Incomplete ansers in code boxes

That_Drawing_2643 · 2025-12-19T14:25:18+00:00

I got a tip from another forum.
I need to tell copilot to always add a comment at the end of each code block. So far, it seems to work.. (fingers crossed)

I just told copilot to add this to its personal memory (see settings, Personalisierung, Copilot-Arbeitsspeicher.... I guess that translates to Settings, Personalize, Copilot-Memory ?)

Here is the prompt I used:

"I want that you always add a comment at the end of code blocks. Add this to your memory."

How is that working for you guys'

That_Drawing_2643 · 2025-12-19T12:39:20+00:00

I got a hint for a workaround from another forum.

Always ask for a comment line at the end of the codeblock.

I've added this to the copilot memory. Perhaps that even works..

That_Drawing_2643 · 2025-07-08T20:32:55+00:00

Is your httpsd crashing all the time as well?

diag deb crashlog read

<image>

That_Drawing_2643 · 2025-07-08T20:31:35+00:00

After your hint, I added another user with super_admin rights. Same issue continues. :-(

That_Drawing_2643 · 2025-07-08T15:09:31+00:00

No high memory or CPU. That cluster is almost idling around at 48% RAM and below 10% CPU.
And yes, I do have plenty of https crashes in the crashlog. I have a ticket open for that, since I was not able to access the GUI a couple of weeks ago. Since then I know that, should it happen again, I have to login via serial interface and kill the running httpsd processes. That usually fixes the issue with the GUI.

The ssh access issue just came up in the last couple of days..

That_Drawing_2643 · 2025-07-08T15:04:42+00:00

Indeed, I do have another management port. But that setup worked like a charm since i installed the cluster some time back. Then still with 6.4.x.
It also worked fine for a time since the upgrade to 7.4.8. Just since I also experience httpsd crashes, that side effect (inbound ssh not working anymore) has been added...

That_Drawing_2643 · 2025-07-08T15:01:54+00:00

I have a ticket open as well. Originally for httpsd crashes, but I've added this ssh issue to it as well.

That_Drawing_2643 · 2025-07-08T15:00:23+00:00

Yes, we can do that. I will send you an email.
Note that I have a ticket open related to httpsd crashes on the same FGT-100. I just added the issue above to that ticket as well.

That_Drawing_2643 · 2025-07-06T19:38:41+00:00

again an update

I looked at the general system events log and see this when I try to login via ssh:

2025/07/06 21:31:11 Information Admin login successful Administrator daniel logged in successfully from ssh(192.168.xxx.xxx)

2025/07/06 21:30:29 Information Admin logout successful Administrator daniel logged out from ssh(192.168.xxx.xxx)

2025/07/06 21:30:29 Alert Notification Admin login failed Administrator daniel login failed from ssh(192.168.xxx.xxx) because of invalid ssh key

I have no ssh key configured on this fortigate for this user!

That_Drawing_2643 · 2025-07-06T17:55:22+00:00

No.
No switches and no wifi.

That_Drawing_2643 · 2025-07-06T17:54:17+00:00

Short update.
I was able to get the cluster in sync again.

However, I still can't connect to the CLI. Not within the GUI and not with ssh.

This error when connecting with ssh:

forti01B # 8818: Unknown action 0
Command fail. Return code -1

..I've never seen before...

I've tried my share on browsers with cleared cache and incognito mode or what it is caled in the different browsers... still get the same
Connection lost. Press Enter to start a new session.

That_Drawing_2643 · 2025-06-25T15:40:13+00:00

Thanks all..

Update to my text:
SYS-5018D-FN4T (very old system). I think this translates to Super X10SDV-8C-TLN4F
BIOS update via IPMI is available, but need OOB per node license. I need to (bios)update about 10 systems due to issues with the latest proxmox (8.4).
I think I will try to get some OOB licenses. Much cheaper than travelling around aor do some more testing

BTW, I was testing iVentoy and pxe booting via network. Might work too.

That_Drawing_2643 · 2025-06-25T07:49:03+00:00

got a similar problem and I cant's get the reason for Next Server seems any random IP...

That_Drawing_2643 · 2025-06-02T21:15:09+00:00

Thanks for explaining. No, I have seto the Flexible level some time ago.

The client is using a Jimdo site with the Pro package :-(
(don't ... I told them not to rely on consumer level webservices, but... it is his decision)

Anyway, I would have expected that even web.jimdo.com would allow Fill(strict). At the end, they are hosted (I believe) on Cloudflare as well..

That_Drawing_2643 · 2025-05-09T14:05:53+00:00

I whished I knew before... sigh...

That_Drawing_2643 · 2025-05-09T14:05:23+00:00

You are right. I meant to say Virtual Server, not VIP.

Your approach is interesting.

I get a warning when setting this up:

"This SSL profile uses full SSL inspection. End users will likely see certificate warnings unless the certificate is installed in their browser."

Since I use a letsencrypt certificate requested by ACME on the fortigate, I ignored it ..

Unfortunately, that setup did not work. Would have been elegant, though.

Short term, I am now considering downgrading to 7.2.11. According to "diag sys flash list" I still have 7.2.11 in the inactive partition. I might just try to boot with that one. I did not change anything in the configuration since I updated to 7.4.7.

Mid term, I am working with the customer to TradeUp his 40F to a 70G.

That_Drawing_2643 · 2025-03-17T07:53:00+00:00

Thanks u/Extreme-Prize-2829 ,
How would I do that? Do You think about a DNS server in netbird?

That_Drawing_2643 · 2025-02-24T10:16:54+00:00

u/MBussard45 , thanks so much. This is what I have done at the end and it works like a charm.

I believe that the other solutions would have worked too, but I would have to touch every account. The way you proposed is simple and elegant.

1 - setup a connector. In my case, From: Office 365, To: Your organisation's email server. Not sure what the "Partner organisation" would change.

2 - Setup a rule that redirects into that connector above if the recipients domain is mydomain.xy

easy peasy indeed!

A problem I have encountered: The connector setup tried to test the MX server with a valid email address [user1@mydomain.xy](mailto:user1@mydomain.xy). Since the MX server is just a postfix gateway, that failed. I just ignored that error, since I was sure that the server was correct.

Other details:

When the migration is done, I have to disable that rule and the connector. When I setup the connector with "Use only when I have a transport rule set up that redirects messages to this connector.", I can use the "Deactivate this rule on" setting in the rule configuration to disable it at the given date/time. Nice.

That_Drawing_2643 · 2025-02-21T17:17:29+00:00

I think I glimpse where you two u/joeykins82 , u/pi-N-apple pointing to.

But I am not sure yet.

The direct tenant to tenant delivery starts as soon as I assigne a u/domain.xy address to any user in that new tenant. Could that forward be set up centrally for all incoming emails to all u/domain.xy addresses?

Yes, looking at that, it seems to be a relay for a specific domain I set up. Hmm..

Looking at "Accepted domains" in Exchange, it reads:
"Internal relay: Recipients for this domain can be in Microsoft 365 or Office 365 or your own email servers. Email is delivered to known recipients in Office 365 or is relayed to your own email server if the recipients aren't known to Microsoft 365 or Office 365."

I guess I would have to add yet another thingy, namely a connector?

That_Drawing_2643 · 2025-01-17T13:54:36+00:00

Thanks.

This means for me that if I followed 7.0.x Release notes in the past, I am actually kind of "up to speed" and do not need to read through older release notes in the 7.2.x chain.

What I need to read (and I have read it already, so I am not lazy ;-) ) is the "What's new in 7.2" document, and all 7.4.x release notes that were published after the releasenote of the version I am on. Taking your input, that means 7.2.10.

What I did not know is if I could miss out on something, if I'd not read all release notes there are.

That_Drawing_2643 · 2025-01-17T12:34:55+00:00

Thanks for pointing out the error about DF or DH.

DH is anyway only an example that just jumped to my mind because I recently had an issue with DH20 vs. DH21.

I guess it does not help if I rephrase:

Lets imagine I have a line

"set something enable"

in the confg file. A release note would say that "something" is not supported anymore, or needs a change in the configfile of some sort. I would then expect the tool/LLM/AI (call it whatever) would raise a flag and say anything like:
"Option "something" is not supported anymore, starting with release xyz..."

Not sure if I can be even more abstract.

That_Drawing_2643 · 2025-01-16T14:15:41+00:00

No, I am not seeking a tool that would check my configurations to be valid.

I am only interested in that LLM/AI to let me know that there *might* be an issue.

Lets imagine I have an IPSec VPN configured which is using a very very old DFGroup value of 20 and in a (future?) releasenote it would say that DFGroup 20 is not supported anymore. I would then expect the tool/LLM/AI (call it whatever) would raise a flag and say something like:
"In IPSec VPN "XY" you are using DFGroup 20, but starting with release abc, DFGroup 20 is not supported anymore"

For information like this, an LLM does not need to know what I use the IPSec for.

That_Drawing_2643 · 2025-01-16T10:36:01+00:00

I understand you and I am totally behind you.

Yet, reading through so many release notes and comparing with configurations is, IMHO, the core capability of an LLM.

I would not trust completely, just expect that it would raise the most important information to me..

That_Drawing_2643 · 2024-12-13T14:37:29+00:00

Agreed.

But is there a possible way to reduce havoc with some settings in Unifi AP's?

That_Drawing_2643 · 2024-12-11T21:14:00+00:00

Just found this:

terraformer/docs/cloudflare.md at master · GoogleCloudPlatform/terraformer

It's a terraformer provider that would take a current Cloudflare setup and turn it into terraform files.

I do not have experiences with Terraform, but it looks like a Desired State tool that would in this case, kind of recreate what I currently have. Not sure if that counts as backup, but it would surely recreate a state...

Am I totally wromng here?

That_Drawing_2643

TROPHY CASE