Fortigate 310B Entry Not Found

Hi

I get the error "Entry not found" when I try to edit an ipsec phase 2 entry in the Fortigate's Web GUI. Most likely caused by it's naming, the entry has a forward slash "/", which no other entry has.

I want to edit the name for the entry which is done by using the CLI and I'm pretty new at that. Trying to read the Fortinet CLI guide but not getting it fast enough. Could someone point me in the right direction of editing the Phase 2 entry's name.

Regards.
LenblockAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Garry GlendownConsulting and Network/Security SpecialistCommented:
First of all, renaming isn't possible AFAIK. You will have to create a new entry to get a different name.
Most likely, something like this should work:

[if VDOMs are used:
conf vdom
edit VDOMNAME
]
conf vpn ipsec phase2-interface   [*may also be just phase2 if you're not using interface mode]
show [to display the entries]
edit SOMENEWNAME
[ copy and paste the lines from the entry to be "renamed" ]
end
end


Once done, change all the references to the old name ... when using interface mode, you will most likely have to move all the policies over ... on the GUI, again, this can not be done without creating new entries ... on the gui, you can change the interface (albeit, firewall name entries may need to be changed to "any" interface prior to doing this if they are linked to the specific entry) by doing something like this:

[again, vdom selection of course if used]
conf firewall policy
edit SOMENUMBER
set dstintf THENEWPHASE2NAME
next
[..]
end
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LenblockAuthor Commented:
Hi

Thanks for the response.

The phase2 entry had no references, and that probably made it a bit easier. Something I should have mentioned in my first post.

What i did:
Copied the phase2 info from phase1 parent in web GUI.

Deleted pase2: (Could not be deleted in GUI, got error)
config vpn ipsec phase2
delete phase2.somename
end

Recreated the phase2 in gui, tested and it worked.


Regards.
0
LenblockAuthor Commented:
Deleting and recreating the VPN was an easier solution as the phase2 entry had no references.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.