Fortinet Community

ergotherego · 09-24-2021

Is there an Ansible module that lets you pull down the entire running configuration, versus just certain facts? Previously there was such a module called "fortios_config_module" but it appears to be missing from the current collection. https://docs.a...

ergotherego · 02-16-2021

I noticed the API does not support the creation or issuance of new SSL certificates. Does anyone know if that feature is coming in the future? We have numerous internal domains we use. And on top of that, we often use site codes as the sub-domain and...

ergotherego · 12-02-2020

I have a FGT 200D running 6.0 and have used the 'set management-ip' command there to specify a local (non-syncd) IP address so that each unit in the cluster can be directly managed/monitored. Just got a new FGT 600E and am unable to apply the same co...

ergotherego · 12-23-2019

Wanted to share some things I learned while troubleshooting another domain join issue. In my case, I upgraded my FAC HA LB cluster from 5.4.1 > 6.0.3 and afterwards the secondary/slave unit would not re-join 1 of my domains. The master re-joined all ...

ergotherego · 12-23-2019

If you are having trouble joining your FAC to your domain, the service account may need elevated permissions. If you are not comfortable just making it a Domain Administrator temporarily, I was able to confirm this list of permissions as being necess...

ergotherego · 09-28-2021

I was able to solve this using the NTC modules, which use netmiko for SSH connections, which have a handler for FortiGates. Instructions to install the NTC modules: https://github.com/networktocode/ntc-ansible Below is sample playbook that shows how ...

ergotherego · 12-02-2020

Figured it out. That command only works when HA is configured.

ergotherego · 12-19-2019

I was finally able to solve this as well, by using an actual CA certificate authorized for re-signing. We use FortiAuth internally, and I had to upgrade from 5.4.1 to 6.0.3 so that I could create an intermediate certificate -AND- be able to export th...

ergotherego · 09-17-2019

I played with this a bit and couldn't find a good solution that would permit local host overrides. The big problem is how Windows handles routes, and how they append both the interface and gateway metric in on top of the metric you use when adding a ...

ergotherego · 04-26-2019

You may want to ask on the reddit forum to see if anyone there has input. https://www.reddit.com/r/fortinet From what I have read there in the past, most people go through the sample tests and anything they score less than 80% they do extra self-stud...

Fortinet Community

User Statistics

User Activity

Ansible and FortiGates - module that lets you pull entire running-configuration?

API support for creating new SSL certificates?

Unable to set 'management-ip' on interface - FGT600E 6.2.3

Debugging Windows Active Directory domain join issues

Specific account permissions for service account to join Windows Active Directory domain

Re: Ansible and FortiGates - module that lets you pull entire running-configuration?

Re: Unable to set 'management-ip' on interface - FGT600E 6.2.3

Re: "CA:TRUE" certificate for deep inspection where to buy

Re: Permit local static route override when connected to FortiClient?

Re: FortiManager v6.0 NSE5 Exam

Cannot sync VPN CA certificate from FMG to FGT [FI...

Re: Unable to set 'management-ip' on interface - F...

Re: FortiAuthenticator 6.0 support of nested group...

Re: 5.4.1 - Unable to LDAP filter for memberOf a g...

Re: Fortimanager policy package modified, but not ...

Re: (Q) FortiManager Policy Package Status