[rancid] Fortigate VDOMs

Ni Ne nineoften at hotmail.com
Fri Mar 8 16:17:32 UTC 2019


Check that the user account rancid is logging in as in .cloginrc has permissions to all VDOMs. You can test it yourself by logging to the firewall as that user and seeing what it sees.

Using the "show full" mode should not be necessary to see all VDOMs. It just shows the default settings, still at their default values, that would normally be hidden.

________________________________
From: Rancid-discuss <rancid-discuss-bounces at shrubbery.net> on behalf of Linux Threads <linuxthreads at gmail.com>
Sent: Friday, March 8, 2019 5:43 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] Fortigate VDOMs

Hi Rancid Community,

I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs

router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all,

help would be apprenticed greatly

extract /etc/rancid/rancid.types.base
# Fortinet Fortigate firewall
# Normal or FULL configuration
fortigate;script;rancid -t fortigate
fortigate;login;fnlogin
fortigate;timeout;90
fortigate;module;fortigate
fortigate;inloop;fortigate::inloop
fortigate;command;fortigate::GetSystem;get system status
fortigate;command;fortigate::GetConf;show
#
fortigate-full;script;rancid -t fortigate
fortigate-full;login;fnlogin
fortigate-full;timeout;90
fortigate-full;module;fortigate
fortigate-full;inloop;fortigate::inloop
fortigate-full;command;fortigate::GetSystem;get system status
fortigate-full;command;fortigate::GetConf;show full-configuration

Regards

Juan


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20190308/41eb305a/attachment.html>


More information about the Rancid-discuss mailing list