Hi,
I need to remove uneeded configuration from my FG 1000c for audit purposes.
We do not use the wireless controller features so I would like to remove the two section's below.
I have tried to remove but get the error's at the end of this post - i have searched the config and the mesh.root interface only seems to be referenced in two places...(the two below)
How can I delete these?
config wireless-controller vap edit "mesh.root" set vdom "root" set mesh-backhaul enable set ssid "fortinet.mesh.root" set alias "m" set passphrase XYZ****** next
config system interface
edit "mesh.root" set vdom "root" set type vap-switch
set snmp-index 31
FG01 (vap) # delete mesh.test Can not delete a static table entry Command fail. Return code -61
FG01 (interface) # delete mesh.test Can not delete a static table entry Command fail. Return code -61
Solved! Go to Solution.
Go into "Systems->Config->Features" and turn off "Wifi & Switch Controller". After that, you should be able to delete the mesh.root interface.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Go into "Systems->Config->Features" and turn off "Wifi & Switch Controller". After that, you should be able to delete the mesh.root interface.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Dave Hall wrote:Go into "Systems->Config->Features" and turn off "Wifi & Switch Controller". After that, you should be able to delete the mesh.root interface.
Hi Dave,
I have disabled the WiFi and Switch controller as suggested - unfortunately I still cant remove these interfaces from the configuration.
Is there something else I can try?
In my own testing (factoryreset config on a 200D fortigate, running 5.0.9 firmware), I had no problems purging that interface.
Maybe try disabling the mesh-backhaul setting first before deleting the interface:
config wireless-controller vap
edit "mesh.root"
set mesh-backhaul disable
next
You could try loading an non-encrypted backup config into a text editor and remove the "mesh.root" sections manually, save the changes, then upload it back into the Fortigate. (This can be dangerous if you are not careful -- save a cfg backup then after the fgt reboots, perform a "diag debug config-error-log read" on the CLI to check for any errors.)
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Today I came across the same problem: mesh.root interface on a FGT-60D PoE, and I didn't want it.
The solution Dave posted didn't work - disabling the "Wireless Controller" feature in the GUI.
The snafu: it didn't work on 5.0.7 - but it did on 5.0.9 !!
(I love it when they put feature enhancements into patches...)
So I have played around with both firmwares (5.0.7 and 5.0.9) and I can confirmed disabling the GUI Wifi & Switch Controller feature (and even "set wireless-controller disable" under config system global in the CLI) doesn't get rid of the mesh.root interface in 5.0.7 -- even removing the sections in the config via text editor and loading the edited config back doesn't get rid of it...in fact the Fortigate actually puts those sections back in after the reboot.
No problems doing so in 5.0.9. Funny thing is I have checked the patch release notes for both 5.0.8 and 5.0.9 and there is no mention of "feature" changes to the mesh.root interface.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Hello,
if you don't use the wireless controller, you can disable it globally:
#config system global
#set wireless-controller disable
#end
You cannot delete these interfaces, which are created by the system.
Benoit
Benoit,
it greatly helps if you would read before posting.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.