Header Ads

Recently post

Fortigate cli command

 Fortigate firewall cli command below--


Run these commands under global mode - if any command is not working you can mode into global mode


System-related command

 # c g

#get system interface physical       hardware interfaces

#get system status  - - check system details like serial number , hardware model


Configure management interface used below command- 

#config system interface

#edit mgmt

#set ip x.x.x.x 255.255.255.x (just exp for subnet)


FOR HA config verification and configuration -

#get system ha status

debug command for HA

#dia debug application hasync -1
#dia debug application hatalk -1
#dia deb ena
once collect debug disable debug
#dia deb disable 
# config system ha

below configuration need same for both side

set priority high of that firewall which one you want Master and lower prioirty take slave rule.

#config system ha
#set group-id 1
#set group-name "CUSTOMER-HA"
#set mode a-p
#set password <password removed>
#set hbdev "ha1" 0 "ha2" 0
#set chassis-id 1
#set hbdev-second-vlan-id 998
#set session-pickup enable
#set override disable
#set priority 180
#end
If some issue facing with HA you can check checksum of both device must same.
#diagnose sys ha checksum cluster
#diag sys confsync status 
run this command into Master for reboot-  #exe reboot

  • config router static
  • config system dns
  • config system global
  • config system ha
  • config system interface






No comments