Table of Contents
Advertisement
Specialized CLI settings
Specialized CLI settings
config system interface
Syntax
FortiGate-ASM-FB4 Version 1.0 Technical Note
01-30005-0424-20071002
Installing a FortiGate-ASM-FB4 module causes its network interfaces to appear in
the web-based manager. Using the web-based manager, you can configure each
FortiGate-ASM-FB4 module network interface as you would configure other
network interfaces.
Installation also causes some specialized network configuration and NPU
(network processing unit) settings to appear in the CLI. This section explains the
specialized CLI settings.
This section includes the following topics:
•
config system interface
•
config system npu
When editing a network interface associated with one of the FortiGate-ASM-FB4
module's SFP transceivers, additional settings appear. The following settings
configure the SFP media type, and whether or not the SFP network interfaces will
use hardware acceleration to drop or allow certain anomaly types, separately from
and in advance of any anomaly checks specified by Intrusion Prevention (IPS).
config system interface
edit AMC-SW1/1
set
mediatype {serdes | sgmii}
set
fp-anomaly {drop_icmpland | pass_icmpland}
{drop_ipland | pass_ipland} {drop_iplsrr | pass_iplsrr}
{drop_iprr | pass_iprr} {drop_ipsecurity |
pass_ipsecurity} {drop_ipssrr | pass_ipssrr}
{drop_ipstream | pass_ipstream} {drop_iptimestamp |
pass_iptimestamp} {drop_ipunknown_option |
pass_ipunknown_option} {drop_unknown_prot |
pass_ipunknown_prot} {drop_tcpland | pass_tcpland}
{drop_udpland | pass_udpland} {drop_winnuke |
pass_winnuke}
end
config system interface
13
Advertisement
Table of Contents
