Fortinet notes

From Federal Burro of Information
Revision as of 16:46, 11 November 2014 by David (talk | contribs) (→‎Ping Latency)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search


Overview

ipv6 setup: http://www.sixxs.net/wiki/Fortigate

support: http://docs.fortinet.com/fgt/archives/3.0/techdocs/IPv6_support_Tech_Note_01-30007-82573-20081003.pdf

http://blackundertone.wordpress.com/2012/04/22/fortigate-ipv6-using-tunnelbroker-net/

Online help

http://docs.fortinet.com/fdb/html/fdb-user-guide/index.html?page=source%2Freferences%2Fr_cli_admin_config_sys.html

Basic commands ( CLI )

Cisco fortinet
sh run show
sh int get system interface
show arp get system arp
sh system wireless settings
sh system wireless ap-status
ping host execute ping6 2001:470:66:288::1

also see: http://routing-bits.com/2008/10/09/fortigate-commands/

XML API

http://docs.fortinet.com/fa/fortianalyzer-40-mr3-xmlapi.pdf

where are the mibs?

http://kb.fortinet.com/kb/microsites/microsite.do?cmd=displayKC&externalId=FD30891

http://docs.fortinet.com/fmgr/fmgr-admin/index.html#page/FMG-Admin-Guide/600_System_Settings.07.60.html

HE IPv6 config

Note: provider (Teksavvy) has my static IP I take my queue from what the interface is configured with.

    edit "internal"
        set vdom "root"
        set ip 192.168.1.99 255.255.255.0
        set allowaccess ping https ssh snmp
        set type physical
            config ipv6
                set ip6-address 2001:470:1d:907::99/64
                set ip6-allowaccess ping https ssh
                set ip6-other-flag enable
                    config ip6-prefix-list
                        edit 2001:470:1d:907::/64
                            set autonomous-flag enable
                            set onlink-flag enable
                            set preferred-life-time 3600
                        next
                    end
                set ip6-send-adv enable
            end
    next
    edit "HE"
        set vdom "root"
        set ip 0.0.0.0 255.255.255.255
        set type tunnel
            config ipv6
                set ip6-allowaccess ping
            end
        set interface "wan1"
    next


config system sit-tunnel
    edit "HE"
        set destination 216.66.38.58
        set ip6 2001:470:1c:907::2/64
		set interface wan1
    next
end

config router static6
    edit 1
        set device "HE"
    next
end

Ping Latency

Backup and Restore

System>Dashboard>System Information>System Configuration