I am brand new to FortiGate and the 600D, but have extensive programming experience. I am wondering if there is a way to get current rule information from a 600D, modify those rules and then upload a new version. Or, could do the whole thing online, but either way looking for a programmatic interface in the 600D. Any help/pointers would be really appreciated.
Thanks.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Elthon Abreu FCNSA v5
Another option, if you have a recent FortiGate is to use the built-in REST API.
Go into System -> Administrators and set up a REST API admin account.
With this you should be able to perform any modification and change you wish. I haven't used it yet so I have no experience with it but googling I got this script https://github.com/DavidChayla/FortigateApi that could give you an overview on how to interact via Python.
If you only need a oneshot option then, the backup, change, restore is the way to go
I wouldn't recommend doing things via a scriptable SSH client
Another option would be fortimanager and btw nothing is wrong with a scriptable-sshclient. In your case you probably want to test what ever changes your are expecting if it a move/add/change/deletion
Ken
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1711 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.