Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

cli flush

I ' accidentally' issued the command diag firewall iprope flush (instead of the resetauth) in the cli. Now the firewall is not asking users for authentication and instead simply passing all traffic. Anyone have any ideas how to solve this? I have already opened a ticket, but if someone knows that would be very helpful. Thanks, Geoff
Valued Contributor

If you can restart the service, did your try rebooting the unit?


/ Abel

regards / Abel



Even though this post seems 14 years old I am replying here to add the solution for others that stumble upon the same issue.


The command " diag firewall iprope flush " is not meant to be used in a production scenario unless there is a valid reason. It is a hidden command no longer visible to the admin users.


This command will remove _all_ firewall policies from the FortiGate as seen with command "diag firewall iprope list". This includes any default built in implicit rules as well as any admin configured policy. The firewall will not have any policies after this commands is executed.


To resolve this issue add any new policy or for example toggle an interface allowaccess on and off.

This will re-populate the FortiGate ruleset which can be verified with "diag firewall iprope list".



Top Kudoed Authors