FORTIGATE - Useful CLI commands

De PedroWiki

Introduction

This article will gather some useful CLI commands for Fortigate firewalls configuration and diagnostic.

Toolbox

Filter

Any command result can be filtered like in a linux shell, using pipe and grep: 

# <command> | grep <pattern>

Show a configuration when configuring

# config <menu> <submenu>
<submenu># show

List device interfaces

# show system interface

IPsec tunnel establishment diagnostic

# diag debug application ike -1
# diag debug enable
# diag vpn ike log-filter name <name_of_a_IPSec_tunnel>

Indentify tunnel and filter list

# diag vpn ike log-filter list

Debug disable

# diag debug disable

Routing

See all routes (whatever the protocol being used)

# get router info routing-table all
Récupérée de « https://wiki.pedrono.fr/index.php?title=FORTIGATE_-_Useful_CLI_commands&oldid=807 »