Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
farhanahmed
Staff
Staff

Created on ‎04-02-2024 08:55 AM Edited on ‎06-19-2025 10:42 AM By Moderator

Article Id 308004

Technical Tip: How to fetch FortiAP and FortiSwitch Serials using TCL Script in FortiManager

Description This article describes how to use TCL script in FortiManager to fetch serial numbers of FortiAPs and FortiSwitches connected to FortiGate(s).
Scope FortiManager, FortiGate.
Solution

Follow the initial steps from this article on how to enable and run TCL scripts in FortiManager:

Technical Tip: How to use TCL script...existing route

 

 

  1. Go to Device Manager -> Scripts,  select type TCL Script, and select 'Create new'.

    Create the following TCL script:

 

# Define VDOM name
set vdom_name "root"

# Check if VDOMs are enabled
set status [exec "get system status\n" "# " 15]
set vdom_enabled false
if {![regexp {Virtual domain configuration: disable} $status]} {
set vdom_enabled true
}

# Enter VDOM if enabled
if {$vdom_enabled} {
puts "\n"
puts "================================================="
puts "VDOMs are enabled. Switching to VDOM: $vdom_name"
puts "================================================="
puts "\n"
exec "end\n" "# "
exec "config vdom\nedit $vdom_name\n" "# "
} else {
puts "\n"
puts "================================================"
puts "VDOMs are disabled. Staying in global context."
puts "================================================"
puts "\n"
}

# FortiAPs output
puts "FortiAPs connected to this FGT:"
puts "-------------------------"
set fap_found false
foreach line [split [exec "show wireless-controller wtp\n" "# "] \n] {
if {[regexp {edit\s+"(\w+)"} $line match fap]} {
puts $fap
set fap_found true
}
}
if {!$fap_found} {
puts "None found."
}
puts "================================================" ;# <-- Extra blank line to separate sections

# FortiSwitches output
puts "FortiSwitches connected to this FGT:"
puts "-------------------------"
set fsw_found false
foreach line [split [exec "show switch-controller managed-switch\n" "# "] \n] {
if {[regexp {set sn\s+"(\w+)"} $line match fsw_sn]} {
puts $fsw_sn
set fsw_found true
}
}
if {!$fsw_found} {
puts "None found."
}
puts ""

# Exit VDOM context if it was entered
if {$vdom_enabled} {
exec "end\n" "# "
}
puts "\n"

 

The script takes into consideration whether VDOMs are enabled on the FortiGate. The default is set to 'root' (in the second line of the script).

 

  1. After the script runs successfully, select View Details:

 

7.png

 

 

  1. Select the execution history icon for each FortiGate:

 

 

8.png

 

 

  1. This will show the details of the FortiAP and FortiSwitches connected to the FortiGate:

connected_ap_sw.png

 


Note:
In FortiManager, if FortiSwitch Manager and AP Manager are being used, the Export to Excel option can be used to get the list of the devices:
Importing and exporting FortiSwitch devices.
Importing and exporting FortiAP devices.


Related documents:
 

 
1382
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.