Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akushwaha
Staff
Staff

Created on ‎12-24-2024 04:44 AM Edited on ‎12-28-2024 11:03 PM By Community Manager

Article Id 366512

Technical Tip :How to capture configuration push from FortiManager on FortiGate CLI

Description This article describes how to see the configuration changes on FortiGate CLI when it is pushed from FortiManager.
Scope FortiGate.
Solution

In the below example, a firewall policy configuration is pushed from FortiManager.


1st.png

 

2nd.png

 

To record the configuration change, run the below commands on FortiGate CLI:

diagnose debug reset
diagnose debug cli 7
diagnose debug enable

 

Below is the output:

3rd.png

 

To disable the debug, use the following commands:

 

diag debug disable

diag debug reset

 

Note:

This will NOT capture the TCL script push from FortiManager because the TCL script uses SSH instead of the regular FGFM tunnel to connect to the FortiGate (which is the case of config/policy/CLI Script push).
458
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.