Hi, Thank you for sharing this.... I have a question on this, the fortinet, recently i have purchased a device and SSL VPN is not available to visible on 'Feature Visibility'. Please let me know how can it enable on CLI.'
Hi Mike, can you tell me how can I turn my port's mode to dchp. this one doesn't work config system interface edit "port1" set mode dchp only last step doesn't work
hello, do you know if i can blacklist certain type of devices like android and smarthphones from accessing the internet through an ssid? without manually blacklist one by one? i want an ssid that only laptop with windows os for example to connect to, is this possible?
I have been looking for a video that shows how to create a policy from the CLI. I am trying to get rid of all of my any/any policies and create a template for a basic setup. Do you have the cli commands to create a policy from lan to wan that uses dns, http, https, and ntp? I think that would get me going.
Hi can please share some troubleshooting cli command..like if any webfilter block the url ..ipsec VPN showing up or down and whether VPN allowing the traffic or not..packet capture and analysis of pcap Wireshark
hey Mike, Hope You are great! first of all thank you very much for sharing such amazing vídeos 😁 would you mind to share something like, diag sniffer and diag debug for troubleshooting purposes? thanks in advance!
Hello Mike, I do have one question that how we can move all configuration fortigate 200d to fortigate 600d? I am not sure but I know we can do it by using forti converter but I don’t have any idea how to do it.. Please keep post video of this if it’s possible.. Thank you..
I usually backup the configuration and then open it in a text editor. From there I take the config and paste it in (after making appropriate edits to interfaces etc) into the new clean config. Make sure that the devices are running the same version of firmware when you do this.
Fortinet Guru Thank you for reply but read on fortigate website that it’s little bit risky to do this.. some configuration might be loose and even vendor does not support.. I have few questions regarding that.. (1) After upgrading firmware on both side same does it matter that hardware is different? (2) For example: if I have firmware version 5.0.11 and I want to upgrade version 5.4.9. Is there any risk involved if we skip between versions and go for latest one or best way to upgrade version by version? Which one is the best practice for this ?
If both fortigates are on the same firmware you can port the config over. There is some manual find and replace required though (as there may be a different set of interfaces, or interfaces names on each one). It is safe if you approach it correctly. I certainly wouldn't recommend just anyone to do it but it is possible. For Firmware updates you absolutely need to follow the supported upgrade path. Otherwise, you will be in a world of hurt.
Fortinet Guru thank you.. I have few more questions for you if you can answer then it will be great .. We are planning to move from one model to another model. Only few fortigate firewalls are centralize.. So what is the best practice to do it? (1) if the fortigate firewall are running on old firmware and foritmanger on new version so what is the best way for after adding the fortigate device to fortimanger upgrade the firmware of device or just first upgrade the version of device and than add to fortimanager ? (2) After adding the old device to fortimanager is it possible to move one model configs to new one using fortimanager ? Our company want to first centralize all device in fortimanger and then they want to upgrade the firmaware and move config from one model to another one using fortimanger.. Please give your thoughts on this.. We want to look at it that which is best practice to do it..
And also if the old hardware only support maximum 5.2 version and new hardware version can minimum 5.4 version so how can we migrate from one model to another one?
Thanks for sharing your knowledge. I'm a Cisco ASA vet that's now beginning to work with the Fortigate, so this was very helpful.
No problem Marcus. I deal with a lot of different vendors and brands and some times things just don't translate 1:1. Glad the video was helpful.
I agree. Same here. Forget guis they take way too much time to implement changes
Great video. ssh windows is too small though. Do you have an example of commonly used diagnose commands?
Hi, Thank you for sharing this.... I have a question on this, the fortinet, recently i have purchased a device and SSL VPN is not available to visible on 'Feature Visibility'. Please let me know how can it enable on CLI.'
Hi Mike, can you tell me how can I turn my port's mode to dchp.
this one doesn't work
config system interface
edit "port1"
set mode dchp
only last step doesn't work
how to copy fortigate firewall running configuration in notepad through cli?
if i have wifi ap behind my fortinet how do i get the ip address of those to get logged inro those?
hello, do you know if i can blacklist certain type of devices like android and smarthphones from accessing the internet through an ssid? without manually blacklist one by one? i want an ssid that only laptop with windows os for example to connect to, is this possible?
I have been looking for a video that shows how to create a policy from the CLI. I am trying to get rid of all of my any/any policies and create a template for a basic setup. Do you have the cli commands to create a policy from lan to wan that uses dns, http, https, and ntp? I think that would get me going.
Hi can please share some troubleshooting cli command..like if any webfilter block the url ..ipsec VPN showing up or down and whether VPN allowing the traffic or not..packet capture and analysis of pcap Wireshark
Added to the list
@@FortinetGuru Not able to see the video ...Have you recently uploaded??? u last video showing design and implementation status
hey Mike, Hope You are great! first of all thank you very much for sharing such amazing vídeos 😁 would you mind to share something like, diag sniffer and diag debug for troubleshooting purposes? thanks in advance!
Would love to. I have added this to my list of things to do for us!
Thanks for this!
Hello Mike,
I do have one question that how we can move all configuration fortigate 200d to fortigate 600d?
I am not sure but I know we can do it by using forti converter but I don’t have any idea how to do it..
Please keep post video of this if it’s possible..
Thank you..
I usually backup the configuration and then open it in a text editor. From there I take the config and paste it in (after making appropriate edits to interfaces etc) into the new clean config. Make sure that the devices are running the same version of firmware when you do this.
Fortinet Guru Thank you for reply but read on fortigate website that it’s little bit risky to do this.. some configuration might be loose and even vendor does not support..
I have few questions regarding that..
(1) After upgrading firmware on both side same does it matter that hardware is different?
(2) For example: if I have firmware version 5.0.11 and I want to upgrade version 5.4.9. Is there any risk involved if we skip between versions and go for latest one or best way to upgrade version by version?
Which one is the best practice for this ?
If both fortigates are on the same firmware you can port the config over. There is some manual find and replace required though (as there may be a different set of interfaces, or interfaces names on each one). It is safe if you approach it correctly. I certainly wouldn't recommend just anyone to do it but it is possible.
For Firmware updates you absolutely need to follow the supported upgrade path. Otherwise, you will be in a world of hurt.
Fortinet Guru thank you..
I have few more questions for you if you can answer then it will be great ..
We are planning to move from one model to another model. Only few fortigate firewalls are centralize..
So what is the best practice to do it?
(1) if the fortigate firewall are running on old firmware and foritmanger on new version so what is the best way for after adding the fortigate device to fortimanger upgrade the firmware of device or just first upgrade the version of device and than add to fortimanager ?
(2) After adding the old device to fortimanager is it possible to move one model configs to new one using fortimanager ?
Our company want to first centralize all device in fortimanger and then they want to upgrade the firmaware and move config from one model to another one using fortimanger..
Please give your thoughts on this..
We want to look at it that which is best practice to do it..
And also if the old hardware only support maximum 5.2 version and new hardware version can minimum 5.4 version so how can we migrate from one model to another one?
hi, can i ask, can i know my fortigates login password using cli? btw great video man.
grep -f
don't get the point to make a video like this where we can barley see what u typing
Have you tried amending the quality? as i can see every thing he is typing perfectly fine.