Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Switching from ethernet to fiber

We are in the process of switching all our Fortinet connections (800f unit) from ethernet to fiber. In the process, we have to duplicate all our addresses, groups, and policies to the new connections (i.e. " port 1" will be changed to " inside" ). Is there a way to print out our existing policies, ect. in a meaningful way? I can do it in a Word document, but the result is kind of hard-to-follow, and I' d love to find an alternate way that is easier to read and duplicate. Anyone have an idea?
7 REPLIES 7
rwpatterson
Valued Contributor III

Welcome to the forums Save the config in plain text (no password), then use a less ' intuitive' text editor. Wordpad or notepad would do the job without introducing any Micro-Crap to the code. Also, get used to the output. The format is what is used when entering commands on the CLI interface, so you' ll be able to debug a bit if needed. Search on ' Config Firewall Policy' and that will start the section where the policies are hanging out. Copy all the policies containing the interface you are ' renaming' into a new file. Do a replace on the interface name to change it from portx to internal (or whatever....). Before you attempt to paste it back, make sure that the numbers are unique! All policies start with ' edit ###' . If you paste it back in verbatim, you will overwrite the existing policies and change the interface definitions on the existing. If you were to do a hot cut, that would be ideal, by the way. From the ' System > Status' window, you can paste back the code (in the correct format of course). Follow the format in the backup. It is correct. Hope this helps

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Not applicable

Hi Russell, I was just curious how you made out with your cutover...to the 800F as we are just about to start deploying an 800F as well. We have run into a issue with not being able to get the fibre interfaces to link up with our Cisco switches? Rich.
Not applicable

Still working on the switchover; having to wait until the kids are gone for the year and we can have some time to take the network down. I was able to get the Fortigard box to at least recognize the Cisco gbic and " sync" (as evidenced by the sync lights), but we haven' t had time yet to do the necessary changes to IP addresses to actually establish communications. I' ll keep your post up; we' re expecting to do the changover on or about the 17th of June. By the way, I think the default GBICs shipped with the 800f are multimode. That' s what the ones on my unit were. Russell
Not applicable

By the way, I have found that PSP Pad (freeware) does a wonderful job of translating the fortigate config file into a coherent readable document.
FortiRack_Eric
New Contributor III

where can I find/download this? Thanks in advance, Eric

Rackmount your Fortinet --> http://www.rackmount.it/fortirack

 

Rackmount your Fortinet --> http://www.rackmount.it/fortirack
Not applicable

http://www.pspad.com/en/
Not applicable

By way of the switch; it turned out to be much easier than I expected. Use PsPad to open your config file. Use the " search and replace" method to change the ports (i.e. search for ' port 1' and replace with ' external' ). Save it as a different file location. Then restore from that file. You will also have to make the necessary route/ip address changes. Worked like a charm. Russell
Top Kudoed Authors