Top 25 fortinet utility commands

Lately in my day to day I am having to “fight” with the fortinet firewalls coninuously, so I share with you the commands that I am using the most:

# showDisplays the global configuration
# sh system interfacesee interface configuration
# diagnose hardware deviceinfo nicview card information
# get system statussee forti’s version
# sh firewall policy 6see rule number 6
# sh router policysee routing policy
# diagnose system session listsee list of sessions
# diagnose system session clearclears all xlate/translations
# diagnose ip arp listsee arp table
# get router info routing-table allsee all routes
# diagnose system topsee the top processes
# diagnose system kill 9kill process
# diag test auth ldapcheck if you can log in with an ldap user
# config system interface
edit port1
set ip
append allowaccess http
configure network interface
# config router static
edit 1
set device port1
set gateway
configure route
# config system dns
set primary set secondary
configure dns
# execute ping
# config system ha
set ha-eth-type 0003
set group-id 140
set up a group in the ha
# get system ha statussee the state of the ha
# execute ha synchronize configsynchronize ha
# execute ha synchronize stop
execute ha synchronize start
synchronize ha
# execute traceroute IPtraceroute to an ip
# get system performance firewall statisticsDisplay traffic statistics so far:
# get system performance statusDisplay CPU status and power-on time:
# get system performance topDisplay CPU utilization sorted by the most important processes

Leave a Reply