FortiOS CLI Reference

Serial Console connection

Baudrate       9600
Data bits      8
Parity         None
Stop bits      1
Flow control   None

Debug VPN

diag vpn ike log-filter dst-addr4 <IP of VPN device> 
diag debug app ike -1 
diag debug enable/disable

Set Static IP via CLI

config system interface 
edit internal //change internal to the name of the interface you want to change 
set mode static
set ip <IP-address> <subnetmask>
end

Set session time to live for all tcp traffic

config system session-ttl
set default <ttl value in seconds>
end

Set session time to live for specific protocol

config system session-ttl
set default <ttl value in seconds>
config port
edit <protocol portnumber>
set timeout <ttl value in seconds>
next
end
end

Restore config via TFTP

execute restore config tftp <file-name_str> <server_ipv4> [<backup-password_str>]

Backup config via TFTP

execute backup config tftp <file-name_str> <server_ipv4> [<backup-password_str>]

Manual setting of master / slave unit

First set the priority to the highest of the unit to be master. (System > Config > HA)

get system ha status (to retrieve the ID of the units)
execute manage ha <id>
config system ha
set override enable
end

Execute this on both units.

After executing, the unit with the highest priority will become master.

Clear DNS cache

diag test application dnsproxy 1