Hi!KB "Keep the flash partition without it being overwritten (For
rollback purposes)" seems useful, except, I think it's problematic. It
basically, says, we can manipulate which into partition the new firmware
image will be stored to keep (original f...
Hi!in section "Checking FortiManager databases" of "FortiManager Upgrade
Guide", I see: "Before running integrity check commands, ensure ... no
objects are locked." but does not say how to achieve this if there are
many ADOMs, many Devices, many Poli...
Hi!In ACME certificate support see "It must not have any VIPs, or port
forwarding on port 80 (HTTP) or 443 (HTTPS)". Since port-forwarding and
Virtual Servers are a feature of VIP object, this text is unclear (to
me).Does the requirement refer to ALL...
Hi!there are three to-the-Fortigate policies - Local-in,
Auto-provisioned and Admin-in Policies.However, I'm unable to find
documentation listing the order of execution/priority in which these are
processed to determine which will occludes (ie. preve...
Hi! On one hand, Fortinet warns "Packet capture can be very resource
intensive. To minimize the performance impact .. use packet capture only
during periods of minimal traffic ... and be sure to stop the command
when you are finished." But, on the ot...
@Toshi_Esumi, thanks for your willingness to help. > So open a ticket at
TAC and ask the TAC person for your questions. who are we kidding? Most
of their answers are either borderline daft or irrelevant (likely,
regurgitating a barely relevant KB) to...
> "What you see is what you get". Test it yourself. It's so simple
thing. not at all..., since I cannot see the content of a partition.
I've compared "Used(KB)" from "diagnose sys flash list" before and after
a configuration change and saw no differe...
> see above. Hmm.. With respect - I think you're wavering, here. A
simple "yes" / "no" would be definitive. I've never seen any KB
referring to dynamic modification of partition with 'Active' flag set to
'Yes' (ie. outside of upgrade context, which i...
> So, are you implying that at every configuration change to
"startup-configuration", the partition with 'Active' flag set to 'Yes'
is updated by that configuration change? Can you comment/answer?
> Unlike Cisco, FGTs always "write mem" every time you make changes and
exit from the particular config section in CLI or GUI ... No - as I
wrote, "if system global's "cfg-save" is set to 'manual'" - in this
case, "running-configuration" and "startup...
