반응형 sbpaek1318 FortiGate FGSP 1. VDOM enableconf sys globalset vdom-admin enableend2. Create VDOMconf vdomedit test3. VDOM mode settingTPconf vdomedit testconf sys settingset opmode transparentset manageip 10.10.10.1/32endend4. Management Port settingconf sys interfaceedit mgmtset vdom rootset ip 10.10.10.1/24nextedit port1set vdom testnextedit port2set vdom testnextedit port4set ip 192.168.12.1/24set allowaccess ping https .. 2015. 12. 28. FortiAnalyzer 점검 CLI get system sqldiagnose sql statusdiagnose sql show db-sizediagnose log devicediagnose sql process listdiagnose dvm device listdiagose fortilogd msgrate-devicediagose fortilogd lograteget system performanceget system statusexecute log device logstore list 2015. 12. 28. fortigate File reached uncompressed size limit fortigate # config firewall profile-protocol-optionsfortigate (profile-protocol~ons) # edit defaultfortigate (default) # config smtpfortigate (default) # set uncompressed-oversize-limit 5fortigate (smtp) # getports : 25status : enableinspect-all : disableoptions : oversizeoversize-limit : 10uncompressed-oversize-limit: 5uncompressed-nest-limit: 12scan-bzip2 : enableserver-busy : disable 2015. 12. 28. FortiGate 점점 CLI 1. get system performance status- 현재 CPU & Memory, Traffic 사용량, Session수 및 Uptime 확인2. get system status- OS Version 및 Serial 정보 확인3. diag debug crashlog read- 프로세서 Crash 내역 및 FortiGate의 주요 이슈 사항 확인4. diag log alertconsole list- 관리자 계정 Login 실패 기록, 장비 재시작, 전원 off, FortiGuard 업데이트 내역 확인5. diag hardware device nic port1- 해당 Port의 Speed/Duplex 및 Err.. 2015. 12. 28. Fortigate Auto backup configuration http://alstechcorner.blogspot.kr/2014/01/how-to-automate-fortigate-configuration.html 2015. 12. 28. FortiGate IP MAC Binding USERS-FW2 # config firewall ipmacbinding settingUSERS-FW2 (setting) # show full-configurationconfig firewall ipmacbinding settingset bindthroughfw enableset bindtofw enableset undefinedhost blockendUSERS-FW2 # config firewall ipmacbinding tableUSERS-FW2 (table) # show full-configurationconfig firewall ipmacbinding tableedit 1set ip 10.10.10.100set mac 00:e0:4c:50:22:f2set name "sbbaek"set status.. 2015. 12. 28. Spam Blacklist 확인 사이트 http://mxtoolbox.com/blacklists.aspx http://www.fortiguard.com/more/antispam https://www.virustotal.com/ http://www.dnsbl.info/ 2015. 12. 28. 바이크 Harley-Davidson Forty-Eight 2015. 1. 26. 정선 여행 2013. 6. 11. 이전 1 ··· 125 126 127 128 129 130 131 ··· 147 다음 반응형
