Fortinet Community

Mohammed_Rashyas · ‎10-22-2013

Hi, How to extract firewall policy and object from fortigate.

Rashyas

emnoc · ‎10-22-2013

show firewall policy would be a start you can do that for any configured item; e.g show firewall addresss ( would show you address configs ) show sys interface ( would show you ALL interface configs ) where-as show sys interface wan2 ( would show you just wan2 ) You can also using unix grep to look for certain or not certain strings e.g show firewall address | grep " MYHOSTXXY" ( would show any matchs with MYHOSTXXY ) where-as show firewall add | grep -v " MYHOST" ( would show all hosts that DO NOT have MYHOST in the name ) btw: the grep option is not supported in earlier releases of fortiOS.

PCNSE

NSE

StrongSwan

Mohammed_Rashyas · ‎10-23-2013

thanks ... i am looking for extracting the policy in xml /html format for future reference as web visualization tool used in checkpoint to export policy into excel

Rashyas

rwpatterson · ‎10-23-2013

ORIGINAL: Mohammed Rashyas thanks ... i am looking for extracting the policy in xml /html format for future reference as web visualization tool used in checkpoint to export policy into excel

Not an available option.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

emnoc · ‎10-23-2013

What your asking is not a typical request for a fortigate . You will need to contact support to see if they have anything available or use a 3rd party firewall auditor software and that' s an expensive option.

PCNSE

NSE

StrongSwan

Fortinet Community

Firewall Policy