[rancid] RANCiD with Fortinet FortiGate firewalls and cfg-save revert
heasley
heas at shrubbery.net
Fri Apr 18 20:38:46 UTC 2025
Thu, Apr 17, 2025 at 02:55:12PM -0400, Gary T. Giesen:
>
> > On 2025-03-18 6:54 PM EDT heasley <heas at shrubbery.net> wrote:
>
> > > Has anyone dealt with this issue with RANCiD and cfg-save revert on Fortinet FortiGate firewalls? Is there any solution other than to just disable cfg-save revert (by setting it to automatic or manual).
> >
> > No one has mentioned this behavior before, but I do not know how commonly
> > this 'cfg-save revert' knob is configured. If it is common, maybe you are
> > using a feature that causes this reboot or have encountered a bug.
>
> 'cfg-save revert' causes a reboot by design (see https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-the-save-option-set-cfg-save-revert-to/ta-p/191106), I was just curious if anyone had a workaround for disabling paging that didn't trigger a configuration change.
You could, and I would encourage, open a support ticket for this feature;
"terminal attributes, such as disabling the pager, should be per-tty,
ephemeral, and not be done in configuration mode nor require elevated
permissions."
> We've changed them to 'cfg-save manual' which seems to work (although we're always showing configuration changes), although we've lost the ability to auto-revert if we get locked out of the device.
>
> By default the devices come with 'cfg-save automatic'.
>
> Cheers,
>
> Gary T. Giesen
More information about the Rancid-discuss
mailing list