If you ever run into a situation where you have configured a VLAN interface on a Fortigate firewall and the purpose of the VLAN changes you might have to rename it. The GUI will not let you rename an existing VLAN interface. However there are workarounds, ranging from very impacting to transparent:
- Remove the VLAN interface and create a new one with the updated name. This method incurs downtime since you first have to remove any rules, routing, etc that reference the VLAN.
- Download the firewall config, rename the interface in the backup file and restore the config. This will reboot the firewall and also impact user traffic.
The fastest, easiest and least impacting method is:
- #config system interface
- #rename "VLAN Name" to "New VLAN Name"
- #end
5 comments:
Hi
I tried this in my testlab and this worked well. However in my prod lab it fails. In the test I have a 60B in prod 1000A.
I have a VLAN I wish to rename but it returns an error:
hiddenentry.c:_cli_action_tbl_entry,142: action error with hiddent entry -23 removed used datasource error -23
Command fail. Return code -23
This is a basic VLAN interface associated with two firewall policies? I do not know what the issue is with me renaming this interface? any ideas?
Thanks
I would recommend you post the same question to the Fortinet support forum where a lot of very knowledgeable people will be sure to help.
http://support.fortinet.com/forum
Hi,
I have those guys assisting me already! :) Some have ran into the same problem :)
I am hoping someone can up with an explanation :)
Cheers
This doesn´t work on newer firmware. And after a chat with Fortinets support they confirm and say: No, you cannot rename a VLAN.
To bad..
If you can afford a reboot, simplest way is still to download the config, search/replace the interface name, and re-upload it.
Post a Comment