Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nevan
Staff
Staff

Created on ‎05-14-2025 06:54 AM Edited on ‎05-22-2025 11:50 PM By Community Manager

Article Id 391810

Troubleshooting Tip: Essential 'show' commands in FortiGate

Description This article describes essential 'show' commands for troubleshooting purposes, with a short description of each.
Scope FortiGate, FortiGateVM.
Solution

The 'show' commands in FortiOS/FortiGate/FortiGateVM are essential for viewing the current and specific configuration of a unit. These help administrators quickly verify settings, audit changes, and troubleshoot issues without altering the system. The essential show commands in FortiOS/FortiGate/FortiGateVM are as follows:


Command Purpose
show Displays the entire configuration (excluding default entries).
show full-configuration Displays full configuration, including default values.
show system interface Displays the configuration of all network interfaces.
show system interface <interface_name> Displays the configuration of a specific interface.
show firewall policy Displays all configured firewall policies.
show firewall policy <policy_id> Displays specific firewall policy by ID.
show vpn ipsec phase1-interface Shows IPsec Phase 1 interface-based VPN settings.
show vpn ipsec phase2-interface Shows IPsec Phase 2 interface-based VPN settings.
show firewall address Displays all configured address objects.
show firewall addrgrp Displays configured address groups.
show firewall service custom Displays custom service definitions.
show firewall service group Displays service group configurations.
show system global Shows global system settings.
show system admin Displays the configuration of admin users.
show system dns Displays DNS settings.
show system time Displays the configured system time and time zone.
show log setting Displays logging configuration.
show router static Shows static routing table configuration.
show router bgp Displays BGP routing configuration.
show router ospf Displays OSPF configuration.
show wireless-controller access-control-list Configure WiFi bridge access control list
show user ldap Displays LDAP server configuration.
show user radius Displays RADIUS server settings.
show system ntp Shows NTP (Network Time Protocol) settings.
show webfilter profile Displays web filtering profiles.
show antivirus profile Shows antivirus profiles.
show application list Displays application control lists.
show ips sensor Displays IPS (Intrusion Prevention System) sensor configurations.
show emailfilter profile Displays email filtering profile settings.
show system ha Shows high availability (HA) settings.
show vpn ssl settings
Shows SSL VPN settings.
show firewall local-in-policy
 Displays all configured local-in policies.
show firewall vip
 Displays all configured Virtual IPs.
show firewall ippool Displays all configured IP Pools.
show system gre-tunnel Displays the configuration details of the GRE tunnel.

 

Apart from the baseline show commands, some features (e.g., SD-WAN, ZTNA, etc) may have different show commands depending on the FortiOS versions, but pressing the '?' character right after the 'show' command will give exactly the outputs that will be available within the feature.
1171
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.