Fortinet black logo

CLI Reference Manual

Home FortiNAC-F 7.4.0 CLI Reference Manual
7.4.0
7.4.0
7.2.4
7.2.3
7.2.1
7.2.0

Interface

Interface

Interface configuration is handled in the global interface context. To enter the global interface context, from the base context run:

config system interface

Available commands

Command

Description

abort

Cancels any edits made since entering the context, and returns to the base context

end

Saves changes made since entering the context, and returns to the base context

help

Shows the available commands

show

Show the current configuration, including uncommitted edits

edit [<interface>]

Enter the specified interface’s context, in order to edit that interface’s configuration

port1

Management

port2

Portal/Isolation interface

port3

Available network port

port4

Available network port

port5

Available network port

port6

Available network port

Specific Interface Context

Inside a specific interface’s context, the following commands are available:

Command

Description

abort

Cancels any edits made since entering the context, and returns to the base context

end

Saves changes made since entering the context, and returns to the base context

help

Shows the available commands

next

Readies the changes for commit, but does not push them until end is called on the global interface context. Returns to the global interface context

show

Show the current configuration, including uncommitted edits

set allowaccess [[protocol list]]

Enables access to this interface via the specified protocol. Multiple options must be specified at once to enable both.

Example: Enable both http and https:

set allowaccess http https


Available options:

dhcp

DHCP (UDP ports 67, 68, 546, 547) [Portal and Management]

dns

DNS (TCP/UDP port 53) [Portal]

fsso

FSSO (TCP port 8000) [Management]

http

HTTP (TCP port 80) [Portal]

http-adminui

Admin UI HTTP (TCP port 8080) [Management]

https

HTTPS (TCP port 443) [Portal]

https-adminui

Admin UI HTTPS (TCP port 8443) [Management]

netflow

NetFlow (UDP port 2055) [Management]

nac-agent

FortiNAC Agent (TCP port 4568) [Portal]

nac-ipc

NAC IPC (TCP ports 1050, 5555, 30000-64000) [Management]

ping

Ping (ICMP) [Management]

radius

RADIUS (TCP/UDP port 1812) [Management]

radius-acct

RADIUS Accounting (TCP/UDP port 1813) [Management]

radius-local

Local RADIUS (TCP/UDP port 1645) [Management]

radius-local-radsec

Local RADIUS RadSec (TCP/UDP port 2083) [Management]

snmp

SNMP (UDP ports 161 and 162) [Management]

ssh

SSH (TCP port 22) [Management]

syslog

Syslog (UDP port 53) [Management]

set allowaccess help

Alternative method to get the help for all the options available for allowaccess

set ip [<ip/cidr>]

Specifies the interface’s IPv4 address and subnet mask. For example:
set ip 192.0.2.5/24

set ip6 [<ip6/cidr>]

Specifies the interface’s IPv6 address and subnet mask

set mode [static|dhcp]

Sets the interface’s IP mode to be either static or dynamically allocated

unset [allowaccess|ip|ip6|mode]

Unset the specified configuration back to the default value
Previous
Next

Interface

Interface configuration is handled in the global interface context. To enter the global interface context, from the base context run:

config system interface

Available commands

Command

Description

abort

Cancels any edits made since entering the context, and returns to the base context

end

Saves changes made since entering the context, and returns to the base context

help

Shows the available commands

show

Show the current configuration, including uncommitted edits

edit [<interface>]

Enter the specified interface’s context, in order to edit that interface’s configuration

port1

Management

port2

Portal/Isolation interface

port3

Available network port

port4

Available network port

port5

Available network port

port6

Available network port

Specific Interface Context

Inside a specific interface’s context, the following commands are available:

Command

Description

abort

Cancels any edits made since entering the context, and returns to the base context

end

Saves changes made since entering the context, and returns to the base context

help

Shows the available commands

next

Readies the changes for commit, but does not push them until end is called on the global interface context. Returns to the global interface context

show

Show the current configuration, including uncommitted edits

set allowaccess [[protocol list]]

Enables access to this interface via the specified protocol. Multiple options must be specified at once to enable both.

Example: Enable both http and https:

set allowaccess http https


Available options:

dhcp

DHCP (UDP ports 67, 68, 546, 547) [Portal and Management]

dns

DNS (TCP/UDP port 53) [Portal]

fsso

FSSO (TCP port 8000) [Management]

http

HTTP (TCP port 80) [Portal]

http-adminui

Admin UI HTTP (TCP port 8080) [Management]

https

HTTPS (TCP port 443) [Portal]

https-adminui

Admin UI HTTPS (TCP port 8443) [Management]

netflow

NetFlow (UDP port 2055) [Management]

nac-agent

FortiNAC Agent (TCP port 4568) [Portal]

nac-ipc

NAC IPC (TCP ports 1050, 5555, 30000-64000) [Management]

ping

Ping (ICMP) [Management]

radius

RADIUS (TCP/UDP port 1812) [Management]

radius-acct

RADIUS Accounting (TCP/UDP port 1813) [Management]

radius-local

Local RADIUS (TCP/UDP port 1645) [Management]

radius-local-radsec

Local RADIUS RadSec (TCP/UDP port 2083) [Management]

snmp

SNMP (UDP ports 161 and 162) [Management]

ssh

SSH (TCP port 22) [Management]

syslog

Syslog (UDP port 53) [Management]

set allowaccess help

Alternative method to get the help for all the options available for allowaccess

set ip [<ip/cidr>]

Specifies the interface’s IPv4 address and subnet mask. For example:
set ip 192.0.2.5/24

set ip6 [<ip6/cidr>]

Specifies the interface’s IPv6 address and subnet mask

set mode [static|dhcp]

Sets the interface’s IP mode to be either static or dynamically allocated

unset [allowaccess|ip|ip6|mode]

Unset the specified configuration back to the default value
Previous
Next