This article describes how to use a TCL script in FortiManager to fetch FortiGate interface IP addresses and set the source IP for FortiAnalyzer logging config in FortiGate. Settings source IP is helpful in case connectivity is through a VPN tunnel.
The script can be run for multiple FortiGates at the same time.
FortiManager.
config system admin setting
(setting) set show_tcl_script enable
(setting) end
Create the below TCL script:
#!
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}
do_cmd "config system interface"
#
# FortiGate interface to fetch the IP address
#
do_cmd "edit port1"
set query [exec "show\n" "# "]
set output [split $query \n]
#
# Fetching the interface IP address
#
regexp {(?:\d+\.\d+\.\d+\.\d+){1}} $output ip
do_cmd "end"
#
# Setting the source IP
#
do_cmd "config log fortianalyzer setting"
do_cmd "set status enable"
do_cmd "set source-ip $ip"
do_cmd "end"
The script will fetch the IP address from the FortiGate interface (set on line#9 of the script above) and set it as the source-ip.
Note:
For FortiGate(s) with VDOMs enabled, a different script will be required.
#!
proc do_cmd {cmd} {
puts [exec "$cmd\n" "# " 15]
}
do_cmd "config global" <----- 'config global' is required for FortiGate(s) with VDOMs.
do_cmd "config system interface"
#
# FortiGate interface to fetch the IP address
#
do_cmd "edit port1"
set query [exec "show\n" "# "]
set output [split $query \n]
#
# Fetching the interface IP address
#
regexp {(?:\d+\.\d+\.\d+\.\d+){1}} $output ip
do_cmd "end"
#
# Setting the source IP
#
do_cmd "config log fortianalyzer setting"
do_cmd "set status enable"
do_cmd "set source-ip $ip"
do_cmd "end"
get log fortianalyzer setting
Check the same under FortiManager -> Device Manager.
Check under FortiManager -> Device Manager:
Select the FortiGate and select the right arrow:
Select Run Now:
Select OK:
The script is running:
Script ran successfully:
Note:
If there are any errors, refer to the below document to troubleshoot TCL scripts:
Technical Tip: How to troubleshoot TCL Scripts failed in FortiManager
Check under FortiManager-> Device Manager:
Related documents:
Technical Tip: How to troubleshoot TCL Scripts failed in FortiManager
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.