Fortinet black logo

CLI Reference

6.2.13
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.0.0
5.6.0
5.4.0
5.2.0
5.0.0

config ftp-proxy explicit

config ftp-proxy explicit

Configure explicit FTP proxy settings.

config ftp-proxy explicit
    Description: Configure explicit FTP proxy settings.
    set incoming-ip {ipv4-address-any}
    set incoming-port {user}
    set outgoing-ip {ipv4-address-any}
    set sec-default-action [accept|deny]
    set ssl [enable|disable]
    set ssl-algorithm [high|medium|...]
    set ssl-cert {string}
    set ssl-dh-bits [768|1024|...]
    set status [enable|disable]
end

config ftp-proxy explicit

Parameter

Description

Type

Size

incoming-ip

Accept incoming FTP requests from this IP address. An interface must have this IP address.

ipv4-address-any

Not Specified

incoming-port

Accept incoming FTP requests on one or more ports.

user

Not Specified

outgoing-ip

Outgoing FTP requests will leave from this IP address. An interface must have this IP address.

ipv4-address-any

Not Specified

sec-default-action

Accept or deny explicit FTP proxy sessions when no FTP proxy firewall policy exists.

option

-

Option

Description

accept

Accept requests. All explicit FTP proxy traffic is accepted whether there is an explicit FTP proxy policy or not

deny

Deny requests unless there is a matching explicit FTP proxy policy.

ssl

Enable/disable the explicit FTPS proxy.

option

-

Option

Description

enable

Enable the explicit FTPS proxy.

disable

Disable the explicit FTPS proxy.

ssl-algorithm

Relative strength of encryption algorithms accepted in negotiation.

option

-

Option

Description

high

High encryption. Allow only AES and ChaCha

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

ssl-cert

Name of certificate for SSL connections to this server.

string

Maximum length: 35

ssl-dh-bits

Bit-size of Diffie-Hellman.

option

-

Option

Description

768

768-bit Diffie-Hellman prime.

1024

1024-bit Diffie-Hellman prime.

1536

1536-bit Diffie-Hellman prime.

2048

2048-bit Diffie-Hellman prime.

status

Enable/disable the explicit FTP proxy.

option

-

Option

Description

enable

Enable the explicit FTP proxy.

disable

Disable the explicit FTP proxy.
Previous
Next

config ftp-proxy explicit

Configure explicit FTP proxy settings.

config ftp-proxy explicit
    Description: Configure explicit FTP proxy settings.
    set incoming-ip {ipv4-address-any}
    set incoming-port {user}
    set outgoing-ip {ipv4-address-any}
    set sec-default-action [accept|deny]
    set ssl [enable|disable]
    set ssl-algorithm [high|medium|...]
    set ssl-cert {string}
    set ssl-dh-bits [768|1024|...]
    set status [enable|disable]
end

config ftp-proxy explicit

Parameter

Description

Type

Size

incoming-ip

Accept incoming FTP requests from this IP address. An interface must have this IP address.

ipv4-address-any

Not Specified

incoming-port

Accept incoming FTP requests on one or more ports.

user

Not Specified

outgoing-ip

Outgoing FTP requests will leave from this IP address. An interface must have this IP address.

ipv4-address-any

Not Specified

sec-default-action

Accept or deny explicit FTP proxy sessions when no FTP proxy firewall policy exists.

option

-

Option

Description

accept

Accept requests. All explicit FTP proxy traffic is accepted whether there is an explicit FTP proxy policy or not

deny

Deny requests unless there is a matching explicit FTP proxy policy.

ssl

Enable/disable the explicit FTPS proxy.

option

-

Option

Description

enable

Enable the explicit FTPS proxy.

disable

Disable the explicit FTPS proxy.

ssl-algorithm

Relative strength of encryption algorithms accepted in negotiation.

option

-

Option

Description

high

High encryption. Allow only AES and ChaCha

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

ssl-cert

Name of certificate for SSL connections to this server.

string

Maximum length: 35

ssl-dh-bits

Bit-size of Diffie-Hellman.

option

-

Option

Description

768

768-bit Diffie-Hellman prime.

1024

1024-bit Diffie-Hellman prime.

1536

1536-bit Diffie-Hellman prime.

2048

2048-bit Diffie-Hellman prime.

status

Enable/disable the explicit FTP proxy.

option

-

Option

Description

enable

Enable the explicit FTP proxy.

disable

Disable the explicit FTP proxy.
Previous
Next