Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 8.0.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    8.0.0
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.12
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.19
    7.0.18
    7.0.17
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.16
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.17
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config system fortisandbox

    config system fortisandbox

    Configure FortiSandbox.

    config system fortisandbox
    Description: Configure FortiSandbox.
    edit <device>
        set ca {string}
        set certificate-verification [enable|disable]
        set cn {string}
        set cn-list <cn1>, <cn2>, ...
        set default {option}
        set email {string}
        set enc-algorithm [default|high|...]
        set forticloud [enable|disable]
        set inline-scan [enable|disable]
        set interface {string}
        set interface-select-method [auto|sdwan|...]
        set server {string}
        set source-ip {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set status [enable|disable]
        set vrf-select {integer}
    next
end

    config system fortisandbox

    Parameter

    Description

    Type

    Size

    Default

    ca

    The CA that signs remote FortiSandbox certificate, empty for no check.

    string

    Maximum length: 79

    certificate-verification

    Enable/disable identity verification of FortiSandbox by use of certificate.

    option

    -

    disable

    Option

    Description

    enable

    Enable identity verification of FortiSandbox by use of certificate.

    disable

    Disable identity verification of FortiSandbox by use of certificate.

    cn *

    The CN of remote server certificate, case sensitive, empty for no check.

    string

    Maximum length: 127

    cn-list <cn> *

    The CN list of remote server certificate, case sensitive, empty for no check.

    CN Name.

    string

    Maximum length: 63

    default *

    Set as default FortiSandbox.

    option

    -

    Option

    Description

    enable

    Default FortiSandbox.

    device *

    Device Name.

    string

    Maximum length: 35

    email

    Notifier email address.

    string

    Maximum length: 63

    enc-algorithm

    Configure the level of SSL protection for secure communication with FortiSandbox.

    option

    -

    default

    Option

    Description

    default

    SSL communication with high and medium encryption algorithms.

    high

    SSL communication with high encryption algorithms.

    low

    SSL communication with low encryption algorithms.

    forticloud *

    Enable/disable FortiSandbox Cloud.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox Cloud.

    disable

    Disable FortiSandbox Cloud.

    inline-scan *

    Enable/disable FortiSandbox inline scan.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox inline scan.

    disable

    Disable FortiSandbox inline scan.

    interface

    Specify outgoing interface to reach server.

    string

    Maximum length: 15

    interface-select-method

    Specify how to select outgoing interface to reach server.

    option

    -

    auto

    Option

    Description

    auto

    Set outgoing interface automatically.

    sdwan

    Set outgoing interface by SD-WAN or policy routing rules.

    specify

    Set outgoing interface manually.

    server

    Server IP address or FQDN of the remote FortiSandbox.

    string

    Maximum length: 63

    source-ip

    Source IP address for communications to FortiSandbox.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    TLSv1-3

    TLSv1.3.

    status

    Enable/disable FortiSandbox.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox.

    disable

    Disable FortiSandbox.

    vrf-select

    VRF ID used for connection to server.

    integer

    Minimum value: 0 Maximum value: 511

    0

    * This parameter may not exist in some models.

    Previous
    Next

    config system fortisandbox

    config system fortisandbox

    Configure FortiSandbox.

    config system fortisandbox
    Description: Configure FortiSandbox.
    edit <device>
        set ca {string}
        set certificate-verification [enable|disable]
        set cn {string}
        set cn-list <cn1>, <cn2>, ...
        set default {option}
        set email {string}
        set enc-algorithm [default|high|...]
        set forticloud [enable|disable]
        set inline-scan [enable|disable]
        set interface {string}
        set interface-select-method [auto|sdwan|...]
        set server {string}
        set source-ip {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set status [enable|disable]
        set vrf-select {integer}
    next
end

    config system fortisandbox

    Parameter

    Description

    Type

    Size

    Default

    ca

    The CA that signs remote FortiSandbox certificate, empty for no check.

    string

    Maximum length: 79

    certificate-verification

    Enable/disable identity verification of FortiSandbox by use of certificate.

    option

    -

    disable

    Option

    Description

    enable

    Enable identity verification of FortiSandbox by use of certificate.

    disable

    Disable identity verification of FortiSandbox by use of certificate.

    cn *

    The CN of remote server certificate, case sensitive, empty for no check.

    string

    Maximum length: 127

    cn-list <cn> *

    The CN list of remote server certificate, case sensitive, empty for no check.

    CN Name.

    string

    Maximum length: 63

    default *

    Set as default FortiSandbox.

    option

    -

    Option

    Description

    enable

    Default FortiSandbox.

    device *

    Device Name.

    string

    Maximum length: 35

    email

    Notifier email address.

    string

    Maximum length: 63

    enc-algorithm

    Configure the level of SSL protection for secure communication with FortiSandbox.

    option

    -

    default

    Option

    Description

    default

    SSL communication with high and medium encryption algorithms.

    high

    SSL communication with high encryption algorithms.

    low

    SSL communication with low encryption algorithms.

    forticloud *

    Enable/disable FortiSandbox Cloud.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox Cloud.

    disable

    Disable FortiSandbox Cloud.

    inline-scan *

    Enable/disable FortiSandbox inline scan.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox inline scan.

    disable

    Disable FortiSandbox inline scan.

    interface

    Specify outgoing interface to reach server.

    string

    Maximum length: 15

    interface-select-method

    Specify how to select outgoing interface to reach server.

    option

    -

    auto

    Option

    Description

    auto

    Set outgoing interface automatically.

    sdwan

    Set outgoing interface by SD-WAN or policy routing rules.

    specify

    Set outgoing interface manually.

    server

    Server IP address or FQDN of the remote FortiSandbox.

    string

    Maximum length: 63

    source-ip

    Source IP address for communications to FortiSandbox.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    TLSv1-3

    TLSv1.3.

    status

    Enable/disable FortiSandbox.

    option

    -

    disable

    Option

    Description

    enable

    Enable FortiSandbox.

    disable

    Disable FortiSandbox.

    vrf-select

    VRF ID used for connection to server.

    integer

    Minimum value: 0 Maximum value: 511

    0

    * This parameter may not exist in some models.

    Previous
    Next