config system central-management
Configure central management.
config system central-management Description: Configure central management. set mode [normal|backup] set type [fortimanager|fortiguard|...] set fortigate-cloud-sso-default-profile {string} set schedule-config-restore [enable|disable] set schedule-script-restore [enable|disable] set allow-push-configuration [enable|disable] set allow-push-firmware [enable|disable] set allow-remote-firmware-upgrade [enable|disable] set allow-monitor [enable|disable] set serial-number {user} set fmg {user} set fmg-source-ip {ipv4-address} set fmg-source-ip6 {ipv6-address} set local-cert {string} set ca-cert {user} set vdom {string} config server-list Description: Additional severs that the FortiProxy can use for updates (for AV, IPS, updates) and ratings (for web filter and antispam ratings) servers. edit <id> set server-type {option1}, {option2}, ... set addr-type [ipv4|ipv6|...] set server-address {ipv4-address} set server-address6 {ipv6-address} set fqdn {string} next end set fmg-update-port [8890|443] set include-default-servers [enable|disable] set enc-algorithm [default|high|...] set interface-select-method [auto|sdwan|...] set interface {string} end
config system central-management
Parameter |
Description |
Type |
Size |
Default |
||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
mode |
Central management mode. |
option |
- |
normal |
||||||||
|
|
|||||||||||
type |
Central management type. |
option |
- |
none |
||||||||
|
|
|||||||||||
fortigate-cloud-sso-default-profile |
Override access profile. |
string |
Maximum length: 35 |
|
||||||||
schedule-config-restore |
Enable/disable allowing the central management server to restore the configuration of this FortiProxy. |
option |
- |
enable |
||||||||
|
|
|||||||||||
schedule-script-restore |
Enable/disable allowing the central management server to restore the scripts stored on this FortiProxy. |
option |
- |
enable |
||||||||
|
|
|||||||||||
allow-push-configuration |
Enable/disable allowing the central management server to push configuration changes to this FortiProxy. |
option |
- |
enable |
||||||||
|
|
|||||||||||
allow-push-firmware |
Enable/disable allowing the central management server to push firmware updates to this FortiProxy. |
option |
- |
enable |
||||||||
|
|
|||||||||||
allow-remote-firmware-upgrade |
Enable/disable remotely upgrading the firmware on this FortiProxy from the central management server. |
option |
- |
enable |
||||||||
|
|
|||||||||||
allow-monitor |
Enable/disable allowing the central management server to remotely monitor this FortiProxy unit. |
option |
- |
enable |
||||||||
|
|
|||||||||||
serial-number |
Serial number. |
user |
Not Specified |
|
||||||||
fmg |
IP address or FQDN of the FortiManager. |
user |
Not Specified |
|
||||||||
fmg-source-ip |
IPv4 source address that this FortiProxy uses when communicating with FortiManager. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
fmg-source-ip6 |
IPv6 source address that this FortiProxy uses when communicating with FortiManager. |
ipv6-address |
Not Specified |
:: |
||||||||
local-cert |
Certificate to be used by FGFM protocol. |
string |
Maximum length: 35 |
|
||||||||
ca-cert |
CA certificate to be used by FGFM protocol. |
user |
Not Specified |
|
||||||||
vdom |
Virtual domain (VDOM) name to use when communicating with FortiManager. |
string |
Maximum length: 31 |
root |
||||||||
fmg-update-port |
Port used to communicate with FortiManager that is acting as a FortiGuard update server. |
option |
- |
8890 |
||||||||
|
|
|||||||||||
include-default-servers |
Enable/disable inclusion of public FortiGuard servers in the override server list. |
option |
- |
enable |
||||||||
|
|
|||||||||||
enc-algorithm |
Encryption strength for communications between the FortiProxy and central management. |
option |
- |
high |
||||||||
|
|
|||||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||
|
|
|||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Maximum length: 15 |
|
config server-list
Parameter |
Description |
Type |
Size |
Default |
||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
id |
ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||
server-type |
FortiGuard service type. |
option |
- |
|
||||||||||
|
|
|||||||||||||
addr-type |
Indicate whether the FortiProxy communicates with the override server using an IPv4 address, an IPv6 address or a FQDN. |
option |
- |
ipv4 |
||||||||||
|
|
|||||||||||||
server-address |
IPv4 address of override server. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||||
server-address6 |
IPv6 address of override server. |
ipv6-address |
Not Specified |
:: |
||||||||||
fqdn |
FQDN address of override server. |
string |
Maximum length: 255 |
|