Hermine
New Contributor II

Audit

Hello, I would like to have a command that can retrieve the following information: password policy, http, https, telnet, ssh, snmp v3, default account, updated, OS version, ntp, anti spoofing, syslog, statefull

 

1 Solution
seshuganesh
Staff
Staff

Hi Team,

 

You can follow this:

password policy:

config system password-policy

show full

 

http, https, telnet, ssh, snmp v3,:

I assume you would like to know whether these services are allowed for that interface or not, for this you can execute these commands:

config sys interface

edit <specific port>

show full

 

Once you execute these commands you will be able to see what are services allowed under "set allow access" field

 

default account:

I suspect you would like to know all the admin accounts in fortigate firewall, you can use this commands for the same:

config sys admin

show full

 

You can also see the associated access profiles for administrators

 

updated:

I believe you want to know the versions of modules in fortigate firewall:

 get system auto-update versions

 

anti spoofing:

For anti spoofing and stateful, you can check this command:

config system settings
     set asymroute enable
end

 

syslog:

For sys log related information you can check this:

https://community.fortinet.com/t5/FortiGate/Technical-Note-Configuring-multiple-SYSLOG-servers/ta-p/...

 

 

OS version:

Execute this command to see the version of fortigate firewall:

get sys status

 

ntp:

config sys ntp

show full

 

 

 

View solution in original post

2 REPLIES 2
seshuganesh
Staff
Staff

Hi Team,

 

You can follow this:

password policy:

config system password-policy

show full

 

http, https, telnet, ssh, snmp v3,:

I assume you would like to know whether these services are allowed for that interface or not, for this you can execute these commands:

config sys interface

edit <specific port>

show full

 

Once you execute these commands you will be able to see what are services allowed under "set allow access" field

 

default account:

I suspect you would like to know all the admin accounts in fortigate firewall, you can use this commands for the same:

config sys admin

show full

 

You can also see the associated access profiles for administrators

 

updated:

I believe you want to know the versions of modules in fortigate firewall:

 get system auto-update versions

 

anti spoofing:

For anti spoofing and stateful, you can check this command:

config system settings
     set asymroute enable
end

 

syslog:

For sys log related information you can check this:

https://community.fortinet.com/t5/FortiGate/Technical-Note-Configuring-multiple-SYSLOG-servers/ta-p/...

 

 

OS version:

Execute this command to see the version of fortigate firewall:

get sys status

 

ntp:

config sys ntp

show full

 

 

 

Hermine
New Contributor II

thank you so much