Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AK-khan
New Contributor

cannot enable diagnostic cli

Hi,

I am trying to enable diagnostic cli. when i enable "permit usage of cli diagnostic commands" and click ok it automatically gets disabled upon revisiting this setting. the membership of the account from which this is done has Read write access to all. What could be the reason ? how to enable it ?

regards

 

4 REPLIES 4
funkylicious
SuperUser
SuperUser

Hi,

If I'm not mistaken, only a super_admin account profile can change the settings of the admin profiles.

And this applies from 7.4.2 , https://docs.fortinet.com/document/fortigate/7.4.4/fortios-release-notes/641069/cli-system-permissio...

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Granting-read-only-admins-with-diagnose-co...

"jack of all trades, master of none"
"jack of all trades, master of none"
AK-khan

there is no user named super_admin.

there are few users all are members of "Network Administrator" group and that gorup has all access. 

funkylicious

I dont mean a user called super_admin, but a profile assigned to the user that does the changes for the specific setting.

For example, the default user admin has this profile assigned to it.

"jack of all trades, master of none"
"jack of all trades, master of none"
gonipco2
New Contributor

You are connecting into a an established session resulting in a nested session. I forget exactly what you need to do but it is an escape sequence. Try the ssh escape sequence "<enter><enter>~~." and the telnet escape sequece "<ctrl>+]".

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors