Thanks for Visiting my channel
Basic Settings
1-1 Basic Settings
Learning Objectives
- Create a basic configuration in FortiGate
- Identify CLI commands in FortiGate
- Create an IP access in FortiGate
- Create a DHCP server in FortiGate
- Backups and Restore configuration in FortiGate
This exercise will access a FortiGate device using the command-line interface (CLI). Setup your GNS3 and try to connect to FortiGate through WebTerm.
Figure 1-1: main scenario
Explore the CLI
To explore the CLI, from the GNS3 double click on FortiGate to open the console. In the Password field, type <the default password is blank>, and then press enter.
Enter the following command:
get system status
Figure 1-2: get system status output
This command displays basic status information about FortiGate. The output includes FortiGate’s serial number, operation mode, and a lot of useful information. When the More prompt appears on the CLI, do one of the following:
To continue scrolling Space bar
To scroll one line at a time Enter
Enter the following command: get ?
The ? character is not displayed on the screen.
This command shows all of the options that the CLI will accept after the # get command. Depending on the command, you may need to enter additional words to completely specify a configuration option.
Enter the following command: execute ?
This command lists all options that the CLI will accept after the execute command.
Type exe, and then press the Tab key. Notice that the CLI completes the current word.
Press the space bar and then press the Tab key three times.
Each time you press the Tab key, the CLI replaces the second word with the next possible option for the execute command, in alphabetical order.
You can abbreviate most commands. In this book, many of the commands that you see will be in abbreviated form. For example, instead of typing execute, you can type exe.
Use this technique to reduce the number of keystrokes that are required to enter a command. Often, experts can configure FortiGate faster using the CLI than the GUI.
Configuration Check configuration
# show
# show | grep xxxx
# show full-configuration
#show full-configuration | grep XXXX
#show full-configuration | grep -f XXXX ← display with tree view
Network
Check Routing
# get router info routing-table detail
# show router static
# config router static
(static) # show
(static) # end
Check Firewall Policy
# show firewall policy
# show firewall policy XXXX
# config firewall policy
(policy) # show
Hardware
Check Hardware Information
# get hardware status
Check Version, BIOS, Firmware, etc
# get system status
Check version
# get system status
Display CPU / memory / line usage
# get system performance status
Display of NTP server
# get system ntp
Display the current time and the time of synchronization with the NTP server
# execute time
Check interfaces status , Up or Down
# get system interface physical
Check interfaces
# config system interface
(interface) # show
(interface) # end
Display of ARP table
# get system arp
High Availability (HA)
Check HA Status
# get system ha status
Check HA Configuration
# get system ha
# show system ha
Network Time Protocol (NTP)
Check NTP
# execute time
# get system ntp
# diagnose sys ntp status
show system interface port3
Figure 1-3: Configuration of port3
Enter the following command:
show full-configuration system interface port3
Figure 1-4: show full-configuration of port3
Enter the following command:
show system interface
For setting an IP address on the port1:
#config system interface
#edit port1
#set mode static
#set ip 192.168.10.1 255.255.255.0
#set allowaccess ping ssh http https
#end
No comments:
Post a Comment