FortiGate firewalls activate every command immediately. To change the IP address and the default gateway on a remote device, can be very tricky.

Using Workspace Mode avoids this problem. I can create a batch of commands, which will only be activated on the final commit.

The transaction is started with:

execute config-transaction

Now I add all my commands.

The transaction is ended and the commands are activated:

execute config-transaction commit

The transaction can be aborted and the commands will be ignored:

execute config-transaction abort

It is possible to combine this with ⇒Config Save Revert.

There are some debug commands with Workspace Mode:

diagnose sys config-transaction status

diagnose sys config-transaction show txn-cli-commands 

diagnose sys config-transaction show ?