Upload
doanthuy
View
268
Download
6
Embed Size (px)
Citation preview
FortiOS CLI Reference for FortiOS 5.0
FortiOS CLI Reference for FortiOS 5.0
August 31, 2016
01-509-99686-20160831
Copyright 2016 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare and FortiGuard, and certain other marks are registered trademarks of Fortinet, Inc., in the U.S. and other jurisdictions, and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinets General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinets internal lab tests. In no event does Fortinet make any commitment related to future deliverables, features or development, and circumstances may change such that any forward-looking statements herein are not accurate. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
Technical Documentation docs.fortinet.com
Knowledge Base kb.fortinet.com
Customer Service & Support support.fortinet.com
Training Services training.fortinet.com
FortiGuard fortiguard.com
Document Feedback [email protected]
http://docs.fortinet.comhttp://kb.fortinet.comhttps://support.fortinet.comhttp://training.fortinet.comhttp://www.fortiguard.com/mailto:[email protected]?Subject=Technical%20Documentation%20Feedback
Contents
Introduction..................................................................................................... 19How this guide is organized............................................................................. 19Availability of commands and options............................................................. 19
Managing Firmware with the FortiGate BIOS.............................................. 20Accessing the BIOS............................................................................................... 20
Navigating the menu........................................................................................ 20
Loading firmware ................................................................................................... 21Configuring TFTP parameters.......................................................................... 21Initiating TFTP firmware transfer...................................................................... 22
Booting the backup firmware ................................................................................ 22
Whats new...................................................................................................... 23
alertemail......................................................................................................... 55setting .................................................................................................................... 56
antivirus........................................................................................................... 60heuristic ................................................................................................................. 61
mms-checksum ..................................................................................................... 62
notification ............................................................................................................. 63
profile ..................................................................................................................... 64config {http | https | ftp | ftps | imap | imaps | mapi | pop3 | pop3s | smb | smtp |
smtps | nntp | im} ........................................................................................... 65config nac-quar................................................................................................ 66
quarantine .............................................................................................................. 67
service.................................................................................................................... 70
settings .................................................................................................................. 71
application....................................................................................................... 72custom ................................................................................................................... 73
list .......................................................................................................................... 74
name ...................................................................................................................... 78
client-reputation ............................................................................................. 79profile ..................................................................................................................... 80
dlp .................................................................................................................... 82filepattern ............................................................................................................... 83
fp-doc-source ........................................................................................................ 85
fp-sensitivity........................................................................................................... 87
sensor .................................................................................................................... 88
settings .................................................................................................................. 90
Page 3
endpoint-control............................................................................................. 91forticlient-registration-sync.................................................................................... 92
profile ..................................................................................................................... 93
settings .................................................................................................................. 98
firewall ............................................................................................................. 99address, address6 ............................................................................................... 100
addrgrp, addrgrp6 ............................................................................................... 103
auth-portal ........................................................................................................... 104
carrier-endpoint-bwl ............................................................................................ 105
carrier-endpoint-ip-filter....................................................................................... 107
central-nat............................................................................................................ 108
deep-inspection-options ..................................................................................... 109config ftps ...................................................................................................... 110config https .................................................................................................... 111config imaps .................................................................................................. 111config pop3s .................................................................................................. 112config smtps .................................................................................................. 112config ssl........................................................................................................ 113config ssl-server............................................................................................. 113
dnstranslation ...................................................................................................... 115
DoS-policy, DoS-policy6 ..................................................................................... 116
gtp........................................................................................................................ 118
identity-based-route ............................................................................................ 134
interface-policy .................................................................................................... 135
interface-policy6 .................................................................................................. 13