Fortinet black logo

CLI Reference

server-access-priorities

server-access-priorities

Use this command to configure how a FortiGate unit may download antivirus updates and request web filtering services from multiple FortiManager units and private FDS servers.

Use the private-server subcommand to configure multiple FortiManager units and private servers.

By default, the FortiGate unit receives updates from the FortiManager unit if the FortiGate unit is managed by the FortiManager unit and the FortiGate unit was configured to receive updates from the FortiManagerunit.

Syntax

config fmupdate server-access-priorities

set access-public {enable | disable}

set av-ips {enable | disable}

set web-spam {enable | disable}

config private-server

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set time_zone <integer>

end

end

Variable

Description

access-public {enable | disable}

Enable/disable allowing FortiGates to access public FortiGuard servers when private servers are unavailable (default = disable).

av-ips {enable | disable}

Enable/disable receiving antivirus and IPS update service for private servers (default = disable).

web-spam {enable | disable}

Enable/disable Web Filter and Email Filter update service for private servers (default = enable).

Variables for config private-server subcommand:

<id>

Enter a number to identify the FortiManager unit or private server (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the FortiManager unit or private server.

ip6 <ipv6_address>

Enter the IPv6 address of the FortiManager unit or private server.

time_zone <integer>

Enter the correct time zone of the private server (-24 = local time zone, default = -24).

Example

The following example configures access to public FDS servers and allows FortiGate units to receive antivirus updates from other FortiManager units and private FDS servers. This example also configures three private servers.

config fmupdate server-access-priorities

set access-public enable

set av-ips enable

config private-server

edit 1

set ip 172.16.130.252

next

edit 2

set ip 172.31.145.201

next

edit 3

set ip 172.27.122.99

end

end

server-access-priorities

Use this command to configure how a FortiGate unit may download antivirus updates and request web filtering services from multiple FortiManager units and private FDS servers.

Use the private-server subcommand to configure multiple FortiManager units and private servers.

By default, the FortiGate unit receives updates from the FortiManager unit if the FortiGate unit is managed by the FortiManager unit and the FortiGate unit was configured to receive updates from the FortiManagerunit.

Syntax

config fmupdate server-access-priorities

set access-public {enable | disable}

set av-ips {enable | disable}

set web-spam {enable | disable}

config private-server

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set time_zone <integer>

end

end

Variable

Description

access-public {enable | disable}

Enable/disable allowing FortiGates to access public FortiGuard servers when private servers are unavailable (default = disable).

av-ips {enable | disable}

Enable/disable receiving antivirus and IPS update service for private servers (default = disable).

web-spam {enable | disable}

Enable/disable Web Filter and Email Filter update service for private servers (default = enable).

Variables for config private-server subcommand:

<id>

Enter a number to identify the FortiManager unit or private server (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the FortiManager unit or private server.

ip6 <ipv6_address>

Enter the IPv6 address of the FortiManager unit or private server.

time_zone <integer>

Enter the correct time zone of the private server (-24 = local time zone, default = -24).

Example

The following example configures access to public FDS servers and allows FortiGate units to receive antivirus updates from other FortiManager units and private FDS servers. This example also configures three private servers.

config fmupdate server-access-priorities

set access-public enable

set av-ips enable

config private-server

edit 1

set ip 172.16.130.252

next

edit 2

set ip 172.31.145.201

next

edit 3

set ip 172.27.122.99

end

end