Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
matheusbpedro
New Contributor

Created on ‎06-06-2023 01:21 PM

NGFW mode unavailable to change

I`m trying to get the certificate NSE4, but in the training (CBT Nuggets) have a NGFW option in the last version 7.0.10 I made this change without problems
System > Settings > NGFW Mode 
Now, in version 7.0.11 I didnt find this options in the same section, print attached Version 7.0.11Version 7.0.11Version 7.0.10Version 7.0.10
 Someone can help me?

 

Labels:
871
0 Kudos
1 Solution
Yurisk
Valued Contributor
In response to matheusbpedro

Created on ‎06-07-2023 11:58 PM Edited on ‎06-07-2023 11:58 PM

You got the wrong VM image - you installed FortiFirewall, but you need FortiGate. 

Output of free licensed VM Fortigate, see the name after Version:

 

FGT-7-2-2 # get sys stat
Version: FortiGate-VM64 v7.2.2,build1255,220930 (GA.F)
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
Extreme DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 6.00741(2015-12-01 02:30)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
IoT-Detect: 0.00000(2001-01-01 00:00)
Serial-Number: FGVMEV_ATFDMNL66
License Status: Valid
VM Resources: 1 CPU/1 allowed, 2007 MB RAM/2048 MB allowed

 

 

More on difference https://community.fortinet.com/t5/Support-Forum/What-is-FortiFirewall/td-p/222567

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.

View solution in original post

738
10 REPLIES 10
srajeswaran
Staff
Staff

Created on ‎06-07-2023 01:03 AM

Do you have VDOMs enabled? Can you check from the CLI?

 

To enable policy-based NGFW mode without VDOMs in the CLI:
config system settings
    set ngfw-mode policy-based
end
To enable policy-based NGFW mode with VDOMs in the CLI:
config vdom
    edit <vdom>
        config system settings
            set ngfw-mode policy-based
        end
    next
end

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
754
0 Kudos
matheusbpedro
New Contributor
In response to srajeswaran

Created on ‎06-07-2023 06:12 AM

Hi Suraj,

I try your comment in my VM, but it looks like all commands that you sent in this version didnt work, see below:

versao 7.0.10.PNG6d5d7c38-765d-41d5-a2f7-8f9f6b230b2b.PNG

719
0 Kudos
srajeswaran
Staff
Staff
In response to matheusbpedro

Created on ‎06-07-2023 06:23 AM

Can you share below outputs?

get system status

get system settings | grep ngfw

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
715
0 Kudos
matheusbpedro
New Contributor
In response to srajeswaran

Created on ‎06-07-2023 11:17 AM

Here is

 6d5d7c38-765d-41d5-a2f7-8f9f6b230b2b.PNG

694
0 Kudos
srajeswaran
Staff
Staff
In response to matheusbpedro

Created on ‎06-07-2023 10:56 PM

I tested the behavior on 7.0.11 VM and I can see the NGFW option. Can you try to reinstall the VM and test ?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
658
0 Kudos
Yurisk
Valued Contributor
In response to matheusbpedro

Created on ‎06-07-2023 11:58 PM Edited on ‎06-07-2023 11:58 PM

You got the wrong VM image - you installed FortiFirewall, but you need FortiGate. 

Output of free licensed VM Fortigate, see the name after Version:

 

FGT-7-2-2 # get sys stat
Version: FortiGate-VM64 v7.2.2,build1255,220930 (GA.F)
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
Extreme DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 6.00741(2015-12-01 02:30)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
IoT-Detect: 0.00000(2001-01-01 00:00)
Serial-Number: FGVMEV_ATFDMNL66
License Status: Valid
VM Resources: 1 CPU/1 allowed, 2007 MB RAM/2048 MB allowed

 

 

More on difference https://community.fortinet.com/t5/Support-Forum/What-is-FortiFirewall/td-p/222567

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
739
srajeswaran
Staff
Staff
In response to Yurisk

Created on ‎06-08-2023 12:45 AM

That's a great catch.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
643
matheusbpedro
New Contributor
In response to Yurisk

Created on ‎06-08-2023 09:42 AM

Thanks so much, I just downloaded the first new deploy from VM Images, and now I noticed it. 
6d5d7c38-765d-41d5-a2f7-8f9f6b230b2b.PNG
Once more, thanks! You helped a lot.

626
0 Kudos
Yurisk
Valued Contributor

Created on ‎06-07-2023 01:33 AM

Try changing on CLI as @srajeswaran  mentioned above, or try to delete all cookies/enter in Incognito mode of the browser. This setting is for there and didn't move, seems like a browser thing. 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
744
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.