Re: [rancid] Fortigate VDOMs
Sat, Mar 09, 2019 at 08:29:01AM +0200, Adriaan Le Roux: > I am busy inter grating rancid to backup Huawei devices. > > Please can anyone shed some light as to where the best scripts are for these > devices OLT”s and switches. There is support in rancid already for Hauwei VRP. afaict, when i was writing the module, VRP is the name of the O/S on the S5720. maybe your devices also runs VRP. ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Fortigate VDOMs
Hi Everyone I have been a part of this rancid forum for years now and only doing my first post now. BTW very nice email list to be a a part of. I am busy inter grating rancid to backup Huawei devices. Please can anyone shed some light as to where the best scripts are for these devices OLT”s and switches. Your input would be greatly appreciated Best Regards Adrian le Roux Sent from my iPhone > On 09 Mar 2019, at 08:25, Linux Threads wrote: > > HI, > > Thank you for all your inputs seems like permissions on the FGT was the > problem I am able to pull full-config now, > > Kind Regards > > Juan > >> On Fri, 8 Mar 2019 at 18:17, Ni Ne wrote: >> Check that the user account rancid is logging in as in .cloginrc has >> permissions to all VDOMs. You can test it yourself by logging to the >> firewall as that user and seeing what it sees. >> >> Using the "show full" mode should not be necessary to see all VDOMs. It just >> shows the default settings, still at their default values, that would >> normally be hidden. >> >> From: Rancid-discuss on behalf of >> Linux Threads >> Sent: Friday, March 8, 2019 5:43 AM >> To: rancid-discuss@shrubbery.net >> Subject: [rancid] Fortigate VDOMs >> >> Hi Rancid Community, >> >> I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, >> however 1 FGT Device has no VDOMs and 2 more does not have VDOMs >> >> router.db one has to specify fortigate or fortigate-full depending on your >> needs thus when configuring fortigate-full no VDOM config is pulled, however >> when running show full-configuration is run on the affected units running >> VDOMs one can see the VDOM config with IPSECs and all, >> >> help would be apprenticed greatly >> >> extract /etc/rancid/rancid.types.base >> # Fortinet Fortigate firewall >> # Normal or FULL configuration >> fortigate;script;rancid -t fortigate >> fortigate;login;fnlogin >> fortigate;timeout;90 >> fortigate;module;fortigate >> fortigate;inloop;fortigate::inloop >> fortigate;command;fortigate::GetSystem;get system status >> fortigate;command;fortigate::GetConf;show >> # >> fortigate-full;script;rancid -t fortigate >> fortigate-full;login;fnlogin >> fortigate-full;timeout;90 >> fortigate-full;module;fortigate >> fortigate-full;inloop;fortigate::inloop >> fortigate-full;command;fortigate::GetSystem;get system status >> fortigate-full;command;fortigate::GetConf;show full-configuration >> >> Regards >> >> Juan >> >> >> ___ >> Rancid-discuss mailing list >> Rancid-discuss@shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > ___ > Rancid-discuss mailing list > Rancid-discuss@shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Fortigate VDOMs
HI, Thank you for all your inputs seems like permissions on the FGT was the problem I am able to pull full-config now, Kind Regards Juan On Fri, 8 Mar 2019 at 18:17, Ni Ne wrote: > Check that the user account rancid is logging in as in .cloginrc has > permissions to all VDOMs. You can test it yourself by logging to the > firewall as that user and seeing what it sees. > > Using the "show full" mode should not be necessary to see all VDOMs. It > just shows the default settings, still at their default values, that would > normally be hidden. > > -- > *From:* Rancid-discuss on behalf > of Linux Threads > *Sent:* Friday, March 8, 2019 5:43 AM > *To:* rancid-discuss@shrubbery.net > *Subject:* [rancid] Fortigate VDOMs > > Hi Rancid Community, > > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, > however 1 FGT Device has no VDOMs and 2 more does not have VDOMs > > router.db one has to specify fortigate or fortigate-full depending on your > needs thus when configuring fortigate-full no VDOM config is pulled, > however when running show full-configuration is run on the affected units > running VDOMs one can see the VDOM config with IPSECs and all, > > help would be apprenticed greatly > > extract /etc/rancid/rancid.types.base > # Fortinet Fortigate firewall > # Normal or FULL configuration > fortigate;script;rancid -t fortigate > fortigate;login;fnlogin > fortigate;timeout;90 > fortigate;module;fortigate > fortigate;inloop;fortigate::inloop > fortigate;command;fortigate::GetSystem;get system status > fortigate;command;fortigate::GetConf;show > # > fortigate-full;script;rancid -t fortigate > fortigate-full;login;fnlogin > fortigate-full;timeout;90 > fortigate-full;module;fortigate > fortigate-full;inloop;fortigate::inloop > fortigate-full;command;fortigate::GetSystem;get system status > fortigate-full;command;fortigate::GetConf;show full-configuration > > Regards > > Juan > > > ___ > Rancid-discuss mailing list > Rancid-discuss@shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Fortigate VDOMs
Check that the user account rancid is logging in as in .cloginrc has permissions to all VDOMs. You can test it yourself by logging to the firewall as that user and seeing what it sees. Using the "show full" mode should not be necessary to see all VDOMs. It just shows the default settings, still at their default values, that would normally be hidden. From: Rancid-discuss on behalf of Linux Threads Sent: Friday, March 8, 2019 5:43 AM To: rancid-discuss@shrubbery.net Subject: [rancid] Fortigate VDOMs Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, help would be apprenticed greatly extract /etc/rancid/rancid.types.base # Fortinet Fortigate firewall # Normal or FULL configuration fortigate;script;rancid -t fortigate fortigate;login;fnlogin fortigate;timeout;90 fortigate;module;fortigate fortigate;inloop;fortigate::inloop fortigate;command;fortigate::GetSystem;get system status fortigate;command;fortigate::GetConf;show # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration Regards Juan ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Fortigate VDOMs
Hi it is still on ver 5.2.7 however the Service provider managed, should that be the problem? Regards Juan On Fri, 8 Mar 2019 at 14:32, Nick Nauwelaerts wrote: > what version of fortios was this tested on, since on my 5.6.8 both > fortigate & fortigate-full pull vdom configs. > > > > // nick > > > > > > > > *From:* Rancid-discuss [mailto:rancid-discuss-boun...@shrubbery.net] *On > Behalf Of *Linux Threads > *Sent:* Friday, March 8, 2019 12:44 > *To:* rancid-discuss@shrubbery.net > *Subject:* [rancid] Fortigate VDOMs > > > > Hi Rancid Community, > > > > I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, > however 1 FGT Device has no VDOMs and 2 more does not have VDOMs > > > > router.db one has to specify fortigate or fortigate-full depending on your > needs thus when configuring fortigate-full no VDOM config is pulled, > however when running show full-configuration is run on the affected units > running VDOMs one can see the VDOM config with IPSECs and all, > > > > help would be apprenticed greatly > > > > extract /etc/rancid/rancid.types.base > > # Fortinet Fortigate firewall > # Normal or FULL configuration > fortigate;script;rancid -t fortigate > fortigate;login;fnlogin > fortigate;timeout;90 > fortigate;module;fortigate > fortigate;inloop;fortigate::inloop > fortigate;command;fortigate::GetSystem;get system status > fortigate;command;fortigate::GetConf;show > # > fortigate-full;script;rancid -t fortigate > fortigate-full;login;fnlogin > fortigate-full;timeout;90 > fortigate-full;module;fortigate > fortigate-full;inloop;fortigate::inloop > fortigate-full;command;fortigate::GetSystem;get system status > fortigate-full;command;fortigate::GetConf;show full-configuration > > > > Regards > > > > Juan > > > > > > -- > > *Volg Aquafin op Facebook <https://www.facebook.com/AquafinNV> | Twitter > <https://twitter.com/aquafinnv> | YouTube > <http://www.youtube.com/channel/UCk_4P5BJ-MtEEDCkCsR_KqQ?feature=mhee> | > LinkedIN <http://www.linkedin.com/company/aquafin/products> | Instagram > <https://www.instagram.com/aquafin_nv/> * > > In het kader van de uitoefening van onze taken verzamelen we bij Aquafin > persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de > betrokkenen zijn, kan je nalezen in onze privacy policy > <https://www.aquafin.be/nl-be/privacy-policy>. > > P Denk aan het milieu. Druk deze mail niet onnodig af. > ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Fortigate VDOMs
what version of fortios was this tested on, since on my 5.6.8 both fortigate & fortigate-full pull vdom configs. // nick From: Rancid-discuss [mailto:rancid-discuss-boun...@shrubbery.net] On Behalf Of Linux Threads Sent: Friday, March 8, 2019 12:44 To: rancid-discuss@shrubbery.net Subject: [rancid] Fortigate VDOMs Hi Rancid Community, I am backing up Fortigate devices with the new Debian Rancid ver. 3.9.1, however 1 FGT Device has no VDOMs and 2 more does not have VDOMs router.db one has to specify fortigate or fortigate-full depending on your needs thus when configuring fortigate-full no VDOM config is pulled, however when running show full-configuration is run on the affected units running VDOMs one can see the VDOM config with IPSECs and all, help would be apprenticed greatly extract /etc/rancid/rancid.types.base # Fortinet Fortigate firewall # Normal or FULL configuration fortigate;script;rancid -t fortigate fortigate;login;fnlogin fortigate;timeout;90 fortigate;module;fortigate fortigate;inloop;fortigate::inloop fortigate;command;fortigate::GetSystem;get system status fortigate;command;fortigate::GetConf;show # fortigate-full;script;rancid -t fortigate fortigate-full;login;fnlogin fortigate-full;timeout;90 fortigate-full;module;fortigate fortigate-full;inloop;fortigate::inloop fortigate-full;command;fortigate::GetSystem;get system status fortigate-full;command;fortigate::GetConf;show full-configuration Regards Juan Volg Aquafin op Facebook<https://www.facebook.com/AquafinNV> | Twitter<https://twitter.com/aquafinnv> | YouTube<http://www.youtube.com/channel/UCk_4P5BJ-MtEEDCkCsR_KqQ?feature=mhee> | LinkedIN<http://www.linkedin.com/company/aquafin/products> | Instagram<https://www.instagram.com/aquafin_nv/> In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy<https://www.aquafin.be/nl-be/privacy-policy>. P Denk aan het milieu. Druk deze mail niet onnodig af. ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss