Thursday, 19 July 2012

Fortigate error The cmdb add entry failed.

We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall.


So, tried a few things and found we could get a policy on by killing IPS. This may cause all sorts of random results so only use this if you're desperate!


You can try the nice way


diagnose test application ipsmonitor 99
a
and then try adding the policy but I had to go further: in the CLI console type


get sys perf top


Look for ipsengine..



       ipsengine     6085      S     0.0    22.6


Then you can kill it..


diagnose sys kill 9 6085


the 9 is the signal and 9 means kill it dead.


It should come back. Check with the get sys perf top again.


Then you should be ok to put in a  few commands without the cmdb add entry failed error.


at No comments:
Subscribe to: Posts (Atom)

Librewolf shows “some of LibreWolf’s security features may offer less protection on your current operating system”

I'm test driving Ubuntu after using Gentoo for years and found Librewolf gave me this warning banner. “some of LibreWolf’s security feat...