Fortinet 100A manual Log fortilog setting command keywords and variables, 353

Page 353

Log & Report

fortilog setting

 

 

get log fortilog setting

show log fortilog setting

log fortilog setting command keywords and variables

Keywords and

Description

Default

Availability

variables

 

 

 

encrypt

Enter enable to enable encrypted

disable

All models.

{enable disable}

communication with the FortiLog unit.

 

 

localid <str_id>

Enter the local ID for an IPSec VPN tunnel

No

All models.

 

to a FortiLog unit. You can create an IPSec

default.

 

 

VPN tunnel if one or more FortiGate units

 

 

 

are sending log messages to a FortiLog

 

 

 

unit across the Internet. Using an IPSec

 

 

 

VPN tunnel means that all log messages

 

 

 

sent by the FortiGate are encrypted and

 

 

 

secure.

 

 

psksecret

Enter the pre-shared key for the IPSec

No

All models.

<str_psk>

VPN tunnel to a FortiLog unit. You can

default.

 

create an IPSec VPN tunnel if one or more

 

 

 

FortiGate units are sending log messages

 

 

 

to a FortiLog unit across the Internet. Using

 

 

 

an IPSec VPN tunnel means that all log

 

 

 

messages sent by the FortiGate are

 

 

 

encrypted and secure.

 

 

server

Enter the IP address of the FortiLog unit.

No

All models.

<address_ipv4>

 

default.

 

status

Enter enable to enable logging to a

disable

All models.

{disable enable}

FortiLog unit.

 

 

Note: The IPSec VPN settings for the FortiGate unit must match the VPN settings on the

FortiLog unit.

Example

This example shows how to enable logging to a FortiLog unit, set the FortiLog IP address, add a local ID, and add a pre-shared key for an IPSec VPN tunnel.

config log fortilog setting set status enable

set server 192.168.100.1 set localid net_host_c

set psksecret J7fram54AhTWmoF5 end

This example shows how to display the log setting for logging to a FortiLog unit.

get log fortilog setting

This example shows how to display the configuration for logging to a FortiLog unit.

show log fortilog setting

If the show command returns you to the prompt, the settings are at default.

FortiGate-100A Administration Guide

01-28007-0068-20041203

353

Page 352 Page 354
Image 353
Page 352 Page 354
Contents December 01-28007-0068-20041203 Administration GuideRegulatory Compliance Version 2.80 MR7 December 01-28007-0068-20041203Trademarks Table of Contents Management Configuring Snmp Snmp community101 102Static 141 Static route list 143 Static route options 144 System administration 109RIP Policy 145 Policy route list Policy route options 146Users and authentication 233 Radius server list 235 Radius server options 236 235260 Pptp range 260IPS Web filter 309 Log & Report 339 Contents 01-28007-0068-20041203 About FortiGate Antivirus Firewalls IntroductionAntivirus protection Web content filteringFirewall Spam filteringVLANs and virtual domains NAT/Route modeTransparent mode VPN Intrusion Prevention System IPSCommand line interface Secure installation, configuration, and managementHigh availability Web-based managerLogging and reporting Document conventionsYou enter You can enter any of the following set allowaccess pingFortiGate documentation Explains how to configure VPNs using the web-based managerFortinet Knowledge Center Comments on Fortinet technical documentationFortiManager documentation Related documentationFortiClient documentation FortiMail documentationFortiLog documentation Customer service and technical supportFortiLog documentation System status Console accessViewing system status StatusConnect DisconnectUpgrades Content SummaryUnit Information Recent Virus DetectionsSystem Resources ResetInterface Status Recent Intrusion Detections HistoryChanging unit information Attack Name Name of the attackTo update the antivirus definitions manually To update the firmware versionTo update the attack definitions manually To change FortiGate host nameTo change to NAT/Route mode To change to Transparent modeTo view the session list Go to System Status Session Session listSessions ProtocolTo upgrade the firmware using the web-based manager Upgrading the firmware using the web-based managerFirmware upgrade procedures Procedure Description Changing the FortiGate firmwareTo upgrade the firmware using the CLI Upgrading the firmware using the CLICopy the firmware image file to the management computer Reverting to a previous firmware versionFortiGate unit responds with the message Log into the FortiGate web-based manager Reverting to a previous firmware version using the CLITo revert to a previous firmware version using the CLI To install firmware from a system reboot Immediately press any key to interrupt the system startup FortiGate unit running v3.x BiosGo to step FortiGate unit running v3.x Bios Type Y FortiGate unit running v3.x Bios Restoring the previous configurationTo test a new firmware image Testing a new firmware image before installing itType N FortiGate unit running v3.x Bios To install a backup firmware image Installing and using a backup firmware imageInstalling a backup firmware image To switch to the backup firmware image Switching to the backup firmware imageTo switch back to the default firmware image Switching back to the default firmware imageInstalling and using a backup firmware image Interface System networkAccess Interface settingsName NetmaskName See the following procedures for configuring interfacesInterface Name of the InterfaceManual Addressing modeVirtual Domain PPPoE ConnectingInitializing ConnectedPing server Administrative accessLog Configuring interfacesTo start up an interface that is administratively down To bring down an interface that is administratively upTo add a Vlan subinterface To add interfaces to a zoneYou can configure any FortiGate interface to use Dhcp To configure an interface for DhcpTo configure an interface for PPPoE To change the static IP address of an interfaceChoose an interface and select Edit To add a secondary IP addressSave the changes end To control administrative access to an interface Traffic Zone settingsZone To add a zone ManagementTo delete a zone To edit a zoneFrom Default Enter the default gateway address GatewayIP/Netmask Virtual Domain managementTo add DNS server IP addresses Go to System Network DNS DNSTransparent mode route settings Routing table Transparent ModeRouting table list MaskBasic Vlan topology Vlan overviewFortiGate units and VLANs VLANs in NAT/Route modeRules for Vlan IDs Rules for Vlan IP addressesAdding Vlan subinterfaces FortiGate unit in Nat/Route modeTo add firewall policies for Vlan subinterfaces VLANs in Transparent modeGo to Firewall Address Go to Firewall PolicyFortiGate unit with two virtual domains in Transparent mode Rules for Vlan IDs Transparent mode virtual domains and VLANsTransparent mode Vlan settings Transparent mode Vlan listTo add a Vlan subinterface in Transparent mode FortiGate IPv6 support IPv6 CLI commands Feature CLI CommandTransparent mode Vlan settings System Dhcp ServiceTo configure an interface as a regular Dhcp relay agent Dhcp service settingsGo to System Dhcp Service Type RegularServer To configure an interface to be a Dhcp serverTo configure a Dhcp server for an interface Dhcp server settingsGo to System Dhcp Server Select Create NewExclude range To configure multiple Dhcp servers for an interfaceStarting IP Ending IPIP/MAC binding Dhcp exclude range settingsRange cannot exceed 65536 IP addresses To add an exclusion range Go to System Dhcp Exclude RangeDynamic IP Dhcp IP/MAC binding settingsTo view the dynamic IP list Go to System Dhcp Dynamic IP Select the interface for which you want to view the listDhcp IP/MAC binding settings System time System configTime Time Zone Select the current FortiGate system time zoneOptions For Idle Timeout, type a number in minutes Select Apply To set the system idle timeout Go to System Config OptionsTo set the Auth timeout Go to System Config Options For Auth Timeout, type a number in minutes Select ApplyDevice failover HA heartbeat failover To modify the dead gateway detection settingsStandalone Mode HA configurationMode Cluster MembersGroup ID Unit PriorityOverride Master PasswordPriorities of Heartbeat Device ScheduleHeartbeat device IP addresses Monitor priorities Configuring an HA clusterTo configure a FortiGate unit for HA operation Go to System Status Go to System Config HATo connect a FortiGate HA cluster To add a new unit to a functioning cluster HA network configurationManaging an HA cluster To configure weighted-round-robin weightsConnect to the cluster and log into the web-based manager To view the status of each cluster memberTo monitor cluster units for failover Go to Log&Report Log AccessTo view and manage logs for individual cluster units To manage individual cluster units SnmpGo to System Config Snmp v1/v2c to configure the Snmp agent Configuring SnmpSnmp community options part Snmp community100 To configure Snmp access to an interface in NAT/Route mode101 To add an Snmp community Go to System Config Snmp v1/v2cFortiGate MIBs 102 FortiGate traps103 Fortinet MIB fields104 105 System config Fortinet MIB fieldsAdministrator accounts 106 Replacement messagesReplacement messages list Replacement message tags Tag Description Changing replacement messages107 FILE%%FortiManager Replacement message tags108 Tag DescriptionAdministrators System administration109 This chapter describesAdministrators options Administrators list111 Access profilesUsing trusted hosts Access profile options Access profile listUnder Access Control Allow Write All113 114 Backup and restore System maintenanceSystem settings 115Backing up and Restoring Restore or back up the spam filter RBL and Ordbl listBacking up and Restoring Version or the antivirus or attack definitions117 118 Update center119 Update centerUpdating antivirus and attack definitions Go to System Maintenance Update center120 To make sure the FortiGate unit can connect to the FDNTo add an override server 121122 To enable scheduled updates through a proxy serverPush updates when FortiGate IP addresses change Enabling push updatesSelect Allow Push Update Select Apply 123General procedure Enabling push updates through a NAT device124 Go to Firewall Virtual IPSupport Schedule Always Service ANY Action Accept125 To add a firewall policy to the FortiGate NAT device126 Sending a bug reportRegistering a FortiGate unit To report a bug Go to System Maintenance Support127 RelayTo register a FortiGate unit 128To restart the system Go to System Maintenance Shutdown To log out of the system Go to System Maintenance ShutdownShutdown 129To reset the FortiGate unit to factory defaults Select Reboot Select Apply FortiGate unit restarts130 To shut down the system131 System virtual domainExclusive virtual domain properties Virtual domain properties132 IPSecAntivirus Web filter Spam filter Log and report Shared configuration settings133 134 Administration and managementVirtual domains Selecting a virtual domain Adding a virtual domainSelecting a management virtual domain 135136 Configuring virtual domainsTo select a management virtual domain To add physical interfaces to a virtual domainTo add zones to a virtual domain 137To add Vlan subinterfaces to a virtual domain Configuring firewall policies for a virtual domain Configuring routing for a virtual domain138 To add firewall policies to a virtual domainTo add firewall addresses to a virtual domain 139To add IP pools to a virtual domain Go to Firewall IP Pool140 Configuring IPSec VPN for a virtual domainTo configure VPN for a virtual domain 141 RouterStatic FortiGate1 142Device internal Distance Static route list143 To move static routes Go to Router Static Static Route Static route options144 145 PolicyPolicy route list 146 Policy route optionsTo add a policy route Go to Router Policy Route Port, enter the same port number for both From and To147 General148 To configure RIP general settings Go to Router RIP GeneralNetworks list Networks options To configure a RIP network Go to Router RIP NetworksInterface list 149Split-Horizon Interface options150 Password To configure a RIP interface Go to Router RIP InterfaceDistribute list 151152 Distribute list optionsOffset list To configure an offset list Go to Router RIP Offset ListOffset list options 153New access list Access listRouter objects 154155 New access list entryPrefix list 156 New Prefix list157 New prefix list entryRoute-map list Select Create New Enter a name for the route map Select OK New Route-map158 159 Route-map list entry160 Key chain listNew key chain Enter a name for the key chain Select OK Key chain list entry161 Routing monitor list Monitor162 Display the FortiGate routing table163 CLI configurationConfig router ospf Router info rip command keywords and variablesCommand syntax pattern Get router info rip165 Ospf command keywords and variablesKeywords Description Default Availability Variables This example shows how to display the Ospf settings This example shows how to set the Ospf router ID toExample 166Config area command syntax pattern Config areaThis example shows how to display the Ospf configuration Config area command has 3 subcommands168 Area command keywords and variables169 This example shows how to display the settings for areaConfig filter-list command syntax pattern Config filter-listFilter-list command keywords and variables 170Config range command syntax pattern Config range171 Range idinteger can be 0 to172 Range command keywords and variablesConfig virtual link command syntax pattern Config virtual-linkCommand 173174 Virtual-link command keywords and variables175 Config distribute-listThis example shows how to configure a virtual link 176 Config distribute-list command syntax patternDistribute-list command keywords and variables 177 Config neighborConfig neighbor command syntax pattern This example shows how to manually add a neighbor Neighbor command keywords and variablesThis example shows how to display the settings for neighbor 178Config network command syntax pattern Config networkNetwork command keywords and variables 179Config ospf-interface command syntax pattern Config ospf-interfaceThis example shows how to display the settings for network 180181 Ospf-interface command keywords and variablesKeywords and variables Description Default Availability 182 183 184 Config redistributeRedistribute command keywords and variables Config redistribute command syntax patternConfig summary-address 185186 Config summary-address command syntax patternSummary-address command keywords and variables 187 Config router static6Static6 command keywords and variables 188 189 Firewall190 How policy matching worksPolicy list 191 Policy list has the following icons and featuresPolicy options Policy has the following standard options 192Interface / Zone Address Name193 194 AuthenticationAdvanced policy options 195 Differentiated ServicesTraffic Shaping 196 Configuring firewall policiesComments To disable a policy Policy CLI configurationTo enable a policy Go to Firewall Policy 197198 Firewall policy command keywords and variablesAddress Address list Address list has the following icons and featuresAddress options 199200 Configuring addressesTo add an address Go to Firewall Address To edit an addressAddress group list Address group list has the following icons and featuresAddress group options 201202 Configuring address groupsAddress group has the following options To delete an address groupName Name of the predefined services Detail Predefined service list203 Make any required changes Select OKANY 204IRC 205206 Custom service listCustom services list has the following icons and features TCP and UDP custom service options Custom service optionsIcmp custom service options 207Configuring custom services IP custom service optionsTo add a custom Icmp service Go to Firewall Service Custom To add a custom IP service Go to Firewall Service CustomService group options Service group listTo delete a custom service Go to Firewall Service Custom To edit a custom service Go to Firewall Service CustomService group has the following options Configuring service groupsTo delete a service group To edit a service group Go to Firewall Service GroupSchedule One-time schedule list has the following icons and featuresOne-time schedule list 211One-time schedule options Configuring one-time schedules212 One-time schedule has the following optionsRecurring schedule options Recurring schedule list213 Recurring schedule has the following options214 Configuring recurring schedulesVirtual IP Virtual IP list Virtual IP list has the following icons and featuresVirtual IP options 215216 Configuring virtual IPsVirtual IP has the following options To add a static NAT virtual IP Go to Firewall Virtual IPWan1 217218 219 IP poolTo delete a virtual IP Go to Firewall Virtual IP To edit a virtual IP Go to Firewall Virtual IPIP pool list Configuring IP poolsIP pool options 220IP pools and dynamic NAT IP Pools for firewall policies that use fixed ports221 To delete an IP pool Go to Firewall IP PoolProtection profile list Protection profile222 Create New Select Create New to add an IP pool Name223 Default protection profilesProtection profile options 224 Configuring antivirus optionsVirus Scan File Block225 Configuring web filtering optionsConfiguring web category filtering options 226 Configuring spam filtering options227 Configuring IPS optionsConfiguring content archive options 228 Configuring protection profilesTo add a protection profile Go to Firewall Protection ProfileTo add a protection profile to a policy Profile CLI configuration229 230 Firewall profile command keywords and variables231 232 233 Users and authenticationTo set up user groups Local Setting authentication timeoutLocal user list Local user options235 Radius server listTo delete a user name from the internal database Radius236 Radius server optionsTo delete a Radius server Server Secret Enter the Radius server secret237 Ldap server listLdap server options To delete an Ldap server 238239 User groupUser group list User group options To configure a user group Go to User User Group240 Available UsersThis example shows how to add the branchoffice peer Radius command keywords and variablesPeer 241Peergrp Use this command to add or edit a peer group242 Member namestr243 244 245 VPNPhase 1 list PhaseTo configure phase 1 settings Go to VPN Ipsec Phase 246247 Phase 1 basic settingsEncryption AlgorithmPre-shared Key Certificate Name 248249 Phase 1 advanced settings250 To configure phase 2 settings Go to VPN Ipsec Phase251 Phase 2 listPhase 2 basic settings Tunnel Name Remote Gateway Phase 2 advanced options252 Enable perfect forward secrecy PFS DH Group Enable replay detectionManual key 253Manual key list Algorithm Edit, view, or delete manual key configurations254 To specify manual keys for creating a tunnel255 Manual key optionsLocal SPI Remote SPIConcentrator AuthenticationConcentrator list 256Concentrator options Ping Generator257 Concentrator Name258 Ping generator optionsTo view active tunnels Go to VPN Ipsec Monitor To interpret the display, see the following sections259 Dialup monitorStatic IP and dynamic DNS monitor 260 Enable Pptp and specify the address rangePptp range 261 Enable L2TP and specify the address rangeL2TP range 262 CertificatesLocal certificate list Select Generate Certificate request263 Select Import Importing signed certificates264 Importing CA certificates CA certificate list265 View CertificateIPSec configuration procedures VPN configuration proceduresAdding firewall policies for IPSec VPN tunnels 266To define an IP destination address 267To define the firewall encryption policy Interface/Zone268 Pptp configuration proceduresL2TP configuration procedures 269 Ipsec phase1Ipsec phase1 command keywords and variables 270 Probes. The dpd-retryinterval range EnableDpd-retrycount Dpd-retryintervalIpsec phase2 command keywords and variables Ipsec phase2271 Network behind the remote VPNLocal sender or network behind Ipsec vip272 273 Ipsec vip command keywords and variablesOut-interface Null274 Configuring IPSec virtual IP addressesFortiGate1 External FortiGate2275 276 277 Protection profile configurationIPS updates and information 278 SignaturePredefined 279 Predefined signature listActions to select for each predefined signature Configuring predefined signatures280 281 Configuring parameters for dissector signatures282 CustomCustom signature list Backing up and restoring custom signature files Adding custom signatures283 To add a custom signature Go to IPS Signature Custom284 AnomalyAnomaly list 285 Configuring an anomalyModify PassReset Client To configure the settings of an anomaly Go to IPS AnomalyReset Server 286287 Anomaly CLI configuration Config ips anomaly config limitLimit command keywords and variables 288 Configuring IPS logging and alert emailDefault fail open setting 289 AntivirusFile block Virus list updates and informationOrder of antivirus operations 290291 File block list has the following icons and featuresFile block list Quarantine Configuring the file block listQuarantined files list 292293 Quarantined files list optionsAutoSubmit list has the following icons and features Configuring the AutoSubmit listAutoSubmit list AutoSubmit list optionsQuarantine configuration has the following options Config295 Options296 ConfigVirus list 297 GraywareGrayware options 298 299 Config antivirus heuristicThis example shows how to disable heuristic scanning Antivirus quarantine command keywords and variables Config antivirus quarantineConfig antivirus service http 300301 Antivirus service http command keywords and variablesHow file size limits work 302 Config antivirus service ftp303 Antivirus service ftp command keywords and variables304 Config antivirus service pop3Antivirus service pop3 command keywords and variables 305 Config antivirus service imap306 Antivirus service imap command keywords and variablesMemfilesizelimi 143307 Config antivirus service smtpAntivirus service smtp command keywords and variables 308 309 Web filter310 Order of web filter operationsWeb content block list Content blockWeb content block options Web content block has the following icons and featuresTo add or edit a banned word Go to Web Filter Content Block Configuring the web content block listURL block 312Web URL block list Web URL block has the following icons and featuresWeb URL block options 313Web pattern block list Configuring the web URL block list314 Select Web URL Block Select Create NewURL exempt Configuring web pattern blockWeb pattern block options 315URL exempt list has the following icons and features Configuring URL exemptURL exempt list URL exempt list optionsFortiGuard Service Points FortiGuard managed web filtering serviceCategory block FortiGuard categories and ratingsCategory block configuration options FortiGuard configurationFortiGuard licensing 318To enable FortiGuard web filtering Configuring web category blockCategory block reports 319Category block reports options Category block CLI configurationGenerating a category block report 320This example shows how to display the catblock settings Catblock command keywords and variablesScript filter 321322 Web script filter optionsJavascript Cookies323 Spam filter settingSpam filter 324 325 FortiShieldOrder of spam filter operations Enable Cache Configuring the FortiShield cacheFortiShield options 326IP address IP address list has the following icons and featuresIP address list IP address options328 Configuring the IP address listRBL & Ordbl list has the following icons and features Configuring the RBL & Ordbl listRBL & Ordbl list RBL & Ordbl optionsEmail address Email address list has the following icons and featuresEmail address list Email address optionsMime headers Configuring the email address list331 Email addressMime headers list Mime headers list has the following icons and featuresMime headers options 332333 Configuring the Mime headers listBanned word Banned word list Banned word has the following icons and featuresBanned word options 334Configuring the banned word list Using Perl regular expressions335 To add or edit a banned word Go to Spam Filter Banned WordWord boundary Regular expression vs. wildcard match patternCase sensitivity 336To block any word in a phrase 337To block purposely misspelled words To block common spam phrases338 339 Log & ReportLog Setting options Log config340 FortiLogDescribes the FortiGate logging severity levels FortiLog settings341 Log file upload settings Disk settings342 Logging severity levelsSyslog settings Memory settingsWebTrends settings To configure log file uploading344 Alert E-mail options345 To configure alert email Go to Log&Report Alert E-mailLog filter options Event log Traffic log346 Policy allowed traffic Policy violation traffic347 Anti-virus logWeb filter log Attack log Configuring log filtersSpam filter log Enabling traffic loggingTo enable traffic logging for a firewall policy Log accessViewing log messages 349350 Choosing columns351 Searching log messagesTo change the columns in the log message display To perform a simple keyword search352 Fortilog setting353 Log fortilog setting command keywords and variables354 Syslogd settingLog syslogd setting command keywords and variables Facility types Description 355356 357 FortiGuard categoriesObjectionable or Controversial 358FortiGuard categories Category name Description Potentially Non-productive 359Potentially Bandwidth Consuming Potentially Security ViolatingUse 360361 Others 362363 GlossaryKB, kilobyte a unit of storage 1 024 bytes 364365 366 367 IndexIndex 368369 MIB 370371 TCP 372373 374
Related manuals
Manual 2 pages 50.79 Kb

100A specifications

Fortinet 100A is a versatile network security device designed to provide comprehensive protection against various cyber threats while ensuring optimal network performance. As part of the FortiGate series, the 100A combines advanced security features with powerful hardware capabilities, making it suitable for small to medium-sized businesses.

One of the key features of the Fortinet 100A is its deep packet inspection technology. This capability allows the firewall to analyze both the header and payload of packets traversing the network, enabling it to detect and block malicious content effectively. The 100A can identify and mitigate a wide range of threats, including malware, intrusions, and application-layer attacks.

The FortiOS operating system powers the Fortinet 100A, offering a robust and user-friendly interface for configuration and management. With its unified security management console, administrators can efficiently monitor network traffic and enforce security policies across the organization. The system provides centralized logging and reporting features, enabling users to gain valuable insights into their security posture and respond swiftly to incidents.

The 100A supports multiple deployment modes, including transparent, NAT, and route modes. This flexibility allows organizations to integrate the device into their existing network architecture with ease. The firewall's high throughput capabilities ensure that network performance remains unaffected, even under heavy load from multiple users and devices.

Another notable aspect of the Fortinet 100A is its support for various VPN technologies, including IPsec and SSL VPN. This feature facilitates secure remote access for employees, enabling them to connect to the corporate network safely, regardless of their location. As remote work continues to be a norm in many sectors, this capability is critical for maintaining productivity and security.

In addition to these features, the Fortinet 100A provides comprehensive web filtering capabilities, protecting users from harmful websites and inappropriate content. This protection is essential for organizations looking to maintain a secure and productive environment.

With its combination of powerful security features, flexible deployment options, and robust performance, the Fortinet 100A stands out as an ideal solution for organizations seeking to bolster their cybersecurity measures while ensuring seamless connectivity for users. As cyber threats continue to evolve, investing in a capable device like the FortiGate 100A is crucial for maintaining a secure network infrastructure.
Top Page Image Contents