Any reason I cannot delete this?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Most likely it's referred at somewhere in the config. You can go to the revision screen then click "View Config" after selecting the latest (top) revision. And then you can search "fortilink-02" in the full config to find it out.
Toshi
where is the revision screen at in the fortimanager?
Hi there,
Have you ensured you have no references of this interface in any DHCP scopes, policies etc? You will not be able to delete the interface if it is actively reference somewhere.
Regards,
Dan.
Created on 02-01-2024 09:19 AM Edited on 02-01-2024 09:20 AM
Go back to Dashboard/Summary. then find "Configuration and Installation" widget. Revision section is in the widget.
looks like its referenced in set server-mode enable, but I didnt do that and I dont where to change this in the fortimanager
Look at that section of config. It must be a part of NTP setting like below:
config system ntp set ntpsync enable set server-mode enable set interface "fortilink" <--- reference, "set server-mode disable" would remove this. end
It's likely set up by default.
Toshi
So how do you change this without accessing cli on the firewalls themselves? I guess I am use to panorama and we dont make local changes on the firewalls and all is done from the panorama. Is this the same concept? I assume so otherwise your local config is out of sync from the fortimanager config.
Created on 02-01-2024 09:55 AM Edited on 02-01-2024 10:03 AM
With FGT-FMG, you can make those changes directly at the FGT if you want and FMG would automatically retrieve the config change. It might push the "templates" status out of sync, and "policy package" status as well.
But if the change is outside of the templates and policy package, you can re-install them to go back to in-sync state. Just check the "preview" to see what they would install. Likely shows "nothing to change".
But if your one of templates have NTP config, you should change it at the template. Which I don't think the case based on what you're saying.
Also, you can use "script" to make the change on the FMG side and run it again either the device directly or device database and push. But above reason, I would just change it at the device by getting in via SSH or console.
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.