Table of Contents

Fortinet Fortigate CLI Commands


Corporate Site


Fortigate Command

Login

ssh admin@192.168.0.10    <- Fortigate Default user is admin


Check command

Configuration

check configuration # show
# show |grep xxxx
# show full-configuration
#show full-configuration | grep XXXX
#show full-configuration | grep -f XXXX ← display with tree view

Network

Check Routing # get router info routing-table detail
# show router static
# config router static
(static) # show
(static) # end
Check Firewall Policy # show firewall policy
# show firewall policy XXXX
# config firewall policy
(policy) # show

Hardware

Check Hardware Information # get hardware status
check Version, BIOS, Firmware, etc # get system status
check version # get system status
Display CPU / memory / line usage # get system performance status
Display of NTP server # get system ntp
Display the current time and the time of synchronization with the NTP server # execute time
check interfaces status , Up or Down # get system interface physical
check interfaces
# config system interface
(interface) # show
(interface) # end
Display of ARP table # get system arp

HA

Check HA Status # get system ha status
Check HA Configuration # get system ha
# show system ha

NTP

Check NTP # execute time
# get system ntp
# diagnose sys ntp status


Set and change Examples

don't use more
# config system console
(console) # set output standard
(console) # end
Save Configuration & exit (console) # end
Don't Save Configuration & exit (console) # abort

Object Operation

# config firewall address
(address) # show   <-- check all address configuration
(address) # end
# config firewall address
(address) # edit "test1"
(address) # show     <- check
(address) # abort    <- End and discard last config
# config firewall address
(address) # edit "test1"
(address) # show    <- check
(address) # set subnet 192.168.0.5 255.255.255.0
(address) # show   <- check
(address) # end   <- End and save last config.
config firewall address
  edit "test-server-10"
    set associated-interface "vlan10"
    set subnet 192.168.0.5 255.255.255.0
end


Policy Operation

#config firewall policy
(policy)# show    <- show all policy
(policy)# end
#
#config firewall policy
(policy)# edit 555
(policy)# show
(policy)# abort   <- End and discard last config
#
config firewall policy
  edit 555
    set name "test"
    set srcintf "vlan10"
    set dstintf "port 5"
    set srcadr "xxxx"  "xxxx"  "xxx"
    set action accept
    set schedule "always"
    set servie "HTTP" "ICMP_ANY"
end    <- End and save last config.


delete command

How to delete Policy

# config firwall policy
# delete 1 
# end

How to delete router

# config router static
# delete 1
# end


Frotigate Execute Commands

Help # ?
ping # execute ping 192.168.0.1
traceroute # execute traceroute 192.168.1.1
telnet # execute telnet 192.168.0.10
# execute telnet 192.168.0.1 22
ssh # execute ssh user@192.168.0.10
# execute ssh user@192.168.0.10 23
execute command like tcpdump # diagnose sniffer packet port15 ← Interface Port15
# diagnose sniffer packet any 'host xx.xx.xx.xx'
# diagnose sniffer packet port15 'host xx.xx.xx.xx'
# diagnose sniffer packet any 'host xx.xx.xx.xx or host yy.yy.yy.yy'
# diagnose sniffer packet any 'udp port 53 or tcp port 53'
# diagnose sniffer packet any 'host xx.xx.xx.xx and tcp port 80'
shutdown # execute shutdown
clear arp table # execute clear system arp table

Backup Configuration

# exec backup config tftp conf/test-fw-01_20180913.conf 192.168.0.10


Displaying logs via CLI

Check log filter

# execute log filter dump
category: traffic
deice: memory
(snipp)
Filter:
(snipp)

set filter

# execute log filter device    <- Check Option
Example output (can be different if disk logging is available):
Available devices:
0: memory
1: disk
2: fortianalyzer
3: forticloud

# execute log filter device XX   <- Set Option
# execute log filter category    <- Check Option
 0: traffic
 1: event
 2: utm-virus
 3: utm-webfilter
 4: utm-ips
 5: utm-emailfilter
 7: utm-anomaly
 8: utm-voip
 9: utm-dlp
10: utm-app-ctrl
12: utm-waf
15: utm-dns
16: utm-ssh
17: utm-ssl
18: utm-cifs
19: utm-file-filter
# execute log filter category XXXX   <- Set Option
Example
# execute log filter device 1       <- 1: disk
# execute log filter category 1     <- 1: event

View log

# execute log display