Hello,
I am trying to prepare templates in CLI form to deploy at sites. My configuration is complete, but when downloading the entire configuration from a Fortigate firewall it is not ordered correctly to be added to the cli.
As an example, tunnel interfaces are specified before the phase1-interface, this creates an error because phase1-interface needs to be created first before editing the tunnel interface. Another example would be it trying to create the vdoms before multi-vdom mode is configured.
Can anyone recommend and efficient way to order the configuration so that it can be added to the cli without error or do I need to go through it manually?
Thanks.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Velosy,
If you want to load the whole configuration file you must load it via menu. Top right, click in admin >> Configuration >> Restore. Then FGT will take care and create everything for you.
But if you want to load part of the configuration as you describe there is no simple way to do that (at least I don't know), but you can use the FortiOS language inside the Notepad++ and collapse all settings, then you can move the whole block easily.
Have a look on this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-the-FortiOS-language-in-Notepad/ta-p...
TIP: After you install it, use the ALT + 0 keys together to collapse all configurations and ALT + SHIFT + 0 to expand all configurations.
I hope it helps.
Regards
DPadula
Hi Thanks for the response.
Its a shame the config is not in a pastable state when downloading it from a fortigate firewall, as its out of order. My plan was to edit a 100F configuration file and upload it to a different 100F. Not sure why, but the new firewall would behave weirdly when using the restore feature and I was not able to login in to the new 100F.
I have gone through it manually now and re-ordered the config which parses. I will try the notepad++ language thanks.
To ensure your Fortigate firewall configuration is ordered correctly for CLI deployment, consider using a tool like techai, which can automate the reordering of configurations to match dependencies. TechAI can help by restructuring your configuration so that elements like phase1-interface are defined before tunnel interfaces and multi-vdom mode is set before creating vdoms, thus preventing errors. This approach saves time compared to manual reordering and ensures a smooth deployment process.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1105 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.