Scribd
Upload
72 views2 pages

Fortigate Basic

The document provides a cheatsheet of commands for configuring and managing a Fortigate firewall. It lists commands for system management, interface configuration, firewall policies, VPN configuration, routing, wireless, high availability, backups and restores, updates, logging, SSL VPN, and other areas.

Uploaded by

Prakash Suthar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
72 views2 pages

Fortigate Basic

The document provides a cheatsheet of commands for configuring and managing a Fortigate firewall. It lists commands for system management, interface configuration, firewall policies, VPN configuration, routing, wireless, high availability, backups and restores, updates, logging, SSL VPN, and other areas.

Uploaded by

Prakash Suthar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Fortigate Firewall Cheatsheet-

System Management:
System Configuration:
execute backup config <filename>
get system status execute restore config <filename>
get system interface execute ping <destination_ip>
get system hostname execute traceroute <destination_ip>
get system dns execute reboot
get system timezone execute factoryreset
get system time execute formatlogdisk

Interface Configuration: VPN debug command

show system interface


diagnose debug console timestamp enable
config system interface
edit <interface> diagnose debug application ike -1
set ip <ip_address/subnet> diagnose debug application ike 63
set allowaccess <service> diagnose vpn ike log-filter dst-addr4 <IP
set status <enable/disable>
address>
next
end diagnose debug enable

Firewall Policies: Firewall Objects and Addresses:

show firewall policy show firewall address


config firewall policy
config firewall address
edit <policy_id>
set srcintf <source_interface> edit <address_name>
set dstintf <destination_interface> set subnet <address/subnet>
set srcaddr <source_address> set associated-interface <interface>
set dstaddr <destination_address>
next
set action <action>
set service <service> end
next
end
Routing:
VPN Configuration:
get router info routing-table all
show vpn ipsec phase1-interface config router static
show vpn ipsec phase2-interface edit <entry_id>
config vpn ipsec phase1-interface set dst <destination_network>
edit <interface_name>
set interface <interface>
set device <interface>
set psksecret <pre-shared_key> set gateway <gateway_ip>
next set distance <distance_value>
end next
end
Wireless:
High Availability (HA):
get wireless-controller vap
get system ha status get wireless-controller wtp
execute ha manage <command> config wireless-controller vap
execute ha diagnose <command> config wireless-controller wtp
execute ha redundancy <command>
config system ha System Backup and Restore:
set mode <active/passive/a-a>
set group-name <group_name> execute backup config <filename>
set hbdev <interface> execute restore config <filename>
next execute backup full
end execute restore full
execute backup config <filename> scp
FortiGuard and Updates: <scp_server_ip> <username> <remote_path>
execute restore config <filename> scp
get system fortiguard <scp_server_ip> <username> <remote_path>
execute update-now

Logging and Monitoring:

diag debug enable


diag debug flow
diag debug app
diag debug enable
execute log filter
execute log display
execute log view

SSL VPN:

show vpn ssl settings


config vpn ssl settings
set tunnel-mode enable
set source-interface <interface>
set idle-timeout <timeout_value>
next
end

You might also like