FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
adecottignies_FTNT
Article Id 329117
Description

This article describes how to use the console-server feature inside a FortiGate 6000.

Scope FortiGate 6000.
Solution

To troubleshoot an FPC on a FortiGate 6000, and if no physical console connection is available, the console-server feature could help.

This feature allows, from an SSH session to view the information print for the desired FPC, as if a console access was used.

 

To confirm the correct configuration of the console-server (default) from an SSH session, in the config global mode, run the command: 

 

show system console-server

 

Example:

 

show system console-server


confsysconsoleserver.png

 

It will be possible to use the console server for all of the FPC. (FortiGate 6500f: 10 FPCs, FortiGate 6300f: 6FPCs.)

 

To reach an FPC with console-server, use the following command:

 

execute system console-server connect <slot_id>

 

Example:

 

execute system console-server connect 6
Trying 127.0.0.1...
Connected to 127.0.0.1.
F6K login: admin
Password:
Welcome!

F6K[FPC06] #

 

To leave this console access, press Ctrl + X.

 

F6K[FPC06] # Connection closed by foreign host.
F6K(global) #

 

To check if any console-server is active, use the following command:

 

execute system console-server showline

 

Example:

 

execute system console-server showline
Network-to-console line connected – 6
F6K(global) #

 

These outputs show that a console-server is currently connected on port 6.
This command will also display if any physical console is currently used on the MBD, or on any FPC.

 

To clear an active console session, use the following command:

 

execute system console-server clearline <ID>

 

Example:

 

execute system console-server clearline 6

 

This will disconnect the console session from slot 6. This can be confirmed by running the command again:

 

execute system console-server showline
F6K(global) #

 

No console sessions are currently in use.