Fortinet black logo

CLI Reference

interface

interface

Use this command to edit the configuration of a FortiAnalyzer network interface.

Syntax

config system interface

edit <port_string>

set status {up | down}

set ip <ipv4address_mask>

set allowaccess {aggregator http https ping snmp ssh telnet webservice}

set speed {1000full | 100full | 100half | 10full | 10half | auto}

set description <string>

set alias <string>

set mtu <integer>

config ipv6

set ip6-address <IPv6address prefix>

set ip6-allowaccess {aggregator http https ping6 snmp ssh telnet webservice}

set ip6-autoconf {enable | disable}

end

end

Variable

Description

<port>

<port> can be set to a port number such as port1, port2, port3, or port4. Different FortiAnalyzer models have different numbers of ports.

status {up | down}

Start or stop the interface. If the interface is stopped it does not accept or send packets. If you stop a physical interface, VLAN interfaces associated with it also stop. Default: up

ip <ipv4_mask>

Enter the interface IPv4 address and netmask. The IPv4 address cannot be on the same subnet as any other interface.

allowaccess {http https ping snmp ssh telnet webservice}

Enter the types of management access permitted on this interface. Separate multiple selected types with spaces.

If you want to add or remove an option from the list, retype the list as required. The following options are available:

  • http: HTTP access.
  • https: HTTPS access.
  • ping: PING access.
  • snmp: SNMP access.
  • ssh: SSH access.
  • telnet: TELNET access.
  • webservice: Web service access.

speed {1000full 100full 100half 10full 10half auto}

Enter the speed and duplexing the network port uses. Enter auto to automatically negotiate the fastest common speed. The following options are available:

  • 100full: 100M full-duplex.
  • 100half: 100M half-duplex.
  • 10full: 10M full-duplex.
  • 10half: 10M half-duplex.
  • auto: Auto adjust speed (default).

description <string>

Enter a description of the interface. Character limit: 63

alias <string>

Enter an alias for the interface.

mtu <integer>

Set the maximum transportation unit, from 68 to 9000. Default: 1500

Variables foripv6subcommand:

ip6-address <ipv6 prefix>

IPv6 address/prefix of interface.

ip6-allowaccess {http https ping snmp ssh telnet webservice}

Allow management access to the interface. Options include: http, https, ping, snmp, ssh, telnet, and webservice.

ip6-autoconf {enable | disable}

Enable/disable address automatic configuration (SLAAC). Default: enable

Example

This example shows how to set the FortiAnalyzer port1 interface IPv4 address and network mask to 192.168.100.159 255.255.255.0, and the management access to ping, https, and ssh.

config system interface

edit port1

set allowaccess ping https ssh

set ip 192.168.110.26 255.255.255.0

set status up

end

interface

Use this command to edit the configuration of a FortiAnalyzer network interface.

Syntax

config system interface

edit <port_string>

set status {up | down}

set ip <ipv4address_mask>

set allowaccess {aggregator http https ping snmp ssh telnet webservice}

set speed {1000full | 100full | 100half | 10full | 10half | auto}

set description <string>

set alias <string>

set mtu <integer>

config ipv6

set ip6-address <IPv6address prefix>

set ip6-allowaccess {aggregator http https ping6 snmp ssh telnet webservice}

set ip6-autoconf {enable | disable}

end

end

Variable

Description

<port>

<port> can be set to a port number such as port1, port2, port3, or port4. Different FortiAnalyzer models have different numbers of ports.

status {up | down}

Start or stop the interface. If the interface is stopped it does not accept or send packets. If you stop a physical interface, VLAN interfaces associated with it also stop. Default: up

ip <ipv4_mask>

Enter the interface IPv4 address and netmask. The IPv4 address cannot be on the same subnet as any other interface.

allowaccess {http https ping snmp ssh telnet webservice}

Enter the types of management access permitted on this interface. Separate multiple selected types with spaces.

If you want to add or remove an option from the list, retype the list as required. The following options are available:

  • http: HTTP access.
  • https: HTTPS access.
  • ping: PING access.
  • snmp: SNMP access.
  • ssh: SSH access.
  • telnet: TELNET access.
  • webservice: Web service access.

speed {1000full 100full 100half 10full 10half auto}

Enter the speed and duplexing the network port uses. Enter auto to automatically negotiate the fastest common speed. The following options are available:

  • 100full: 100M full-duplex.
  • 100half: 100M half-duplex.
  • 10full: 10M full-duplex.
  • 10half: 10M half-duplex.
  • auto: Auto adjust speed (default).

description <string>

Enter a description of the interface. Character limit: 63

alias <string>

Enter an alias for the interface.

mtu <integer>

Set the maximum transportation unit, from 68 to 9000. Default: 1500

Variables foripv6subcommand:

ip6-address <ipv6 prefix>

IPv6 address/prefix of interface.

ip6-allowaccess {http https ping snmp ssh telnet webservice}

Allow management access to the interface. Options include: http, https, ping, snmp, ssh, telnet, and webservice.

ip6-autoconf {enable | disable}

Enable/disable address automatic configuration (SLAAC). Default: enable

Example

This example shows how to set the FortiAnalyzer port1 interface IPv4 address and network mask to 192.168.100.159 255.255.255.0, and the management access to ping, https, and ssh.

config system interface

edit port1

set allowaccess ping https ssh

set ip 192.168.110.26 255.255.255.0

set status up

end