Fortinet notes: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
(Created page with " ipv6 setup: http://www.sixxs.net/wiki/Fortigate") |
|||
(19 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
== Overview == | |||
ipv6 setup: http://www.sixxs.net/wiki/Fortigate | ipv6 setup: http://www.sixxs.net/wiki/Fortigate | ||
support: http://docs.fortinet.com/fgt/archives/3.0/techdocs/IPv6_support_Tech_Note_01-30007-82573-20081003.pdf | |||
http://blackundertone.wordpress.com/2012/04/22/fortigate-ipv6-using-tunnelbroker-net/ | |||
== Online help == | |||
http://docs.fortinet.com/fdb/html/fdb-user-guide/index.html?page=source%2Freferences%2Fr_cli_admin_config_sys.html | |||
== Basic commands ( CLI ) == | |||
{| {{table}} | |||
| align="center" style="background:#f0f0f0;"|'''Cisco''' | |||
| align="center" style="background:#f0f0f0;"|'''fortinet''' | |||
|- | |||
| sh run||show | |||
|- | |||
| sh int||get system interface | |||
|- | |||
| show arp || get system arp | |||
|- | |||
| ||sh system wireless settings | |||
|- | |||
| ||sh system wireless ap-status | |||
|- | |||
| ping host || execute ping6 2001:470:66:288::1 | |||
|} | |||
also see: http://routing-bits.com/2008/10/09/fortigate-commands/ | |||
== XML API == | |||
http://docs.fortinet.com/fa/fortianalyzer-40-mr3-xmlapi.pdf | |||
== where are the mibs?== | |||
http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&externalId=FD30891 | |||
http://docs.fortinet.com/fmgr/fmgr-admin/index.html#page/FMG-Admin-Guide/600_System_Settings.07.60.html | |||
== HE IPv6 config == | |||
Note: provider (Teksavvy) has my static IP I take my queue from what the interface is configured with. | |||
<pre> | |||
edit "internal" | |||
set vdom "root" | |||
set ip 192.168.1.99 255.255.255.0 | |||
set allowaccess ping https ssh snmp | |||
set type physical | |||
config ipv6 | |||
set ip6-address 2001:470:1d:907::99/64 | |||
set ip6-allowaccess ping https ssh | |||
set ip6-other-flag enable | |||
config ip6-prefix-list | |||
edit 2001:470:1d:907::/64 | |||
set autonomous-flag enable | |||
set onlink-flag enable | |||
set preferred-life-time 3600 | |||
next | |||
end | |||
set ip6-send-adv enable | |||
end | |||
next | |||
edit "HE" | |||
set vdom "root" | |||
set ip 0.0.0.0 255.255.255.255 | |||
set type tunnel | |||
config ipv6 | |||
set ip6-allowaccess ping | |||
end | |||
set interface "wan1" | |||
next | |||
config system sit-tunnel | |||
edit "HE" | |||
set destination 216.66.38.58 | |||
set ip6 2001:470:1c:907::2/64 | |||
set interface wan1 | |||
next | |||
end | |||
config router static6 | |||
edit 1 | |||
set device "HE" | |||
next | |||
end | |||
</pre> | |||
== Ping Latency == | |||
[[Image:spot_the_router_change.png|600px]] | |||
[[Image:speedtouch_to_fortinet_latency_change.png|600px]] | |||
[[Image:strange_spikes.png|600px]] | |||
== Backup and Restore == | |||
System>Dashboard>System Information>System Configuration |
Latest revision as of 16:46, 11 November 2014
Overview
ipv6 setup: http://www.sixxs.net/wiki/Fortigate
http://blackundertone.wordpress.com/2012/04/22/fortigate-ipv6-using-tunnelbroker-net/
Online help
Basic commands ( CLI )
Cisco | fortinet |
sh run | show |
sh int | get system interface |
show arp | get system arp |
sh system wireless settings | |
sh system wireless ap-status | |
ping host | execute ping6 2001:470:66:288::1 |
also see: http://routing-bits.com/2008/10/09/fortigate-commands/
XML API
http://docs.fortinet.com/fa/fortianalyzer-40-mr3-xmlapi.pdf
where are the mibs?
http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&externalId=FD30891
HE IPv6 config
Note: provider (Teksavvy) has my static IP I take my queue from what the interface is configured with.
edit "internal" set vdom "root" set ip 192.168.1.99 255.255.255.0 set allowaccess ping https ssh snmp set type physical config ipv6 set ip6-address 2001:470:1d:907::99/64 set ip6-allowaccess ping https ssh set ip6-other-flag enable config ip6-prefix-list edit 2001:470:1d:907::/64 set autonomous-flag enable set onlink-flag enable set preferred-life-time 3600 next end set ip6-send-adv enable end next edit "HE" set vdom "root" set ip 0.0.0.0 255.255.255.255 set type tunnel config ipv6 set ip6-allowaccess ping end set interface "wan1" next config system sit-tunnel edit "HE" set destination 216.66.38.58 set ip6 2001:470:1c:907::2/64 set interface wan1 next end config router static6 edit 1 set device "HE" next end
Ping Latency
Backup and Restore
System>Dashboard>System Information>System Configuration