Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
slouw
Contributor

Created on ‎12-10-2023 09:30 PM

system interface config missing from show and show full-configuration

Why can I not see the interface config in the show or show full-configuration CLI outputs?

 

There seems to be a relationship between the following 2 command formats:

show <<pathway>>

config <<pathway>>

So for instance

config vpn ipsec phase1-interface

show vpn ipsec phase1-interface

The <<pathway>> paragraph can also (usually?/Always?) be found in the show  and/or show full-configuration CLI output.  This relationship holds for the <<system interface>> pathway but this configu is missing from from the show and show full-configuration.

I am speaking of the production VDOM in this case (FG-traffic) as you can see below) but I have checked the root VDOM as well. Nothing.

What am I missing?

2023-12-11 15h20m20 6954S show system interfaces.png

Labels:
3527
0 Kudos
1 Solution
Toshi_Esumi
SuperUser
SuperUser
In response to slouw

Created on ‎12-11-2023 03:42 PM

Again, because you are in vdom "FG-traffic" config mode. Just "end" to get out of vdom config mode, then get in "config global". Then show would show the interface config.
Or, just log out completely, then re-get in then "show" before getting into a vdom or global. You should see the entire config with those three sections.

 

Toshi

View solution in original post

3450
11 REPLIES 11
slouw
Contributor
In response to Toshi_Esumi

Created on ‎12-11-2023 09:28 PM

Thank you my bad a bit hard to communicate about

I see interface config in this output:

FG40-Lab-6954S # show

This is in effect I think the "global" mode (Not really a VDOM technically the bare metal it seems to me)

thanks....

404
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to slouw

Created on ‎12-11-2023 11:29 PM Edited on ‎12-11-2023 11:29 PM

No. That's before getting into global or vdom. When you hit "config ?" at where you're at, you would see two options below. My 40F has almost the same set up with yours: two vdoms in multi-vdom mode. And the "show" command is showing the entire config there.

fg40f-utm # config ?
global      config global
vdom       config vdom

 

fg40f-utm # show
#config-version=FGT40F-7.0.13-FW-build0566-231024:opmode=0:vdom=1:user=toshi-home
#conf_file_ver=5153784662740247
#buildno=0566
#global_vdom=1

 

config vdom          <-- just declaring two vdom names: "root" and "test-vdom" here
edit root
next
edit test-vdom
next
end

 

config global                           <--- This is the begining of "global" config section
config system global
set admintimeout 60
set alias "FGT40FTK20025560"
set gui-certificates enable
set gui-device-latitude "44.417650"
set gui-device-longitude "-119.113570"
set gui-ipv6 enable
set gui-replacement-message-groups enable
set gui-theme graphite
set gui-wireless-opensecurity enable
set hostname "fg40f-utm"
set management-port-use-admin-sport disable
set pmtu-discovery enable
set switch-controller enable
set sys-perf-log-interval 3
set timez

--More--
<after "config global" ends, "root vdom" config section follows like below>

config vdom
edit root
----<snip>----

 

<then, finally "test-vdom" section comes at the end>

config vdom

edit test-vdom

---<snip>---

 

Toshi

 

 

398
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.