Fortigate: Difference between revisions

some quick ref command i ncluding debugging packet flow. http://docs-legacy.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_appendix_diags.html

HE ipv6 tunnel with foritgate https://www.sixxs.net/wiki/Fortigate

http://docs.fortinet.com/uploaded/files/1587/fortigate-ipv6.pdf

Supplementary Recipes http://docs-legacy.fortinet.com/supplement.html

Fortigate ipv6 http://docs.fortinet.com/uploaded/files/1587/fortigate-ipv6.pdf

cacti + snmp + fortigate

Troubleshooting / Diag

what process?

diag sys top

Is IPS your problem?

# diag test application ipsmonitor 
 
IPS Engine Test Usage: (Values for >
1: Display IPS engine information
2: Toggle IPS engine enable/disable status
3: Display restart log
4: Clear restart log
5: Toggle bypass status
6: Submit attack characteristics now
97: Start all IPS engines
98: Stop all IPS engines
99: Restart all IPS engines and monitor

clear a session

http://alstechcorner.blogspot.ca/2013/05/howto-clear-session-on-fortigate.html

working wiht netscan

 
netscan
Use this command to start and stop the network vulnerability scanner and perform related functions.
Syntax
execute netscan import
execute netscan list
execute netscan start scan
execute netscan status
execute netscan stop
 
Variable
Description
import
Import hosts discovered on the last asset discovery scan.
list
List the hosts discovered on the last asset discover scan.
start scan
Start configured vulnerability scan.
status
Display the status of the current network vulnerability scan.
stop
Stop the current network vulnerability scan.

Monitoring

SNMP

MIBS:

/usr/share/snmp/mibs/FORTINET-CORE-MIB.mib
/usr/share/snmp/mibs/FORTINET-FORTIGATE-MIB.mib

Examples:

snmpwalk -v 2c -c mystring 192.168.1.99 .1.3.6.1.4.1.12356

oid of note:

FORTINET-CORE-MIB::fortinet.101.4.1.1.0
( .1.3.6.1.4.1.12356.101.4.1.5.0 )
http://www.oidview.com/mibs/12356/FORTINET-FORTIGATE-MIB.html