Basic Fortigate Health Check – CLI Command

I. Check System Status

get system status

Use this command to display system status information including:

  • Firmware version, build number and date
  • License and registration status
  • Serial number
  • WAF database version
  • IP Reputation database version
  • Log disk availability
  • Hostname
  • Current HA mode
  • Uptime
  • System time

IGS-FW-FG100D # get system status
Version: FortiGate-100D v6.0.0,build0076,180329 (GA)
Virus-DB: 76.00258(2020-03-26 22:19)
Extended DB: 76.00258(2020-03-26 22:19)
IPS-DB: 15.00770(2020-02-04 02:44)
IPS-ETDB: 15.00770(2020-02-04 02:44)
APP-DB: 15.00770(2020-02-04 02:44)
INDUSTRIAL-DB: 13.00407(2018-07-06 01:54)
Serial-Number: FG100D3G14815591
IPS Malicious URL Database: 2.00594(2020-03-26 04:32)
Botnet DB: 4.00628(2020-01-27 18:36)
BIOS version: 05000004
System Part-Number: P11510-04
Log hard disk: Not available
Hostname: IGS-FW-FG100D
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 0076
Release Version Information: GA
FortiOS x86-64: Yes
System time: Wed May 13 14:22:59 2020

II. Display Fortigate Hardware info

get hardware status

  • Display forigate hardware info – FortiASIC version, CPU type, amount of memory, flash drive size, hard disk size (if present), USB flash size (if present), network card chipset, and WiFi chipset (FortiWifi models).
Continue reading

How to reset FortiGate Firewall to factory default setting without Admin Password


fortinetI believe everyone know that Fortigate Firewall can be reset to Factory Defaults by using Web GUI or CLI interface. In the event of you lost or you do not know the admin password for the fortigate unit, how to reset the Firewall unit? The only thing that you can do is to use maintainer account which have permission to do reset for super admin password or do firewall factory reset.

To do that, you will need:

  • physical access the box
  • Console cable
  • Terminal software such as Putty.exe (Windows) or Terminal (MacOS)
  • Serial number of the FortiGate device

Steps:-

– Connect your laptop or computer to the Firewall via the Console port
– Launch your terminal software
– Reboot or Power Cycle the Firewall
– Wait for the Firewall name and login prompt to appear.
– Enter the Username as maintainer, password as bcpb with Firewall Serial no in UPPERCASE

Continue reading

How to setup Software Switch on Fortigate Firewall


FortinetAs per my standard practice before start configure Fortigate Firewall, i will change the Firewall to Interface mode which physical interfaces of the FortiGate unit are configured and handled individually, with each interface having its own IP address.. Reasons for doing this include additional hardware port for routing, or additional ports for difference network.

There is a scenario that my customer would like to use some of the ports of the Fortigate Firewall as a switch port with same subnet. To achieve my customer requirement, implementation of Software Switch in Fortigate Firewall can meet my customer requirement.

Assumptions:
  • The Software Switch Interface is to be named LAN.
  • Its members are port1, port2, port3 and port4.
  • IP Address: 10.254.254.1/255.255.255.0

Continue reading