Thursday, January 3, 2013

HOWTO generate a tech-support output for Fortigate

Fortigate series of firewalls, has a means for generation of a show tech-suport as what someone would expect from  a cisco device.

Here's how todo the same on a FGT series of firewall.

1: Start a capture of your ssh/telnet session. On unix host and cmd line, execute a script cmd or from a window machine use a putty/secure ssh client that  allows for  capture.

e.g ( my unix host )
100:~ root# script
Script started, output file is typescript

2: Next login into your firewall;

sh-3.2# ssh  kfelix@217.27.xx.xx
kfelix@217.27.xx.xx's password:
FG3K0B3I21809231 #

3: Next execute a diag debug report cmd from the cmdline;

diag debug report

4: After completion of the cmd and once the output has cease, exit and enter a ctrl-D

FG3K0B3I21809231 # exit
Connection to 217.27.xx.xx closed.
sh-3.2# exit

Script done, output file is typescript

5: You  should see a file in the current shell directory, as the following

100:~ root# ls -l  typescript
-rw-r--r--  1 root  wheel  6284 Nov  12  21:34 typescript
100:~ root#

6: Now move and or rename the file. This file will contain you running cfg, and various dagnostic output that  fortinet TAC can analyze

 A hope you found this tip useful, always take  diagnostic reports for TAC

Ken Felix
Freelance Network & Security Engineer
kfelix  at hyperfeed dot com

1 comment: