IP Address Assignment Rules list to txt flat file in FortiGate 600E
As in topic, I got FortiGate 600E
I'm looking for a solution to get list of all reserved address (from each vlan) preferably to some txt flat file, as well as get device inventory list (with last seen column) to match those list compare in some external tool.
As for the suggested commands - second one is more sutiable, hoever is not exacly what I mean,
first of all I want to get list of all active addresses (it's similar to a device inventory from web-access Dashboard/users&Devices -> but in CLI and with information about 'last seen' time of the address)
'IP Address Assignment Rules' find in interface/VLAN/Advanced.
I don't think that is possible at the moment in the FortiOS, but sounds like a good feature request. Other products lige FAZ or FortiSOAR may be able to handle this natively. On the FortiOS I think there are some limitations to that, given the fact that the device-identification feature needs to store data on a database that takes up memory (and link these IPs to traffic logs). For a small network that shouldn't be a problem, but the FortiOS is consistent over several ranges of devices. Enabling such feature on a device handling thousands of clients, even by mistake, may cause instant filling of memory and bring down the device.
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
this is technically doable via API, but would very likely need some scripting. You can have a look at what information is available via API: 1. Log into admin GUI
2. Access these URLs:
https://<FortiGate>/api/v2/cmdb/system.dhcp/server -> gives you all DHCP servers, which include a subsection 'reserved-address', essentially the same as 'config system dhcp server/show'
https://<FortiGate>/api/v2/monitor/dhcp -> all DHCP and DHCP6 leases, with a 'reserved' boolean attribute (is this a reserved IP or not) -> you can filter for reserved entries: -> https://<FortiGate>/api/v2/monitor/dhcp?filter=reserved==true
https://<FortiGate>/api/v2/monitor/user/device/query -> all detected devices -> includes information on "last seen" (in epoch time, https://www.epochconverter.com/) -> you can filter for online status: -> https://<FortiGate>/api/v2/monitor/user/device/query?filter=is_online==true -> depending on firmware version, the query would be https://<FortiGate>/api/v2/monitor/detected-device instead If that provides an easier format to work with and/or you are comfortable with scripting, API might be the way for you to get the information into a text file and compare
+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.