Hi all,
I have a question about a feature in fortigate.
I cannot activate the feature via cli.
This is a Video for FGT Version 5.4:
https://www.youtube.com/watch?v=LI3bW2eO-ck
config system settings set gui-policy-learning [enable | disable] end
command parse error before 'gui-policy-learning' Command fail. Return code -61
get the error message.
in gui i couldn't find the function in features either, so I can turn it on.
I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?
if so, how can I proceed?
i want to create new policys with the information of the connections that have taken place.
a described here:
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-whats-new-54/Top-policy-learning.htm
Thanks,
Yusuf
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I'm no help because I use extensive logging with FortiAnalyzer to build my policies. Start with an allow all at the bottom and then just keep adding specific policies as you see traffic matching that policy until eventually no (legitimate) traffic hits the allow all, then turn it off. FortiAnalyzer is worth its weight in gold.
yusuf wrote:
https://www.youtube.com/watch?v=LI3bW2eO-ck
config system settings set gui-policy-learning [enable | disable] end
command parse error before 'gui-policy-learning' Command fail. Return code -61
get the error message.
in gui i couldn't find the function in features either, so I can turn it on.
I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?
if so, how can I proceed?
i want to create new policys with the information of the connections that have taken place.
a described here:
per TAC statement
"The "LEARN" option in the IPv4 policy is no longer available. This feature was removed from version 6.2.0 because the feature was not widely used and it also caused extra maintenance work to continue to support it."
Fortigate Newbie
nobody has an info or an idea?
Thanks
I'm no help because I use extensive logging with FortiAnalyzer to build my policies. Start with an allow all at the bottom and then just keep adding specific policies as you see traffic matching that policy until eventually no (legitimate) traffic hits the allow all, then turn it off. FortiAnalyzer is worth its weight in gold.
Thanks. did it like this
yusuf wrote:
https://www.youtube.com/watch?v=LI3bW2eO-ck
config system settings set gui-policy-learning [enable | disable] end
command parse error before 'gui-policy-learning' Command fail. Return code -61
get the error message.
in gui i couldn't find the function in features either, so I can turn it on.
I have several 201E in use, on which I tried it. It does not work. Is this function no longer available for the actual Fortigate Images?
if so, how can I proceed?
i want to create new policys with the information of the connections that have taken place.
a described here:
per TAC statement
"The "LEARN" option in the IPv4 policy is no longer available. This feature was removed from version 6.2.0 because the feature was not widely used and it also caused extra maintenance work to continue to support it."
Fortigate Newbie
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1714 | |
1093 | |
752 | |
447 | |
232 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.