Friday, December 18, 2015

SSLVPN diag commands fortiOS

All Fortigates allows for you to monitor ssl vpn sessions,  and you have a simple means for showing what client has established and by what means.

Take the following cli cmd  .

This will list all sslvpn web session, changing the web to tunnel will list all tunnel sessions. Specifying neither will list both types.

Alternative, you can use the following diag command and grep the user of interest.

note: the  grep does not work with the execute command outputs

To destroy a session you must know the index ID and use the del commands

Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment