Fortinet防火墙命令行概述-创新互联
1. 可以通过SSH, Telnet, 或者serial console
成都创新互联公司公司2013年成立,是专业互联网技术服务公司,拥有项目网站制作、网站设计网站策划,项目实施与项目整合能力。我们以让每一个梦想脱颖而出为使命,1280元寻乌做网站,已为上家服务,为寻乌各地企业和个人服务,联系电话:135182197922. CLI的配置是分级的结构,如下所示:
config system interface
edit "internal"
set vdom "root"
set ip 192.168.100.99 255.255.255.0
set allowaccess ping https ssh snmp http telnet
set type physical
next
end
3. 命令行层次结构具体有下面这些关键字:
config
edit
next
end
exit
abort
4. 使用 “?” 可以查询可用当前级别可以的指令
5. 使用
6. 设置wan2的IP:的例子:
FortiGate-60 # config system interface
(interface)# edit wan2
(wan2)# set ip 192.177.11.12 255.255.255.248
(wan2)# end
FortiGate-60 #
7. 可以用“get”命令显示参数和当前值:
(internal)# get
name : internal
vdom : root
cli-conn-status : 0
mode : static
dhcp-relay-service :
dhcp-relay-ip :
dhcp-relay-type :
ip : 192.168.96.254 255.255.255.0
allowaccess : ping HTTPS HTTP telnet
8. 可以用“show”命令显示当前配置:
FGT50B3 # config system interface
FGT50B3 (interface) # edit internal
FGT50B3 (internal) # show
config system interface
edit "internal"
set vdom "root"
set ip 192.168.100.99 255.255.255.0
set allowaccess ping https ssh snmp http telnet
set type physical
next
end
9. 可以用“show full-configuration”命令显示当前完全配置:
FGT50B3 # config system interface
FGT50B3 (interface) # edit internal
FGT50B3 (internal) # show full-configuration
config system interface
edit "internal"
set vdom "root"
set mode static
set dhcp-relay-service disable
unset dhcp-relay-ip
set dhcp-relay-type regular
set ip 192.168.100.99 255.255.255.0
set allowaccess ping https ssh snmp http telnet
set gwdetect disable
unset detectserver
set ha-priority 0
set pptp-client disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-redirect enable
set vlanforward enable
set stpforward disable
set ident-accept disable
set ipmac disable
set subst disable
set log disable
set fdp disable
set ddns disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set description ''
set alias ''
set l2tp-client disable
config ipv6
set autoconf disable
set ip6-address ::/0
unset ip6-allowaccess
set ip6-default-life 1800
set ip6-hop-limit 0
set ip6-link-mtu 0
set ip6-manage-flag disable
set ip6-max-interval 600
set ip6-min-interval 198
set ip6-other-flag disable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-send-adv disable
end
set idle-timeout 0
unset macaddr
set mtu-override disable
next
end
10. 执行某些命令,例如:
execute factoryreset
execute ping
execute backup
execute traceroute
execute reboot
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
网站栏目:Fortinet防火墙命令行概述-创新互联
标题网址:http://scjbc.cn/article/cdsdjo.html