OpenTechShed

Blog of Things

Category: Fortinet

FortiGate Virtual Machine Config Drive – Missing Pieces

With FortiOS version 5.4.1 and above, Fortinet added support for initial configuration of a FortiGate virtual machine by attaching a cloud-init config drive. When the FortiGate VM powers up for the first time, it will automatically read the data from the config drive and apply both license and configuration to the FortiGate. This is an excellent way to automate deployments of FortiGate virtual machines in production or lab environments. You can read more about the config drive support and how to use one at http://cookbook.fortinet.com/config-drive-esx-vcenter-vmware-5-4/. In this blog post, I will try to capture some of the missing pieces and also provide pointers on how to troubleshoot.

View Full Post

FortiOS 5.4 automatically repeat commands using auto-script

FortiOS 5.4 introduced a long-awaited feature called auto-script. Head over to http://help.fortinet.com/fos50hlp/54/index.htm and then “5.4 What’s New” if you are interested in learning more. For those of us, who have worked on Cisco routers and used aliases or EEM feature, the auto-script feature is somewhere in between the two. It allows commands to be executed periodically or either once and I see this to be a great add to the feature set, especially when it comes to collecting lots of information quickly. This blog post captures:

  1. How to configure auto-script feature
  2. How to execute a script
  3. How to view the results.
  4. How to upload results to an FTP server
  5. Maximum limit
  6. Few features that I would like to see in future FortiOS releases

View Full Post

FortiOS debug execute command

In order to debug whether the FortiOS has received the command executed on the shell, one can use the following process. This example below shows the reboot command being sent and how it’s received by FortiOS system init process.

Configure Logging

We want the logs to be stored in memory so that they can be reviewed. Use the following commands to log debug messages to memory.

Note: Disable this after troubleshooting has been completed.

View Full Post