hi guys
I recently bought two FortiGate 200A on ebay for my own training and one of them the tab “changes mode” in internal interface web manager is missing . they have the same firmware except bios is different 04000003 and 04000000 I notice that when you type get system status the line Internal Switch mode: interface is missing ? can someone please help me to resolve this problem ?
I do not know if its just the firmware are bad or the bios ?
The firmware is FGT_200A-v400-build0689-FORTINET.out
the other model works correctly
thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
The default setting is "Internal Switch mode: switch".
Change "Internal Switch mode: switch" to "Internal Switch mode: interface" need delete policy/routes/dhcp used by Switch interface.
You may do "execute factoryreset" from console, it will recover to default mode.Thanks.
You may use CLI: dia sys checkused system.interface.name internal
If internal interface is used by policy/static route, you may need delete it firstly. Then the icon will show up.
hi
when I type :dia sys checkused system.interface.name internalForti-2 #
I return to the prompt and nothing is happening i did execute reboot but it is always the same no tabI remove the rule in policyHmm, you may try to change it from console with CLI:config system global/set internal-switch-mode interface /end, thanks.
...or it may well be that reconfiguring the internal switch is a feature that is only supported by later BIOSes. Firmware updates do not regularily contain BIOS updates as well, you obtain them occasionally from FTNT support. But that defeats the 'bay advantage I think...
the line internal-switch-mode interface is missing
it is supposed to be after the line : http-obfuscateForti-2 (global) # set ? access-banner enable/disable access banner admin-concurrent enable/disable admin concurrent login admin-https-pki-required enable/disable HTTPS login page when PKI is enabled admin-lockout-duration Set lockout duration(seconds) for firewall administration admin-lockout-threshold Set lockout threshold for firewall administration admin-maintainer special user 'maintainer' can login admin-port admin access http port <1, 65535> admin-scp Enable to allow system configuration download by SCP admin-server-cert admin https server cert: self-sign, cert1.crt, etc admin-sport admin access https port <1, 65535> admin-ssh-grace-time admin access login grace time <10, 3600> seconds admin-ssh-port admin access ssh port <1, 65535> admin-ssh-v1 enable/disable SSH v1 compatibility admin-telnet-port admin access telnet port <1, 65535> admintimeout Set the idle time-out for firewall administration anti-replay anti-replay control auth-cert https server cert for policy authentication auth-http-port authd http port <1, 65535> auth-https-port authd https port <1, 65535> auth-keepalive use keepalive to extend authentication auth-policy-exact-match exactly match authenticated policy with policy id av-failopen av fail open option av-failopen-session av fail open session option batch-cmdb enable/disable batch mode run in cmdbsvr cfg-save In which mode the config is saved. (Only for CLI changes) check-protocol-header Level of checking protocol header check-reset-range drop RST packets if out-of-window clt-cert-req require client certificate for GUI login csr-ca-attribute enable/disable csr ca attribute daily-restart enable/disable firewall daily reboot detection-summary enable/disable detection summary statistics collection dst enable/disable daylight saving time endpoint-control-fds-access enable/disable access to Fortiguard servers for non-compliant endpoints endpoint-control-portal-port Endpoint control portal port <1, 65535> explicit-proxy-auth-timeout Authentication timeout (in seconds) for idle sessions in explicit web proxy fds-statistics enable/disable FDS statistics fds-statistics-period FDS statistics update period: 1-1440 min, default 60 min fgd-alert-subscription Fortiguard alert subscription fwpolicy-implicit-log enable/disable firewall implicit policy log fwpolicy6-implicit-log enable/disable firewall implicit policy6 log gui-ap-profile Set to display AP profiles on the GUI. gui-central-nat-table Set if display central NAT table in GUI gui-dns-database Set if display DNS Database in GUI gui-dynamic-profile-display Set to display dynamic profile's configurations GUI. gui-icap display ICAP configuration in GUI gui-implicit-id-based-policy Set to display implicit identity-based firewall policies on GUI. gui-implicit-policy Set to display implicit firewall policies on GUI. gui-ipsec-manual-key Set to display IPsec manual Key configuration on the GUI. gui-ipv6 Set if display IPV6 in GUI gui-lines-per-page Set the number of lines to display per page for web administration gui-load-balance Set if display load balance in GUI gui-object-tags Set to display object tags and colors on GUI. gui-policy-interface-pairs-view Set to allow firewall policy interface-pairs view in GUI. gui-voip-profile Set if display voip profile in GUI hostname firewall hostname http-obfuscate Level of obfuscating server identity of HTTP server *ip-src-port-range IP source port range for firewall originated traffic ipsec-hmac-offload Offload HMAC to hardware for IPsec VPN ipv6-accept-dad Whether to accept ipv6 DAD (Duplicate Address Detection). 0: Disable DAD; 1: Enable DAD (default); 2: Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found. language GUI display language lcdpin LCD Panel PIN Number lcdprotection enable/disable LCD Panel PIN protection
ede_pfau is right , may be BIOS is not support it.
is it possible to copy the bios on the router that works well on the other router
works badly ?Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.