Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

Connecting to the CLI

You can use a direct console connection or SSH to connect to the FortiAnalyzer CLI. You can also access through the CLI console widget on the GUI. For more information, see the FortiAnalyzer Administration Guide, and your device’s QuickStart Guide.

You can use a direct console connection or SSH to connect to the FortiAnalyzer CLI.

Connecting to the FortiAnalyzer console

To connect to the FortiAnalyzer console, you need:

  • a computer with an available communications port
  • a console cable, provided with your FortiAnalyzer unit, to connect the FortiAnalyzer console port to a communications port on your computer
  • terminal emulation software, such as HyperTerminal for Windows.
note icon

The following procedure describes how to connect to the FortiAnalyzer CLI using Windows HyperTerminal software. You can use any terminal emulation program.

To connect to the CLI:
  1. Connect the FortiAnalyzer console port to the available communications port on your computer.
  2. Make sure that the FortiAnalyzer unit is powered on.
  3. Start a terminal emulation program on the management computer, select the COM port, and use the following settings:

    COM port

    COM1

    Baud rate

    9600

    Data bits

    8

    Parity

    None

    Stop bits

    1

    Flow control

    None

  4. Press Enter to connect to the FortiAnalyzer CLI.
  5. In the log in prompt, enter the username and password.

    The default log in is username: admin, and no password.

    You have connected to the FortiAnalyzer CLI, and you can enter CLI commands.

Setting administrative access on an interface

To perform administrative functions through a FortiAnalyzer network interface, you must enable the required types of administrative access on the interface to which your management computer connects. Access to the CLI requires Secure Shell (SSH) access. If you want to use the GUI, you need HTTPS access.

To use the GUI to configure FortiAnalyzer interfaces for SSH access, see the FortiAnalyzer Administration Guide.

To use the CLI to configure SSH access:
  1. Connect and log into the CLI using the FortiAnalyzer console port and your terminal emulation software.
  2. Use the following command to configure an interface to accept SSH connections:

    config system interface

    edit <interface_name>

    set allowaccess <access_types>

    end

    Where <interface_name> is the name of the FortiAnalyzer interface to be configured to allow administrative access, and <access_types> is a whitespace-separated list of access types to enable.

    For example, to configure port1 to accept HTTPS and SSH connections, enter:

    config system interface

    edit port1

    set allowaccess https ssh

    end

    Remember to press Enter at the end of each line in the command example. Also, type end and press Enter to commit the changes to the FortiAnalyzer configuration.

  3. To confirm that you have configured SSH access correctly, enter the following command to view the access settings for the interface:

    get system interface <interface_name>

    The CLI displays the settings, including the management access settings, for the named interface.

Connecting to the FortiAnalyzer CLI using SSH

SSH provides strong secure authentication and secure communications to the FortiAnalyzer CLI from your internal network or the internet. Once the FortiAnalyzer unit is configured to accept SSH connections, you can run an SSH client on your management computer and use this client to connect to the FortiAnalyzer CLI.

To connect to the CLI using SSH:
  1. Install and start an SSH client.
  2. Connect to a FortiAnalyzer interface that is configured for SSH connections.
  3. Type a valid administrator name and press Enter.
  4. Type the password for this administrator and press Enter.

    The FortiAnalyzer model name followed by a # is displayed.

    You have connected to the FortiAnalyzer CLI, and you can enter CLI commands.

Connecting to the FortiAnalyzer CLI using the GUI

The GUI also provides a CLI console window.

To connect to the CLI using the GUI:
  1. Connect to the GUI and log in.

    For information about how to do this, see the FortiAnalyzer Administration Guide.

  2. Go to System Settings > Dashboard.
  3. Click inside the CLI Console widget. If the widget is not available, select Toggle Widgets from the toolbar to add the widget to the dashboard.

Connecting to the CLI

You can use a direct console connection or SSH to connect to the FortiAnalyzer CLI. You can also access through the CLI console widget on the GUI. For more information, see the FortiAnalyzer Administration Guide, and your device’s QuickStart Guide.

You can use a direct console connection or SSH to connect to the FortiAnalyzer CLI.

Connecting to the FortiAnalyzer console

To connect to the FortiAnalyzer console, you need:

  • a computer with an available communications port
  • a console cable, provided with your FortiAnalyzer unit, to connect the FortiAnalyzer console port to a communications port on your computer
  • terminal emulation software, such as HyperTerminal for Windows.
note icon

The following procedure describes how to connect to the FortiAnalyzer CLI using Windows HyperTerminal software. You can use any terminal emulation program.

To connect to the CLI:
  1. Connect the FortiAnalyzer console port to the available communications port on your computer.
  2. Make sure that the FortiAnalyzer unit is powered on.
  3. Start a terminal emulation program on the management computer, select the COM port, and use the following settings:

    COM port

    COM1

    Baud rate

    9600

    Data bits

    8

    Parity

    None

    Stop bits

    1

    Flow control

    None

  4. Press Enter to connect to the FortiAnalyzer CLI.
  5. In the log in prompt, enter the username and password.

    The default log in is username: admin, and no password.

    You have connected to the FortiAnalyzer CLI, and you can enter CLI commands.

Setting administrative access on an interface

To perform administrative functions through a FortiAnalyzer network interface, you must enable the required types of administrative access on the interface to which your management computer connects. Access to the CLI requires Secure Shell (SSH) access. If you want to use the GUI, you need HTTPS access.

To use the GUI to configure FortiAnalyzer interfaces for SSH access, see the FortiAnalyzer Administration Guide.

To use the CLI to configure SSH access:
  1. Connect and log into the CLI using the FortiAnalyzer console port and your terminal emulation software.
  2. Use the following command to configure an interface to accept SSH connections:

    config system interface

    edit <interface_name>

    set allowaccess <access_types>

    end

    Where <interface_name> is the name of the FortiAnalyzer interface to be configured to allow administrative access, and <access_types> is a whitespace-separated list of access types to enable.

    For example, to configure port1 to accept HTTPS and SSH connections, enter:

    config system interface

    edit port1

    set allowaccess https ssh

    end

    Remember to press Enter at the end of each line in the command example. Also, type end and press Enter to commit the changes to the FortiAnalyzer configuration.

  3. To confirm that you have configured SSH access correctly, enter the following command to view the access settings for the interface:

    get system interface <interface_name>

    The CLI displays the settings, including the management access settings, for the named interface.

Connecting to the FortiAnalyzer CLI using SSH

SSH provides strong secure authentication and secure communications to the FortiAnalyzer CLI from your internal network or the internet. Once the FortiAnalyzer unit is configured to accept SSH connections, you can run an SSH client on your management computer and use this client to connect to the FortiAnalyzer CLI.

To connect to the CLI using SSH:
  1. Install and start an SSH client.
  2. Connect to a FortiAnalyzer interface that is configured for SSH connections.
  3. Type a valid administrator name and press Enter.
  4. Type the password for this administrator and press Enter.

    The FortiAnalyzer model name followed by a # is displayed.

    You have connected to the FortiAnalyzer CLI, and you can enter CLI commands.

Connecting to the FortiAnalyzer CLI using the GUI

The GUI also provides a CLI console window.

To connect to the CLI using the GUI:
  1. Connect to the GUI and log in.

    For information about how to do this, see the FortiAnalyzer Administration Guide.

  2. Go to System Settings > Dashboard.
  3. Click inside the CLI Console widget. If the widget is not available, select Toggle Widgets from the toolbar to add the widget to the dashboard.