Thursday, 19 July 2012

Fortigate error The cmdb add entry failed.

We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall.

So, tried a few things and found we could get a policy on by killing IPS. This may cause all sorts of random results so only use this if you're desperate!

You can try the nice way

diagnose test application ipsmonitor 99 

and then try adding the policy but I had to go further: in the CLI console type

get sys perf top

Look for ipsengine..

       ipsengine     6085      S     0.0    22.6

Then you can kill it..

diagnose sys kill 9 6085

the 9 is the signal and 9 means kill it dead.

It should come back. Check with the get sys perf top again.

Then you should be ok to put in a  few commands without the cmdb add entry failed error.

No comments:

CS:GO on Linux not starting

Valve, for a company that supposedly loves Linux your support is terrible. I got pointed to a community forum for support when logging this ...