Is there an Ansible module that lets you pull down the entire running
configuration, versus just certain facts? Previously there was such a
module called "fortios_config_module" but it appears to be missing from
the current collection.
https://docs.a...
I noticed the API does not support the creation or issuance of new SSL
certificates. Does anyone know if that feature is coming in the future?
We have numerous internal domains we use. And on top of that, we often
use site codes as the sub-domain and...
I have a FGT 200D running 6.0 and have used the 'set management-ip'
command there to specify a local (non-syncd) IP address so that each
unit in the cluster can be directly managed/monitored. Just got a new
FGT 600E and am unable to apply the same co...
Wanted to share some things I learned while troubleshooting another
domain join issue. In my case, I upgraded my FAC HA LB cluster from
5.4.1 > 6.0.3 and afterwards the secondary/slave unit would not re-join
1 of my domains. The master re-joined all ...
If you are having trouble joining your FAC to your domain, the service
account may need elevated permissions. If you are not comfortable just
making it a Domain Administrator temporarily, I was able to confirm this
list of permissions as being necess...
I was able to solve this using the NTC modules, which use netmiko for
SSH connections, which have a handler for FortiGates. Instructions to
install the NTC modules: https://github.com/networktocode/ntc-ansible
Below is sample playbook that shows how ...
I was finally able to solve this as well, by using an actual CA
certificate authorized for re-signing. We use FortiAuth internally, and
I had to upgrade from 5.4.1 to 6.0.3 so that I could create an
intermediate certificate -AND- be able to export th...
I played with this a bit and couldn't find a good solution that would
permit local host overrides. The big problem is how Windows handles
routes, and how they append both the interface and gateway metric in on
top of the metric you use when adding a ...
You may want to ask on the reddit forum to see if anyone there has
input. https://www.reddit.com/r/fortinet From what I have read there in
the past, most people go through the sample tests and anything they
score less than 80% they do extra self-stud...