Fortinet NSE4_FGT-7.2 — FortiGate Firewall — Section 1: FortiGate Firewall V6.4 1 Part 59
80. Lecture-80: FortiGate Firewall CLI Basic Commands.
Before doing to do troubleshowing in 48 for a while, we need to know command, you know, commander’s instruction, what they would have you do graphically, the same thing can be done by commands as well and commands in English. This is my command. You have to obey them. Sukma does nothing but an instruction to give to console. They do this job and the console. Normally we call them Seelie command line interface and these commands should be some specific so they can accept them. Otherwise, if you put anything at not command, it will reject them. Invalid Command and 40 get fired while command are divided like this one. Normally we write configure system interface.
So, config is basically command and system interfaces object. We call them object. Then when we go to config system interface and we click on edit and board one, normally this what we do up to now. Yeah, this is called Subcommander because under the command there is another command which is added and the board number we type them is called table. Now after that we should mold our system and set this and set IP. We type anything like this. This is an option which option you want to configure. And when you configure option, then there is something we normally type, the one which is like enable disable updown. This is a real option. But when we want to put something to give them, like our IP address, subnet mask, these value and after be what we mentioned, this is called field and the last thing we type in to save the setting and means you want to save all these things. And when you put in an exit from the URSO, it will say automatically.
So, this is command command is nothing but instruction to give someone then Subcommander told you this is some command, then object, then pebbled in field in value, and then option to put this all together to make configuration of 48 firewalled. Then insert the table, you know, this table, this one like I did and this one here, you will find them anything like a clone to make a copy, like to delete, to edit if I go here.
So, the config system interface, this one, a two question mark. These are edit delete button to get sure. And and and straighten that and and save last configuration that what they, what I typed exit from here and save them. Edit means to edit an aid for both purposes. Suppose, if it is my first time to edit for number three which is not edited.
So, it means either if you want to add something or edit, edit, you know normally we use them to modify something. And definitely, if you want to believe something in part to clear the radio and get to get the information. Suppose, I say get information about one.
So, this is Borbon information, name is one is route we are zero, disable DCB is disable IP addresses two, three, four, allow access to DSHEA, DPN, all those things.
So, get me give me the information of this phone number. We are already here. Questionmark to show you the video. And definitely, if you want to believe something Christian and you can believe it, which thing you want to believe them. And sure, sure, but no, for sure, whatever I can figure up to now, just I’m sure it will show you this poor detail.
So, get me the configuration and show me the story, you show me the configuration and get the detail.
So, now showing me all the configuration, like I said, we don’t. Should I be allowed to type this configuration? So, showing you the configuration detail of the board and when you type get so good displaying the detail that appears this one more than this one, but it’s not showing you that you you said we don’t know, but it’s there you are. Your freedom is route you Arabia’s 190 to 160 or 100 or 234. But we may say sure.
So, show me that how you configure this one, the configuration, this the main difference between get Anshul.
So, which I mentioned here, like a clone, delete, edit, and to save things, get list the configuration and sure display the changes, the default configuration, either the configuration command to show you this. The difference between getting your. For the field command, which I show you above, there is a board, a plane and and get a move like suppose if I want to go to a board three because I don’t want to disturb the other two. Board board three is not in use now. I’m in board three now. The configuration has changed before. Before the board, it was added delayed, but it should get to an end. Now it’s configure, object, modify. Will you answer select and select a plan. Clear, get through next board and end because now and feel more. You know you have to look this one then you will understand first command. Then the second one is the sub command and all together is a table.
So, table command was different and will command is different. Now I’m in the field command superior to give you this one board.
So, I suppose if you want to without change, suppose I change this for three. I sit more BTP. Sure, some mortars, certain mortars disappear, I can report number three more to this one. No, no, no, no. I don’t want to change to, say, a more wudu configuration system interface and edit board three, report three, one, two, three, and check again. Sure. It’s not there because I say it. I don’t want this change. Maybe you sometime maybe you read the changes, but then you do realize Nordström.
So, rather than to type and if I type and suppose if I say said Mauduit c.p if I say and it means save an exit from you know if I want to config sys interface and edit bought three and now sure you will see this is the recipe now because in the end doesn’t mean that enlisted men, enemies and the statement but serve as well.
So, this is all about Aben. If you want to existing changes, if you want to do, you can use a pen and I already told you that, I already told you move to move the object from one place next next to me. Suppose, you are here. I’m in Port three. Next I want to go to. Okay, next, and click edit bought for two, three, four, if there is four and now shirt mod or four as well. No, and so what will happen? Both will sell rather than end and then go to conflict customer interface. You will type system configuration and then other to command to them so it will waste your time.
So, rather than next year. Get it done with this will do next week. The next next mechanist. Configure the interfaces and one time type end and one time type config sys interface. Edit bought three. Suppose, if I’m not using next what I will do I will say and then I will type again. Config sys interface and edit board for third means I need to type config system interface to time so why not use next command.
So, definitely to clear something and set the set, the value we use should be more basic, enabling all those sure and unsullied to salvage something and answer definitely is very clear to you. Now, some important goman. Excerpt from here, so the end. If you don’t know any command, don’t worry, I will give you a hint that what you need to do when is sure full configuration and end, these are all the commands. Look at space bar. Space Bar. Look at space bar. Space Bar. All the configuration, whatever. Look at this not ending.
So, let me tell you to quit. And if you go above all the configuration, whatever you need, your configuration, like use grip, like this grip. I’m sorry, I need to put something like a supposed interface, it will show you all the configuration, the logical interface and copy an interface and set your value and apply. Also, I will give you another Hem’s. Don’t worry about the configuration. The command is so easy. Suppose, I’m in graphical view, but I need to configure something through command like go. Let me go to all AC. Click on this policy and edit NCLR, look at there is an option this this year, like a MA, look at its use. What is the common first go to configure policy, then added to means policy number two, then? Sure to show you the detail. Sebnem this the name of the policy ssl vpn to win said thoughts and prayers sis said destination interface sorcerous destination action except schedule always services always. This would be the GraphicLy and next an end. Just copy and remove FGF and if you want to create a new policy, just change this one. Remove said you. Your lead is a unique idea and it’s a and best thing if you are not sure let me do it. One Zuckermann is not an issue. And also you can find out from the capital clip board and let me go to notepad best what you need to do. It means first I need to go to configuration, then go to edit. But edit I will say this time I’m going to edit five for policy number and no need. Sure. Come on and let me review these two. I want to say no need to show and stick with principles. Let me give them SSL vpn. No need of this one on the way. Doesn’t require.
So, I set it sort of interfaces this one, let me put the same and UNIDO next certain it enable and copy and paste here. It’s up to where is my. Console interface. This one and best what item added? New York has done it, so if I go there, they will be with the assassin. No, it’s not true. India is it’s just refresh. You will see there will be policy already created. Look at this it, Sam, like the other one I created to command, you will say, whoa, you know the command know this, what’s so simple to create, so don’t worry anywhere. Whatever. What have you done? okay, what are like a static road with a click on static road go to evidentiality.
So, if you want to aid around this to command configurator static. This the first entry there for me to shoot. But anyway go to set get where we set the gateway we that number and and that said copy and create a new round here and two second. But just understand the way it is working, so we thought it was okay.
So, these are the configuration for full configuration will show you all the configuration, good systems status. It will show you good system status, good system status, sorry. Next, because if starting another one, you have to type again. Status again. Again. This one, this the system status. What again is this one. If you need the wording detailing all those things, you can use this command. If you want to check the policy, sure, firewall policy.
So, I have this policy and I created my own as well, which is SSL, VPN, this one is here with configuration. Just copy and paste again from here. No need to go there as well. If you need the road information, which we already use good road. And for just question, the market will show you automatically routing table question mark. It will show you the 30 crowd, this Maistre, to crowd configure with the help of Questionmark, just like in Cisco and other Windows, you can use this method and if you need, I’ll just on if you configure any other routing table that show you all above is only starting one now issuing connected as well just like a Cisco. And if you need support, some information show. Full configuration only, I say element related.
So, this is admin related detail, just copy them. If you want to change anything, just paste them again. Other thing, the shot that we have to know question can be used for help, which I told you, whatever you need, like here, just type questions.
So, the config get to diagnose, execute, alias and exit. These are the command available with the help of this one. They are to complete. Suppose, if I said config tape it autocomplete. You can use Aperol to bring the old command this one down to bring the other command live, to go to the castle, to move to the OP1 one like this and to this site. Control air to move the circle to the beginning. Suppose, you have a command control. It will take you to the initial one control. It will take you to the end. Now I need to move to the end control. Now let’s move to the EA Control Board to take you one word.
Soeteman control be edman system configuration a full configuration. Anshul by one word, move the cursor forward. One words control if delivered the correct control. Daewon Correct control e let me go to the end and then control. What was the control. D Sorry you had to be here control by deleting one. Correct. And if you are in Ctrl C the entire world to clear them. Now these are some basic command to configure. Let me show you some basic configuration. Just one minute, some is so weird, I was to configure some basic configuration, I know you can do it from Internet and so easy I show you the method. First, I need to change the config system global to change the hostname, hostname, hostname and supposably, say, firewall. I mean, I use it and it will say, oh, look at now the exchange. Second, we normally configure after hostname reconfigure interfaces, you remember? So, let’s configure interface, config system interface which interface edit bought tape one, two, three. Let’s configure this one and set IP set mode first static. And let me type, I suppose, one last one, that one to fall for, either you can type like this with 24. There is no space. And certainly, as you know, we give them the name search alias, like TMZ and and and if you go there, you will see it set up now.
So, whenever we start firewalled, normally I interfaces interface know, I’ve done this one, look at this DMZ and IP addresses, Dear and Eleusis DMZ, this the aliased, which we normally assign this one.
So, I send from here. Then after that we normally configure a business so they can fix system BM’s.
So, it would be in this business. What is their DNS right now. It in one one. Let’s change the second one to four four. Sid, primary business, we have to do an eight hour day and said 600 units for not for, not for an end. Now you will see this one change from one to four if you refresh it. It’s for now, so you can do this one as well, then we can figure skating around, which we do normally thing here to grow. Let’s configure this grow. Let me deal with this one and configure them through command. Satarov config sys road.
So, they can feed around the sturdy. Then we should okay? No, I said one, there is nothing, so then you in generated it can be used for new entry and also existing is written and said destination.
Sorry, destination is not showing destination D.T.. I think to do something, Hardisty.
So, destination I is zero zero zero zero, there is no space, by the way, this can be nation I want to reach and said Gateway, you know, I’m not just a question modu you will see all that. And there is a destination. There is a gateway. Just get ready and get with 192, 160 or 131. Sibbeston, you know, there was distance commanders will question modernities distance, yeah, distance, distance 10. And Cindy be Weisbord and Wychwood, the traffic will set the Weisbord Port one, this is the wind port and and and when you refresh it will do the same, which will then GraphicLy. Okay, you know, I said administrative business when I bought one, this the gateway and this the thing and so on, this year you can configure all but no need to know all these, Karmann. And allow access if you have a management interface before I let you told you, the NSA already told you changed your last name, I already said the admin password, if you change the admin password, is the way to do it. And more command like a secured victory. Said, I told you yesterday, if you want to reboot, if you want to shut down execution, don’t execute being executed, reboot, execute victory. Listen to these are some basic command to know at least.