FortiGate-6000 execute CLI commands
The following execute commands are available. Most of these commands are only available from the management board CLI.
execute load-balance load-backup-image <slot>
After uploading a firmware image onto the FortiGate-6000 internal TFTP server, use this command to install this firmware image onto an FPC as the backup firmware image. <slot>
is the FPC slot number.
see for information about how to transfer a firmware image to the internal TFTP server.
execute load-balance slot manage <slot>
Log into the CLI of an individual FPC. Use <slot> to specify the FPC slot number.
You will be asked to authenticate to connect to the FPC. Use the exit
command to end the session and return to the management board CLI.
execute load-balance slot nmi-reset <slot-map>
Perform an NMI reset on selected FPCs. The NMI reset dumps registers and backtraces of one or more FPCs to the console. After the data is dumped, the FPCs reboot. While the FPCs are rebooting, traffic is distributed to the remaining FPCs. The FPCs should restart normally and traffic can resume once they are up and running. You can use the diagnose sys confsync status
command to verify that the FPCs have started up.
<slot-map>
can be one or more FPC slot numbers or slot number ranges with no space and separated by commas. For example, to perform an NMI reset of slots 1, 3, 4, and 5, enter
execute load-balance slot nmi-reset 1,3-5
execute load-balance slot power-off <slot-map>
Power off selected FPCs. This command shuts down the FPC immediately. You can use the diagnose sys confsync status
command to verify that the management board cannot communicate with the FPCs.
You can use the execute load-balance slot power-on
command to start up powered off FPCs.
execute load-balance slot power-on <slot-map>
Power on and start up selected FPCs. It may take a few minutes for the FPCs to start up. You can use the diagnose sys confsync status
command to verify that the FPCs have started up.
execute load-balance slot reboot <slot-map>
Restart selected FPCs. It may take a few minutes for the FPCs to shut down and restart. You can use the diagnose sys confsync status
command to verify that the FPCs have started up.
execute load-balance update image <slot>
After uploading a firmware image onto the FortiGate-6000 internal TFTP server, use this command to install this firmware image onto an FPC. <slot>
is the FPC slot number. The firmware image is installed and the FPC restarts running the new firmware.
For more information, see .
execute system console-server
From the management board CLI, the execute system console server commands provides access to individual FPC consoles in your FortiGate-6000. Console access can be useful for troubleshooting. For example, if an FPC does not boot properly you can use console access to view the state of the FPC and enter commands to fix the problem or restart the FPC.
The execute system console-server commands only allow access to FPCs in the FortiGate-6000 that you are logged into. You can't use this command to access FPCs in the other FortiGate-6000 in an HA configuration. |
You can use the config system console-server
command to configure the console server. Using this command you can disable or enable the console server and change the console server ports. Normally you would not need to edit the console server settings.
execute system console-server clearline <line>
Clear an active console server. You can use this command to stop a console-server session that you have started with the execute system console-server connect
command. <line>
is the console server session number. Use the execute system console-server showline
command to view the active console server sessions.
execute system console-server connect <slot>
Start a console-server connection from the management board CLI to an FPC CLI. <slot>
is the FPC slot number. Authenticate to log into the console and use CLI commands to view information, make changes, or restart the FPC. When you are done, use Ctrl-X to exit from the console back to the management board CLI.
Using Ctrl-X may not work if you are accessing the CLI console from the GUI. Instead you may need to log out of the GUI and then log back in.
execute system console-server showline
Show active console-server sessions.
execute upload image {ftp | tftp | usb}
Use this command to upload a firmware image to the FortiGate-6000 internal TFTP server. Once you have uploaded this firmware image, you can install it on an FPC using the execute load-balance load-backup-image <slot>
command.
You can get the firmware image from an external FTP server, an external TFTP server, or from a USB key plugged in the FortiGate-6000 USB port. Use the following syntax:
execute upload image ftp <image-file-and-path> <comment> <ftp-server-address> <username> <password>
execute upload image tftp <image-file> <comment> <tftp-server-address>
execute upload image usb <image-file-and-path> <comment>