Is there an Ansible module that lets you pull down the entire running
configuration, versus just certain facts? Previously there was such a
module called "fortios_config_module" but it appears to be missing from
the current collection.
https://docs.a...
I noticed the API does not support the creation or issuance of new SSL
certificates. Does anyone know if that feature is coming in the future?
We have numerous internal domains we use. And on top of that, we often
use site codes as the sub-domain and...
I have a FGT 200D running 6.0 and have used the 'set management-ip'
command there to specify a local (non-syncd) IP address so that each
unit in the cluster can be directly managed/monitored. Just got a new
FGT 600E and am unable to apply the same co...
If you are having trouble joining your FAC to your domain, the service
account may need elevated permissions. If you are not comfortable just
making it a Domain Administrator temporarily, I was able to confirm this
list of permissions as being necess...
Using FortiClient and EMS 6.0. Clients get pushed default route through
the tunnel. Is it possible to permit an end-user to override select
static routes on their systems? We have some engineers who work
remotely, and have multiple LAN segments at th...
I was able to solve this using the NTC modules, which use netmiko for
SSH connections, which have a handler for FortiGates. Instructions to
install the NTC modules: https://github.com/networktocode/ntc-ansible
Below is sample playbook that shows how ...
I was finally able to solve this as well, by using an actual CA
certificate authorized for re-signing. We use FortiAuth internally, and
I had to upgrade from 5.4.1 to 6.0.3 so that I could create an
intermediate certificate -AND- be able to export th...
I played with this a bit and couldn't find a good solution that would
permit local host overrides. The big problem is how Windows handles
routes, and how they append both the interface and gateway metric in on
top of the metric you use when adding a ...
You may want to ask on the reddit forum to see if anyone there has
input. https://www.reddit.com/r/fortinet From what I have read there in
the past, most people go through the sample tests and anything they
score less than 80% they do extra self-stud...
