fds-setting
Use this command to set FDS settings.
Syntax
config fmupdate fds-setting
set fds-pull-interval <integer>
set fds-ssl-protocol
set fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn}
set linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn}
set max-av-ips-version <integer>
set max-work <integer>
set system-support-faz {4.x | 5.0 | 5.2 | 5.4}
set system-support-fct {4.x | 5.0 | 5.2 | 5.4}
set system-support-fgt {4.x | 5.0 | 5.2 | 5.4}
set system-support-fml {4.x | 5.0 | 5.2 | 5.4}
set system-support-fsa {1.x | 2.x}
set system-support-fsw {4.x | 5.0 | 5.2 | 5.4}
set umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn}
set unreg-dev-option {add-service | ignore | svc-only}
set User-Agent <text>
end
Variable |
Description |
---|---|
fds-pull-interval <integer> |
Time interval FortiManager may pull updates from FDS. Range: 1 to 120 (minutes). Default: 10. |
fds-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2} |
Set the SSL protocols version for FDS service. Default: |
fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn} |
The fmtr log level. Set to |
linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn} |
The linkd log level. Default: |
max-av-ips-version <integer> |
The maximum number of AV/IPS full version downloadable packages. Range: 1 to 1000. Default: 20. |
max-work <integer> |
The maximum number of worker processing downlink requests. Range: 1 to 32. Default: 1. |
system-support-faz {4.x | 5.0 | 5.2 | 5.4} |
Set the FortiAnalyzer support version. |
system-support-fct {4.x | 5.0 | 5.2 | 5.4} |
Set the FortiClient support version. |
system-support-fgt {4.x | 5.0 | 5.2 | 5.4} |
Set the FortiGate support version. |
system-support-fml {4.x | 5.0 | 5.2 | 5.4} |
Set the FortiMail support version. |
system-support-fsa {1.x | 2.x} |
Set the FortiSandbox support version. |
system-support-fsw {4.x | 5.0 | 5.2 | 5.4} |
Set the FortiSwitch support version. |
umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn} |
The um_service log level. Default: |
unreg-dev-option {add-service | ignore | svc-only} |
Set the option for unregistered devices:
|
User-Agent <text> |
Configure the User-Agent string. |
fds-setting push-override
Use this command to enable or disable push updates, and to override the default IP address and port to which the FDS sends FortiGuard antivirus and IPS push messages.
This is useful if push notifications must be sent to an IP address and/or port other than the FortiManager unit, such as the external or virtual IP address of a NAT device that forwards traffic to the FortiManager unit.
Syntax
config fmupdate fds-setting
config push-override
set ip <ipv_address>
set port <integer>
set status {enable | disable}
end
end
Variable |
Description |
---|---|
ip <ipv_address> |
Enter the external or virtual IP address of the NAT device that will forward push messages to the FortiManager unit. Default: |
port <integer> |
Enter the receiving port number on the NAT device. Default: |
status {enable | disable} |
Enable/disable the push updates.
Default: |
Example
You could enable the FortiManager unit’s built-in FDS to receive push messages.
If there is a NAT device or firewall between the FortiManager unit and the FDS, you could also notify the FDS to send push messages to the external IP address of the NAT device, instead of the FortiManager unit’s private network IP address.
config fmupdate fds-setting
config push-override
set status enable
set ip 172.16.124.135
set port 9000
end
end
You would then configure port forwarding on the NAT device, forwarding push messages received on User Datagram Protocol (UDP) port 9000 to the FortiManager unit on UDP port 9443.
fds-setting push-override-to-client
Use this command to enable or disable push updates, and to override the default IP address and port to which the FDS sends FortiGuard antivirus and IPS push messages.
This command is useful if push notifications must be sent to an IP address and/or port other than the FortiManager unit, such as the external or virtual IP address of a NAT device that forwards traffic to the FortiManager unit.
Syntax
config fmupdate fds-setting
config push-override-to-client
set status {enable | disable}
config <announce-ip>
edit <id>
set ip <ip_address>
set port <integer>
end
end
end
Variable |
Description |
---|---|
status {enable | disable} |
Enable/disable the push updates.
Default: |
<announce-ip> |
Configure the IP address information of the device. |
Variables for |
|
<id> |
Edit the announce IP address ID. |
ip <ip_address> |
Enter the announce IP address. Default: |
port <integer> |
Enter the announce IP port. Default: |