# fortigate ###### tags: `script`, `minicom`, `networking devices` ## APP 1. [minicom](https://hackmd.io/YEyHBpw4TGqqTKn_GUoByg) 1. Putty Ref> https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/582009/system-administrator-best-practices ## 重設密碼 1. 重開機 2. 帳號 maintainer 密碼 bcpb**FGT61ETK1900xxxx** (粗體為序號) 3. 變更admin密碼 ``` config system admin edit admin set password 1234 end ``` 4. 關閉帳號 maintainer ``` config system global set admin-maintainer disable end ``` ## 查看設定檔 `show full-configuration` `show system interface` ## 重新啟動 ``` execute reboot execute shutdown ``` ## ping `exec ping <IP>` ## Disable administrative access to the external (Internet-facing) interface ``` config system interface edit <external-interface-name> unset allowaccess end ``` ## Allow only HTTPS access to the GUI and SSH access to the CLI ``` config system interface edit <interface-name> set allowaccess https ssh end ``` ## Require TLS 1.2 for HTTPS administrator access ``` config system global set admin-https-ssl-versions tlsv1-2 end ``` ## Re-direct HTTP GUI logins to HTTPS ``` config system global set admin-https-redirect enable end ```