Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.0.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    tree

    tree

    The tree command displays FortiOS config CLI commands in a tree structure called the configuration tree. Each configuration command forms a branch of the tree.

    Syntax

    tree [branch] [sub-branch]

    You can enter the tree command from the top of the configuration tree the command displays the complete configuration tree. Commands are displayed in the order that they are processed when the FortiGate unit starts up. For example, the following output shows the first 10 lines of tree command output:

    tree

    -- -- system -- [vdom] --*name (12)

    +- vcluster-id (0,0)

    |- <global> -- language

    |- gui-ipv6

    |- gui-voip-profile

    |- gui-lines-per-page (20,1000)

    |- admintimeout (0,0)

    |- admin-concurrent

    |- admin-lockout-threshold (0,0)

    |- admin-lockout-duration (1,2147483647)

    |- refresh (0,2147483647)

    |- interval (0,0)

    |- failtime (0,0)

    |- daily-restart

    |- restart-time

    ...

    You can include a branch name with the tree command to view the commands in that branch:

    tree user

    -- user -- [radius] --*name (36)

    |- server (64)

    |- secret

    |- secondary-server (64)

    |- secondary-secret

    ...

    |- [tacacs+] --*name (36)

    |- server (64)

    |- secondary-server (64)

    |- tertiary-server (64)

    ...

    |- [ldap] --*name (36)

    |- server (64)

    |- secondary-server (64)

    |- tertiary-server (64)

    |- port (1,65535)

    ...

    You can include a branch and sub branch name with the tree command to view the commands in that sub branch:

    tree user local

    -- [local] --*name (36)

    |- status

    |- type

    |- passwd

    |- ldap-server (36)

    |- radius-server (36)

    +- tacacs+-server (36)

    ...

    If you enter the tree command from inside the configuration tree the command displays the tree for the current command:

    config user ldap

    tree

    -- [ldap] --*name (36)

    |- server (64)

    |- cnid (21)

    |- dn (512)

    |- port (1,65535)

    |- type

    ...

    The tree command output includes information about field limits. These apply in both the CLI and the web-based manager. For a numeric field, the two numbers in in parentheses show the lower and upper limits. For example (0,32) indicates that values from 0 to 32 inclusive are accepted. For string values, the number in parentheses is one more than the maximum number of characters permitted.

    In the following example, the FQDN can contain up to 255 characters.

    config firewall address

    tree

    -- [address] --*name (64)

    |- subnet

    |- type

    |- start-ip

    |- end-ip

    |- fqdn (256)

    |- country (3)

    |- cache-ttl (0,86400)

    |- wildcard

    |- comment

    |- visibility

    |- associated-interface (36)

    |- color (0,32)

    +- [tags] --*name (64)

    Previous
    Next

    tree

    tree

    The tree command displays FortiOS config CLI commands in a tree structure called the configuration tree. Each configuration command forms a branch of the tree.

    Syntax

    tree [branch] [sub-branch]

    You can enter the tree command from the top of the configuration tree the command displays the complete configuration tree. Commands are displayed in the order that they are processed when the FortiGate unit starts up. For example, the following output shows the first 10 lines of tree command output:

    tree

    -- -- system -- [vdom] --*name (12)

    +- vcluster-id (0,0)

    |- <global> -- language

    |- gui-ipv6

    |- gui-voip-profile

    |- gui-lines-per-page (20,1000)

    |- admintimeout (0,0)

    |- admin-concurrent

    |- admin-lockout-threshold (0,0)

    |- admin-lockout-duration (1,2147483647)

    |- refresh (0,2147483647)

    |- interval (0,0)

    |- failtime (0,0)

    |- daily-restart

    |- restart-time

    ...

    You can include a branch name with the tree command to view the commands in that branch:

    tree user

    -- user -- [radius] --*name (36)

    |- server (64)

    |- secret

    |- secondary-server (64)

    |- secondary-secret

    ...

    |- [tacacs+] --*name (36)

    |- server (64)

    |- secondary-server (64)

    |- tertiary-server (64)

    ...

    |- [ldap] --*name (36)

    |- server (64)

    |- secondary-server (64)

    |- tertiary-server (64)

    |- port (1,65535)

    ...

    You can include a branch and sub branch name with the tree command to view the commands in that sub branch:

    tree user local

    -- [local] --*name (36)

    |- status

    |- type

    |- passwd

    |- ldap-server (36)

    |- radius-server (36)

    +- tacacs+-server (36)

    ...

    If you enter the tree command from inside the configuration tree the command displays the tree for the current command:

    config user ldap

    tree

    -- [ldap] --*name (36)

    |- server (64)

    |- cnid (21)

    |- dn (512)

    |- port (1,65535)

    |- type

    ...

    The tree command output includes information about field limits. These apply in both the CLI and the web-based manager. For a numeric field, the two numbers in in parentheses show the lower and upper limits. For example (0,32) indicates that values from 0 to 32 inclusive are accepted. For string values, the number in parentheses is one more than the maximum number of characters permitted.

    In the following example, the FQDN can contain up to 255 characters.

    config firewall address

    tree

    -- [address] --*name (64)

    |- subnet

    |- type

    |- start-ip

    |- end-ip

    |- fqdn (256)

    |- country (3)

    |- cache-ttl (0,86400)

    |- wildcard

    |- comment

    |- visibility

    |- associated-interface (36)

    |- color (0,32)

    +- [tags] --*name (64)

    Previous
    Next