trying to do some configuration stuff with have a good chance to get disconnected i.e. changing the default gateway on a remote site via ssh Im using batch mode
config system global set cfg-save revert set revert-timeout 240 set admintimeout 3 end execute batch start config system interface edit "wan1" set ip 10.0.0.1 255.0.0.0 end
config router static edit 1 set gateway 10.255.255.254 next end execute batch end
The commands are executed, but when a failure on the next hop occur and there is no way to reconnect, the reboot is not triggered. Also if the reconnect is successful via the new IP and I issue a execute cfg save the system says that the config has not been altered. Trying to experiment a little with the admintimeout and the revert-timeout options doesn't seem to have an reproducable impact to this issue. Also trying to alter a setting outside the batch block also does not have a reproducable effect. Sometime it works and sometimes not. But the Settings within the batch block are always executed but never causes the fortigate (A 60D, trying with FortiOS 5.2.12 and 5.2.13) to reboot when the connection is lost. But when the Fortigate is rebooted manually by disconnecting and reconnect the Power source the config is always reverted as expected.
Does anyone know if this behavior is intended and why the batch mode is incompatible with the cfg mode revert?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.