FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Article Id 242340

This article describes how to enable backend-shell access in FortiManager/FortiAnalyzer.

Sometimes, it is necessary to log in to the FortiManager/FortiAnalyzer backend shell to execute some commands, for example, executing curl to check the reachability status of the backend servers.

Scope FortiManager/FortiAnalyzer

1) By default, the FortiManager/FortiAnalyzer does not grant shell access and the following message will be shown:


FMG01 # execute shell
Shell disabled.


2) Check the system admin settings on FortiManager/FortiAnalyzer:


FMG01 # get system admin setting

shell-access : disable


3) The shell-access needs to be enabled via the following CLI commands on FortiManager/FortiAnalyzer:


FMG01 # config system admin setting

(setting) set shell-access enable
Enter new password:
Confirm new password:

(setting)# end


4) Perform the following to verify if the command has been implemented successfully:


FMG01 # get system admin setting

shell-access : enable
shell-password : *


5) Access the backend-shell again:


FMG01 # execute shell
Enter password: