You can connect to the CLI using a direct console connection, SSH, the FortiExplorer app on your iOS device, or the CLI console in the GUI.
You can access the CLI outside of the GUI in three ways:
- Console connection: Connect your computer directly to the console port of your FortiGate.
- SSH access: Connect your computer through any network interface attached to one of the network ports on your FortiGate.
- FortiExplorer: Connect your device to the FortiExplorer app on your iOS device to configure, manage, and monitor your FortiGate. See FortiExplorer for iOS for details.
To open a CLI console, click the _> icon in the top right corner of the GUI. The console opens on top of the GUI. It can be minimized and multiple consoles can be opened.
To edit policies and objects directly in the CLI, right-click on the element and select Edit in CLI.
A direct console connection to the CLI is created by directly connecting your management computer or console to the FortiGate using its DB-9 or RJ-45 console port.
Direct console access to the FortiGate may be required if:
- You are installing the FortiGate for the first time and it is not configured to connect to your network.
- You are restoring the firmware using a boot interrupt. Network access to the CLI will not be available until after the boot process has completed, making direct console access the only option.
To connect to the FortiGate console, you need:
- A console cable to connect the console port on the FortiGate to a communications port on the computer. Depending on your device, this is one of:
- null modem cable (DB-9 to DB-9)
- DB-9 to RJ-45 cable (a DB-9-to-USB adapter can be used)
- USB to RJ-45 cable
- A computer with an available communications port
- Terminal emulation software
- Using the console cable, con