Setting the Inspection mode with CLI

Author
slabarca
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/11/09 14:45:46
  • Status: offline
2020/11/18 16:28:38 (permalink)
0

Setting the Inspection mode with CLI

Fortigate v6.4.3 build1778 (GA)
 
I am trying to set the inspection mode to proxy when I create a new policy. I can set it with the GUI but not on the CLI. 
From all of the documentation I have read it looks like the command should be
set inspection-mode proxy
 
If I create the policy with the GUI and then do a show at the CLI the set inspection mode is there. I am even able to change it. But if I create a new policy using the CLI the set command is not available. 
 
Has anyone else run across this issue? 
#1

2 Replies Related Threads

    Viktor
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/01/11 00:10:06
    • Status: offline
    Re: Setting the Inspection mode with CLI 2020/11/19 03:26:13 (permalink)
    0
    I've checked my FGT 6.4.3. I can successfully change flow mode in rule to proxy mode from CLI:
    FG-VM# config firewall policy
    FG-VM(policy) # edit 4
    FG-VM(4) # get | grep inspection-mode
    inspection-mode : flow
    FG-VM(4) # set inspection-mode proxy
    FG-VM(4) # get | grep inspection-mode
    inspection-mode : proxy
     
    #2
    lobstercreed
    Platinum Member
    • Total Posts : 345
    • Scores: 43
    • Reward points: 0
    • Joined: 2018/11/28 14:57:58
    • Location: Sedalia, MO
    • Status: offline
    Re: Setting the Inspection mode with CLI 2020/11/21 04:05:57 (permalink)
    0
    Hey Sal (and Viktor),
     
    The issue is that when you create a new policy via CLI, it is a "deny" policy by default.  If you do a "get" you can see this and see that there is no inspection-mode property.  Once you submit the command "set action accept" you can set the inspection mode and a great many other things that aren't available on a deny policy.
     
    Have a great day! - Daniel
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5