The command-line interface (CLI) is an alternative to the web UI. Show
You can use either interface or both to configure the FortiADC appliance. In the web UI, you use buttons, icons, and forms, while, in the CLI, you either type text commands or upload batches of commands from a text file, like a configuration script. If you are new to Fortinet products, or if you are new to the CLI, this section can help you to become familiar. Connecting to the CLIYou can access the CLI in two ways:
Local access is required in some cases:
Before you can access the CLI through the network, you usually must enable SSH and/or HTTP/HTTPS and/or Telnet on the network interface through which you will access the CLI. Connecting to the CLI using a local consoleLocal console connections to the CLI are formed by directly connecting your management computer or console to the FortiADC appliance, using its DB-9 console port. Requirements
The login prompt appears. The CLI displays the following text, followed by a command line prompt:
You can now enter CLI commands, including configuring access to the CLI through SSH or Telnet. Enabling access to the CLI through the networkSSH, Telnet, or CLI Console widget (via the web UI) access to the CLI requires connecting your computer to the FortiADC appliance using one of its RJ‑45 network ports. You can either connect directly, using a peer connection between the two, or through any intermediary network.
You must enable SSH and/or Telnet on the network interface associated with that physical network port. If your computer is not connected directly or through a switch, you must also configure the FortiADC appliance with a static route to a router that can forward packets from the FortiADC appliance to your computer. You can do this using either:
config system interface edit <interface_name> set allowaccess {http https ping snmp ssh telnet} end where:
{http https ping snmp ssh telnet} is the complete, space-delimited list of permitted administrative access protocols, such as For example, to exclude HTTP, SNMP, and Telnet, and allow only
HTTPS, ICMP ECHO (ping), and SSH administrative access on config system interface edit "port1" set allowaccess ping https ssh next end
show system interface <interface_name> The CLI displays the settings, including the management access settings, for the interface. Connecting to the CLI using SSHOnce you configure the FortiADC appliance to accept SSH connections, you can use an SSH client on your management computer to connect to the CLI. Secure Shell (SSH) provides both secure authentication and secure communications to the CLI. Supported SSH protocol versions, ciphers, and bit strengths vary by whether or not you have enabled FIPS-CC mode or are using a low encryption (LENC) version, but generally include SSH version 2 with AES-128, 3DES, Blowfish, and SHA-1. Requirements
Initially, the Session category of settings is displayed. The SSH client connects to the FortiADC appliance. The SSH client may display a warning if this is the first time you are connecting to the FortiADC appliance and its SSH key is not yet recognized by your SSH client, or if you have previously connected to the FortiADC appliance but it used a different IP address or SSH key. If your management computer is directly connected to the FortiADC appliance with no network hosts between them, this is normal. The CLI displays a login prompt.
The FortiADC appliance displays a command prompt (its hostname followed by a Connecting to the CLI using TelnetOnce the FortiADC appliance is configured to accept Telnet connections, you can use a Telnet client on your management computer to connect to the CLI.
The CLI displays a command line prompt (by default, its host name followed by a Which three commands are used to set up secure access to a router through a connection to the?interface fastethernet 0/0line vty 0 4line console 0enable secret ciscologinpassword ciscoExplanation:The three commands needed to passwordprotect the console port are as follows:line console 0password ciscologinTheinterface fastethernet 0/0command iscommonly used to access the configurationmode used to apply ...
Which type of access is secured on a Cisco router?3. Which type of access is secured on a Cisco router or switch with the enable secret command? The enable secret command secures access to the privileged EXEC mode of a Cisco router or switch.
|