support for fortigate?

General discussion of anything Unimus
Post Reply
tomislav91
Posts: 16
Joined: Sun Oct 20, 2019 3:25 pm

Fri Jan 01, 2021 9:06 pm

Do you have support for FortiGate devices? I tried but didnt suceed to connect, ssh works fine via putty.
User avatar
Tomas
Posts: 983
Joined: Sat Jun 25, 2016 12:33 pm

Fri Jan 01, 2021 10:04 pm

Yes, FortiGates (and many other FortiOS devices) are fully supported.

What's the reason for discovery on your FortiGate?
Dashboard > Latest failed jobs > select job > Show log
tomislav91
Posts: 16
Joined: Sun Oct 20, 2019 3:25 pm

Sat Jan 02, 2021 4:01 pm

Tomas wrote:
Fri Jan 01, 2021 10:04 pm
Yes, FortiGates (and many other FortiOS devices) are fully supported.

What's the reason for discovery on your FortiGate?
Dashboard > Latest failed jobs > select job > Show log

Code: Select all

Error: Could not connect to device

Discovery log:
Service check:
  SSH: Service available

Service connection:
  SSH: CONNECTION_ERROR
User avatar
Tomas
Posts: 983
Joined: Sat Jun 25, 2016 12:33 pm

Tue Jan 05, 2021 2:50 pm

Best would be to enable both Debug options (Debug Logging and Device Output Logging) under "Zones > your_zone > Debug mode", and after the discovery fails, download both log files.

Please create a ticket on our Portal, and attach both logs, and we will investigate :)
neodawg007
Posts: 2
Joined: Tue Jan 12, 2021 9:20 pm

Tue Jan 12, 2021 9:31 pm

Not trying to hijack this thread, but I was wondering if there is a way to change the command to do show full-config vs show running.
The reason being is that the running doesn't print any installed SSL certificates, so thus in a failure you wouldn't have the SSL certs reimported with the config restore.

I realize this makes the config way way longer as it prints every configurable command available. I am testing on Fortigate 3000D firewalls.

Thanks
User avatar
Tomas
Posts: 983
Joined: Sat Jun 25, 2016 12:33 pm

Tue Jan 12, 2021 10:59 pm

neodawg007 wrote:
Tue Jan 12, 2021 9:31 pm
Not trying to hijack this thread, but I was wondering if there is a way to change the command to do show full-config vs show running.
The reason being is that the running doesn't print any installed SSL certificates, so thus in a failure you wouldn't have the SSL certs reimported with the config restore.
Sorry, currently no way to influence what Unimus retrieves from devices during backups. We do plan to add a mechanism to be able to specify how / what Unimus does during backup, but I can't promise any ETA at the moment.
neodawg007
Posts: 2
Joined: Tue Jan 12, 2021 9:20 pm

Wed Jan 13, 2021 7:47 pm

Tomas wrote:
Tue Jan 12, 2021 10:59 pm
neodawg007 wrote:
Tue Jan 12, 2021 9:31 pm
Not trying to hijack this thread, but I was wondering if there is a way to change the command to do show full-config vs show running.
The reason being is that the running doesn't print any installed SSL certificates, so thus in a failure you wouldn't have the SSL certs reimported with the config restore.
Sorry, currently no way to influence what Unimus retrieves from devices during backups. We do plan to add a mechanism to be able to specify how / what Unimus does during backup, but I can't promise any ETA at the moment.
Thanks for the response, I am really liking the product so far, so much better than the alternates I have tried. Please put/keep this on the future feature list :)
Post Reply