Fortinet white logo
Fortinet white logo

CLI Reference

config user peer

config user peer

Configure peer users.

config user peer
    Description: Configure peer users.
    edit <name>
        set ca {string}
        set cn {string}
        set cn-type [string|email|...]
        set ldap-mode [password|principal-name]
        set ldap-password {password}
        set ldap-server {string}
        set ldap-username {string}
        set mandatory-ca-verify [enable|disable]
        set ocsp-override-server {string}
        set passwd {password}
        set subject {string}
        set two-factor [enable|disable]
    next
end

config user peer

Parameter

Description

Type

Size

Default

ca

Name of the CA certificate.

string

Maximum length: 127

cn

Peer certificate common name.

string

Maximum length: 255

cn-type

Peer certificate common name type.

option

-

string

Option

Description

string

Normal string.

email

Email address.

FQDN

Fully Qualified Domain Name.

ipv4

IPv4 address.

ipv6

IPv6 address.

ldap-mode

Mode for LDAP peer authentication.

option

-

password

Option

Description

password

Username/password.

principal-name

Principal name.

ldap-password

Password for LDAP server bind.

password

Not Specified

ldap-server

Name of an LDAP server defined under the user ldap command. Performs client access rights check.

string

Maximum length: 35

ldap-username

Username for LDAP server bind.

string

Maximum length: 35

mandatory-ca-verify

Determine what happens to the peer if the CA certificate is not installed. Disable to automatically consider the peer certificate as valid.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

name

Peer name.

string

Maximum length: 35

ocsp-override-server

Online Certificate Status Protocol (OCSP) server for certificate retrieval.

string

Maximum length: 35

passwd

Peer's password used for two-factor authentication.

password

Not Specified

subject

Peer certificate name constraints.

string

Maximum length: 255

two-factor

Enable/disable two-factor authentication, applying certificate and password-based authentication.

option

-

disable

Option

Description

enable

Enable 2-factor authentication.

disable

Disable 2-factor authentication.

config user peer

config user peer

Configure peer users.

config user peer
    Description: Configure peer users.
    edit <name>
        set ca {string}
        set cn {string}
        set cn-type [string|email|...]
        set ldap-mode [password|principal-name]
        set ldap-password {password}
        set ldap-server {string}
        set ldap-username {string}
        set mandatory-ca-verify [enable|disable]
        set ocsp-override-server {string}
        set passwd {password}
        set subject {string}
        set two-factor [enable|disable]
    next
end

config user peer

Parameter

Description

Type

Size

Default

ca

Name of the CA certificate.

string

Maximum length: 127

cn

Peer certificate common name.

string

Maximum length: 255

cn-type

Peer certificate common name type.

option

-

string

Option

Description

string

Normal string.

email

Email address.

FQDN

Fully Qualified Domain Name.

ipv4

IPv4 address.

ipv6

IPv6 address.

ldap-mode

Mode for LDAP peer authentication.

option

-

password

Option

Description

password

Username/password.

principal-name

Principal name.

ldap-password

Password for LDAP server bind.

password

Not Specified

ldap-server

Name of an LDAP server defined under the user ldap command. Performs client access rights check.

string

Maximum length: 35

ldap-username

Username for LDAP server bind.

string

Maximum length: 35

mandatory-ca-verify

Determine what happens to the peer if the CA certificate is not installed. Disable to automatically consider the peer certificate as valid.

option

-

enable

Option

Description

enable

Enable setting.

disable

Disable setting.

name

Peer name.

string

Maximum length: 35

ocsp-override-server

Online Certificate Status Protocol (OCSP) server for certificate retrieval.

string

Maximum length: 35

passwd

Peer's password used for two-factor authentication.

password

Not Specified

subject

Peer certificate name constraints.

string

Maximum length: 255

two-factor

Enable/disable two-factor authentication, applying certificate and password-based authentication.

option

-

disable

Option

Description

enable

Enable 2-factor authentication.

disable

Disable 2-factor authentication.