FortiWeb REST API Error Codes
Preface
Quick reference for error codes you could encounter when testing FortiWeb REST API.
The Error Codes
Error Code | Error Message |
---|---|
10 | CMDB failed to be saved. |
5 | System API error. |
2 | CMDB API error. |
1 | CLI internal error. |
-1 | Invalid length of the value. |
-2 | The value is out of range. |
-3 | The entry is not found. |
-4 | The maximum number of entries has been reached. |
-5 | A duplicate entry has already existed. |
-6 | Failed to allocate memory. |
-7 | The value conflicts with system settings. |
-8 | Invalid IP address. |
-9 | Invalid IP netmask. |
-10 | Invalid gateway address. |
-11 | When the port is in DHCP mode, it’s IPv4 address can not be modified mannually. |
-12 | When the port in DHCP mode, it’s IPv6 address can not be modified mannually. |
-16 | Blank or incorrect address. |
-20 | Blank entry. |
-23 | The entry is used. |
-24 | Error opening the file. |
-25 | Error reading from the shared memory. |
-26 | File error. |
-27 | Error opening IP-MAC info file. |
-28 | The file is not an updated file. |
-29 | Invalid keytab file. |
-30 | Invalid username or password. |
-33 | MAC address is invalid. |
-37 | Permission denied. |
-38 | The downloading file does not exist. |
-39 | Configuration file or password error. |
-45 | Invalid IP range. |
-46 | Invalid port range. |
-49 | IP address isn’t in the same subnet as the gateway. |
-50 | Input is in invalid format. |
-52 | Uploaded file is too large or invalid. |
-54 | IP address is in the same subnet as the others. |
-56 | Empty value isn’t allowed. |
-57 | Underline _ isn’t allowed. |
-61 | Input is not as expected. |
-66 | Unable to uncompress the gz file you provided. |
-87 | Image CRC error. |
-89 | Invalid number. |
-90 | CLI parsing error. |
-91 | Configuration file error. |
-92 | Invalid arguments. |
-93 | Invalid domain. |
-94 | Error creating entry. |
-95 | The maximum allocated quota is reached. |
-96 | Failed to delete the table entry. |
-100 | A duplicate username has already existed. |
-120 | The IP address must include a subnet mask. |
-130 | Invalid date input. |
-131 | Invalid year input. |
-132 | Invalid month input. |
-133 | Invalid day input. |
-134 | Invalid time input. |
-135 | Invalid hour input. |
-136 | Invalid minute input. |
-137 | Invalid second input. |
-140 | Failed to generate local certificate signing request. |
-145 | The imported local certificate is invalid. |
-146 | The imported CA certificate is invalid. |
-147 | The certificate is being used. |
-148 | There is already a certificate and/or private key with this/these filename(s). Please rename your certificate and/or private key so that they do not match the filename of an existing certificate. |
-149 | The imported certificate is invalid. |
-152 | Invalid encryption key. |
-158 | Invalid VLAN ID. |
-167 | Failed to import PKCS12 file. |
-168 | Failed to export PKCS12 file. |
-179 | Invalid Geo IP database file. |
-180 | Unable to send your update request. |
-191 | VLAN interfaces must share the same VLAN ID. |
-202 | Single admin user login mode. |
-203 | IP has been blocked. |
-204 | Invalid username or password. |
-205 | Your password has expired, please input a new password. |
-206 | The new password does not conform to the password policy, please try again. |
-207 | Your password does not conform to the password policy, please input a new password. |
-208 | Your password has expired, please input a new password. |
-209 | Your password does not conform to the password policy, please input a new password. |
-210 | According to the password policy enforced on this device, please change your password. |
-211 | Please enter the token. |
-252 | Invalid port. |
-282 | User canceled. |
-302 | Failed to import remote certificate. |
-360 | Command timeout. |
-361 | Failed to add entry. |
-515 | The name is a reserved keyword by the system. |
-522 | The VLAN ID or physical interface can not be changed once a VLAN has been created. |
-531 | The VLAN ID and the physical interface have been used by another VLAN interface. |
-542 | Invalid CRL file. |
-547 | The specified priority has already existed. |
-548 | This rule is in the list. |
-550 | The regular expression is not right. |
-551 | The condition is in the list. |
-552 | The host can not be NULL. |
-553 | The URL can not be NULL. |
-555 | The location can not be NULL. |
-556 | The header field name/value can not be NULL. |
-557 | The username can not be NULL. |
-558 | The username is in the list. |
-559 | The uploading succeeds, but an internal error has occured. Try checking the disk space and available memory first. |
-651 | Invalid input value. |
-653 | Invalid regular expression. |
-805 | Invalid authentication key. |
-807 | The password is too short. |
-808 | The password must contain at least one uppercase letter. |
-809 | The password must contain at least one lowercase letter. |
-810 | The password must contain at least one number. |
-811 | The password must contain at least one non-alphanumeric character. |
-813 | The FIPS feature or one of the fields is invalid. |
-814 | The new image does not contain FIPS feature. |
-815 | System upgrade to the new image failed. |
-816 | The FIPS feature might be valid but the public key is new/unknown. |
-817 | FIPS: The password is too short, and a minimum length of 8 characters is required. |
-818 | FIPS: The server mode is not supported when FIPS status is enabled. |
-819 | FIPS: A minimum certificate key length of 1024 bits is required. |
-820 | FIPS: Unsupported certificate feature algorithm. |
-821 | FIPS: Telnet/HTTP access are not allowed. |
-822 | FIPS: Feature check failed for some unknown reasons. |
-823 | The new image does not support CC mode. |
-824 | ’Strong-password’ must be enabled when FIPS status is enabled. |
-825 | FIPS: Minimum RSA certificate key length is 2048 bits and mininum EC certificate key length is 224 bits. |
-826 | Downgrade is rejected in FIPS mode. |
-831 | The image file is wrong, please check the version, build number, model, and the partition table. |
-832 | Failed to unzip the image file. |
-833 | MBR is wrong. |
-834 | The signature of the image file is wrong. |
-835 | Downgrade is rejected in FIPS mode. |
-900 | System is shutting down. |
-901 | Backup failed, please try again. |
-950 | The Syslog server has already existed. |
-1005 | Deleting table entry is not allowed. |
-1010 | Login disclaimer declined. |
-1101 | Please wait while the system is restarting. |
-1102 | Invalid device ID. |
-1104 | Error changing the password. |
-1500 | It is not allowed to configure this object in secondary mode. |
-1501 | The reserve management status should be unset first. |
-1502 | The interface is used by HA monitor. |
-1503 | No available license for HA module. |
-1504 | The active-active-standard should be in Reverse Proxy or True Transparent mode. |
-1505 | The group ID is not allowed to change. |
-1506 | The SN is invalid. |
-1507 | The SN is already associated with another node ID. |
-1508 | The VIP is already used by another Traffic Distribution. |
-1509 | The node is not associated with any SN. |
-1510 | The node ID is already used by Traffic Distribution, please unset it first. |
-1511 | The active-active-high-volume should be in Reverse Proxy mode. |
-1512 | You must select at least one node in the HA member. |
-1513 | You must select at least one VIP in the VIP list. |
-1514 | Active-passive and active-active-standard modes are not supported on the Xen server platform. |
-1515 | The operation is not allowed in secondary mode. |
-1516 | The active-passive with udp-tunnel type should be in Reverse Proxy mode. |
-1517 | The ha-node is not supported by current HA network-type and platform. |
-1518 | The Traffic Distribution is not supported by current network-type and platform. |
-1519 | corefile-ha-failover must be disabled when enable-core-file is disabled. |
-1520 | The interface of tunnel-local must be included in the ha-mgmt-interface. |
-1521 | The old IPv4 address is being used by tunnel-local in HA. |
-2001 | Your password must be at least 1 character long. |
-2002 | Your password can not contain the following characters: ~ ! # % ^ & * + ` ’ | |
-2003 | The password entries do not match. |
-2004 | Invalid name. |
-2007 | The password is not strong enough. |
-2012 | |
-2016 | Error missing disk. |
-2025 | Duplicate IP address. |
-2026 | The same Destination has already existed. |
-2034 | CFG_ER_FILTER_TOO_LONG |
-3000 | Internal error processing requested file. |
-4001 | Invalid XPath expression. |
-4003 | The request URL must start with ’/‘. |
-4006 | Invalid suspicious URL. |
-4007 | Signature update failed. |
-4013 | This operation is not allowed under current system operation mode. |
-4032 | Port 22/23/8/43/9 is used by other settings. |
-4033 | Port is used by global conf sync. |
-4202 | The name of virtual server has already existed. |
-4303 | The IP address is already used by another virtual server. |
-4304 | The virtual server IP address is the same as an IP address on a physical interface. |
-4305 | When HA is turned on, it is only allowed to use interface IP on AWS platform. |
-4401 | There are too many default HTTP content routing rules. |
-5000 | Failed to delete this file. The connected user may not have permission. |
-5001 | Failed to revert this file. The connected user may not have permission. |
-5002 | Failed to recover this file. The connected user may not have permission. |
-5003 | The selected file version is the same as the current version. |
-5004 | Website is not connected. |
-5005 | Failed to reset the web site. The connected user may not have permission. |
-5006 | the selected site version is the same as the current version. |
-5099 | Names can only contain A-Z, a-z, 0-9, _. |
-5100 | Names can only contain A-Z, a-z, 0-9, _, and -. |
-5101 | Schedule dates can only be 1-31. |
-5102 | The report is protected because it is editable from the device. To edit it on FortiAnalyzer, disable report_protect option first. |
-5103 | User can not modify report types from on-schedule to on-demand, and vice versa. |
-5104 | The logo file name length should not exceed 63. |
-5105 | The logo picture size should not exceed 400 x 400. |
-5106 | Invalid logo file. |
-5107 | Names can only contain A-Z, a-z, 0-9, _,., and -, but not include ., .. |
-5200 | The renaming operation failed. |
-5201 | The specified name has already existed. |
-5202 | The specified name can only be a file name or directory name. |
-5301 | You can create at most 10 post URL items. |
-6000 | The Inline Protection Profile name has already existed. |
-6001 | The Offline Protection Profile name has already existed. |
-6003 | The Authentication Policy name has already existed. |
-6004 | The scope of LDAP cache timeout is 0-3600. |
-6005 | The Authentication Rule name has already existed. |
-6006 | The HTTP Protocol Constraints name has already existed. |
-6007 | The URL Rewriting Policy name has already existed. |
-6008 | The item is already in the table. |
-6009 | The URL Rewriting Rule name has already existed. |
-6011 | The Hidden Fields Rule name has already existed. |
-6012 | The Allow Method Exception name has already existed. |
-6013 | The URL pattern has been used by a rule in the table. |
-6014 | The IP has already existed in the table. |
-6018 | This rule is in the list. |
-6101 | The Brute Force Login name has already existed. |
-6102 | The scope of standalone IP Access Limit is 0-10000. |
-6103 | The scope of share IP Access Limit is 0-10000. |
-6104 | The scope of Block Period is 1-10000. |
-6105 | You must input a valid regular expression. |
-6106 | The Input Rule name has already existed. |
-6115 | You must input a valid regular expression. |
-6117 | The type of default page can not be regular expression. |
-6120 | The Custom Signature Group name has already existed. |
-6121 | The Custom Signature name has already existed. |
-6124 | The URL Access Rule name has already existed. |
-6125 | The URL Access name has already existed. |
-6126 | You cannot change the type of a used request. |
-7000 | The Robot Control name has already existed. |
-7004 | The Robot Group name has already existed. |
-7007 | The item is already in the table. |
-7100 | The URL Access name can not be null. |
-7102 | The rule name is duplicate. |
-7103 | The priority already exists. |
-7106 | The condition already exists. |
-7200 | The name of the pserver already exists. |
-7201 | The IP address of the pserver is already in use. |
-7202 | You must input a valid port. |
-7203 | The name of server farm already exists. |
-7204 | You must select a Physical Server. |
-7205 | This server is already used in a server pool. |
-7206 | The health check source IP must be specified. |
-7207 | The health check must be specified. |
-7210 | You must select a server farm. |
-7212 | The same service port cannot be used for one Virtual IP twice. |
-7213 | In TT mode, two policies can not set the same V-zone and same pserver. |
-7214 | The protected server name already exists. |
-7215 | The data type group name already exists. |
-7216 | The suspicious URL rule already exists. |
-7217 | You must select a data capture port. |
-7218 | The server farm is used by another policy. |
-7219 | The server farm has the same pserver and port as others. |
-7220 | In TT mode, two policies can not set different v-zones whie the same pserver with different port. |
-7221 | No web protection profile. |
-7222 | Server pool size exceeds the limit. |
-7238 | The server farm type does not match with the deployment mode. |
-7239 | This HTTP content routing policy has been added to the server farm. |
-7240 | The server pool type does not match with the deployment mode. |
-7245 | The Custom Access Rule name already exists. |
-7300 | The server farm name already exists. |
-7301 | You must select a pserver. |
-7302 | The server health check name already exists. |
-7303 | The policy name already exists. |
-7400 | Too many tasks waiting for processing. |
-7514 | You must input a secondary secret. |
-7525 | The host, request_file of the File Upload Restriction Rule already exist. |
-7526 | The Allow Method Policy name already exists. |
-7528 | The sync-type can be only partial_sync when system mode is Inline. |
-7530 | The domain of the domain server is already in use. |
-7532 | The object must be http-body when url-rewrite-rule action-type was http-body-rewrite. |
-7533 | The object can not be http-body when url-rewrite-rule action-type wasn’t http-body-rewrite. |
-7535 | Import failed: Some items have already existed in the system configuration. |
-7536 | The host, request URL of the sub table entry have already existed. |
-7537 | The platform version is not the same as the config file. |
-7538 | Redirect URL input is invalid, and it can only contains A-Z, a-z, 0-9, _, :, /,[,],-and .. |
-7539 | The object can not be http-reference when url-rewrite-rule action-type is http-header-rewrite. |
-7540 | The object can not be http-location when url-rewrite-rule action-type is not location-rewrite. |
-7541 | Invalid file format. The file type must be tar, .tar.gz, or .zip. |
-7542 | File size exceeds the limit. |
-7543 | The file must contain a HTML file named ‘index.html’. |
-7545 | You can create at most 128 exception rules in the Signatures Rule of the same signature ID. |
-7554 | The Custom Access Rule name can not be null. |
-7555 | Only one condition can be configured per rule. |
-7556 | You can not create the same Header name whether it is in a predefined or custom rule. |
-7558 | Invalid password. |
-7559 | The IP address is already in another exception rule. |
-7600 | For WAD, at most 256 items can be created. |
-7601 | Destination IP and gateway must be the same IPv4 or IPv6. |
-7602 | Interface IP must be set. |
-7603 | Source IP and gateway must be the same IPv4 or IPv6. |
-7604 | A duplicate route setting already exists. |
-7605 | The route policy priority already exists. |
-7606 | The default gateway can not be set manually when interface is in DHCP mode. |
-7610 | The bypass can not be enabled when system is in HA mode, RP mode, or Offline mode. |
-7611 | ’:’ input is invalid. Supported characters are 0-9 A-Z a-z _ . - |
-7615 | All the enabled web cache policies exceed the maximum buffer size. |
-7617 | You must save the server policy before adding HTTP Content Routing policies. |
-7618 | You must select a SSL protocol. |
-7620 | Image encoding failed. |
-7622 | The number of tags can not exceed 32. |
-7625 | VLANs are not supported on this aggregate device due to no available interface. |
-7626 | You must input protocol for FortiGate integration. |
-7627 | You must input schedule for fortiGate integration. |
-7630 | The database file is empty. |
-7631 | Connection failed. |
-7632 | Socket error. |
-7634 | Interfaces must not be in the same physical interface. |
-7635 | Interface or VLAN is used by V-zone. |
-7636 | Virtual server use-interface-ip status can not be changed when used by a policy. |
-7637 | The service of this port is in use. |
-7638 | The service used by a policy can not be edited. |
-7639 | The service of this virtual IP is in use. |
-7640 | The name can not be empty. |
-7645 | Creating HSM failed. |
-7646 | The imported HSM certificate is invalid. |
-7647 | This partition is not assigned for the FortiWeb, please check the HSM. |
-7648 | Destroying HSM failed. |
-7649 | HSM config is not valid. |
-7650 | Can not connect to server on this port, please check system router and network. |
-7652 | Group dddress must be in the IP range 224.0.0.0~239.255.255.255. |
-7653 | Invalid operator. |
-7654 | MTU setting failed. |
-7655 | Diagnosing HSM partition failed. |
-7656 | The minimum port is larger than the maximum port. |
-7659 | Invalid REST API request. |
-7660 | This interface is managed by DPDK, please detach it from DPDK first. |
-7661 | Capture port must be physical interface that is not used by VLAN. |
-7662 | The condition is in the list. |
-7663 | The URL request of the sub table entry already exists. |
-7664 | The cookie name already exists. |
-7665 | The interface is used by VLAN and MTU should be larger than its VLAN’s setting. |
-7666 | The interface is used by VLAN and MTU should be smaller than its physical interface’s setting. |
-7667 | The interface of VLAN can not set allowaccess in TTP and TI operation mode. |
-7670 | The Custom Access Rule has exceeded the max length(1024). |
-7671 | The URL Access Rule has exceeded the max length(1024). |
-7672 | Internal error. |
-7673 | Failed to process the upload file. |
-7674 | Wrong protocol version setting for SSL in HTTP2. |
-7675 | Wrong cipher setting for SSL in HTTP2. |
-7676 | For TI and Offline pserver, certificate file must be set when SSL is enabled. |
-7677 | The certificate can be included only in single OCSP stapling. |
-7678 | The CA number in one CA file exceeds the limit. |
-7679 | Invalid input format, only JPG format is supported. |
-7680 | The length of input certificate content is too long. |
-7681 | The HTTP header name already exists. |
-7684 | The value of higher level must be larger than that of the lower level. |
-7685 | Input secret is more than 128, and it will be cut off. |
-7686 | The allowed value from URI must start with ‘http://’ or ‘https://‘. |
-7687 | The input PIN-SHA256 should conform to valid base64 format. |
-7688 | The report-uri must be set when report-only is enabled. |
-7689 | PIN-SHA256 requires at least two pins, and requires at least one does NOT refer to a SPKI in current certificate chain. |
-7690 | Status, type, and flag of a certificate can not be configured from CLI. |
-7691 | The configuration of a certificate can not be changed from CLI except the comments. |
-7692 | The maximum value should be larger than the minimum value. |
-7693 | The sign CA must be selected when the Client Certificate Proxy is enabled. |
-7694 | Invalid XML schema file. |
-7695 | Duplicate XML schema file. |
-7696 | Invalid XML WSDL file. |
-7697 | Duplicate XML WSDL file. |
-7699 | The time interval of auto confsync should not be shorter than 5 minutes. |
-7700 | Header field check and HTTP method check can not be disabled at the same time. |
-7701 | Duplicate namespace prefix. |
-7702 | Namespace prefix has been used by element list. |
-7703 | Prefix can only contain A-Z, a-z, 0-9, _, - and ., and it must start with _ or a letter. |
-7704 | Duplicate XPath expression. |
-7705 | Namespace prefix must be defined in namespace mapping. |
-7706 | XML client certificate group must be selected when request operation includes sign verify. |
-7707 | XML client certificate group must be selected when response operation includes encrypt or HMAC-SHA1 sign. |
-7708 | XML server certificate must be selected when request operation includes decrypt. |
-7709 | XML server certificate must be selected when response operation includes RSA-SHA1 sign. |
-7711 | Failed to open file. |
-7712 | Failed to decompress file. |
-7713 | Failed to open directory. |
-7714 | The contents of the extracted file don’t conform to specifications. |
-7715 | The service of policy must be selected. |
-7716 | The mode can not be changed between active-active-standard, active-passive, and active-active-high-volume. |
-7717 | This interface is used in an aggregate. Please try another port. |
-7718 | The end address of IP address range must be greater than the start address. |
-7719 | The Translate to IP address must be set. |
-7720 | This interface is used in a redundant configuration. Please try another port. |
-7721 | This certificate is invalid. |
-7722 | The multi-cert does not support OCSP stapling. |
-7725 | The password of admin can not be changed. |
-7726 | No parameter name is specified. |
-7727 | No header field name is specified. |
-7728 | You have enabled user access restrictions, but API key verificaiton is not enabled. |
-7729 | You need to input valid URL expression. |
-7730 | You need to input valid regular expression. |
-7731 | Invalid UUID format. |
-7732 | Invalid API key format. |
-7733 | You must input HTTP host. |
-7734 | Invalid format for URL frontend prefix. |
-7735 | Invalid format for URL backend prefix. |
-7736 | Failed to change UUID for API user. |
-7737 | Failed to change API Key for the user. |
-7738 | The format of HTTP attach header is invalid. |
-7739 | Invalid format for URL |
-7741 | Invalid format for parameters |
-7742 | Invalid format for headers |
-7743 | Invalid name for phantom token |
-7744 | Invalid name for token |
-7745 | Invalid format for header verification |
-7746 | Invalid format for payload validation |
-7747 | Invalid format for RSA key |
-7801 | Getting site information table failed. |
-7802 | Getting site tree root failed. |
-7803 | The site has no record. |
-7804 | Getting site child nodes failed. |
-7811 | Operation failed. |
-7812 | Malloc memory error. |
-7813 | The parameter is not in running or testing state. |
-7814 | Invalid parameter. |
-7815 | The length of the password has exceeded the max length(15). |
-7816 | Decrypting or encrypting data error, or unmatched Anomaly Detection data file is found. |
-7817 | The parameter has been refreshed. |
-7818 | Port1 should be in DHCP mode when HA is enabled on cloud platform. |
-7819 | Failed to support multiple import tasks at the same time. |
-7820 | Failed to import Anomaly Detection data. |
-7821 | Unmatched Anomaly Detection data file found. |
-7822 | Failed to support multiple export tasks at the same time. |
-7823 | Failed to export Anomaly Detection data. |
-7824 | All interfaces should be in static mode when HA is enabled in flat mode on KVM platform. |
-7825 | Port1 should be in DHCP mode when HA is enabled in UDP tunnel mode on KVM platform. |
-7826 | Failed to import bot detection data. |
-7827 | Unmatched bot detection data file is found. |
-7828 | Failed to export bot detection data. |
-7829 | Decrypting or encrypting data error. |
-7830 | Duplicate file type. |
-7831 | These file names are not allowed: < > ( ) # | |
-7832 | Unmatched bot detection data file is found under the current operation mode. |
-7833 | The maximum number of parameters in URL has reached the limit. |
-7834 | The maximum number of parameters in domain has reached the limit. |
-7835 | Due to the limit of the domain count, imported Anomaly Detection data partly. |
-7836 | Failed to import api learning data. |
-7837 | Failed to export api learning data. |
-7838 | Unmatched API learning data file found. |
-7848 | Failed to resolve reference file. |
-7849 | Failed to find reference file. |
-7850 | Failed to find database file. |
-7851 | Failed to find JSON file. |
-7852 | Invalid JSON file. |
-7853 | Parsing info object failed. |
-7854 | Parsing server object failed. |
-7855 | Parsing path file failed. |
-7856 | YAML file does not exist. |
-7857 | Invalid YAML file for OpenAPI. |
-7858 | Creating database failed. |
-7859 | The mode can not be active-active-standard when network-type is udp-tunnel on kvm platform. |
-7860 | The multi cluster status should be unset first. |
-7861 | HA entry already exists. |
-7862 | Manager entry already exists. |
-7863 | It is not allowed to configure this object in manager client mode. |
-7864 | No available license for manager module. |
-7865 | All interfaces should be in DHCP mode (IPv4) when the manager mode is enabled. |
-7866 | The manager mode should be in RP mode. |
-7870 | Address error. |
-7871 | Server test error. |
-7872 | Internal API error. |
-7873 | Invalid credentials. |
-7901 | Getting WVS policy status failed. |
-7902 | Names can only contain space, A-Z, a-z, 0-9, _, -, and . |
-7903 | Names can only contain A-Z, a-z, 0-9, _, -, and . |
-7910 | For ADFS server, ADFS domain must be set. |
-7911 | For ADFS server, ADFS username must be set. |
-7912 | For ADFS server, SNI forward can’t be set. |
-7913 | For ADFS server, the client certificate must be set. |
-7950 | The country name is empty or wrong. |
-7955 | Invalid JSON schema file. |
-7956 | Duplicate JSON schema file. |
-7960 | The interface name is too long to create VLAN; the length of the interface name should be less than 15 letters. |
-7961 | Test sample failed. |
-7970 | The IP address of VIP is already used by another VIP. |
-7971 | The IP address you entered for this VIP is already occupied by an interface. |
-7972 | The name format of the VIP is VIP+number, such as VIP1; only VIP1~VIP200 is supported. |
-7973 | You can create at most 200 VIP items |
-7974 | You can create at most 16 VIPs on a interface. |
-7975 | When HA or manager cluster is turned on, it is not allowed to configure VIP on AWS platform. |
-7976 | It is not allowed to configure VIP in TTP operation mode. |
-7980 | The HSM partition is in use. |
-7981 | Passwords of different partitions within the same HSM HA group must be identical. |
-7982 | The HSM HA group must have at least one member. |
-7990 | Only admin user can delete other users. |
-7991 | Invalid private key file. |
-8000 | The mobile API protection rule must be set. |
-8001 | The rule has been selected. |
-8010 | Token secret must be set when Mobile App Identification status is Enable. |
-8011 | Getting the file content error. |
-8012 | The imported file should not be empty. |
-8014 | |
-8015 | Malloc failed. |
-8016 | Invalid start IP. |
-8017 | Invalid end IP. |
-8018 | Invalid CIDR. |
-8019 | Start IP is larger than then end IP. |
-8020 | IP range duplicate. |
-8021 | Invalid UUID format. |
-8022 | The host can not be NULL. |
-8023 | The value of inactive time is invalid. Please input <1 - 180 minutes> or <1 - 24 hours>. |
-8024 | The value of expire time is invalid. Please input <1 - 180 minutes> or <1 - 24 hours>. |
-8025 | The path must start with ’/‘. |
-8026 | The bypass URL must start with ’/‘. |
-8030 | The URL encryption rule must be set. |
-8031 | The rule has been selected. |
-8037 | Adom user can not change accprof. |
-8038 | Adom user can not change adom. |
-8039 | Admin user’s accprof should be prof_admin. |
-8040 | Only admin user can change accprof to prof_admin. |
-8041 | User can not delete himself. |
-8042 | Only admin user can change other users’ configuration. |
-8043 | The external IP address must be set. |
-8044 | The mapped IP address must be set. |
-8045 | The FWMARK Policy mark already exists. |
-8046 | HTTP2 with URL based certificate verification is not supported. |
-8047 | The IP range includes interface address. |
-8048 | The external address/range can not include the ingress interface address. |
-8049 | The mapped address/range can not include any interface address. |
-8050 | The IP range includes VIP address. |
-8051 | Conflicted with the external IP address for DNAT rules. |
-8052 | Conflicted with the mapped IP address for DNAT rules. |
-8053 | The Redis service is out of memory. |
-8054 | The attack type must be set. |
-8055 | You can create at most 128 exception rules of the same attack type. |
-8056 | The total port range can not be more than 8. |
-8057 | The port range can not cover each other. |
-8058 | The total port number can not be more than 128. |
-8059 | The protocol does not support port range. |
-8085 | The mode can not be active-active-standard on cloud platform. |
-8086 | Port1 should be in DHCP mode on cloud platform. |
-8087 | Failed to create intferface on cloud paltform. |
-8088 | Interface mode is not allowed to modify on OCI platform. |
-8089 | The duplicate domain name has been configured. |
-8095 | Another wildcard admin user has existed in system. |
-8096 | Unsupported cipher in FIPS ciphers mode. |
-8097 | Unsupported certificate in FIPS ciphers mode. |
-8098 | Unsupported ssl protocol version in FIPS ciphers mode. |
-8100 | Current mode is WCCP,cannot disable wccp-mode switch.if needed please change to other mode first. |
-8101 | The private key or certificate files of the local certificate is not generated yet. |
-8109 | The header type is not supported in request action. |
-8110 | The custom value cannot be empty. |
-8111 | The JWK kty is unknown type. |
-8112 | Please set JWK secret for Octet key type. |
-8113 | The modulus/exponent is invalid for RSA key type. |
-8114 | The x/y/crv is invalid for EC key type. |
-8115 | The X.509 Certificate SHA-1/SHA-256 Thumbprint base64url decode error. |
-8116 | The scope field must contain ‘openid’. |
-8130 | Getting domain url list failed. |
-8131 | HSM server with the same name already exists. |
-8132 | Only one partition is allowed under HSM non-HA mode. |
-8133 | Only one server is allowed under HSM non-HA mode. |
-8134 | Failed to delete HSM HA group. |
-8135 | Failed to add new member to HSM HA group. |
-8136 | Failed to synchronize HSM HA group. |
-8137 | Failed to get HSM partition slot id. |
-8138 | Failed to add HSM partition. |
-8139 | Failed to change Luna Client config file. |
-8140 | You must create an HSM HA group containing 2 members firstly. |
-8150 | The link cloaking rule must be set. |
-8151 | The rule has been selected. |
-8210 | Error build connection. |
-8211 | Error sending message. |
-8212 | Error recving message. |
-20000 | The REST API has no URL in environment variable. |
-20001 | The REST API has invalid URL. |
-20002 | The REST API is not authenticated in environment variable. |
-20003 | The REST API authentication failed. |
-20004 | The REST API has no method in environment variable. |
-20005 | The REST API has invalid HTTP method. |
-20006 | The REST API has no argument in environment variable. |
-20007 | The REST API has invalid argument. |
-20008 | The REST API has no client address in environment variable. |
-20009 | The REST API has no free memory. |
-20010 | The license of peer VM FortiWeb is not valid. |
-20011 | The REST API has invalid multipart/form-data format. |
-20012 | The REST API can’t get signature rule by the signature name. |
-20013 | The REST API failed to do signature query. |
-20014 | The REST API has no HTTP body. |
-20015 | Backup file does not exist. |
-20016 | Duplicate local backup file. |
-20017 | At least one SSL version needs to be configured. |
-20018 | OCI Connector is not supported in pserver list. |
-20019 | Could not decrypt certificate/private key. Please verify that you have the correct password. |
-20020 | The certificate does not match any private key generated on FortiWeb. Please verify that you have the correct certificate file. |
-20021 | Let’s Encrypt certificate is used by some object. |
-20022 | Private data encryption key is not the correct format.. |
-20023 | The number of member in this group is 0 |
-20024 | True Transparent proxy with HA active-active-standard doesn’t support Server Pool Health Check. |
-20025 | Unable to download due to size |
-20026 | The name of the local certificate has exceeded the maximum length(192). |
-20027 | The REST API read statistic database error. |
-20028 | Names can only contain A-Z, a-z, 0-9, _, and -. (): |
-20029 | You need to disable shell access before mod. the username or passowrd of shell acess. |
-20030 | The username of admin is conflict with the one for shell access. |
-20031 | When Ignore-X-Forwarded-For is enabled, action Redirect and Send 403 Forbidden are not supported. |
-20032 | The input is duplicated. Nothing is updated. |
-20033 | The REST API failed to save data. |
-20034 | The maximum no of pairs of filter has been reached. |
-20035 | Failed to upload file because the application key is duplicate. |
-20036 | This file type is predefined, please config it by Predefined File Types. |
-20037 | Filter length exceeds limitation. |
-20038 | Host can have at most one wildcard. |
-20039 | At least one method should be checked. |
-20040 | At least one protocol should be checked. |
-20041 | It is duplicate EMS server. |
-20042 | The ZTNA should be in Reverse Proxy mode. |
-20043 | When Data Type is Hex-array, Operation must be Equal. |
-20044 | Invalid length of Hex array. |
-20045 | Invalid Hex array. |
-20046 | In FIPS mode, RSA key generation refuses to create and use a key with a keysize of less than 2048 bits and SHA-1 digest algorithm may not be used |
-20047 | FDS update in progress, try again later |
-20048 | The health check group id must be different in master or slave role |
-20049 | The health check of master role only refer to one server pool |
-20050 | Pserver do not refer to master/slave role health |
-20051 | Pservers have same ip address in server pool which use master role health |
-20052 | Please select a CA certificate. |
-20053 | RFC7919 compliance is enabled, but no DHE cipher suites are selected. |
-20054 | RFC7919 compliance is enabled, but no FFDHE group is selected. |
-20055 | Can’t be moved in pre-defined rules. |
-20056 | Invalid args in REST API request. |
-20057 | FTC login system error. |
-20058 | Please check the internet connection to FTC. |
-20059 | Invalid FTC packet received. |
-20060 | Incorrect account or password. |
-20061 | Invalid gRPC IDL file. |