![Fortigate Fortigate](/uploads/1/2/5/5/125504908/301142817.png)
Fortinet is a global leader and innovator in Network Security. Here you can ask for help, share tips and tricks, and discuss anything related to Fortinet and Fortinet Products. Need help?If you're having a problem with a Fortinet product, first, make sure you submit your request to Fortinet TAC if you have a valid support contract.Next, please provide us as much information about your problem as you possibly can. Some examples of useful information are the following:. Hardware Platform. Software Version.
Topology diagram. Version and type of software being impacted (i.e. Browser, your computer's OS, etc.).
What you have already tried as part of your troubleshooting processSupport Links.Fortinet Links.Brain/Answer DumpsPosting brain or answer dumps for Fortinet certifications is prohibited as they are copyrighted material. Sharing dumps and may result in a site-wide ban. Hello,​We are using a read only account to log into the firewalls to perform a config backup on our backup tools (Rancid, Tufin, HPNA).This backup does not have the local admin account and superadmin account profiles, as well as any other read only profiles and their associated read only accountsThis results in an incomplete configuration file.
We use TACACS to authenticate this read only user, so the only admin account in the config backup is the TACACS admin accountThis KB article discusses it:We found that this is affecting 5.2 build and above. Version 5.0 will allow a read only administrator to take a complete backupWe have tested this on 5.2, 5.4, and 5.6 and confirmed the behavior.We need a way to be able to utilize a read only account to perform a complete config backup. Giving full read-write access is not an option and is a security risk.I tried changing the admin-grp section in the accprofile to read-write, but that gives the account permissions to create new read-write admin accountsAnyone run into this before?​.
I'm running NPM 10.6.1 with NCM 7.2.2. I am running into trouble when trying to backup Fortinet/Fortigate device configurations with a job inside of NCM. A job with 45 Fortinet/Fortigate devices can take upwards of 5 or 6 hours to complete just trying to get the startup config off of the device. Config voip profile edit default config sip set rtp disable end end. Normally Fortigate firewalls do not require a reboot when you change configuration, but, it seems, in this case we need reboot it to activate session helper changes. Last step – restart or power cycle all your SIP phones and devices.