alagoutte
commented
1 month ago Hi,
With the GUI is working ?
I think, you need to set the aggregate on global vdom
Closed dimk21 closed 3 weeks ago
alagoutte
commented
1 month ago Hi,
With the GUI is working ?
I think, you need to set the aggregate on global vdom
dimk21
commented
1 month ago Hi,
With the GUI is working ?
I think, you need to set the aggregate on global vdom
Hey,
yes on the GUI the following is working: Go to VDOM: Global > Interfaces > New Interface > Type VLAN, Virtual Domain: vdom-cust, Interface "LAN"
And no, I cant set the aggregate on global vdom as it is only for management.
alagoutte
commented
1 month ago do you have look on the GUI the API call using for create the interface ?
you have 2 vdom on your playbook (or indent issue ?)
MaxxLiu22
commented
1 month ago Hi @dimk21 ,
Thank you for bringing this issue to our attention. It appears that FOS is unable to find the interface named "LAN." I noticed that you are using an alias, which is intended for human readability. When FOS refers to the interface, we need to use the actual name instead of the alias. Could you kindly check if "LAN" is indeed the name of the interface you wish to use? On my side, I was able to create a VLAN interface under a VDOM by using a different VDOM aggregate interface in global mode. If the issue persists, could you please provide a GUI screenshot of the aggregate interface configuration, which would be helpful for us to reproduce your issue?
Thanks, Maxx
dimk21
commented
1 month ago Hi @dimk21 ,
Thank you for bringing this issue to our attention. It appears that FOS is unable to find the interface named "LAN." I noticed that you are using an alias, which is intended for human readability. When FOS refers to the interface, we need to use the actual name instead of the alias. Could you kindly check if "LAN" is indeed the name of the interface you wish to use? On my side, I was able to create a VLAN interface under a VDOM by using a different VDOM aggregate interface in global mode. If the issue persists, could you please provide a GUI screenshot of the aggregate interface configuration, which would be helpful for us to reproduce your issue?
Thanks, Maxx
Hi @MaxxLiu22 ,
Thanks.
"LAN" is indeed the name of the interface I wish to use. See:
May I provide more Information for you to reproduce the issue? I know there is only one interface inside the aggregate interface. This will change in the future.
Kind regards
EDIT:
Some more information:
GUI Screenshot (not CLI):
An API-Preview of a per GUI created subinterface/vlan says also interface : datasource : "system.interface" name : "LAN" q_origin_key : "LAN"
alagoutte
commented
1 month ago the interface is on root VDOM and not global VDOM.
MaxxLiu22
commented
1 month ago Hi @dimk21 ,
Thank you for providing the information. Your configuration looks good to me. I have created the same aggregate interface and VLAN via Ansible without encountering any errors.
We have recently released Ansible FOS 2.3.7. Could you kindly upgrade it via ansible-galaxy collection install fortinet.fortios:2.3.7 and try again at your convenience? If the issue persists, we may need to debug from the FOS side. Please run the following code on your FGT, then execute your Ansible script again to observe what FOS does after receiving the Ansible script.
config global
diagnose debug reset
diagnose debug cli 8
diagnose debug enableand many thanks to @alagoutte for your time and help.
Thanks, Maxx
dimk21
commented
1 month ago Hi @dimk21 ,
Thank you for providing the information. Your configuration looks good to me. I have created the same aggregate interface and VLAN via Ansible without encountering any errors.
We have recently released Ansible FOS 2.3.7. Could you kindly upgrade it via
ansible-galaxy collection install fortinet.fortios:2.3.7and try again at your convenience? If the issue persists, we may need to debug from the FOS side. Please run the following code on your FGT, then execute your Ansible script again to observe what FOS does after receiving the Ansible script.config global diagnose debug reset diagnose debug cli 8 diagnose debug enableand many thanks to @alagoutte for your time and help.
Thanks, Maxx
Hi @MaxxLiu22 ,
thanks again. This is what FOS does after receiving the Ansible script:
0: config vdom
0: edit vdom-cust
0: config system interface
0: edit "INT_3930"
0: set vdom "vdom-cust"
0: set vrf 24
0: set ip 10.0.0.1 255.255.255.254
0: set allowaccess ping
0: set bfd enable
0: set bfd-desired-min-tx 750
0: set bfd-required-min-rx 750
0: set status down
0: set description "test_cust"
0: set alias "test_cust"
0: set role lan
0: set interface "LAN"
0: set vlanid 3930
cmd=config vdom
edit vdom-cust
config system interface
edit INT_3930
set vdom vdom-cust
set vrf 24
set ip 10.0.0.1 255.255.255.254
set allowaccess ping
set bfd enable
set bfd-desired-min-tx 750
set bfd-required-min-rx 750
set status down
set description test_cust
set alias test_cust
set role lan
set interface LAN
set vlanid 3930
abort
-3: end
[cmf_shm_update:663] Error: pid=3405,vd=vsys_hamgmt,query=system.settings,level=0,pos=0.We are currently running FOS 2.3.6 Maybe 2.3.7 will fix this.
Kind regards
dimk21
commented
1 month ago Hey @MaxxLiu22 ,
just updated to 2.3.7 - still the same issue. Seems like im doing something wrong.
Kind regards
dimk21
commented
3 weeks ago Hi @dimk21 ,
Thank you for providing the information. Your configuration looks good to me. I have created the same aggregate interface and VLAN via Ansible without encountering any errors.
We have recently released Ansible FOS 2.3.7. Could you kindly upgrade it via
ansible-galaxy collection install fortinet.fortios:2.3.7and try again at your convenience? If the issue persists, we may need to debug from the FOS side. Please run the following code on your FGT, then execute your Ansible script again to observe what FOS does after receiving the Ansible script.config global diagnose debug reset diagnose debug cli 8 diagnose debug enableand many thanks to @alagoutte for your time and help.
Thanks, Maxx
Hi @MaxxLiu22 ,
could you provide your Ansible script, so I could compare with mine. I still have no clue what is going wrong. THX
dimk21
commented
3 weeks ago Finally fixed it! My "api-profil" under Admin Profiles was "set scope vdom". Changed it to "set scope global". Now its working. Ty all for helping
Description:
I am using the Ansible module fortinet.fortios.fortios_system_interface to create a VLAN interface. The physical interface (an aggregate interface) belongs to a different VDOM than the one where I am trying to create the VLAN interface.
Issue:
When I attempt to create the VLAN interface, I receive the following error:
"cli_error": "current vf=vdom-cust:2\nentry not found in datasource\nAttribute 'interface' value 'LAN' checking fail -3\nCommand fail. Return code -3\nCommand fail. Return code 1\n",
In this context, the value 'LAN' refers to the aggregate interface that belongs to the root VDOM.
Steps to Reproduce:
Configure an aggregate interface in the root VDOM. Attempt to create a VLAN interface on this aggregate interface in a different VDOM. Expected Result: The VLAN interface should be created successfully on the specified aggregate interface.
Actual Result: The process fails with the error mentioned above.
Additional Information:
"meta": { "http_method": "POST", "revision": "92081e59341427950df2c2f1d04f1dae", "revision_changed": true, "old_revision": "b4871b12bf5367c985525c9cebbc4a8e", "cli_error": "current vf=vdom-cust:2\nentry not found in datasource\nAttribute 'interface' value 'LAN' checking fail -3\nCommand fail. Return code -3\nCommand fail. Return code 1\n", "error": -3, "status": "error", "http_status": 500, "vdom": "global", "path": "system", "name": "interface", "serial": "XYZ", "version": "v7.0.15", "build": 632
Playbook Task:
Workaround: Any advice or suggestions on how to work around this issue would be greatly appreciated.
Thank you for your assistance!