N_ FortiGate 200a

  • View
    120

  • Download
    1

Embed Size (px)

DESCRIPTION

Narjan Listing

Text of N_ FortiGate 200a

Connected NCT # show full-configuration #config-version=FG200A-4.00-FW-build178-090820:opmode=0:vdom=0 #conf_file_ver=10491300511546348673 #buildno=0178 config system global set access-banner disable set admin-https-pki-required disable set admin-lockout-duration 60 set admin-lockout-threshold 3 set admin-maintainer enable set admin-port 80 set admin-scp disable set admin-server-cert "self-sign" set admin-sport 443 set admin-ssh-port 22 set admin-ssh-v1 disable set admin-telnet-port 23 set admintimeout 5 set anti-replay strict set auth-cert "self-sign" set auth-http-port 1000 set auth-https-port 1003 set auth-keepalive disable set auth-policy-exact-match enable set av-failopen pass set av-failopen-session disable set batch-cmdb enable set cfg-save automatic --More-set check-protocol-header loose --More-set check-reset-range disable --More-set clt-cert-req disable --More-set daily-restart disable --More-set detection-summary enable --More-set dst disable --More-set endpoint-control-portal-port 8009 --More-set failtime 5 --More-set fds-statistics enable --More-set fsae-burst-size 300 --More-set fsae-rate-limit 100 --More-set gui-ipv6 disable --More-set gui-lines-per-page 50 --More-set hostname "NCT" --More-set http-obfuscate modified --More-set ie6workaround disable --More-set internal-switch-mode switch --More-unset internal-switch-speed --More-set interval 5 --More-set ip-src-port-range 1024-25000 --More-set language english --More-set lcdpin ENC XXVrg9a1cu6os --More-set lcdprotection disable --More-set ldapconntimeout 500 --More-set log-user-in-upper disable --More-set loglocaldeny disable --More-set management-vdom "root" --More-set phase1-rekey enable --More-set radius-port 1812 --More-set refresh 0

--More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More--

set set set set set set set set set set set set set set set set set set set set

registration-notification enable remoteauthtimeout 5 reset-sessionless-tcp disable send-pmtu-icmp enable service-expire-notification enable sslvpn-sport 10443 strong-crypto disable tcp-halfclose-timer 120 tcp-halfopen-timer 60 tcp-option enable tcp-timewait-timer 120 timezone 04 tos-based-priority high udp-idle-timer 180 user-server-cert "self-sign" vdom-admin disable vip-arp-range restricted wireless-controller enable wireless-controller-port 5246 fds-statistics-period 60

end config system accprofile edit "prof_admin" set admingrp read-write set authgrp read-write set endpoint-control-grp read-write set fwgrp read-write set loggrp read-write unset menu-file set mntgrp read-write set netgrp read-write unset roles set routegrp read-write set sysgrp read-write set updategrp read-write set utmgrp read-write set vpngrp read-write next end config system interface edit "wan1" set vdom "root" set mode dhcp set distance 5 set priority 0 set dhcp-relay-service disable unset dhcp-relay-ip set dhcp-relay-type regular unset ip set allowaccess ping https http set gwdetect disable unset detectserver set detectprotocol ping set ha-priority 0 set dns-query disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward enable

--More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More--

set set set set set set set set set set set set set set set set set set

stpforward disable ips-sniffer-mode disable ident-accept disable ipmac disable subst disable log disable fdp disable ddns disable status up netbios-forward disable wins-ip 0.0.0.0 type physical tcp-mss 0 inbandwidth 0 outbandwidth 0 spillover-threshold 0 description '' alias "NCT" config ipv6 set autoconf disable set ip6-address ::/0 unset ip6-allowaccess set ip6-default-life 1800 set ip6-hop-limit 0 set ip6-link-mtu 0 set ip6-manage-flag disable set ip6-max-interval 600 set ip6-min-interval 198 set ip6-other-flag disable set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-send-adv disable end set dhcp-client-identifier '' set idle-timeout 0 set defaultgw enable set dns-server-override enable unset macaddr set speed auto set mtu-override disable set wccp disable set explicit-web-proxy disable next edit "wan2" set vdom "root" set mode static set dhcp-relay-service disable unset dhcp-relay-ip set dhcp-relay-type regular set ip 0.0.0.0 0.0.0.0 set allowaccess ping set gwdetect disable unset detectserver set detectprotocol ping set ha-priority 0 set dns-query disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable

--More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More--

set set set set set set set set set set set set set set set set set set set set

next edit "dmz1" set vdom "root" set mode static set dhcp-relay-service disable unset dhcp-relay-ip set dhcp-relay-type regular set ip 10.10.10.1 255.255.255.0 set allowaccess ping https set gwdetect disable unset detectserver set detectprotocol ping set ha-priority 0 set dns-query disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable

icmp-redirect enable vlanforward enable stpforward disable ips-sniffer-mode disable ident-accept disable ipmac disable subst disable log disable fdp disable ddns disable status up netbios-forward disable wins-ip 0.0.0.0 type physical tcp-mss 0 inbandwidth 0 outbandwidth 0 spillover-threshold 0 description '' alias '' config ipv6 set autoconf disable set ip6-address ::/0 unset ip6-allowaccess set ip6-default-life 1800 set ip6-hop-limit 0 set ip6-link-mtu 0 set ip6-manage-flag disable set ip6-max-interval 600 set ip6-min-interval 198 set ip6-other-flag disable set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-send-adv disable end set idle-timeout 0 unset macaddr set speed auto set mtu-override disable set wccp disable set explicit-web-proxy disable

--More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More--

set set set set set set set set set set set set set set set set set set set

vlanforward enable stpforward disable ips-sniffer-mode disable ident-accept disable ipmac disable subst disable log disable fdp disable ddns disable status up netbios-forward disable wins-ip 0.0.0.0 type physical tcp-mss 0 inbandwidth 0 outbandwidth 0 spillover-threshold 0 description '' alias '' config ipv6 set autoconf disable set ip6-address ::/0 unset ip6-allowaccess set ip6-default-life 1800 set ip6-hop-limit 0 set ip6-link-mtu 0 set ip6-manage-flag disable set ip6-max-interval 600 set ip6-min-interval 198 set ip6-other-flag disable set ip6-reachable-time 0 set ip6-retrans-time 0 set ip6-send-adv disable end set idle-timeout 0 unset macaddr set speed auto set mtu-override disable set wccp disable set explicit-web-proxy disable next edit "dmz2" set vdom "root" set mode static set dhcp-relay-service disable unset dhcp-relay-ip set dhcp-relay-type regular set ip 0.0.0.0 0.0.0.0 set allowaccess ping set gwdetect disable unset detectserver set detectprotocol ping set ha-priority 0 set dns-query disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward enable

--More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More---More--

set set set set set set set set set set set set set set set set set set

next edit "internal" set vdom "root" set mode static set dhcp-relay-service disable unset dhcp-relay-ip set dhcp-relay-type regular set ip 10.232.3.100 255.255.255.0 set allowaccess ping https http telnet set gwdetect disable unset detectserver set detectprotocol ping set ha-priority 0 set dns-query disable set pptp-client disable set arpforward enable set broadcast-forward disable set bfd global set l2forward disable set icmp-redirect enable set vlanforward enable set stpforward disable

stpforward disable ips-sniffer-mode disable ident-accept disable ipmac disable subst disable log disable fdp disable ddns disable status up netbios-forward disable wins-ip 0.0.0.0 type physical tcp-mss 0 inbandwidth 0 outbandwidth