Fortinet black logo

CLI Reference

dm

dm

Use this command to configure Deployment Manager (DM) settings.

Syntax

config system dm

set concurrent-install-image-limit <integer>

set concurrent-install-limit <integer>

set concurrent-install-script-limit <integer>

set conf-merge-after-script {enable | disable}

set discover-timeout <integer>

set dpm-logsize <integer>

set fgfm-install-refresh-count <integer>

set fgfm-sock-timeout <integer>

set fgfm_keepalive_itvl <integer>

set force-remote-diff {enable | disable}

set fortiap-refresh-cnt <integer>

set fortiap-refresh-itvl <integer>

set fortiext-refresh-cnt <integer>

set install-image-timeout <integer>

set install-tunnel-retry-itvl <integer>

set max-revs <integer>

set nr-retry <integer>

set retry {enable | disable}

set retry-intvl <integer>

set rollback-allow-reboot {enable | disable}

set script-logsize <integer>

set skip-scep-check {enable | disable}

set skip-tunnel-fcp-req {enable | disable}

set verify-install {enable | disable | optimal}

end

Variable

Description

concurrent-install-image-limit <integer>

The maximum number of concurrent installs (1 - 1000, default = 500).

concurrent-install-limit <integer>

The maximum number of concurrent installs (5 - 2000, default = 480).

concurrent-install-script-limit <integer>

The maximum number of concurrent install scripts (5 - 2000, default = 480).

conf-merge-after-script {enable | disable}

Merge config after running the script on the remote device, instead of a full retrieve (default = disable).

discover-timeout <integer>

Check connection timeout when discovering a device (3 - 15, default = 6).

dpm-logsize <integer>

The maximum DPM log size per device, in kilobytes (1 - 10000, default = 10000).

fgfm-install-refresh-count <integer>

The maximum FGFM install refresh attempts (default = 10).

fgfm-sock-timeout <integer>

The maximum FGFM communication socket idle time, in seconds (90 - 1800, default = 360).

fgfm_keepalive_itvl <integer>

The FortiManager/FortiGate communication protocol keep alive interval, in seconds (30 - 600, default = 120).

force-remote-diff {enable | disable}

Enable/disable always using remote diff when installing (default = disable).

fortiap-refresh-cnt <integer>

Maximum auto refresh FortiAP number each time (1 - 10000, default = 500).

fortiap-refresh-itvl <integer>

Auto refresh FortiAP status interval, in minutes (1 - 1440, 0 to disable, default = 10).

fortiext-refresh-cnt <integer>

Maximum device number for FortiExtender auto refresh (1 - 10000, default = 50).

install-image-timeout <integer>

Maximum waiting time for image transfer and device upgrade, in seconds (600 - 7200, default = 3600).

install-tunnel-retry-itvl <integer>

Time to re-establish tunnel during install, in seconds (10 - 60, default = 60).

max-revs <integer>

The maximum number of revisions saved (1 - 250, default = 100).

nr-retry <integer>

The number of times the FortiManager unit will retry (default = 1).

retry {enable | disable}

Enable/disable configuration installation retries (default = enable).

retry-intvl <integer>

The interval between attempting another configuration installation following a failed attempt (default = 15).

rollback-allow-reboot {enable | disable}

Enable/disable allowing a FortiGate unit to reboot when installing a script or configuration (default = disable).

script-logsize <integer>

Enter the maximum script log size per device, in kilobytes (1 - 10000, default = 100).

skip-scep-check {enable | disable}

Enable/disable installing scep related objects even if the scep URL is configured (default = disable).

skip-tunnel-fcp-req {enable | disable}

Enable/disable skipping the FCP request sent from an FGFM tunnel (default = enable).

verify-install {enable | disable | optimal}

Enable/disable verify install against remote configuration:

  • disable: Disable.
  • enable: Always verify installation (default).
  • optimal: Verify installation for command errors.

Example

This example shows how to set up configuration installations. It shows how to set 5 attempts to install a configuration on a FortiGate device, waiting 30 seconds between attempts.

config system dm

set retry enable

set nr-retry 5

set retry-intvl 30

end

dm

dm

Use this command to configure Deployment Manager (DM) settings.

Syntax

config system dm

set concurrent-install-image-limit <integer>

set concurrent-install-limit <integer>

set concurrent-install-script-limit <integer>

set conf-merge-after-script {enable | disable}

set discover-timeout <integer>

set dpm-logsize <integer>

set fgfm-install-refresh-count <integer>

set fgfm-sock-timeout <integer>

set fgfm_keepalive_itvl <integer>

set force-remote-diff {enable | disable}

set fortiap-refresh-cnt <integer>

set fortiap-refresh-itvl <integer>

set fortiext-refresh-cnt <integer>

set install-image-timeout <integer>

set install-tunnel-retry-itvl <integer>

set max-revs <integer>

set nr-retry <integer>

set retry {enable | disable}

set retry-intvl <integer>

set rollback-allow-reboot {enable | disable}

set script-logsize <integer>

set skip-scep-check {enable | disable}

set skip-tunnel-fcp-req {enable | disable}

set verify-install {enable | disable | optimal}

end

Variable

Description

concurrent-install-image-limit <integer>

The maximum number of concurrent installs (1 - 1000, default = 500).

concurrent-install-limit <integer>

The maximum number of concurrent installs (5 - 2000, default = 480).

concurrent-install-script-limit <integer>

The maximum number of concurrent install scripts (5 - 2000, default = 480).

conf-merge-after-script {enable | disable}

Merge config after running the script on the remote device, instead of a full retrieve (default = disable).

discover-timeout <integer>

Check connection timeout when discovering a device (3 - 15, default = 6).

dpm-logsize <integer>

The maximum DPM log size per device, in kilobytes (1 - 10000, default = 10000).

fgfm-install-refresh-count <integer>

The maximum FGFM install refresh attempts (default = 10).

fgfm-sock-timeout <integer>

The maximum FGFM communication socket idle time, in seconds (90 - 1800, default = 360).

fgfm_keepalive_itvl <integer>

The FortiManager/FortiGate communication protocol keep alive interval, in seconds (30 - 600, default = 120).

force-remote-diff {enable | disable}

Enable/disable always using remote diff when installing (default = disable).

fortiap-refresh-cnt <integer>

Maximum auto refresh FortiAP number each time (1 - 10000, default = 500).

fortiap-refresh-itvl <integer>

Auto refresh FortiAP status interval, in minutes (1 - 1440, 0 to disable, default = 10).

fortiext-refresh-cnt <integer>

Maximum device number for FortiExtender auto refresh (1 - 10000, default = 50).

install-image-timeout <integer>

Maximum waiting time for image transfer and device upgrade, in seconds (600 - 7200, default = 3600).

install-tunnel-retry-itvl <integer>

Time to re-establish tunnel during install, in seconds (10 - 60, default = 60).

max-revs <integer>

The maximum number of revisions saved (1 - 250, default = 100).

nr-retry <integer>

The number of times the FortiManager unit will retry (default = 1).

retry {enable | disable}

Enable/disable configuration installation retries (default = enable).

retry-intvl <integer>

The interval between attempting another configuration installation following a failed attempt (default = 15).

rollback-allow-reboot {enable | disable}

Enable/disable allowing a FortiGate unit to reboot when installing a script or configuration (default = disable).

script-logsize <integer>

Enter the maximum script log size per device, in kilobytes (1 - 10000, default = 100).

skip-scep-check {enable | disable}

Enable/disable installing scep related objects even if the scep URL is configured (default = disable).

skip-tunnel-fcp-req {enable | disable}

Enable/disable skipping the FCP request sent from an FGFM tunnel (default = enable).

verify-install {enable | disable | optimal}

Enable/disable verify install against remote configuration:

  • disable: Disable.
  • enable: Always verify installation (default).
  • optimal: Verify installation for command errors.

Example

This example shows how to set up configuration installations. It shows how to set 5 attempts to install a configuration on a FortiGate device, waiting 30 seconds between attempts.

config system dm

set retry enable

set nr-retry 5

set retry-intvl 30

end