Fortinet black logo

CLI Reference

Home FortiManager 6.0.0 CLI Reference

av-ips

6.0.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.8
5.6.7
5.6.7
5.6.6
5.6.6
5.6.5
5.6.5
5.6.4
5.6.4
5.6.3
5.6.3
5.6.2
5.6.2
5.6.1
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.6
5.4.5
5.4.5
5.4.4
5.4.4
5.4.3
5.4.3
5.4.2
5.4.2
5.4.1
5.4.1
5.4.0
5.4.0
5.2.10
5.2.9
5.2.9
5.2.7
5.2.7
5.2.6
5.2.6
5.2.4
5.2.4
5.2.3
5.2.3
5.2.2
5.2.2
5.2.1
5.2.0
5.0.12
5.0.12
5.0.11
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.0
4.0.0
Copy Link
Copy Doc ID ba2993ac-91cb-11e8-a49a-00505692583a:162616
Download PDF

av-ips

Use the following commands to configure antivirus and IPS related settings.

av-ips advanced-log

Use this command to enable logging of FortiGuard antivirus and IPS update packages received by the FortiManager unit’s built-in FDS from the external FDS.

Syntax

config fmupdate av-ips advanced-log

set log-fortigate {enable | disable}

set log-server {enable | disable}

end

Variable

Description

log-fortigate {enable | disable}

Enable/disable logging of FortiGuard antivirus and IPS service updates of FortiGate devices. Default: disable

log-server {enable | disable}

Enable/disable logging of update packages received by the built-in FDS server. Default: disable

Example

You could enable logging of FortiGuard antivirus updates to FortiClient installations and update packages downloaded by the built-in FDS from the FDS.

config fmupdate av-ips advanced-log

set log-forticlient enable

set log-server enable

end

av-ips update-schedule

Use this command to configure the built-in FDS to retrieve FortiGuard antivirus and IPS updates at a specified day and time.

Syntax

config fmupdate av-ips update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

Variable

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

Enter the day of the week when the update will begin.

This option only appears when the frequency is weekly.

frequency {every | daily | weekly}

Enter to configure the frequency of the updates. The following options are available:

  • every: Time interval (default)
  • daily: Every day
  • weekly: Every week

status {enable | disable}

Enable/disable regularly scheduled updates. Default: enable

time <hh:mm>

Enter to configure the time or interval when the update will begin. For example, if you want to schedule an update every day at 6:00 PM, enter 18:00.

The time period format is the 24-hour clock: hh=0-23, mm=0-59. If the minute is 60, the updates will begin at a random minute within the hour.

If the frequency is every, the time is interpreted as an hour and minute interval, rather than a time of day.

Default: 01:60

Example

You could schedule the built-in FDS to request the latest FortiGuard antivirus and IPS updates every five hours, at a random minute within the hour.

config fmupdate av-ips udpate-schedule

set status enable

set frequency every

set time 05:60

end

av-ips web-proxy

Use this command to configure a web proxy if FortiGuard antivirus and IPS updates must be retrieved through a web proxy.

Syntax

config fmupdate av-ips web-proxy

set ip <ipv4_address>

set ip6 <ipv6_address>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {enable | disable}

set username <string>

end

Variable

Description

ip <ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode. The following options are available:

  • proxy: HTTP proxy.
  • tunnel: HTTP tunnel.

password <passwd>

If the web proxy requires authentication, enter the password for the user name. Character limit: 63

port <integer>

Enter the port number of the web proxy. Default: 80. Range: 1 to 65535

status {enable | disable}

Enable/disable connections through the web proxy. Default: disable

username <string>

If the web proxy requires authentication, enter the user name. Character limit: 63

Example

You could enable a connection through a non-transparent web proxy on an alternate port.

config fmupdate av-ips web-proxy

set status enable

set mode proxy

set ip 10.10.30.1

set port 8890

set username avipsupdater

set password cvhk3rf3u9jvsYU

end

Previous
Next

av-ips

Use the following commands to configure antivirus and IPS related settings.

av-ips advanced-log

Use this command to enable logging of FortiGuard antivirus and IPS update packages received by the FortiManager unit’s built-in FDS from the external FDS.

Syntax

config fmupdate av-ips advanced-log

set log-fortigate {enable | disable}

set log-server {enable | disable}

end

Variable

Description

log-fortigate {enable | disable}

Enable/disable logging of FortiGuard antivirus and IPS service updates of FortiGate devices. Default: disable

log-server {enable | disable}

Enable/disable logging of update packages received by the built-in FDS server. Default: disable

Example

You could enable logging of FortiGuard antivirus updates to FortiClient installations and update packages downloaded by the built-in FDS from the FDS.

config fmupdate av-ips advanced-log

set log-forticlient enable

set log-server enable

end

av-ips update-schedule

Use this command to configure the built-in FDS to retrieve FortiGuard antivirus and IPS updates at a specified day and time.

Syntax

config fmupdate av-ips update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

Variable

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

Enter the day of the week when the update will begin.

This option only appears when the frequency is weekly.

frequency {every | daily | weekly}

Enter to configure the frequency of the updates. The following options are available:

  • every: Time interval (default)
  • daily: Every day
  • weekly: Every week

status {enable | disable}

Enable/disable regularly scheduled updates. Default: enable

time <hh:mm>

Enter to configure the time or interval when the update will begin. For example, if you want to schedule an update every day at 6:00 PM, enter 18:00.

The time period format is the 24-hour clock: hh=0-23, mm=0-59. If the minute is 60, the updates will begin at a random minute within the hour.

If the frequency is every, the time is interpreted as an hour and minute interval, rather than a time of day.

Default: 01:60

Example

You could schedule the built-in FDS to request the latest FortiGuard antivirus and IPS updates every five hours, at a random minute within the hour.

config fmupdate av-ips udpate-schedule

set status enable

set frequency every

set time 05:60

end

av-ips web-proxy

Use this command to configure a web proxy if FortiGuard antivirus and IPS updates must be retrieved through a web proxy.

Syntax

config fmupdate av-ips web-proxy

set ip <ipv4_address>

set ip6 <ipv6_address>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {enable | disable}

set username <string>

end

Variable

Description

ip <ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode. The following options are available:

  • proxy: HTTP proxy.
  • tunnel: HTTP tunnel.

password <passwd>

If the web proxy requires authentication, enter the password for the user name. Character limit: 63

port <integer>

Enter the port number of the web proxy. Default: 80. Range: 1 to 65535

status {enable | disable}

Enable/disable connections through the web proxy. Default: disable

username <string>

If the web proxy requires authentication, enter the user name. Character limit: 63

Example

You could enable a connection through a non-transparent web proxy on an alternate port.

config fmupdate av-ips web-proxy

set status enable

set mode proxy

set ip 10.10.30.1

set port 8890

set username avipsupdater

set password cvhk3rf3u9jvsYU

end

Previous
Next