Difference between revisions of "Applying a configuration file to a Fortinet Fortigate Firewall"

From NesevoWiki
Jump to navigationJump to search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
* Connect to the serial console of the device
+
* General assumption: The device is configured according to factory defaults.
* If the device is configured according to factory defaults, log in using username <code>admin</code> and no password (just hit <code>ENTER</code>).
+
* Connect to the serial console of the device (just like to a Cisco device, same serial port settings)
* Just like on a Cisco device, paste in the configuration commands. Don't use more than 1-2 screen sizes of commands at a time.
+
* Log in using username <code>admin</code> and no password (just hit <code>ENTER</code>).
* Commands become active instantly, there's no need to excplicitly "commit" the changes.
+
* Connect your computer's network port to the MGMT network port of the device. Configure your computer's NIC to use a static IP address in the 192.168.1.0/24 subnet (e.g. 192.168.1.100/255.255.255.0).
* Commands are also saved instantly, there's no need to excplicitly write the changes to flash.
+
* Access the device's web interface on https://192.168.1.99 and log in with the same credentials as above.
* To check the running configuration, type <code>show full-configuration</code>
+
* In the navigation bar, go to ''System'' &rarr; ''Config'' &rarr; ''Advanced''
 +
 +
* In the ''Scripts'' section of the page, select ''Upload Bulk CLI Command File'' and select your config file.
 +
* Hit ''Apply''. You'll lose connection almost instantly, as most probably the config file will set the IP address of the MGMT interface to something other than 192.168.1.99.
 +
* In the CLI window (serial terminal), check if the hostname has changed and now matches the hostname in your config file. Optionally, check the complete config by issueing the <code>show full-configuration</code> command.
 +
* The new config is now applied and saved to the device.

Latest revision as of 14:45, 11 March 2015

  • General assumption: The device is configured according to factory defaults.
  • Connect to the serial console of the device (just like to a Cisco device, same serial port settings)
  • Log in using username admin and no password (just hit ENTER).
  • Connect your computer's network port to the MGMT network port of the device. Configure your computer's NIC to use a static IP address in the 192.168.1.0/24 subnet (e.g. 192.168.1.100/255.255.255.0).
  • Access the device's web interface on https://192.168.1.99 and log in with the same credentials as above.
  • In the navigation bar, go to SystemConfigAdvanced
  • In the Scripts section of the page, select Upload Bulk CLI Command File and select your config file.
  • Hit Apply. You'll lose connection almost instantly, as most probably the config file will set the IP address of the MGMT interface to something other than 192.168.1.99.
  • In the CLI window (serial terminal), check if the hostname has changed and now matches the hostname in your config file. Optionally, check the complete config by issueing the show full-configuration command.
  • The new config is now applied and saved to the device.
Retrieved from "http://wiki.nesevo.com/index.php?title=Applying_a_configuration_file_to_a_Fortinet_Fortigate_Firewall&oldid=2649"