cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar








Etc


Reference














.

hardware:fortigate:index.html



Hardware

Fortinet Fortigate CLI Commands

Corporate Site

Fortigate Command

Check

Configuration

check configuration # show
# show |grep xxxx
# show full-configuration
#show full-configuration | grep XXXX
#show full-configuration | grep -f XXXX ← display with tree view

Network

Check Routing # get router info routing-table detail
# config router static
(static) # show
(static) # end
Check Firewall Policy # show firewall policy
# show firewall policy XXXX
# config firewall policy
(policy) # show

Hardware

Check Hardware Information # get hardware status
check Version, BIOS, Firmware, etc # get system status
check version # get system status
Display CPU / memory / line usage # get system performance status
Display of NTP server # get system ntp
Display the current time and the time of synchronization with the NTP server # execute time
check interfaces status , Up or Down # get system interface physical
check interfaces
# config system interface
(interface) # show
(interface) # end
Display of ARP table # get system arp

HA

Check HA Status # get system ha status
Check HA Configuration # get system ha
# show system ha

NTP

Check NTP # execute time
# get system ntp
# diagnose sys ntp status


Set

don't use more
# config system console
(console) # set output standard
(console) # end
Save Configuration & exit (console) # end
Don't Save Configuration & exit (console) # abort

Object

config firewall address
  edit "test-server-10"
    set associated-interface "vlan10"
    set subnet 192.168.0.5 255.255.255.0
end

Policy

config firewall policy
  edit 555
    set name "test"
    set srcintf "vlan10"
    set dstintf "port 5"
    set srcadr "xxxx"  "xxxx"  "xxx"
    set action accept
    set schedule "always"
    set servie "HTTP" "ICMP_ANY"
end


delete command

How to delete Policy

# config firwall policy
# delete 1 
# end

How to delete router

# config router static
# delete 1
# end


Operation

Help # ?
ping # execute ping 192.168.0.1
execute traceroute command # execute traceroute 192.168.1.1
execute command like tcpdump # diagnose sniffer packet port15 ← Interface Port15
# diagnose sniffer packet any 'host xx.xx.xx.xx'
# diagnose sniffer packet port15 'host xx.xx.xx.xx'
# diagnose sniffer packet any 'host xx.xx.xx.xx or host yy.yy.yy.yy'
# diagnose sniffer packet any 'udp port 53 or tcp port 53'
# diagnose sniffer packet any 'host xx.xx.xx.xx and tcp port 80'
shutdown # execute shutdown
clear arp table # execute clear system arp table

Backup Configuration

# exec backup config tftp conf/test-fw-01_20180913.conf 192.168.0.10


Displaying logs via CLI

Check log filter

# execute log filter dump

View log

# execute log display

set filter

# execute log filter device    <- Check Option
Example output (can be different if disk logging is available):
Available devices:
0: memory
1: disk
2: fortianalyzer
3: forticloud

# execute log filter device XX   <- Set Option
# execute log filter category    <- Check Option
 0: traffic
 1: event
 2: utm-virus
 3: utm-webfilter
 4: utm-ips
 5: utm-emailfilter
 7: utm-anomaly
 8: utm-voip
 9: utm-dlp
10: utm-app-ctrl
12: utm-waf
15: utm-dns
16: utm-ssh
17: utm-ssl
18: utm-cifs
19: utm-file-filter
# execute log filter category XXXX   <- Set Option
Example
# execute log filter device 1       <- 1: disk
# execute log filter category 1     <- 1: event









hardware/fortigate/index.html.txt · Last modified: 2020/03/13 by admin

Page Tools