Hi,
No joke when I say this but we spent over 1 year to get our FortiGate firewalls to download and backup a config to NCM. The problem at the end was a RegEx part of a command that was missing in our template. This was a very high visibility issue in that we had all our teams involved, solarwinds involved, and FortiNet support. No one could figure it out. It was the most annoying experience I'm hoping to help others avoid trying to setup your FortiGate devices to perform a backup with a service account and not the Admin again.
Keep in mind this may not work exactly for all situations it's not a one size fits all. But should work for most situations. You may need to alter this slightly depending on your configuration. But generally if you follow this template config you should have success since solarwinds does not document this anywhere.
Here is how you should configure the template::
<Configuration-Management Device="Fortigate" SystemOID="1.3.6.1.4.1.12356" AutoDetectType="BySystemOid">
<Commands>
<Command Name="UseVirtualPromptForCommands" Value="True" />
<Command Name="VirtualPrompt" Value="\$" />
<Command Name="MenuBased" Value="false" />
<Command Name="RESET" RegEx="\$" Value="config global${CRLF}config system console${CRLF}set output standard${CRLF}end" />
<Command Name="Reboot" Value="execute reboot${CRLF}y${CRLF}" />
<Command Name="EnterConfigMode" Value="config" />
<Command Name="ExitConfigMode" Value="end" />
<Command Name="Startup" Value="full-configuration" />
<Command Name="Running" Value="full-configuration" />
<Command Name="DownloadConfig" Value="show ${configType}" />
<Command Name="UploadConfig" Value="${ConfigText}${CRLF}${ExitConfigMode}" />
<Command Name="DownloadConfigIndirect" Value="execute backup config ${TransferProtocol} ${StorageFilename} ${StorageAddress}${CRLF}${CRLF}${CRLF}" />
<Command Name="UploadConfigIndirect" Value="execute restore config tftp ${StorageFilename} ${StorageAddress}${CRLF}${CRLF}" />
<Command Name="EraseConfig" Value="execute factoryreset${CRLF}y" />
<Command Name="SaveConfig" Value="execute cfg save" />
<Command Name="Version" Value="get system status" />
<Command Name="System_Start" Value="" />
<Command Name="System_Running" Value="" />
<Command Name="Fortinet_Global" Value="" />
</Commands>
</Configuration-Management>
The account uses $ instead of the # symbol. This template follows an example template provided by solarwinds support. For us this worked like a charm. And since most of the other form entries are old and doesn't provide good information I Wanted to provide this to help anyone out.
Again I emphasize this isn't a one size fits all. Some variations and changes may be required to get it just right as not all configurations are the same. And NCM needs the exact sequences of commands otherwise everything fails.
I hope this helps!
