin who has all rights. Any chance to change that?
Thanks!
Hi Roland
Prof-admin has almost all rights, but not all.
Check this:
Access to diag commands is controlled on a per-admin-profile basis.
"Permit usage of CLI diagnostic commands",
Or "set system-diagnostics enable|disable" in the CLI.
Hi,
cant make this happen in the CLI, guess because it is not super_admin.
No chance to activate again super admin? Do I really have to rebuild the HA? The last saved config with the super admin is like 1.5 years old.
Thanks!
You still have access to 99% of the config with prof_admin. So try merge it with the 1.5 years old config to restore it after factory reset.
So you say that the easiest would be to reset for example the slave unit, save the config file with no configuration but the super_admin profile and than copy all the rest to this config?
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1663 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.