Fortinet black logo

CLI Reference

Home FortiProxy 7.2.2 CLI Reference
7.2.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.0.17
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
2.0.13
2.0.12
2.0.0
1.2.4

config system nethsm

config system nethsm

Configure system nethsm.

config system nethsm
    Description: Configure system nethsm.
    set status [enable|disable]
    set vendor {option}
    set interface {string}
    set receivetimeout {integer}
    config servers
        Description: NetHSM server list.
        edit <name>
            set server {string}
            set port {integer}
            set server-cert {user}
            set htl [enable|disable]
        next
    end
    config slots
        Description: NetHSM slot list.
        edit <name>
            set id {integer}
            set password {password}
            set for-ha [yes|no]
        next
    end
    set ha [enable|disable]
    set ha-status-pulling-interval {integer}
    config hagroups
        Description: NetHSM HA group list.
        edit <name>
            set member <name1>, <name2>, ...
        next
    end
    set rsa-mech-remap [enable|disable]
end

config system nethsm

Parameter

Description

Type

Size

Default

status

Status.

option

-

disable

Option

Description

enable

Enable system network HSM.

disable

Disable system network HSM.

vendor

Vendor.

option

-

SafeNet

Option

Description

SafeNet

SafeNet

interface

Outgoing interface

string

Maximum length: 15

receivetimeout

Receive timeout, specified in ms .

integer

Minimum value: 0 Maximum value: 4294967295

20000

ha

HA option .

option

-

disable

Option

Description

enable

Enable HA.

disable

Disable HA.

ha-status-pulling-interval

Interval to pull HA status in minutes .

integer

Minimum value: 0 Maximum value: 60

1

rsa-mech-remap

RSA Mechanism Remap option . Enable it if Luna server is running in FIPS mode and firmware version is 6.22.* or greater.

option

-

disable

Option

Description

enable

Enable RSA Mechanism Remap.

disable

Disable RSA Mechanism Remap.

config servers

Parameter

Description

Type

Size

Default

server

{<name_str|ip_str>} NetHSM server domain name or IP.

string

Maximum length: 63

port

NetHSM server port .

integer

Minimum value: 1 Maximum value: 65535

1792

server-cert

NetHSM server certificate.

user

Not Specified

htl

HTL option .

option

-

disable

Option

Description

enable

Enable HTL.

disable

Disable HTL.

config slots

Parameter

Description

Type

Size

Default

id

NetHSM slot ID .

integer

Minimum value: 0 Maximum value: 4294967295

0

password

NetHSM slot access password.

password

Not Specified

for-ha

HA option.

option

-

no

Option

Description

yes

HA slot.

no

Regular slot.

config hagroups

Parameter

Description

Type

Size

Default

member <name>

HA group members.

NetHSM HA group member (slot names).

string

Maximum length: 79

Previous
Next

config system nethsm

Configure system nethsm.

config system nethsm
    Description: Configure system nethsm.
    set status [enable|disable]
    set vendor {option}
    set interface {string}
    set receivetimeout {integer}
    config servers
        Description: NetHSM server list.
        edit <name>
            set server {string}
            set port {integer}
            set server-cert {user}
            set htl [enable|disable]
        next
    end
    config slots
        Description: NetHSM slot list.
        edit <name>
            set id {integer}
            set password {password}
            set for-ha [yes|no]
        next
    end
    set ha [enable|disable]
    set ha-status-pulling-interval {integer}
    config hagroups
        Description: NetHSM HA group list.
        edit <name>
            set member <name1>, <name2>, ...
        next
    end
    set rsa-mech-remap [enable|disable]
end

config system nethsm

Parameter

Description

Type

Size

Default

status

Status.

option

-

disable

Option

Description

enable

Enable system network HSM.

disable

Disable system network HSM.

vendor

Vendor.

option

-

SafeNet

Option

Description

SafeNet

SafeNet

interface

Outgoing interface

string

Maximum length: 15

receivetimeout

Receive timeout, specified in ms .

integer

Minimum value: 0 Maximum value: 4294967295

20000

ha

HA option .

option

-

disable

Option

Description

enable

Enable HA.

disable

Disable HA.

ha-status-pulling-interval

Interval to pull HA status in minutes .

integer

Minimum value: 0 Maximum value: 60

1

rsa-mech-remap

RSA Mechanism Remap option . Enable it if Luna server is running in FIPS mode and firmware version is 6.22.* or greater.

option

-

disable

Option

Description

enable

Enable RSA Mechanism Remap.

disable

Disable RSA Mechanism Remap.

config servers

Parameter

Description

Type

Size

Default

server

{<name_str|ip_str>} NetHSM server domain name or IP.

string

Maximum length: 63

port

NetHSM server port .

integer

Minimum value: 1 Maximum value: 65535

1792

server-cert

NetHSM server certificate.

user

Not Specified

htl

HTL option .

option

-

disable

Option

Description

enable

Enable HTL.

disable

Disable HTL.

config slots

Parameter

Description

Type

Size

Default

id

NetHSM slot ID .

integer

Minimum value: 0 Maximum value: 4294967295

0

password

NetHSM slot access password.

password

Not Specified

for-ha

HA option.

option

-

no

Option

Description

yes

HA slot.

no

Regular slot.

config hagroups

Parameter

Description

Type

Size

Default

member <name>

HA group members.

NetHSM HA group member (slot names).

string

Maximum length: 79

Previous
Next