Fortinet black logo

CLI Reference

server-access-priorities

server-access-priorities

Use this command to configure how a FortiGate unit may download antivirus updates and request web filtering services from multiple FortiAnalyzer units and private FDS servers.

Use the private-server subcommand to configure multiple FortiAnalyzer units and private servers.

By default, the FortiGate unit receives updates from the FortiAnalyzer unit if the FortiGate unit is managed by the FortiAnalyzer unit and the FortiGate unit was configured to receive updates from the FortiAnalyzerunit.

Syntax

config fmupdate server-access-priorities

set access-public {enable | disable}

set av-ips {enable | disable}

set web-spam {enable | disable}

config private-server

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set time_zone <integer>

end

end

Variables

Description

access-public {enable | disable}

Enable/disable allowing FortiGates to access public FortiGuard servers when private servers are unavailable (default = disable).

av-ips {enable | disable}

Enable/disable receiving antivirus and IPS update service for private servers (default = disable).

web-spam {enable | disable}

Enable/disable Web Filter and Email Filter update service for private servers (default = enable).

Variables for config private-server subcommand:

<id>

Enter a number to identify the FortiManager unit or private server (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the FortiManager unit or private server.

ip6 <ipv6_address>

Enter the IPv6 address of the FortiManager unit or private server.

time_zone <integer>

Enter the correct time zone of the private server (-24 = local time zone, default = -24).

Example

The following example configures access to public FDS servers and allows FortiGate units to receive antivirus updates from other FortiAnalyzer units and private FDS servers. This example also configures two private servers.

config fmupdate server-access-priorities

set access-public enable

set av-ips enable

config private-server

edit 1

set ip 172.16.130.252

next

edit 2

set ip 172.31.145.201

end

end

server-access-priorities

Use this command to configure how a FortiGate unit may download antivirus updates and request web filtering services from multiple FortiAnalyzer units and private FDS servers.

Use the private-server subcommand to configure multiple FortiAnalyzer units and private servers.

By default, the FortiGate unit receives updates from the FortiAnalyzer unit if the FortiGate unit is managed by the FortiAnalyzer unit and the FortiGate unit was configured to receive updates from the FortiAnalyzerunit.

Syntax

config fmupdate server-access-priorities

set access-public {enable | disable}

set av-ips {enable | disable}

set web-spam {enable | disable}

config private-server

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set time_zone <integer>

end

end

Variables

Description

access-public {enable | disable}

Enable/disable allowing FortiGates to access public FortiGuard servers when private servers are unavailable (default = disable).

av-ips {enable | disable}

Enable/disable receiving antivirus and IPS update service for private servers (default = disable).

web-spam {enable | disable}

Enable/disable Web Filter and Email Filter update service for private servers (default = enable).

Variables for config private-server subcommand:

<id>

Enter a number to identify the FortiManager unit or private server (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the FortiManager unit or private server.

ip6 <ipv6_address>

Enter the IPv6 address of the FortiManager unit or private server.

time_zone <integer>

Enter the correct time zone of the private server (-24 = local time zone, default = -24).

Example

The following example configures access to public FDS servers and allows FortiGate units to receive antivirus updates from other FortiAnalyzer units and private FDS servers. This example also configures two private servers.

config fmupdate server-access-priorities

set access-public enable

set av-ips enable

config private-server

edit 1

set ip 172.16.130.252

next

edit 2

set ip 172.31.145.201

end

end