Professional Documents
Culture Documents
FortiGate_Commands
FortiGate_Commands
FortiGate_Commands
**************************************************
* Configure basic security policies *
**************************************************
end
**************************************************
* Configure basic security policies *
**************************************************
edit "WAN-1"
set associated-interface "port1"
set subnet 192.168.10.11 255.255.255.255
next
edit "Dentist1"
set associated-interface "port1"
set subnet 192.168.10.21 255.255.255.255
next
edit "Dentist2"
set associated-interface "port1"
set subnet 192.168.10.22 255.255.255.255
next
edit "Dentist3"
set associated-interface "port1"
set subnet 192.168.10.23 255.255.255.255
end
edit Internet_PCs
set member Admin Dentist1 Dentist2 Dentist3
end
edit 1
set srcintf port1
set dstintf port2
set srcaddr Internet_PCs
set dstaddr all
set action accept
set schedule always
set service "DHCP" "DNS" "FTP" "HTTP" "HTTPS" "NTP" "POP3" "SMTP" "SSH"
set logtraffic enable
set label "Section2"
set endpoint-restrict-check no-av db-outdated
next
edit 2
end
**************************************************
* FortiClient enforcement to interfaces *
**************************************************
edit port1
set listen-forticlient-connection [enable|disable]
set endpoint-compliance [enable|disable]
next
end
**************************************************
* Configure static routing *
**************************************************
edit 1
set gateway 172.100.20.5
set distance 10
set device port2
set dst 0.0.0.0
next
end
**************************************************
* Configure Link Health Monitor *
**************************************************
edit <name>
next
end
**************************************************
* Routing - Diagnostics *
**************************************************
get router info routing-table database (check active, standby and inactive
routes)
diagnose firewall proute list (check policy routes and isdb routes)