Fortinet firewall basics
Home > Enterprise security devices or applications > Fortigate firewall > Bascis
Connecting to console port in Fortigate firewall
In fortigate firewall we can connect to console using 9600 Baud rate. After connecting to console login via admin to get access to command prompt.
Fortigate firewall command access
We can open command prompt based access to fortigate firewall after login into webUI. After login on top right corner there are a few icons. One of the icons is for command prompt access. If we hover over that icon we can read "CLI console". Using that we can get command prompt access to firewall via Web login without requiring SSH / console connection to firewall.
Looking at firewall logs
We can look at firewall logs using:
execute log display
We can change the filter for logs using:
- Look at current filter configuration
- execute log filter dump
- Remove all existing filter configuration
- execute log filter reset
- Set the source of logs:
- execute log filter device <device-no>
- Choose the category of logs:
- execute log filter category <category-no>
- See the full configuration of memory log filter using:
- show full-configuration log memory filter
- Some filter examples
- execute log filter category 3
- execute log filter field dstip 40.85.78.63
- execute log filter free-style "(date 2019-09-13 not) and (dstip 40.85.78.63)"
- execute log filter free-style "srcip 172.16.1.1"
- execute log filter free-style "(srcip 172.16.1.1) or (dstip 172.16.1.2)"
- execute log filter free-style "(srcip 172.16.1.1) and (dstip 172.16.1.2)"
- execute log filter free-style "((srcip 172.16.1.1) or (dstip 172.16.1.2)) and (dstport 80 443 50-60)"
Refer:
Get configuration via command-line
We can get configuration via command-line using:
config global show full-configuration
We can get information about interfaces using:
get system interface
Refer:
To see ARP table we can use:
get system arp
Refer:
Home > Enterprise security devices or applications > Fortigate firewall > Bascis