Fortinet notes: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Overview ==


ipv6 setup: http://www.sixxs.net/wiki/Fortigate
ipv6 setup: http://www.sixxs.net/wiki/Fortigate


support: http://docs.fortinet.com/fgt/archives/3.0/techdocs/IPv6_support_Tech_Note_01-30007-82573-20081003.pdf
support: http://docs.fortinet.com/fgt/archives/3.0/techdocs/IPv6_support_Tech_Note_01-30007-82573-20081003.pdf
http://blackundertone.wordpress.com/2012/04/22/fortigate-ipv6-using-tunnelbroker-net/
== Online help ==
http://docs.fortinet.com/fdb/html/fdb-user-guide/index.html?page=source%2Freferences%2Fr_cli_admin_config_sys.html
== Basic commands ( CLI ) ==
{| {{table}}
| align="center" style="background:#f0f0f0;"|'''Cisco'''
| align="center" style="background:#f0f0f0;"|'''fortinet'''
|-
| sh run||show
|-
| sh int||get system interface
|-
| show arp || get system arp
|-
| ||sh system wireless settings
|-
| ||sh system wireless ap-status
|-
| ping host || execute ping6 2001:470:66:288::1
|}
also see: http://routing-bits.com/2008/10/09/fortigate-commands/


== XML API ==
== XML API ==
Line 13: Line 43:


http://docs.fortinet.com/fmgr/fmgr-admin/index.html#page/FMG-Admin-Guide/600_System_Settings.07.60.html
http://docs.fortinet.com/fmgr/fmgr-admin/index.html#page/FMG-Admin-Guide/600_System_Settings.07.60.html
== HE IPv6 config ==
Note: provider (Teksavvy) has my static IP I take my queue from what the interface is configured with.
<pre>
    edit "internal"
        set vdom "root"
        set ip 192.168.1.99 255.255.255.0
        set allowaccess ping https ssh snmp
        set type physical
            config ipv6
                set ip6-address 2001:470:1d:907::99/64
                set ip6-allowaccess ping https ssh
                set ip6-other-flag enable
                    config ip6-prefix-list
                        edit 2001:470:1d:907::/64
                            set autonomous-flag enable
                            set onlink-flag enable
                            set preferred-life-time 3600
                        next
                    end
                set ip6-send-adv enable
            end
    next
    edit "HE"
        set vdom "root"
        set ip 0.0.0.0 255.255.255.255
        set type tunnel
            config ipv6
                set ip6-allowaccess ping
            end
        set interface "wan1"
    next
config system sit-tunnel
    edit "HE"
        set destination 216.66.38.58
        set ip6 2001:470:1c:907::2/64
set interface wan1
    next
end
config router static6
    edit 1
        set device "HE"
    next
end
</pre>
== Ping Latency ==
[[Image:spot_the_router_change.png|600px]]
[[Image:speedtouch_to_fortinet_latency_change.png|600px]]
[[Image:strange_spikes.png|600px]]
== Backup and Restore ==
System>Dashboard>System Information>System Configuration

Latest revision as of 16:46, 11 November 2014


Overview

ipv6 setup: http://www.sixxs.net/wiki/Fortigate

support: http://docs.fortinet.com/fgt/archives/3.0/techdocs/IPv6_support_Tech_Note_01-30007-82573-20081003.pdf

http://blackundertone.wordpress.com/2012/04/22/fortigate-ipv6-using-tunnelbroker-net/

Online help

http://docs.fortinet.com/fdb/html/fdb-user-guide/index.html?page=source%2Freferences%2Fr_cli_admin_config_sys.html

Basic commands ( CLI )

Cisco fortinet
sh run show
sh int get system interface
show arp get system arp
sh system wireless settings
sh system wireless ap-status
ping host execute ping6 2001:470:66:288::1

also see: http://routing-bits.com/2008/10/09/fortigate-commands/

XML API

http://docs.fortinet.com/fa/fortianalyzer-40-mr3-xmlapi.pdf

where are the mibs?

http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&externalId=FD30891

http://docs.fortinet.com/fmgr/fmgr-admin/index.html#page/FMG-Admin-Guide/600_System_Settings.07.60.html

HE IPv6 config

Note: provider (Teksavvy) has my static IP I take my queue from what the interface is configured with.

    edit "internal"
        set vdom "root"
        set ip 192.168.1.99 255.255.255.0
        set allowaccess ping https ssh snmp
        set type physical
            config ipv6
                set ip6-address 2001:470:1d:907::99/64
                set ip6-allowaccess ping https ssh
                set ip6-other-flag enable
                    config ip6-prefix-list
                        edit 2001:470:1d:907::/64
                            set autonomous-flag enable
                            set onlink-flag enable
                            set preferred-life-time 3600
                        next
                    end
                set ip6-send-adv enable
            end
    next
    edit "HE"
        set vdom "root"
        set ip 0.0.0.0 255.255.255.255
        set type tunnel
            config ipv6
                set ip6-allowaccess ping
            end
        set interface "wan1"
    next


config system sit-tunnel
    edit "HE"
        set destination 216.66.38.58
        set ip6 2001:470:1c:907::2/64
		set interface wan1
    next
end

config router static6
    edit 1
        set device "HE"
    next
end

Ping Latency

Backup and Restore

System>Dashboard>System Information>System Configuration