Scribd
Upload
6 views

Firewall Configrations

The document outlines the configuration settings for a FortiGate firewall system, detailing various system parameters and profiles. It includes settings for global system configurations, access profiles, network processing units, and wireless controller configurations. The document serves as a comprehensive reference for managing and configuring the firewall's operational settings.

Uploaded by

abdalkhazalhi1996
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
6 views

Firewall Configrations

The document outlines the configuration settings for a FortiGate firewall system, detailing various system parameters and profiles. It includes settings for global system configurations, access profiles, network processing units, and wireless controller configurations. The document serves as a comprehensive reference for managing and configuring the firewall's operational settings.

Uploaded by

abdalkhazalhi1996
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 989

UFICO-MAIN $

UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $ show
alertemail Alert email configuration.
antivirus AntiVirus configuration.
application Application control configuration.
authentication authentication
automation Automation configuration.
casb casb
diameter-filter Diameter filter configuration.
dlp DLP configuration.
dnsfilter DNS filter configuration.
emailfilter AntiSpam configuration.
endpoint-control endpoint-control
extension-controller FortiGate controller configuration.
file-filter file-filter
firewall Firewall configuration.
ftp-proxy FTP proxy configuration.
icap ICAP client configuration.
ips IPS configuration.
log Log configuration.
monitoring System monitoring configuration.
router Router configuration.
rule rule
sctp-filter SCTP filter configuration.
ssh-filter SSH filter configuration.
switch-controller External FortiSwitch configuration.
system System operation configuration.
user Authentication configuration.
videofilter videofilter
virtual-patch virtual-patch
voip VoIP configuration.
vpn VPN configuration.
waf Web Application Firewall configuration.
web-proxy Web proxy configuration.
webfilter Web filter configuration.
wireless-controller Wireless access point configuration.

UFICO-MAIN $ show full-configuration


#config-version=FG200F-7.6.2-FW-build3462-250127:opmode=1:vdom=0:user=Shabakti
#conf_file_ver=2717421513843271
#buildno=3462
#global_vdom=1
config system global
set admin-concurrent enable
set admin-console-timeout 0
set admin-forticloud-sso-login disable
set admin-host ''
set admin-hsts-max-age 63072000
set admin-https-pki-required disable
set admin-https-redirect enable
unset admin-https-ssl-banned-ciphers
set admin-https-ssl-ciphersuites TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384
TLS-CHACHA20-POLY1305-SHA256
set admin-https-ssl-versions tlsv1-2 tlsv1-3
set admin-lockout-duration 60
set admin-lockout-threshold 3
set admin-login-max 100
set admin-port 80
set admin-restrict-local disable
set admin-scp disable
set admin-server-cert "Fortinet_GUI_Server"
set admin-sport 443
set admin-ssh-grace-time 120
set admin-ssh-password enable
set admin-ssh-port 22
set admin-ssh-v1 disable
set admin-telnet enable
set admin-telnet-port 23
set admintimeout 5
set alias "FortiGate-200F"
set allow-traffic-redirect enable
set anti-replay strict
set application-bandwidth-tracking disable
set arp-max-entry 131072
set auth-cert "Fortinet_Factory"
set auth-http-port 1000
set auth-https-port 1003
set auth-ike-saml-port 1001
set auth-keepalive disable
set auth-session-limit block-new
set auto-auth-extension-device enable
set autorun-log-fsck disable
set av-failopen pass
set av-failopen-session disable
set batch-cmdb enable
set bfd-affinity "1"
set block-session-timer 30
set br-fdb-max-entry 8192
set cert-chain-max 8
set cfg-save automatic
set check-protocol-header loose
set check-reset-range disable
set cli-audit-log disable
set cloud-communication enable
set clt-cert-req disable
set cmdbsvr-affinity "1"
set cpu-use-threshold 90
set csr-ca-attribute enable
set daily-restart disable
set default-service-source-port 1-65535
set delay-tcp-npu-session disable
set device-idle-timeout 300
set dh-params 2048
set dhcp-lease-backup-interval 60
set dnsproxy-worker-count 1
set early-tcp-npu-session disable
set extender-controller-reserved-network 10.252.0.1 255.255.0.0
set fds-statistics enable
unset fgd-alert-subscription
set forticonverter-config-upload disable
set forticonverter-integration disable
set fortiextender enable
set fortiextender-data-port 25246
set fortiextender-discovery-lockdown disable
set fortiextender-provision-on-authorization disable
set fortiextender-vlan-mode disable
set fortigslb-integration disable
set fortiservice-port 8013
set fortitoken-cloud enable
set fortitoken-cloud-push-status enable
set fortitoken-cloud-sync-interval 24
set gui-app-detection-sdwan enable
set gui-auto-upgrade-setup-warning disable
set gui-cdn-usage enable
set gui-certificates enable
set gui-custom-language disable
set gui-date-format yyyy/MM/dd
set gui-date-time-source system
set gui-device-latitude "31.840200"
set gui-device-longitude "36.034100"
set gui-display-hostname disable
set gui-firmware-upgrade-warning enable
set gui-forticare-registration-setup-warning enable
set gui-fortigate-cloud-sandbox enable
set gui-ipv6 disable
set gui-local-out enable
set gui-replacement-message-groups enable
set gui-rest-api-cache enable
set gui-theme jade
set gui-wireless-opensecurity enable
set gui-workflow-management enable
set ha-affinity "1"
set honor-df enable
set hostname "UFICO-MAIN"
set httpd-max-worker-count 0
set igmp-state-limit 3200
set interface-subnet-usage enable
set internet-service-database full
set ip-conflict-detection disable
set ip-fragment-mem-thresholds 32
set ip-fragment-timeout 30
set ip-src-port-range 1024-25000
set ipsec-asic-offload enable
set ipsec-ha-seqjump-rate 10
set ipsec-hmac-offload enable
set ipv6-accept-dad 1
set ipv6-allow-anycast-probe disable
set ipv6-allow-local-in-silent-drop enable
set ipv6-allow-multicast-probe disable
set ipv6-allow-traffic-redirect enable
set ipv6-fragment-timeout 60
set irq-time-accounting auto
set language english
set ldapconntimeout 500
set lldp-reception disable
set lldp-transmission disable
set log-single-cpu-high disable
set log-ssl-connection disable
set log-uuid-address enable
set login-timestamp disable
set management-ip ''
set management-port-use-admin-sport enable
set management-vdom "root"
set max-route-cache-size 0
set memory-use-threshold-extreme 95
set memory-use-threshold-green 82
set memory-use-threshold-red 88
set miglogd-children 0
set multi-factor-authentication optional
set ndp-max-entry 0
set npu-neighbor-update disable
set pmtu-discovery disable
set policy-auth-concurrent 0
set post-login-banner disable
set pre-login-banner disable
set private-data-encryption disable
set proxy-auth-lifetime disable
set proxy-auth-timeout 10
set proxy-cert-use-mgmt-vdom disable
set proxy-hardware-acceleration enable
set proxy-keep-alive-mode session
set proxy-resource-mode disable
set proxy-worker-count 0
set purdue-level 3
set quic-ack-thresold 3
set quic-congestion-control-algo cubic
set quic-max-datagram-size 1500
set quic-pmtud enable
set quic-tls-handshake-timeout 5
set quic-udp-payload-size-shaping-per-cid enable
set radius-port 1812
set reboot-upon-config-restore enable
set refresh 0
set remoteauthtimeout 5
set reset-sessionless-tcp disable
set rest-api-key-url-query disable
set revision-backup-on-logout disable
set revision-image-auto-backup disable
set scanunit-count 0
set scim-http-port 44558
set scim-https-port 44559
set scim-server-cert "Fortinet_Factory"
set send-pmtu-icmp enable
set sflowd-max-children-num 6
set single-vdom-npuvlink disable
set snat-route-change disable
set special-file-23-support disable
set speedtest-server disable
set speedtestd-ctrl-port 5200
set speedtestd-server-port 5201
set ssl-min-proto-version TLSv1-2
set ssl-static-key-ciphers enable
set sslvpn-max-worker-count 0
set sslvpn-web-mode enable
set strict-dirty-session-check enable
set strong-crypto enable
set switch-controller enable
set switch-controller-reserved-network 10.255.0.1 255.255.0.0
set sys-perf-log-interval 5
set tcp-halfclose-timer 120
set tcp-halfopen-timer 10
set tcp-option enable
set tcp-rst-timer 5
set tcp-timewait-timer 1
set timezone "zoneinfo/Asia/Amman"
set traffic-priority tos
set traffic-priority-level medium
set two-factor-email-expiry 60
set two-factor-fac-expiry 60
set two-factor-ftk-expiry 60
set two-factor-ftm-expiry 72
set two-factor-sms-expiry 60
set udp-idle-timer 180
set upgrade-report enable
set url-filter-count 1
set user-device-store-max-devices 83832
set user-device-store-max-unified-mem 419164774
set user-device-store-max-users 83832
set user-history-password-threshold 3
set vdom-mode no-vdom
set vip-arp-range restricted
set virtual-switch-vlan enable
set vpn-ems-sn-check disable
set wad-csvc-cs-count 1
set wad-csvc-db-count 0
set wad-memory-change-granularity 10
set wad-restart-mode none
set wad-source-affinity enable
set wad-worker-count 0
set wifi-ca-certificate "Fortinet_Wifi_CA"
set wifi-certificate "Fortinet_Wifi"
set wimax-4g-usb disable
set wireless-controller enable
set wireless-controller-port 5246
set fds-statistics-period 60
end
config system accprofile
edit "prof_admin"
set comments ''
set secfabgrp read-write
set ftviewgrp read-write
set authgrp read-write
set sysgrp read-write
set netgrp read-write
set loggrp read-write
set fwgrp read-write
set vpngrp read-write
set utmgrp read-write
set wifi read-write
set admintimeout-override disable
set cli-diagnose disable
set cli-get enable
set cli-show enable
set cli-exec enable
set cli-config enable
set system-execute-ssh enable
set system-execute-telnet enable
next
end
config system npu
set dedicated-management-cpu disable
set capwap-offload enable
set ipsec-mtu-override disable
set split-ipsec-engines disable
config priority-protocol
set bgp enable
set slbc enable
set bfd enable
end
end
config system np6xlite
edit "np6xlite_0"
set fastpath enable
set per-session-accounting traffic-log-only
set session-timeout-interval 40
set ipsec-inner-fragment disable
set ipsec-throughput-msg-frequency disable
set ipsec-sts-timeout 5
config hpe
set tcpsyn-max 600000
set tcpsyn-ack-max 600000
set tcpfin-rst-max 600000
set tcp-others-max 600000
set udp-max 600000
set icmp-max 200000
set sctp-max 200000
set esp-max 200000
set ip-frag-max 200000
set ip-others-max 200000
set arp-max 200000
set l2-others-max 200000
set pri-type-max 200000
set enable-shaper disable
end
config fp-anomaly
set tcp-syn-fin allow
set tcp-fin-noack trap-to-host
set tcp-fin-only trap-to-host
set tcp-no-flag allow
set tcp-syn-data allow
set tcp-winnuke trap-to-host
set tcp-land trap-to-host
set udp-land trap-to-host
set icmp-land trap-to-host
set icmp-frag allow
set ipv4-land trap-to-host
set ipv4-proto-err trap-to-host
set ipv4-unknopt trap-to-host
set ipv4-optrr trap-to-host
set ipv4-optssrr trap-to-host
set ipv4-optlsrr trap-to-host
set ipv4-optstream trap-to-host
set ipv4-optsecurity trap-to-host
set ipv4-opttimestamp trap-to-host
set ipv4-csum-err drop
set tcp-csum-err drop
set udp-csum-err drop
set icmp-csum-err drop
set ipv6-land trap-to-host
set ipv6-proto-err trap-to-host
set ipv6-unknopt trap-to-host
set ipv6-saddr-err trap-to-host
set ipv6-daddr-err trap-to-host
set ipv6-optralert trap-to-host
set ipv6-optjumbo trap-to-host
set ipv6-opttunnel trap-to-host
set ipv6-opthomeaddr trap-to-host
set ipv6-optnsap trap-to-host
set ipv6-optendpid trap-to-host
set ipv6-optinvld trap-to-host
end
set congestion-handling-mode head-of-line
next
end
config system vdom-link
end
config wireless-controller inter-controller
set inter-controller-mode disable
set l3-roaming disable
set inter-controller-key ENC
ZmlsZZn2w3be/mZLqfwOHw5UwBLtk9b92nHMkmAPjff0gGTc6T2ZAx9Gd9/+/op/MDAvixueGH6caXt2KS1
RTyiLbp9GNitEQA9v
1AQ4vlOjFSm96zLRti3u7yqpOlWoUmIHUOMDYg3ykU7CZQOplihrTha45OpKE9+hpFYkXhrxYMilhOCRJNw
du1qQ3bj/ARVp1FlmMjY3dkVA
set inter-controller-pri primary
set fast-failover-max 10
set fast-failover-wait 10
end
config wireless-controller global
set name ''
set location ''
set acd-process-count 0
set wpad-process-count 0
set image-download enable
set rolling-wtp-upgrade disable
set rolling-wtp-upgrade-threshold "-80"
set max-retransmit 3
set control-message-offload ebp-frame aeroscout-tag ap-list sta-list sta-cap-
list stats aeroscout-mu sta-health spectral-analysis
set data-ethernet-II enable
set link-aggregation disable
set mesh-eth-type 8755
set fiapp-eth-type 5252
set discovery-mc-addr 224.0.1.140
set max-clients 0
set rogue-scan-mac-adjacency 7
set ipsec-base-ip 169.254.0.1
set wtp-share disable
set tunnel-mode compatible
set nac-interval 120
set ap-log-server disable
set max-sta-cap 0
set max-sta-cap-wtp 8
set max-rogue-ap 0
set max-rogue-ap-wtp 16
set max-rogue-sta 0
set max-wids-entry 0
set max-ble-device 0
end
config system switch-interface
end
config system interface
edit "mgmt"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.1.99 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set dedicated-to management
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 1
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set trust-ip-1 0.0.0.0 0.0.0.0
set trust-ip-2 0.0.0.0 0.0.0.0
set trust-ip-3 0.0.0.0 0.0.0.0
set trust-ip6-1 ::/0
set trust-ip6-2 ::/0
set trust-ip6-3 ::/0
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "ha"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 172.16.50.10 255.255.255.0
set allowaccess ping https ssh snmp http fabric
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set lldp-reception enable
set lldp-transmission enable
set lldp-network-policy ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 2
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.101.1 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 3
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port2"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 4
set eap-supplicant disable
set speed auto
next
edit "port3"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 5
set eap-supplicant disable
set speed auto
next
edit "port4"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 6
set eap-supplicant disable
set speed auto
next
edit "port5"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.10.1 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "printers"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 7
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port6"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 8
set eap-supplicant disable
set speed auto
next
edit "port7"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 9
set eap-supplicant disable
set speed auto
next
edit "port8"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 10
set eap-supplicant disable
set speed auto
next
edit "port9"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 11
set eap-supplicant disable
set speed auto
next
edit "port10"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 12
set eap-supplicant disable
set speed auto
next
edit "port11"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 13
set eap-supplicant disable
set speed auto
next
edit "port12"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 14
set eap-supplicant disable
set speed auto
next
edit "port13"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 15
set eap-supplicant disable
set speed auto
next
edit "port14"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 16
set eap-supplicant disable
set speed auto
next
edit "port15"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 178.20.188.66 255.255.255.248
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "WAN1-D"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception enable
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role wan
set snmp-index 17
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port16"
set vdom "root"
set vrf 0
set fortilink disable
set mode dhcp
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-broadcast-flag enable
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "WAN2-S"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception enable
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role wan
set snmp-index 18
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port17"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 19
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port18"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 20
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port19"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 21
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port20"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 22
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port21"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 23
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port22"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 24
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port23"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 25
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "port24"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 26
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "x1"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 27
set eap-supplicant disable
set speed auto
next
edit "x2"
set vdom "root"
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set stp-edge disable
set role undefined
set snmp-index 28
set eap-supplicant disable
set speed auto
next
edit "x3"
set vdom "root"
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set src-check enable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 29
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
next
edit "x4"
set vdom "root"
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-classless-route-addition disable
set virtual-mac 00:00:00:00:00:00
set status up
set type physical
set netflow-sample-rate 1
set src-check enable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 30
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
next
edit "modem"
set vdom "root"
set vrf 0
set fortilink disable
set mode pppoe
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set virtual-mac 00:00:00:00:00:00
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 31
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set ipunnumbered 0.0.0.0
set username ''
set pppoe-egress-cos cos0
set password ENC
AMVHfEAp1QvJCV3K7GBFvm9e88Di87yM4Ir0+B3PciTXpYhq8Hge/BmBE0Lb6P2MyemAL6xc8Yb6Z/
PyhBqnCZRJDnTLLcN2VrzLecjngdUd
dKZtaTrmWA/
sLBqP2PKOm2Ny3ek4yYWZjEaexfdO8XFfwUKTCVjvNijoXQGDMSLQiQz66v4X4QyIjnE+8TYcmpJIxFlmMj
Y3dkVA
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set service-name ''
set ac-name ''
set lcp-echo-interval 5
set lcp-max-echo-fails 3
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set auth-type auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "naf.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 32
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set ip6-prefix-mode dhcp6
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 33
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 34
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set mtu-override disable
next
edit "lan"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.3.254 255.255.255.0
set allowaccess ping https ssh http fabric
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type hard-switch
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set stp enable
set stp-ha-secondary priority-adjust
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set lldp-reception vdom
set lldp-transmission enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role lan
set snmp-index 35
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "fortilink"
set vdom "root"
set vrf 0
set fortilink enable
set switch-controller-source-ip outbound
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.255.1.1 255.255.255.0
set allowaccess ping fabric
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "x3" "x4"
set description ''
set alias ''
set ike-saml-server ''
set device-identification disable
set lldp-reception enable
set lldp-transmission enable
set lldp-network-policy ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 36
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set fortilink-neighbor-detect fortilink
set ip-managed-by-fortiipam inherit-global
set fortilink-split-interface enable
set switch-controller-netflow-collect disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-nac ''
set switch-controller-dynamic ''
set switch-controller-iot-scanning disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set lacp-mode active
set lacp-ha-secondary enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
set aggregate-type physical
next
edit "Local-Ufico"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.0.200 255.255.255.0
set allowaccess ping https
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description "old Local-arabia-889"
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 37
set secondary-IP enable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 889
config secondaryip
edit 1
set ip 192.168.27.254 255.255.255.0
set allowaccess ping
next
edit 2
set ip 192.168.25.254 255.255.255.0
set allowaccess ping
next
end
next
edit "BO_Zone"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.216.19.1 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 38
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 4
next
edit "551"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 150.150.150.1 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 39
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 551
next
edit "Areas_Trust-999"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.12.16.126 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 40
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 999
next
edit "BackOfficeDell"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.216.16.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 41
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 111
next
edit "Camera-Vlan-2"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.2.1 255.255.255.0
set allowaccess ping https
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 42
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 2
next
edit "inside-99"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.168.10 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 43
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 99
next
edit "Mawared-DB-33"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 172.16.33.1 255.255.255.0
set allowaccess ping ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 44
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 33
next
edit "MGMT-SW-40"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 172.16.40.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 45
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 40
next
edit "OMS_Zone"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.214.19.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 46
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 3
next
edit "Servers-90"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.214.16.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 47
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 90
next
edit "Web-95"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.212.16.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 48
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 95
next
edit "WIFI"
set vdom "root"
set vrf 0
set mode static
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 172.16.20.1 255.255.255.0
set allowaccess ping https ssh
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type vlan
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set vlan-protocol 8021q
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification enable
unset exclude-signatures
set device-user-identification enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 49
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set managed-subnetwork-size 256
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set switch-controller-feature none
set switch-controller-offload disable
set switch-controller-offload-gw disable
set color 0
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set interface "lan"
set mtu-override disable
set vlanid 20
next
edit "Amman-to-Dubai"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 50
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port15"
set mtu-override disable
next
edit "MEPS"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 51
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port16"
set mtu-override disable
next
edit "re"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 169.254.1.1 255.255.255.255
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.1.1 255.255.255.255
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 52
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port15"
set mtu-override disable
next
edit "GTN"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 172.19.51.53 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 172.19.51.52 255.255.255.254
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 53
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port15"
set mtu-override disable
next
edit "GTN2"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 172.19.51.55 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 172.19.51.54 255.255.255.254
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 54
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port15"
set mtu-override disable
next
edit "MadfooatCom_VPN"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 55
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port16"
set mtu-override disable
next
edit "DR_Amman_Dubai"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-vrf-select 4294967295
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 56
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-route-pref medium
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "port15"
set mtu-override disable
next
end
config system physical-switch
edit "sw0"
set age-enable disable
set age-val 0
next
end
config system virtual-switch
edit "lan"
set physical-switch "sw0"
set vlan 0
set span disable
config port
edit "port2"
set alias ''
next
edit "port3"
set alias ''
next
edit "port4"
set alias ''
next
edit "port6"
set alias ''
next
edit "port7"
set alias ''
next
edit "port8"
set alias ''
next
edit "port9"
set alias ''
next
edit "port10"
set alias ''
next
edit "port11"
set alias ''
next
edit "port12"
set alias ''
next
edit "port13"
set alias ''
next
edit "port14"
set alias ''
next
edit "x1"
set alias ''
next
edit "x2"
set alias ''
next
end
next
end
config system password-policy
set status disable
set login-lockout-upon-downgrade disable
end
config system password-policy-guest-admin
set status disable
end
config system sms-server
end
config system custom-language
edit "en"
set filename "en"
set comments ''
next
edit "fr"
set filename "fr"
set comments ''
next
edit "sp"
set filename "sp"
set comments ''
next
edit "pg"
set filename "pg"
set comments ''
next
edit "x-sjis"
set filename "x-sjis"
set comments ''
next
edit "big5"
set filename "big5"
set comments ''
next
edit "GB2312"
set filename "GB2312"
set comments ''
next
edit "euc-kr"
set filename "euc-kr"
set comments ''
next
end
config system admin
edit "admin"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC
PB23pT/AfC7WQ6i/RnkxoJwNNqbm5v66suqvlNZry6UTVcNns1eqNrqkNxQcQ1XvzkRiCPXd/
+gBufkdDzlnFtCNrBA/q8h0RER2P9GKveZF
cQ=
set allow-remove-admin-session enable
next
edit "Shabakti"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin_readonly"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC
PB2O7dNPM7wwL/oIeBDcMPMIpW6pdF7kQkJUai7c7NZsu0y3SE9PXTB0kYDY+L5ZUU2Yf2x10C6Cm79X/
RR5fw+N/XPyc6iqgrbalxMHzm5w
9U=
next
end
config system api-user
end
config system sso-admin
end
config system sso-forticloud-admin
end
config system sso-fortigate-cloud-admin
end
config system fsso-polling
set status enable
set listening-port 8000
set authentication disable
end
config system ha
set group-id 0
set group-name "UFICO"
set mode a-p
set sync-packet-balance disable
set password ENC
aAA2AVqMQiWIuXUX12S2C0Wez5VDxHK4wZtJ9zDRgJm6uAo0pPF1vGdHPJWWEPLo2UwtVWiyKE1XvlhLh+s
PMZN/mHs4fHxAAO95IRiF9FSgf6R0
OMSnSx7X37cGWjwgfaFvi/KpuIS0o9BPZb/
RPemIUn6R5hBxdlyPsEaSl49jmupD8Bx5QJ20zaWmvUQzRh3uoVlmMjY3dkVA
set hbdev "ha" 0
unset session-sync-dev
set route-ttl 10
set route-wait 0
set route-hold 10
set multicast-ttl 600
set evpn-ttl 60
set sync-config enable
set encryption disable
set authentication disable
set hb-interval 2
set hb-interval-in-milliseconds 100ms
set hb-lost-threshold 6
set hello-holddown 20
set gratuitous-arps enable
set arps 5
set arps-interval 8
set session-pickup disable
set link-failed-signal disable
set upgrade-mode uninterruptible
set uninterruptible-primary-wait 30
set ha-mgmt-status disable
set ha-eth-type "8890"
set hc-eth-type "8891"
set l2ep-eth-type "8893"
set ha-uptime-diff-margin 300
set override enable
set priority 128
set override-wait-time 0
set monitor "port15" "port16"
unset pingserver-monitor-interface
set memory-compatible-mode disable
set memory-based-failover disable
set failover-hold-time 0
end
config system ha-monitor
set monitor-vlan disable
end
config system storage
end
config system dedicated-mgmt
set status disable
end
config system dns
set primary 96.45.45.45
set secondary 96.45.46.46
set protocol dot
set ssl-certificate "Fortinet_Factory"
set server-hostname "globalsdns.fortinet.net"
set ip6-primary ::
set ip6-secondary ::
set timeout 5
set retry 2
set dns-cache-limit 5000
set dns-cache-ttl 1800
set cache-notfound-responses disable
set source-ip 0.0.0.0
set source-ip-interface ''
unset root-servers
set interface-select-method auto
set vrf-select 0
set server-select-method least-rtt
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
set log disable
set fqdn-cache-ttl 0
set fqdn-max-refresh 3600
set fqdn-min-refresh 60
set hostname-ttl 86400
set hostname-limit 5000
end
config system ddns
end
config system sflow
end
config system netflow
set active-flow-timeout 1800
set inactive-flow-timeout 15
set template-tx-timeout 1800
set template-tx-counter 20
end
config system replacemsg-image
edit "logo_fnet"
set image-type png
set image-base64 ''
next
edit "logo_fguard_wf"
set image-type png
set image-base64 ''
next
edit "logo_v3_fguard_app"
set image-type png
set image-base64 ''
next
end
config system replacemsg mail "partial"
set buffer "Fragmented emails are blocked."
set header 8bit
set format text
end
config system replacemsg http "url-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>The URL you requested has been blocked</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
<h3>Web Page Blocked</h3>
<p>The page you have requested has been blocked because the URL is banned.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Description</td>
<td>%%IPS_DESC%%</td>
</tr>
<tr>
<td>URL Source</td>
<td>%%URL_SOURCE%%</td>
</tr>
</tbody></table>
<p>%%OVERRIDE%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "urlfilter-err"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Page Blocked</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Web Page Blocked</h1>
<p>%%URLFILTER_ERROR%%</p>
<table><tbody>
<tr>
<td>Web Filter Service Error</td>
<td>%%URLFILTER_ERROR_DETAIL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "infcache-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>The URL you requested was previously found to be infected.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "http-contenttypeblock"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>Content type not permitted.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
<p>%%OVERRIDE%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "https-invalid-cert-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Invalid Connection</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>%%FORTIGUARD_WF%%</h1>
<h3>This Connection is Invalid. %%CERT_INVL_REASON%%</h3>
<p>A secure connection to %%HOSTNAME%% cannot be established.</p>
<p>When you try to connect securely, sites will present trusted identification
to prove that you are going to the right place. Ho
wever, this site\'s identity can\'t be verified.</p>
<table><tbody>
<tr>
<td>Site</td>
<td>%%HOSTNAME%%</td>
</tr>
<tr>
<td>Certificate CN</td>
<td>%%CN%%</td>
</tr>
<tr>
<td>Certificate Authority</td>
<td>%%AUTHORITY%%</td>
</tr>
<tr>
<td>Certificate Validity</td>
<td>
<div>Not Before: %%START_VALID%%</div>
<div>Not After: %%END_VALID%%</div>
</td>
</tr>
<tr>
<td>Certificate Chain</td>
<td><pre>%%CERT_CHAIN%%</pre></td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "https-untrusted-cert-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Untrusted Connection</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>%%FORTIGUARD_WF%%</h1>
<h3>This Connection is Untrusted</h3>
<p>A secure connection to %%HOSTNAME%% cannot be established.</p>
<p>When you try to connect securely, sites will present trusted identification
to prove that you are going to the right place. Th
e identity for this site can\'t be verified.</p>
<table><tbody>
<tr>
<td>Site</td>
<td>%%HOSTNAME%%</td>
</tr>
<tr>
<td>Certificate CN</td>
<td>%%CN%%</td>
</tr>
<tr>
<td>Certificate Authority</td>
<td>%%AUTHORITY%%</td>
</tr>
<tr>
<td>Certificate Validity</td>
<td>
<div>Not Before: %%START_VALID%%</div>
<div>Not After: %%END_VALID%%</div>
</td>
</tr>
<tr>
<td>Certificate Chain</td>
<td><pre>%%CERT_CHAIN%%</pre></td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "https-blocklisted-cert-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Blocked Connection</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>%%FORTIGUARD_WF%%</h1>
<h3>This Connection is Blocked</h3>
<p>A secure connection to %%HOSTNAME%% cannot be established.</p>
<p>When you try to connect securely, sites will present identification to prove
that you are going to the right place. The identi
ty for this site is blocked.</p>
<table><tbody>
<tr>
<td>Site</td>
<td>%%HOSTNAME%%</td>
</tr>
<tr>
<td>Certificate CN</td>
<td>%%CN%%</td>
</tr>
<tr>
<td>Certificate Authority</td>
<td>%%AUTHORITY%%</td>
</tr>
<tr>
<td>Certificate Validity</td>
<td>
<div>Not Before: %%START_VALID%%</div>
<div>Not After: %%END_VALID%%</div>
</td>
</tr>
<tr>
<td>Certificate Chain</td>
<td><pre>%%CERT_CHAIN%%</pre></td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "https-ech-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Invalid Connection</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>%%FORTIGUARD_WF%%</h1>
<p>The Encrypted ClientHello has been blocked for %%SNI%%</p>
<table><tbody>
<tr>
<td>SNI</td>
<td>%%SNI%%</td>
</tr>
<tr>
<td>Site</td>
<td>%%HOSTNAME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "switching-protocols-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>The request has been blocked</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>The request has been blocked</h1>
<p>The protocol switching request has been blocked for %%PROTOCOL%%://%%URL%
%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "http-antiphish-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Webfilter Violation</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Webfilter Violation</h1>
<p>Your attempt to submit internal credentials to an external site has been
blocked by your system administrator.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "videofilter-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>The URL you requested has been blocked</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<h3>Video Access Blocked</h3>
<p>The page you have requested has been blocked because the requested video
resource is not allowed.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Description</td>
<td>%%VIDEOFILTER_DESC%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg http "videofilter-block-text"
set buffer "Video Access Blocked by FortiOS. %%VIDEOFILTER_DESC%%"
set header 8bit
set format text
end
config system replacemsg webproxy "deny"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Access Denied</h1>
<p>The page you requested has been blocked by a firewall policy
restriction.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "user-limit"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Access Denied</h1>
<p>The maximum web proxy user limit has been reached.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "auth-challenge"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Authentication</h1>
<p>You must authenticate to use this service.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "auth-login-fail"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Authentication</h1>
<p>Authentication failed.</p>
<p>%%WEBPROXY_AUTH_FAIL_REASON%%</p>
<p>%%WEBPROXY_AUTH_FAIL_COMMENT%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "auth-group-info-fail"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authorization</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Authorization</h1>
<p>Group information query failed.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "http-err"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%</h1>
<p>The webserver reported that an error occurred while trying to access the
website. Please return to the previous page.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "auth-ip-blackout"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Access Denied</h1>
<p>Your IP address has been blocked by a firewall policy due to too many failed
login attempts. You can re-login in %%DURATION%%
seconds.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-invalid-cert"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Invalid ZTNA Certificate</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the ZTNA
certificate is invalid.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-empty-cert"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Invalid ZTNA certificate</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the ZTNA
certificate is empty.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-manageable-empty-cert"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Invalid ZTNA certificate</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the device is
manageable but with an empty ZTNA certificate.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-api-gwy-matched"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Application Not Found</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because no API gateway was
matched.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-cant-find-real-srv"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Application Not Found</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the real server in
the API gateway cannot be found.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-fqdn-dns-failed"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Application Not Found</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because ZTNA FQDN DNS
failed.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-ssl-bookmark-failed"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Portal Error</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because SSLVPN bookmark
address failed.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-policy-matched"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because no policy was
matched.</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-matched-deny-policy"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because a policy with
action deny was matched.</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-client-cert-revoked"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the client cert has
been revoked.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-denied-by-matched-tags"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the tags matched a
deny policy.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Device Tags:</b></td>
<td>%%ZTNA_DEV_TAGS%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-denied-no-matched-tags"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the tags didn\'t
match any policy.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Device Tags:</b></td>
<td>%%ZTNA_DEV_TAGS%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-dev-info"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because no device info was
found.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-dev-is-offline"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the device is
offline.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-dev-is-unmanageable"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the device is
unknown or unmanaged.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "ztna-auth-fail"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
virtical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ZTNA Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ZTNA Policy Denied</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%ZTNA_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because authorization
failed.</td>
</tr>
<tr>
<td><b>User Name:</b></td>
<td>%%ZTNA_USER_NAME%%</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%ZTNA_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Device Information:</b></td>
<td>%%ZTNA_DEV_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%ZTNA_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "casb-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Blocked by Inline CASB Control</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked by Inline CASB Control</h1>
<table><tbody>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked by inline CASB
control.</td>
</tr>
<tr>
<td><b>CASB Profile:</b></td>
<td>%%CASB_PROFILE%%</td>
</tr>
<tr>
<td><b>CASB SaaS Application:</b></td>
<td>%%CASB_SAAS_APP%%</td>
</tr>
<tr>
<td><b>CASB User Activity:</b></td>
<td>%%CASB_USER_ACTIVITY%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "swp-empty-cert"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Secure Webproxy Access Denied</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Invalid client certificate</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%SECURE_WEBPROXY_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the client
certificate is empty.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%SECURE_WEBPROXY_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%SECURE_WEBPROXY_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg webproxy "swp-manageable-empty-cert"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Secure Webproxy Access Block</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Invalid client certificate</h1>
<table><tbody>
<tr>
<td><b>Error Code:</b></td>
<td>%%SECURE_WEBPROXY_ERROR_CODE%%</td>
</tr>
<tr>
<td><b>Error Message:</b></td>
<td>The page you requested has been blocked because the device is
manageable but with an empty client certificate.</td>
</tr>
<tr>
<td><b>Certificate Information:</b></td>
<td>%%SECURE_WEBPROXY_CERT_INFO%%</td>
</tr>
<tr>
<td><b>Request Time:</b></td>
<td>%%SECURE_WEBPROXY_REQ_TIME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg ftp "ftp-explicit-banner"
set buffer "Welcome to the FortiGate FTP proxy."
set header none
set format text
end
config system replacemsg fortiguard-wf "ftgd-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Filter Violation</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
<h3>Web Page Blocked</h3>
<p>You have tried to access a web page that is in violation of your Internet
usage policy.</p>
<table><tbody>
<tr>
<td>Category</td>
<td>%%CATEGORY%%</td>
</tr>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
<p>To have the rating of this web page re-evaluated <a href=\"%%FTGD_RE_EVAL%
%\">please click here</a>.</p>
<p>%%OVERRIDE%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg fortiguard-wf "ftgd-ovrd"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Filter Block Override</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
<h3>Web Filter Block Override</h3>
<p>Please contact your administrator to gain access to the web page.</p>
<div>%%OVRD_FORM%%</div>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg fortiguard-wf "ftgd-quota"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Filter Quota Exceeded</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
<h3>Web Page Blocked</h3>
<p>Your daily quota for this category of web page has expired.</p>
<table><tbody>
<tr>
<td>Category</td>
<td>%%CATEGORY%%</td>
</tr>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
<p>To have the rating of this web page re-evaluated <a href=\"%%FTGD_RE_EVAL%
%\">please click here</a>.</p>
<p>%%OVERRIDE%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg fortiguard-wf "ftgd-warning"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Filter Block Override</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
<h3>Web Page Blocked</h3>
<p>You have tried to access a web page which is in violation of your Internet
usage policy.</p>
<table><tbody>
<tr>
<td>Category</td>
<td>%%CATEGORY%%</td>
</tr>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
<p>To have the rating of this web page re-evaluated <a href=\"%%FTGD_RE_EVAL%
%\">please click here</a>.</p>
<div class=\"form-footer\">
<button type=\"button\" onclick=\"document.location.href=\'%%WARNINGLINK%
%\'; return false;\">Proceed</button>
<button class=\"primary\" type=\"button\" onclick=\"history.go(-1); return
false;\">Go Back</button>
</div>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg spam "ipblocklist"
set buffer "This message has been blocked because mail from this IP address is
not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-dnsbl"
set buffer "This message has been blocked because it is from a DNSBL/ORDBL IP
address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-feip"
set buffer "This message has been blocked because it is from a FortiGuard
AntiSpam Service blocked IP address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-helo"
set buffer "This message has been blocked because the HELO/EHLO domain is
invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-to"
set buffer "This message has been blocked because mail to this email address is
not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-from"
set buffer "This message has been blocked because mail from this email address
is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-subject"
set buffer "This message has been blocked because the subject contains a banned
phrase."
set header none
set format text
end
config system replacemsg spam "smtp-spam-mimeheader"
set buffer "This message has been blocked because it contains an invalid
header."
set header none
set format text
end
config system replacemsg spam "reversedns"
set buffer "This message has been blocked because the return email domain is
invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-ase"
set buffer "This message has been blocked because ASE reports it as spam."
set header none
set format text
end
config system replacemsg spam "submit"
set buffer "If this email is not spam, contact your administrator to add the
signature to the FortiGuard AntiSpam Service."
set header none
set format text
end
config system replacemsg alertmail "alertmail-virus"
set buffer "Virus/Worm detected: %%VIRUS%%; Protocol: %%PROTOCOL%%; Email
Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL
_TO%%;
VIRUS REFERENCE URL: %%VIRUS_REF_URL%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-block"
set buffer "File Block Detected: %%FILE%%; Protocol: %%PROTOCOL%%; Email
Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL_
TO%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-nids-event"
set buffer "The following intrusion was observed: %%NIDS_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-crit-event"
set buffer "The following critical firewall event was detected: %
%CRITICAL_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-disk-full"
set buffer "The log disk is full."
set header none
set format text
end
config system replacemsg admin "pre_admin-disclaimer-text"
set buffer "PRE WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action."
set header none
set format text
end
config system replacemsg admin "post_admin-disclaimer-text"
set buffer "POST WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action.

%%LAST_SUCCESSFUL_LOGIN%%
%%LAST_FAILED_LOGIN%%"
set header none
set format text
end
config system replacemsg auth "auth-disclaimer-page-1"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Disclaimer</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1 class=\"text-centered\">Terms and Disclaimer Agreement</h1>
<form action=\"%%DISCLAIMER_ACT%%\" method=\"%%DISCLAIMER_METHOD%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%ANSWERID%%\" value=\"%%DECLINEVAL%%\">
<p class=\"text-scrollable text-container\">You are about to access
Internet content that is not under the control of the net
work access provider. The network access provider is therefore not responsible for
any of these sites, their content or their privacy
policies. The network access provider and its staff do not endorse nor make any
representations about these sites, or any informatio
n, software or other products or materials found there, or any results that may be
obtained from using them. If you decide to access
any Internet content, you do this entirely at your own risk and you are responsible
for ensuring that any accessed material does not
infringe the laws governing, but not exhaustively covering, copyright, trademarks,
pornography, or any other material which is slande
rous, defamatory or might cause offence in any other way.</p>
<p><b>Do you agree to the above terms?</b></p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"button\" onclick=\"sb(\'%%AGREEVAL%
%\')\">Yes, I agree</button>
<button type=\"button\" onclick=\"sb(\'%%DECLINEVAL%%\')\">No, I
decline</button>
</div>
</form>
<script>function sb(val) { document.forms[0].%%ANSWERID%%.value = val;
document.forms[0].submit(); }</script>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-2"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-3"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-proxy-reject-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Disclaimer Declined</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Disclaimer Declined</h1>
<p>Sorry, network access cannot be granted unless you agree to the
disclaimer.</p>
<div>
<a href=\"%%DISCLAIMER_ACT%%\">
<button class=\"primary\" >Return to Disclaimer</button>
</a>
</div>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-reject-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Disclaimer Declined</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Disclaimer Declined</h1>
<form action=\"/\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p>Sorry, network access cannot be granted unless you agree to the
disclaimer.</p>
<div>
<button class=\"primary\" type=\"submit\">Return to Disclaimer</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-login-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field\">
<label for=\"ft_un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"ft_un\" type=\"text\"
autocorrect=\"off\" autocapitalize=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"ft_pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-login-failed-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Failed</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%FAILED_MESSAGE%%</p>
<div class=\"field\">
<label for=\"ft_un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"ft_un\" type=\"text\"
autocorrect=\"off\" autocapitalize=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"ft_pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value= \"%%PROTURI%%\"><input
type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGI
CVAL%%\"><input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field\">
<label for=\"un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"un\" type=\"text\">
</div>
</div>
<div class=\"field\">
<label for=\"pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"tk\">Token</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"tk\" type=\"text\">
</div>
</div>
<p>%%EXTRAINFO%%</p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-failed-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Failed</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%FAILED_MESSAGE%%</p>
<div class=\"field\">
<label for=\"un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"un\" type=\"text\">
</div>
</div>
<div class=\"field\">
<label for=\"pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"tk\">Token</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"tk\" type=\"text\">
</div>
</div>
<p>%%EXTRAINFO%%</p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-success-msg"
set buffer "Welcome to Fortinet Firewall
Authentication is successful, please connect again."
set header none
set format text
end
config system replacemsg auth "auth-challenge-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Required</h1>
<form action=\"/\" method=\"post\">
<input type=\"hidden\" name=\"%%USERNAMEID%%\" value=\"%%USERNAMEVAL%%\">
<input type=\"hidden\" name=\"%%REQUESTID%%\" value=\"%%REQUESTVAL%%\">
<input type=\"hidden\" name=\"%%USERGROUPID%%\" value=\"%%USERGROUPVAL%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field single\">
<label for=\"ft_un\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-keepalive-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication Keepalive Window</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Keepalive</h1>
<form action=\"/\" method=\"post\">
<p>This browser window is used to keep your authentication session active.
Please leave it open in the background and open a
<a href=\"%%AUTH_REDIR_URL%%\" target=\"_blank\">new window</a> to continue.</p>
<p>Authentication refresh in <b id=\"countdown\">%%TIMEOUT%%</b>
seconds ...</p>
<p><a href=\"%%AUTH_LOGOUT%%\">logout</a></p>
<p>%%QUOTA_TABLE%%</p>
</form>
<script id=\"heartBeatWorker\" type=\"javascript/worker\">
(function(){
function heartbeat() { self.postMessage(\"hb\"); }
setInterval(function(){ heartbeat(); }, 1000);
})();
</script>
<script>
var startTime= new Date();
function updateCountDown(){
var secElapsed = Math.floor((Date.now() - startTime.getTime()) / 1000);
if (secElapsed >= %%TIMEOUT%%){
location.href=\"%%KEEPALIVEURL%%\";
return;
}
document.getElementById(\'countdown\').innerHTML = %%TIMEOUT%% -
secElapsed;
}
</script>
<script>
if (typeof(Worker) !== \"undefined\") {
var blob = new
Blob([document.querySelector(\'#heartBeatWorker\').textContent], { type:
\"text/javascript\" });
var worker = new Worker(window.URL.createObjectURL(blob));
worker.onmessage = function (event) {
updateCountDown();
};
} else {
function countDown(){
updateCountDown();
counter=setTimeout(\"countDown()\", 1000);
}
window.onload=countDown;
}
</script>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-portal-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Authentication</h1>
<p><b>Firewall authentication was successful.</b></p>
<p>You can access the network as per your protection profile.</p>
<p><a href=\"%%AUTH_REDIR_URL%%\" target=\"_blank\">open a new window</a></p>
<p><a href=\"%%AUTH_LOGIN%%\">login with another user</a></p>
<p><a href=\"%%AUTH_LOGOUT%%\">logout</a></p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-password-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<script>var expire_days = %%EXPIREDAYS%%;if (expire_days < 0)
{ document.write(\"<h1>Password Expired</h1>\"); }else { document
.write(\"<h1>Password Expiring</h1>\"); }</script>
<form action=\"/\" method=\"post\" onsubmit=\'return form_check();\'>
<input name=\"%%USERNAMEID%%\" type=\"hidden\" value=\"%%USERNAMEVAL%%\" />
<input name=\"%%REQUESTID%%\" type=\"hidden\" value=\"%%REQUESTVAL%%\" />
<input name=\"%%USERGROUPID%%\" type=\"hidden\" value=\"%%USERGROUPVAL%
%\" />
<input name=\"%%REDIRID%%\" type=\"hidden\" value=\"%%PROTURI%%\" />
<input name=\"%%MAGICID%%\" type=\"hidden\" value=\"%%MAGICVAL%%\" />
<p>Please set a new one.</p>
<script>
var min_length = %%MIN_LENGTH%%;if (min_length > 0)
{document.write(\"Password must:<br>&emsp;Be a minimum length of %%MI
N_LENGTH%%\");}
var min_lower_letter_length = %%MIN_LOWER_LETTER_LENGTH%%;if
(min_lower_letter_length > 0) {document.write(\"<br>&emsp;In
clude at least %%MIN_LOWER_LETTER_LENGTH%% lower case letter(s) (a-z)\");}
var min_upper_letter_length = %%MIN_UPPER_LETTER_LENGTH%%;if
(min_upper_letter_length > 0) {document.write(\"<br>&emsp;In
clude at least %%MIN_UPPER_LETTER_LENGTH%% upper case letter(s) (A-Z)\");}
var min_non_alpha_length = %%MIN_NON_ALPHA_LENGTH%%;if
(min_non_alpha_length > 0) {document.write(\"<br>&emsp;Include at
least %%MIN_NON_ALPHA_LENGTH%% non-alphanumeric character(s)\");}
var min_numeric_length = %%MIN_NUMERIC_LENGTH%%;if (min_numeric_length
> 0) {document.write(\"<br>&emsp;Include at least
%%MIN_NUMERIC_LENGTH%% number(s) (0-9)\");}
var min_unique_char = %%MIN_UNIQUE_CHAR%%;if (min_unique_char > 0)
{document.write(\"<br>&emsp;Have at least %%MIN_UNIQUE
_CHAR%% unique character(s) which don\'t exist in the old password\");}
var prevent_reuse = %%PREVENT_REUSE%%;var reuse_password_limit = %
%REUSE_PASSWORD_LIMIT%%;if (prevent_reuse > 0) {documen
t.write(\"<br>&emsp;Not be reused\");} else if (reuse_password_limit > 0)
{document.write(\"<br>&emsp;Not be reused more than %%REUSE
_PASSWORD_LIMIT%% time(s)\");}
</script>
<div class=\"field\">
<label for=\"ft_pd\">New password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\" onkeydown=\"keydownhandler(event)\
">
</div>
</div>
<div class=\"field\">
<label for=\"ft_pd_re\">Re-enter</label>
<div>
<input name=\"password2\" id=\"ft_pd_re\" type=\"password\"
autocomplete=\"off\" onkeydown=\"keydownhandler(event)\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" id=\"continue\"
type=\"submit\">Continue</button>
<button type=\"button\" id=\"skip\" onclick=\"form.%%PASSWORDID%
%.value=\'\'; form.password2.value=\'\'; form.submit();\"
>Skip</button>
</div>
</form>
<script>var expire_days = %%EXPIREDAYS%%;if (expire_days < 0)
{ document.write(\"Your password has expired.\"); }else if (expire
_days == 0) { document.write(\"Your password is expiring.\"); }else if
(expire_days == 1) { document.write(\"Your password will exp
ire in 1 day.\"); }else { document.write(\"Your password will expire in %
%EXPIREDAYS%% days.\"); }</script>
<script>document.forms[0].skip.focus(); function keydownhandler(event){if
(event.keyCode == 13) document.forms[0].continue.focus(
);} function form_check(){ var form=document.forms[0]; if (form.%%PASSWORDID%
%.value != form.password2.value) { alert(\'The ent
ered passwords do not match\'); return false; } return true;}</script>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-fortitoken-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiToken Code Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REQUESTID%%\" value=\"%%REQUESTVAL%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<input type=\"hidden\" disabled=\"disabled\" name=\"%%FTM_PUSH%%\"
value=\"%%FTM_PUSH_VAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field single\">
<label for=\"ft_un\">Token Code</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"ft_tc\" required>
</div>
</div>
<p>%%EXTRAINFO%%</p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</form>
</div>
<script>
var ftmPushStatusTimeout = null;
var ftmPushInput = document.querySelector(\'input[name=\"%%FTM_PUSH%%\"]\');
if (ftmPushInput && ftmPushInput.value) {
setTimeout(function() {
startFtmPushPoll();
}, 2000)
}
function getFtmPushStatus() {
var xhr = new XMLHttpRequest();
xhr.open(\"POST\", \'/\', true);
xhr.setRequestHeader(\'Content-Type\', \'application/x-www-form-urlencoded\');
var encodedData = [];
var fields = [\'%%REQUESTID%%\', \'%%REDIRID%%\', \'%%MAGICID%%\'];
fields.forEach(function(field) {
var requestIdInput = document.querySelector(\'input[name=\"\' + field
+ \'\"]\');
if (requestIdInput && requestIdInput.value) {
encodedData.push(encodeURIComponent(field) + \'=\' +
encodeURIComponent(requestIdInput.value));
}
});
encodedData.push(\'%%IS_AJAX%%=1\');
encodedData.push(\'%%TOKENCODE%%=\');
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
try {
if (xhr.response && xhr.response.charAt(0) === \'%
%AJAX_STATUS_REDIRECT%%\') {
document.location = xhr.response.substring(1);
}
} catch (e) {}
}
};
xhr.send(encodedData.join(\'&\').replace(/%20/g, \'+\'));
}
function startFtmPushPoll() {
cancelFtmPushPoll();
getFtmPushStatus();
ftmPushStatusTimeout = setTimeout(function() {
startFtmPushPoll();
}, 2000);
}
function cancelFtmPushPoll() {
clearTimeout(ftmPushStatusTimeout);
}
</script></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-next-fortitoken-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiToken Code Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REQUESTID%%\" value=\"%%REQUESTVAL%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field single\">
<label for=\"ft_un\">Next Code</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"ft_tc\">
</div>
</div>
<p>%%EXTRAINFO%%</p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-email-token-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Email Token Code Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REQUESTID%%\" value=\"%%REQUESTVAL%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field single\">
<label for=\"ft_un\">Token Code</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"ft_tc\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-sms-token-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>SMS Token Code Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REQUESTID%%\" value=\"%%REQUESTVAL%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field single\">
<label for=\"ft_un\">Token Code</label>
<div>
<input name=\"%%TOKENCODE%%\" id=\"ft_tc\">
</div>
</div>
<p>%%EXTRAINFO%%</p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-email-harvesting-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1 class=\"text-centered\">Terms and Disclaimer Agreement</h1>
<form action=\"%%HEMAIL_ACTION%%\" method=\"%%HEMAIL_METHOD%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p class=\"text-scrollable text-container\">You are about to access
Internet content that is not under the control of the net
work access provider. The network access provider is therefore not responsible for
any of these sites, their content or their privacy
policies. The network access provider and its staff do not endorse nor make any
representations about these sites, or any informatio
n, software or other products or materials found there, or any results that may be
obtained from using them. If you decide to access
any Internet content, you do this entirely at your own risk and you are responsible
for ensuring that any accessed material does not
infringe the laws governing, but not exhaustively covering, copyright, trademarks,
pornography, or any other material which is slande
rous, defamatory or might cause offence in any other way.</p>
<div class=\"text-container\">
<input type=\"checkbox\" name=\"agree\" id=\"ft_ad\"
required=\"required\" onclick=\"document.getElementById(\'ft_un\').d
isabled = !this.checked;\">
<label for=\"ft_ad\">
I accept the Terms and Disclaimer Agreement
</label>
</div>
<div class=\"flex-container text-container column\">
<p><b>Please enter your Email address to continue.</b></p>
<div class=\"field single\">
<label for=\"ft_un\">Email</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"ft_un\" type=\"email\"
autocorrect=\"off\" autocapitalize=\"off\" disabled>
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</div>
</form>
</div>
<script>var def_msg = \"Please enter your Email address to continue.\"; var cb =
get(\"ft_ad\"); var un = get(\"ft_un\"); var ci = ge
t(\"ft_ci\"); var note = get(\"note\"); var adl = get(\"ft_adl\");if (cb && un &&
note && adl) { cb.onclick = cb_click; cb_click.appl
y(cb, [def_msg]); }function get(x) { return document.getElementById(x); }function
tc(elm, cn, tg) { if (!elm) return; if (tg) elm.cla
ssName += \" \" + cn; else elm.className =
elm.className.replace(cn,\'\'); }function cb_click(msg) { var en = !this.checked;
un.disab
led = en; ci.disabled = en; tc(adl, \"hl\", en); tc(note, \"hl\", !en); if(typeof
msg === \"string\") { note.innerHTML = msg; } else
{ note.innerHTML = def_msg; } }</script></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-email-failed-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1 class=\"text-centered\">Terms and Disclaimer Agreement</h1>
<form action=\"%%HEMAIL_ACTION%%\" method=\"%%HEMAIL_METHOD%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p class=\"text-scrollable text-container\">You are about to access
Internet content that is not under the control of the net
work access provider. The network access provider is therefore not responsible for
any of these sites, their content or their privacy
policies. The network access provider and its staff do not endorse nor make any
representations about these sites, or any informatio
n, software or other products or materials found there, or any results that may be
obtained from using them. If you decide to access
any Internet content, you do this entirely at your own risk and you are responsible
for ensuring that any accessed material does not
infringe the laws governing, but not exhaustively covering, copyright, trademarks,
pornography, or any other material which is slande
rous, defamatory or might cause offence in any other way.</p>
<div class=\"text-container\">
<input type=\"checkbox\" name=\"agree\" id=\"ft_ad\"
required=\"required\" onclick=\"document.getElementById(\'ft_un\').d
isabled = !this.checked;\">
<label for=\"ft_ad\">
I accept the Terms and Disclaimer Agreement
</label>
</div>
<div class=\"flex-container text-container column\">
<p><b>Please enter your Email address to continue.</b></p>
<div class=\"field single\">
<label for=\"ft_un\">Email</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"ft_un\" type=\"email\"
autocorrect=\"off\" autocapitalize=\"off\" disabled>
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\"
id=\"ft_ci\">Continue</button>
</div>
</div>
</form>
</div>
<script>var def_msg = \"Invalid Email address, please enter again to continue\";var
cb = get(\"ft_ad\"); var un = get(\"ft_un\"); var
ci = get(\"ft_ci\"); var note = get(\"note\"); var adl = get(\"ft_adl\");if (cb &&
un && note && adl) { cb.onclick = cb_click; cb_cl
ick.apply(cb, [def_msg]); }function get(x) { return
document.getElementById(x); }function tc(elm, cn, tg) { if (!elm) return; if (tg)
elm.className += \" \" + cn; else elm.className =
elm.className.replace(cn,\'\'); }function cb_click(msg) { var en = !this.checked;
un.disabled = en; ci.disabled = en; tc(adl, \"hl\", en); tc(note, \"hl\", !en);
if(typeof msg === \"string\") { note.innerHTML = msg;
} else { note.innerHTML = def_msg; } }</script></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-cert-passwd-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Certificate Password Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field\">
<label for=\"ft_un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" value=\"%%USERNAMEVAL%%\"
id=\"ft_un\" type=\"text\" readonly=\"readonly\" autocorrect
=\"off\" autocapitalize=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"ft_pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-guest-print-page"
set buffer "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01
Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\"><html><head
><meta http-equiv=Content-Type content=\"text/html; charset=UTF-8\"><meta http-
equiv=Pragma content=no-cache><title>Guest Access Cred
entials</title><style type=\"text/css\">body.printable{background-color:
white;margin: 0 20px 0 20px;} div.first_section:not(:first-c
hild){page-break-before: always;} div.user_section{padding: 15px;border-bottom: 1px
dotted #666;font-family: Verdana, Arial, Sans-Ser
if;font-size: 10pt;} div.user_header{font-size: 14pt;font-weight: bold;height:
2em;} div.user_disc{font-size: 8pt;margin-bottom: 0.5i
n;} ul.user_details{list-style-type: none;} li.user_info_field{font-family:
monospace;page-break-before: avoid;} label.user_info_labe
l{font-weight: bold;float: left;width: 10em;font-family: Verdana, Arial, Sans-
Serif;}</style></head><body class=\"printable\">%%FOR(U
SERS:USER_SECTIONS)%%<div class=\"user_section first_section\">%
%FOR(PRINT_CREDENTIALS:USERS)%%<div class=\"user_header\">Network Gue
st Access Credentials</div>%%PRINT_CREDENTIALS%%<div class=\"user_disc\">The above
account may be used to access Internet content tha
t is not under the control of the network access provider. The network access
provider is therefore not responsible for any of these
sites, their content or their privacy policies. The network access provider and
its staff do not endorse nor make any representation
s about these sites, or any information, software or other products or materials
found there, or any results that may be obtained fro
m using them. If you decide to access any Internet content, you do this entirely at
your own risk and you are responsible for ensurin
g that any accessed material does not infringe the laws governing, but not
exhaustively covering, copyright, trademarks, pornography,
or any other material which is slanderous, defamatory or might cause offence in
any other way.</div>%%ENDFOR%%</div>%%ENDFOR%%</body
><script type=\"text/javascript\">window.print();</script></html>"
set header http
set format html
end
config system replacemsg auth "auth-guest-email-page"
set buffer "User ID=%%USERID%%
Password=%%PASSWORD%%
Expires=%%EXPIRE%%
User Name=%%USERNAME%%
Mobile Phone=%%MOBILEPHONE%%
Sponsor=%%SPONSOR%%
Company=%%COMPANY%%
Email=%%EMAIL%%"
set header http
set format html
end
config system replacemsg auth "auth-success-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Authentication</h1>
<p>If JavaScript is not enabled, please <a href=\"%%AUTH_REDIR_URL%%\">click
here</a> to continue.</p>
<script>window.location=\"%%AUTH_REDIR_URL%%\";</script>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-block-notification-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Notification</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Firewall Notification</h1>
<p>Your access has been blocked by firewall policy %%POLICY_ID%%.<br>If you
have any questions or concerns, please contact your n
etwork administrator for more information.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-quarantine-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Quarantine Notification</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Quarantine Notification</h1>
<form action=\"%%DISCLAIMER_ACT%%\" method=\"%%DISCLAIMER_METHOD%%\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%ANSWERID%%\" value=\"%%DECLINEVAL%%\">
<p>Your network access has been restricted due to the detection of
potentially malicious traffic. Please contact your network
administrator for further information.</p>
<p><b>Acknowledge your quarantine for limited network access.</b></p>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\" onclick=\"sb(\'%%AGREEVAL%
%\')\">Accept</button>
<button type=\"button\"
onclick=\"sb(\'%%DECLINEVAL%%\')\">Decline</button>
</div>
</form>
<script>function sb(val) { document.forms[0].%%ANSWERID%%.value = val;
document.forms[0].submit(); }</script>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-qtn-reject-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Quarantine Declined</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Quarantine Terms Not Acknowledged</h1>
<form action=\"/\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<p>By failing to acknowledge the Terms of Quarantine, your access may be
more severely restricted.</p>
<div>
<button class=\"primary\" type=\"submit\">Return to Quarantine
Terms</button>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg auth "auth-saml-page"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Firewall Authentication</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Authentication Required</h1>
<form action=\"%%AUTH_POST_URL%%\" method=\"post\">
<input type=\"hidden\" name=\"%%REDIRID%%\" value=\"%%PROTURI%%\">
<input type=\"hidden\" name=\"%%MAGICID%%\" value=\"%%MAGICVAL%%\">
<input type=\"hidden\" name=\"%%METHODID%%\" value=\"%%METHODVAL%%\">
<p>%%QUESTION%%</p>
<div class=\"field\">
<label for=\"ft_un\">Username</label>
<div>
<input name=\"%%USERNAMEID%%\" id=\"ft_un\" type=\"text\"
autocorrect=\"off\" autocapitalize=\"off\">
</div>
</div>
<div class=\"field\">
<label for=\"ft_pd\">Password</label>
<div>
<input name=\"%%PASSWORDID%%\" id=\"ft_pd\" type=\"password\"
autocomplete=\"off\">
</div>
</div>
<div class=\"form-footer\">
<button class=\"primary\" type=\"submit\">Continue</button>
<div>Or log in using <a href=\"%%AUTH_SAML%%\">SAML Identity
Provider</a></div>
</div>
</form>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-login"
set buffer "<!DOCTYPE html>
<html lang=\"en\" class=\"main-app\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<meta name=\"apple-itunes-app\" content=\"app-id=1475674905\">
<link href=\"/styles.css\" rel=\"stylesheet\" type=\"text/css\">
<link href=\"/css/legacy-main.css\" rel=\"stylesheet\" type=\"text/css\">
<title>Please Login</title>
</head>
<body>
<div class=\"view-container\">
<form class=\"prompt legacy-prompt\" action=\"%%SSL_ACT%%\" method=\"%
%SSL_METHOD%%\" name=\"f\" autocomplete=\"off\">
<div class=\"content with-header with-sslvpn\">
<div class=\"sslvpn-left\">
<img src=\"/assets/brand-login-left.svg\" alt=\"brand-
left\" height=\"500px\"/>
</div>
<div class=\"sub-content sub-sslvpn\">
<div class=\"sslvpn-title\">
<img src=\"/assets/sslvpn-portal-login.svg\"
width=\"300px\" alt=\"SSL-VPN Portal login\" />
</div>
<div class=\"wide-inputs\">
%%SSL_LOGIN%%
</div>
<div class=\"button-actions wide sslvpn-buttons\">
<button class=\"primary\" type=\"button\"
name=\"login_button\" id=\"login_button\" onClick=\"try_login()
\">
Login
</button>
<button type=\"button\" name=\"skip_button\"
id=\"skip_button\" onClick=\"try_skip()\" style=\"display:no
ne\">
Skip
</button>
<button id=\"launch-forticlient-button\"
type=\"button\" onClick=\"launchFortiClient()\">
<f-icon class=\"ftnt-forticlient\"></f-icon>
<span>Launch FortiClient</span>
</button>
<iframe id=\"launch-forticlient-iframe\"
style=\"display:none\"></iframe>
<button id=\"saml-login-bn\" class=\"primary\"
type=\"button\" name=\"saml_login_bn\" onClick=\"launchSam
lLogin()\" style=\"display:none\">
SSO Login
</button>
</div>
</div>
<div class=\"sslvpn-right\">
<img src=\"/assets/brand-login-right.svg\" alt=\"brand-
right\" height=\"500px\"/>
</div>
</div>
</form>
</div>
</body>
%%SSL_HIDDEN%%
</html>
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-header"
set buffer "<div class=\"fortinet-grid-icon\">
<f-icon class=\"ftnt-fortinet-grid icon-xl\"></f-icon>
</div>
<div class=\"platform\">
%%SSL_STATUS_INFO%%
</div>

<div class=\"expand\">
%%SSL_RESPONSIVE_EXPAND%%
</div>

%%SSL_OPTIONS%%
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-limit"
set buffer "<html><head><meta http-equiv=\"Content-Type\" content=\"text/html;
charset=UTF-8\"><title>Already Logged In</title><m
eta http-equiv=\"Pragma\" content=\"no-cache\"><meta http-equiv=\"cache-control\"
content=\"no-cache\"><meta http-equiv=\"cache-contr
ol\" content=\"must-revalidate\"><link href=\"/sslvpn/css/login.css\"
rel=\"stylesheet\" type=\"text/css\"><script type=\"text/javasc
ript\">if (top && top.location != window.location) top.location = top.location;if
(window.opener && window.opener.top) { window.opene
r.top.location = window.opener.top.location; self.close(); }</script></head><body
class=\"main\"><center><table class=\"container\" h
eight=\"100%\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" width=\"100%\"
valign=\"middle\"><tbody><tr valign=\"middle\"><td
><table class=\"list\" height=\"180\" cellspacing=\"0\" cellpadding=\"10\"
align=\"center\" width=\"400\"><tbody><tr class=\"dark\"><
td colspan=\"2\"> <b>Already Logged In</b></td></tr><tr><td colspan=\"2\"><p>You
already have an open SSL VPN connection. Opening mul
tiple connections is not permitted.</p><p>If you proceed, your other connection
will be disconnected.</p><p>If you have any questions
or concerns, please contact your administrator for more
information.</p></td></tr><tr><td style=\"text-align:center\">%%SSL_LOGIN_AN
YWAY%%</td><td
style=\"text-align:center\">%%SSL_LOGIN_CANCEL%%</td></tr></tbody></table></td></
tr></tbody></table></center></body></
html>"
set header http
set format html
end
config system replacemsg sslvpn "hostcheck-error"
set buffer "Your PC does not meet the host checking requirements set by the
firewall. Please try again in a few minutes. If the i
ssue persists check that your OS version meets the minimum requirements, that your
antivirus and firewall applications are installed
and running properly, and that you have the correct network interface."
set header none
set format text
end
config system replacemsg sslvpn "sslvpn-provision-user"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>FortiClient SSL-VPN Setup Instructions</title>
</head>
<body><div class=\"message-container\">
<section>
<p>
<div>How to set up the SSL-VPN connection on
<b>%%FTCL_VPN_NAME%%</b></div>
</p>
<ol>
<li>
<b>Download and install FortiClient VPN</b>
<div>FortiClient securely connects your computer or mobile device
to your network</div>
<a href=\"https://www.fortinet.com/support/product-
downloads#vpn7\">
<button>
Download
</button>
</a>
</li>
<li>
<b>Configure the connection</b>
<div>FortiClient VPN can configure your connection
automatically.</div>
<div>Click on <a href=\"%%FTCL_VPN_CONFIG_URL%%\">this
link</a>&nbsp;(%%FTCL_VPN_CONFIG_URL%%), or scan the QR code b
elow from the FortiClient VPN app.</div>
<div>
<img src=\"%%QR_CODE_DATA_URI%%\">
</div>
</li>
</ol>
<p>
Contact your network administrator if you require assistance.
</p>
</section>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-provision-user-sms"
set buffer "To set up the FortiClient VPN connection \"%%FTCL_VPN_NAME%%\",
install the FortiClient application and click the fol
lowing link: %%FTCL_VPN_CONFIG_URL%%."
set header none
set format text
end
config system replacemsg nac-quar "nac-quar-virus"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Virus Quarantine</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of virus</h1>
<p>Your computer has been blocked because of a virus detected in your system.
For more information, contact the system administra
tor.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dos"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attack Detected</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of DoS Attack</h1>
<p>Your computer has been blocked because a DoS attack originating from your
system was detected. For more information, contact t
he system administrator.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-ips"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attack Detected</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of an intrusion attack</h1>
<p>Your computer has been blocked because an intrusion attack originating from
your system was detected. For more information, co
ntact the system administrator.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dlp"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Data Loss Detected</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of data loss</h1>
<p>Your computer has been blocked because of a data loss originating from your
system. For more information, contact the system a
dministrator.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-admin"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Administrative Quarantine</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of admin action</h1>
<p>Your system administrator has blocked your computer or device. For more
information, contact the system administrator.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-app"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Application Control</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Blocked because of application</h1>
<p>Your computer has been blocked because of an application detected in your
system. For more information, contact the system adm
inistrator.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg traffic-quota "per-ip-shaper-block"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Traffic Quota Control</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Traffic blocked because of exceeded session quota</h1>
<p>Traffic has been blocked because the per IP shaper session quota has been
exceeded. Please contact the system administrator.</
p>
<p>Quota: %%QUOTA_INFO%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "virus-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>You are not permitted to download the file \"%%FILE%%\" because it is
infected with the virus \"%%VIRUS%%\".</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
<tr>
<td>Reference URL</td>
<td>%%VIRUS_REF_URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "client-virus-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>You are not permitted to transfer the file \"%%FILE%%\" because it is
infected with the virus \"%%VIRUS%%\".</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
<tr>
<td>Reference URL</td>
<td>%%VIRUS_REF_URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "virus-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" was infected
with the \"%%VIRUS%%\" virus. It has been removed a
nd quarantined as: \"%%QUARFILENAME%%\".\"%%VIRUS_REF_URL%%\"."
set header 8bit
set format text
end
config system replacemsg utm "dlp-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The transfer attempt has been blocked because it appears to match a data
loss prevention profile.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "dlp-text"
set buffer "The transfer attempt has been blocked because it appears to match a
data loss prevention profile."
set header 8bit
set format text
end
config system replacemsg utm "appblk-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Application Control Violation</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGate Application Control</h1>
<h3>Application Blocked</h3>
<p>You have attempted to use an application that violates your Internet usage
policy.</p>
<table><tbody>
<tr>
<td>Application</td>
<td>%%APPNAME%%</td>
</tr>
<tr>
<td>Category</td>
<td>%%APPCAT%%</td>
</tr>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Policy</td>
<td>%%POLICY_UUID%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "ipsblk-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Intrusion Prevention Violation</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGate Intrusion Prevention</h1>
<h3>Intrusion Prevention Triggered</h3>
<p>Your attempt to access the Internet resource is blocked by Intrusion
Prevention.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Policy</td>
<td>%%POLICY_UUID%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "virpatchblk-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Virtual Patch Violation</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGate Virtual Patch</h1>
<h3>Virtual Patch Triggered</h3>
<p>Your attempt to access the Internet resource is blocked by Virtual
Patch.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Policy</td>
<td>%%POLICY_UUID%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "ipsfail-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Intrusion Prevention Scanning Failure</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>FortiGate Intrusion Prevention</h1>
<h3>Intrusion Prevention Scanning Failure</h3>
<p>Your attempt to access the Internet resource is blocked because of an
Intrusion Prevention scanning failure.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Policy</td>
<td>%%POLICY_UUID%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "exe-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been
removed because it is a Windows executable.
Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "waf-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Web Application Firewall</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Web Application Firewall</h1>
<p>This transfer is blocked by a Web Application Firewall.</p>
<table><tbody>
<tr>
<td colspan=\"2\">This transfer is blocked.</td>
</tr>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Event ID</td>
<td>%%WAF_SIG_ID%%</td>
</tr>
<tr>
<td>Event Type</td>
<td>%%WAF_DESC%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>You are not permitted to transfer the file \"%%FILE%%\" because its
signature \"%%VIRUS%%\" has been identified by the Virus O
utbreak Prevention service.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been
removed because its signature \"%%VIRUS%%\" has been ide
ntified by the Virus Outbreak Prevention service. Quarantined File Name: \"%
%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "external-blocklist-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>You are not permitted to transfer the file \"%%FILE%%\" because its
signature \"%%VIRUS%%\" has been identified by an external
blocklist.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "external-blocklist-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been
removed because its signature \"%%VIRUS%%\" has been ide
ntified by an external blocklist. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "ems-threat-feed-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>High Security Alert</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>High Security Alert</h1>
<p>You are not permitted to transfer the file \"%%FILE%%\" because its
signature \"%%VIRUS%%\" has been identified by the EMS Thr
eat Feed.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "ems-threat-feed-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been
removed because its signature \"%%VIRUS%%\" has been ide
ntified by the EMS Threat Feed. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "file-filter-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The file \"%%FILE%%\" has been blocked due to its file type and/or
properties.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "file-filter-text"
set buffer "The file \"%%FILE%%\" has been blocked due to its file type and/or
properties."
set header 8bit
set format text
end
config system replacemsg utm "file-size-text"
set buffer "The file \"%%FILE%%\" has been blocked because it exceeded the
configured file size limit."
set header 8bit
set format text
end
config system replacemsg utm "transfer-size-text"
set buffer "The transfer has been blocked because it exceeded the configured
size limit."
set header 8bit
set format text
end
config system replacemsg utm "internal-error-text"
set buffer "The file \"%%FILE%%\" has been blocked because of an internal
error."
set header 8bit
set format text
end
config system replacemsg utm "archive-block-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The transfer contained an archive that has been blocked.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "archive-block-text"
set buffer "Transfer failed. Archive \"%%FILE%%\" has been blocked."
set header 8bit
set format text
end
config system replacemsg utm "file-av-fail-text"
set buffer "Transfer of file \"%%FILE%%\" failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "transfer-av-fail-text"
set buffer "Transfer failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "banned-word-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The page has been blocked because it contains a banned word.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
<p>%%OVERRIDE%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "banned-word-text"
set buffer "This message has been blocked because it contains a banned word."
set header 8bit
set format text
end
config system replacemsg utm "block-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>File blocked</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
<tr>
<td>Quarantined File Name</td>
<td>%%QUARFILENAME%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "block-text"
set buffer "Potentially dangerous file removed. The file \"%%FILE%%\" has been
blocked. File quarantined as: \"%%QUARFILENAME%%\"
."
set header 8bit
set format text
end
config system replacemsg utm "decompress-limit-text"
set buffer "The file \"%%FILE%%\" has been blocked because its decompressed
size is over the configured limit."
set header 8bit
set format text
end
config system replacemsg utm "dlp-subject-text"
set buffer "Data loss detected! Subject: %%SUBJECT%%"
set header 8bit
set format text
end
config system replacemsg utm "file-size-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The file \"%%FILE%%\" has been blocked. The file is larger than the
configured file size limit.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "client-file-size-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>The transfer has been blocked because it is larger than the configured size
limit.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "inline-scan-timeout-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Scan Incomplete</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Scan Incomplete</h1>
<p>The file \"%%FILE%%\" is still being scanned and will be released once
complete. Please try the transfer again in a few minute
s.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "inline-scan-timeout-text"
set buffer "The file \"%%FILE%%\" is still being scanned and will be released
once complete. Please try the transfer again in a f
ew minutes."
set header 8bit
set format text
end
config system replacemsg utm "inline-scan-error-html"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Scan Unavailable</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Scan Unavailable</h1>
<p>The file \"%%FILE%%\" has been blocked due to an inline-scan error.</p>
<table><tbody>
<tr>
<td>URL</td>
<td>%%PROTOCOL%%://%%URL%%</td>
</tr>
</tbody></table>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg utm "inline-scan-error-text"
set buffer "The file \"%%FILE%%\" has been blocked due to an inline-scan
error."
set header 8bit
set format text
end
config system replacemsg utm "icap-block-text"
set buffer "The file \"%%FILE%%\" has been blocked by ICAP service."
set header 8bit
set format text
end
config system replacemsg utm "icap-error-text"
set buffer "The file \"%%FILE%%\" has been blocked due to ICAP error."
set header 8bit
set format text
end
config system replacemsg utm "icap-http-error"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>ICAP Error</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>ICAP Error</h1>
<p>An ICAP error was encountered while handling the request.</p>
<p>%%ICAP_ERR_DESC%%</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg icap "icap-req-resp"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<style type=\"text/css\">
body {
height: 100%;
font-family: Helvetica, Arial, sans-serif;
color: #6a6a6a;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
input[type=date], input[type=email], input[type=number],
input[type=password], input[type=search], input[type=tel], input
[type=text], input[type=time], input[type=url], select, textarea {
color: #262626;
vertical-align: baseline;
margin: .2em;
border-style: solid;
border-width: 1px;
border-color: #a9a9a9;
background-color: #fff;
box-sizing: border-box;
padding: 2px .5em;
appearance: none;
border-radius: 0;
}
input:focus {
border-color: #646464;
box-shadow: 0 0 1px 0 #a2a2a2;
outline: 0;
}
button {
padding: .5em 1em;
border: 1px solid;
border-radius: 3px;
min-width: 6em;
font-weight: 400;
font-size: .8em;
cursor: pointer;
}
button.primary {
color: #fff;
background-color: rgb(47, 113, 178);
border-color: rgb(34, 103, 173);
}
.message-container {
height: 500px;
width: 500px;
padding: 0;
margin: 10px;
}
.logo {
background: url(%%IMAGE:logo_v3_fguard_app%%) no-repeat left
center;
height: 267px;
object-fit: contain;
}
table {
background-color: #fff;
border-spacing: 0;
margin: 1em;
}
table > tbody > tr > td:first-of-type:not([colspan]) {
white-space: nowrap;
color: rgba(0,0,0,.5);
}
table > tbody > tr > td:first-of-type {
vertical-align: top;
}
table > tbody > tr > td {
padding: .3em .3em;
}
.field {
display: table-row;
}
.field > :first-child {
display: table-cell;
width: 20%;
}
.field.single > :first-child {
display: inline;
}
.field > :not(:first-child) {
width: auto;
max-width: 100%;
display: inline-flex;
align-items: baseline;
vertical-align: top;
box-sizing: border-box;
margin: .3em;
}
.field > :not(:first-child) > input {
width: 230px;
}
.form-footer {
display: inline-flex;
justify-content: flex-start;
}
.form-footer > * {
margin: 1em;
}
.text-scrollable {
overflow: auto;
height: 150px;
border: 1px solid rgb(200, 200, 200);
padding: 5px;
font-size: 1em;
}
.text-centered {
text-align: center;
}
.text-container {
margin: 1em 1.5em;
}
.flex-container {
display: flex;
}
.flex-container.column {
flex-direction: column;
}
</style>
<title>Attention</title>
</head>
<body><div class=\"message-container\">
<div class=\"logo\"></div>
<h1>Attention</h1>
<p>HTTP POST action is not allowed for policy reasons.</p>
</div></body>
</html>
"
set header http
set format html
end
config system replacemsg automation "automation-email"
set buffer "<!DOCTYPE html>
<html lang=\"en\">
<head>
<meta charset=\"UTF-8\">
<meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">
<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">
<link href=\"https://fonts.googleapis.com/css?family=Roboto&display=swap\"
rel=\"stylesheet\">
<style>
body {
height: 100%;
font-family: Roboto, Helvetica, Arial, sans-serif;
margin: 0;
display: flex;
align-items: center;
justify-content: center;
}
.message-container{
margin: 0 auto;
max-width: 580px;
}
.email-body {
line-height: 1.5em;
}
</style>
</head>
<body>
<div class=\"message-container\">
<img
src=\"https://filestore.fortinet.com/fortiguard/logo_v3_fguard_app.png\"
alt=\"Fortinet Logo\"/>
<h1>Security Fabric Automation</h1>
<h3>%%AUTOMATION_FGT_SERIAL%%: %%AUTOMATION_STITCH_NAME%%</h3>
<div class=\"email-body\">
%%AUTOMATION_EMAIL_BODY%%
</div>
</div>
</body>
</html>
"
set header http
set format html
end
config system snmp sysinfo
set status disable
set engine-id-type text
set engine-id ''
set description ''
set contact-info ''
set location ''
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
set trap-free-memory-threshold 5
set trap-freeable-memory-threshold 60
set append-index enable
set non-mgmt-vdom-query disable
end
config system snmp mib-view
end
config system snmp community
end
config system snmp user
end
config system snmp rmon-stat
end
config system autoupdate schedule
set status enable
set frequency automatic
end
config system autoupdate tunneling
set status disable
set address ''
set port 0
set username ''
set password ENC
0fHoKwsiPHRC9B/Q2efSgxGibZ3qBoSSVcfU9fmie4e+yhfsCh2w8J6lUO6LN14Cnojc4IuplLKOpHrOgjJ
MAoSq7YNrlOS0Vory6F5fKL45FK1f
wmnyuR7Pb2rpLfd5GWg5Na4EeJ20f8JG+Ky/
UjnSA6vr6xGEcNsNPvlO4RIxwrxb25RdQFcG+zb8SY3HLR3qT1lmMjY3dkVA
end
config system alias
end
config system auto-script
end
config system central-management
set mode normal
set type fortiguard
set schedule-config-restore enable
set schedule-script-restore enable
set allow-push-configuration enable
set allow-push-firmware enable
set allow-remote-firmware-upgrade enable
set allow-monitor enable
set local-cert ''
set vdom "root"
set fmg-update-port 8890
set enc-algorithm high
end
config system sdn-proxy
end
config system sdn-connector
end
config system sdn-vpn
end
config firewall internet-service-name
edit "Google-Other"
set type default
set internet-service-id 65536
next
edit "Google-Web"
set type default
set internet-service-id 65537
next
edit "Google-ICMP"
set type default
set internet-service-id 65538
next
edit "Google-DNS"
set type default
set internet-service-id 65539
next
edit "Google-Outbound_Email"
set type default
set internet-service-id 65540
next
edit "Google-SSH"
set type default
set internet-service-id 65542
next
edit "Google-FTP"
set type default
set internet-service-id 65543
next
edit "Google-NTP"
set type default
set internet-service-id 65544
next
edit "Google-Inbound_Email"
set type default
set internet-service-id 65545
next
edit "Google-LDAP"
set type default
set internet-service-id 65550
next
edit "Google-NetBIOS.Session.Service"
set type default
set internet-service-id 65551
next
edit "Google-RTMP"
set type default
set internet-service-id 65552
next
edit "Google-NetBIOS.Name.Service"
set type default
set internet-service-id 65560
next
edit "Google-Google.Cloud"
set type default
set internet-service-id 65641
next
edit "Google-Google.Bot"
set type default
set internet-service-id 65643
next
edit "Google-Gmail"
set type default
set internet-service-id 65646
next
edit "Meta-Other"
set type default
set internet-service-id 131072
next
edit "Meta-Web"
set type default
set internet-service-id 131073
next
edit "Meta-ICMP"
set type default
set internet-service-id 131074
next
edit "Meta-DNS"
set type default
set internet-service-id 131075
next
edit "Meta-Outbound_Email"
set type default
set internet-service-id 131076
next
edit "Meta-SSH"
set type default
set internet-service-id 131078
next
edit "Meta-FTP"
set type default
set internet-service-id 131079
next
edit "Meta-NTP"
set type default
set internet-service-id 131080
next
edit "Meta-Inbound_Email"
set type default
set internet-service-id 131081
next
edit "Meta-LDAP"
set type default
set internet-service-id 131086
next
edit "Meta-NetBIOS.Session.Service"
set type default
set internet-service-id 131087
next
edit "Meta-RTMP"
set type default
set internet-service-id 131088
next
edit "Meta-NetBIOS.Name.Service"
set type default
set internet-service-id 131096
next
edit "Meta-Whatsapp"
set type default
set internet-service-id 131184
next
edit "Meta-Instagram"
set type default
set internet-service-id 131189
next
edit "Apple-Other"
set type default
set internet-service-id 196608
next
edit "Apple-Web"
set type default
set internet-service-id 196609
next
edit "Apple-ICMP"
set type default
set internet-service-id 196610
next
edit "Apple-DNS"
set type default
set internet-service-id 196611
next
edit "Apple-Outbound_Email"
set type default
set internet-service-id 196612
next
edit "Apple-SSH"
set type default
set internet-service-id 196614
next
edit "Apple-FTP"
set type default
set internet-service-id 196615
next
edit "Apple-NTP"
set type default
set internet-service-id 196616
next
edit "Apple-Inbound_Email"
set type default
set internet-service-id 196617
next
edit "Apple-LDAP"
set type default
set internet-service-id 196622
next
edit "Apple-NetBIOS.Session.Service"
set type default
set internet-service-id 196623
next
edit "Apple-RTMP"
set type default
set internet-service-id 196624
next
edit "Apple-NetBIOS.Name.Service"
set type default
set internet-service-id 196632
next
edit "Apple-App.Store"
set type default
set internet-service-id 196723
next
edit "Apple-APNs"
set type default
set internet-service-id 196747
next
edit "Yahoo-Other"
set type default
set internet-service-id 262144
next
edit "Yahoo-Web"
set type default
set internet-service-id 262145
next
edit "Yahoo-ICMP"
set type default
set internet-service-id 262146
next
edit "Yahoo-DNS"
set type default
set internet-service-id 262147
next
edit "Yahoo-Outbound_Email"
set type default
set internet-service-id 262148
next
edit "Yahoo-SSH"
set type default
set internet-service-id 262150
next
edit "Yahoo-FTP"
set type default
set internet-service-id 262151
next
edit "Yahoo-NTP"
set type default
set internet-service-id 262152
next
edit "Yahoo-Inbound_Email"
set type default
set internet-service-id 262153
next
edit "Yahoo-LDAP"
set type default
set internet-service-id 262158
next
edit "Yahoo-NetBIOS.Session.Service"
set type default
set internet-service-id 262159
next
edit "Yahoo-RTMP"
set type default
set internet-service-id 262160
next
edit "Yahoo-NetBIOS.Name.Service"
set type default
set internet-service-id 262168
next
edit "Microsoft-Other"
set type default
set internet-service-id 327680
next
edit "Microsoft-Web"
set type default
set internet-service-id 327681
next
edit "Microsoft-ICMP"
set type default
set internet-service-id 327682
next
edit "Microsoft-DNS"
set type default
set internet-service-id 327683
next
edit "Microsoft-Outbound_Email"
set type default
set internet-service-id 327684
next
edit "Microsoft-SSH"
set type default
set internet-service-id 327686
next
edit "Microsoft-FTP"
set type default
set internet-service-id 327687
next
edit "Microsoft-NTP"
set type default
set internet-service-id 327688
next
edit "Microsoft-Inbound_Email"
set type default
set internet-service-id 327689
next
edit "Microsoft-LDAP"
set type default
set internet-service-id 327694
next
edit "Microsoft-NetBIOS.Session.Service"
set type default
set internet-service-id 327695
next
edit "Microsoft-RTMP"
set type default
set internet-service-id 327696
next
edit "Microsoft-NetBIOS.Name.Service"
set type default
set internet-service-id 327704
next
edit "Microsoft-Skype_Teams"
set type default
set internet-service-id 327781
next
edit "Microsoft-Office365"
set type default
set internet-service-id 327782
next
edit "Microsoft-Azure"
set type default
set internet-service-id 327786
next
edit "Microsoft-Bing.Bot"
set type default
set internet-service-id 327788
next
edit "Microsoft-Outlook"
set type default
set internet-service-id 327791
next
edit "Microsoft-Microsoft.Update"
set type default
set internet-service-id 327793
next
edit "Microsoft-Dynamics"
set type default
set internet-service-id 327837
next
edit "Microsoft-WNS"
set type default
set internet-service-id 327839
next
edit "Microsoft-Office365.Published"
set type default
set internet-service-id 327880
next
edit "Microsoft-Intune"
set type default
set internet-service-id 327886
next
edit "Microsoft-Office365.Published.Optimize"
set type default
set internet-service-id 327902
next
edit "Microsoft-Office365.Published.Allow"
set type default
set internet-service-id 327903
next
edit "Microsoft-Office365.Published.USGOV"
set type default
set internet-service-id 327917
next
edit "Microsoft-Azure.Monitor"
set type default
set internet-service-id 327958
next
edit "Microsoft-Azure.SQL"
set type default
set internet-service-id 327959
next
edit "Microsoft-Azure.AD"
set type default
set internet-service-id 327960
next
edit "Microsoft-Azure.Data.Factory"
set type default
set internet-service-id 327961
next
edit "Microsoft-Azure.Virtual.Desktop"
set type default
set internet-service-id 327962
next
edit "Microsoft-Azure.Power.BI"
set type default
set internet-service-id 327963
next
edit "Microsoft-Azure.Connectors"
set type default
set internet-service-id 327980
next
edit "Microsoft-Teams.Published.Worldwide.Optimize"
set type default
set internet-service-id 327991
next
edit "Microsoft-Teams.Published.Worldwide.Allow"
set type default
set internet-service-id 327992
next
edit "Microsoft-Azure.Front.Door"
set type default
set internet-service-id 327993
next
edit "Microsoft-Azure.Service.Bus"
set type default
set internet-service-id 328007
next
edit "Microsoft-Azure.Microsoft.Defender"
set type default
set internet-service-id 328009
next
edit "Microsoft-Azure.Resource.Manager"
set type default
set internet-service-id 328013
next
edit "Microsoft-Azure.Arc.Infrastructure"
set type default
set internet-service-id 328014
next
edit "Microsoft-Azure.Storage"
set type default
set internet-service-id 328015
next
edit "Microsoft-Azure.ATP"
set type default
set internet-service-id 328016
next
edit "Microsoft-Azure.Traffic.Manager"
set type default
set internet-service-id 328017
next
edit "Microsoft-Azure.Windows.Admin.Center"
set type default
set internet-service-id 328018
next
edit "Microsoft-Azure.KeyVault"
set type default
set internet-service-id 328021
next
edit "Microsoft-Azure.Databricks"
set type default
set internet-service-id 328034
next
edit "Microsoft-Azure.Event.Hub"
set type default
set internet-service-id 328035
next
edit "Microsoft-Azure.Power.Platform"
set type default
set internet-service-id 328043
next
edit "Amazon-Other"
set type default
set internet-service-id 393216
next
edit "Amazon-Web"
set type default
set internet-service-id 393217
next
edit "Amazon-ICMP"
set type default
set internet-service-id 393218
next
edit "Amazon-DNS"
set type default
set internet-service-id 393219
next
edit "Amazon-Outbound_Email"
set type default
set internet-service-id 393220
next
edit "Amazon-SSH"
set type default
set internet-service-id 393222
next
edit "Amazon-FTP"
set type default
set internet-service-id 393223
next
edit "Amazon-NTP"
set type default
set internet-service-id 393224
next
edit "Amazon-Inbound_Email"
set type default
set internet-service-id 393225
next
edit "Amazon-LDAP"
set type default
set internet-service-id 393230
next
edit "Amazon-NetBIOS.Session.Service"
set type default
set internet-service-id 393231
next
edit "Amazon-RTMP"
set type default
set internet-service-id 393232
next
edit "Amazon-NetBIOS.Name.Service"
set type default
set internet-service-id 393240
next
edit "Amazon-AWS"
set type default
set internet-service-id 393320
next
edit "Amazon-AWS.WorkSpaces.Gateway"
set type default
set internet-service-id 393403
next
edit "Amazon-Twitch"
set type default
set internet-service-id 393446
next
edit "Amazon-AWS.GovCloud.US"
set type default
set internet-service-id 393452
next
edit "Amazon-AWS.EBS"
set type default
set internet-service-id 393470
next
edit "Amazon-AWS.Cloud9"
set type default
set internet-service-id 393471
next
edit "Amazon-AWS.DynamoDB"
set type default
set internet-service-id 393472
next
edit "Amazon-AWS.Route53"
set type default
set internet-service-id 393473
next
edit "Amazon-AWS.S3"
set type default
set internet-service-id 393474
next
edit "Amazon-AWS.Kinesis.Video.Streams"
set type default
set internet-service-id 393475
next
edit "Amazon-AWS.Global.Accelerator"
set type default
set internet-service-id 393476
next
edit "Amazon-AWS.EC2"
set type default
set internet-service-id 393477
next
edit "Amazon-AWS.API.Gateway"
set type default
set internet-service-id 393478
next
edit "Amazon-AWS.Chime.Voice.Connector"
set type default
set internet-service-id 393479
next
edit "Amazon-AWS.Connect"
set type default
set internet-service-id 393480
next
edit "Amazon-AWS.CloudFront"
set type default
set internet-service-id 393481
next
edit "Amazon-AWS.CodeBuild"
set type default
set internet-service-id 393482
next
edit "Amazon-AWS.Chime.Meetings"
set type default
set internet-service-id 393483
next
edit "Amazon-AWS.AppFlow"
set type default
set internet-service-id 393484
next
edit "Amazon-Amazon.SES"
set type default
set internet-service-id 393493
next
edit "eBay-Other"
set type default
set internet-service-id 458752
next
edit "eBay-Web"
set type default
set internet-service-id 458753
next
edit "eBay-ICMP"
set type default
set internet-service-id 458754
next
edit "eBay-DNS"
set type default
set internet-service-id 458755
next
edit "eBay-Outbound_Email"
set type default
set internet-service-id 458756
next
edit "eBay-SSH"
set type default
set internet-service-id 458758
next
edit "eBay-FTP"
set type default
set internet-service-id 458759
next
edit "eBay-NTP"
set type default
set internet-service-id 458760
next
edit "eBay-Inbound_Email"
set type default
set internet-service-id 458761
next
edit "eBay-LDAP"
set type default
set internet-service-id 458766
next
edit "eBay-NetBIOS.Session.Service"
set type default
set internet-service-id 458767
next
edit "eBay-RTMP"
set type default
set internet-service-id 458768
next
edit "eBay-NetBIOS.Name.Service"
set type default
set internet-service-id 458776
next
edit "PayPal-Other"
set type default
set internet-service-id 524288
next
edit "PayPal-Web"
set type default
set internet-service-id 524289
next
edit "PayPal-ICMP"
set type default
set internet-service-id 524290
next
edit "PayPal-DNS"
set type default
set internet-service-id 524291
next
edit "PayPal-Outbound_Email"
set type default
set internet-service-id 524292
next
edit "PayPal-SSH"
set type default
set internet-service-id 524294
next
edit "PayPal-FTP"
set type default
set internet-service-id 524295
next
edit "PayPal-NTP"
set type default
set internet-service-id 524296
next
edit "PayPal-Inbound_Email"
set type default
set internet-service-id 524297
next
edit "PayPal-LDAP"
set type default
set internet-service-id 524302
next
edit "PayPal-NetBIOS.Session.Service"
set type default
set internet-service-id 524303
next
edit "PayPal-RTMP"
set type default
set internet-service-id 524304
next
edit "PayPal-NetBIOS.Name.Service"
set type default
set internet-service-id 524312
next
edit "Box-Other"
set type default
set internet-service-id 589824
next
edit "Box-Web"
set type default
set internet-service-id 589825
next
edit "Box-ICMP"
set type default
set internet-service-id 589826
next
edit "Box-DNS"
set type default
set internet-service-id 589827
next
edit "Box-Outbound_Email"
set type default
set internet-service-id 589828
next
edit "Box-SSH"
set type default
set internet-service-id 589830
next
edit "Box-FTP"
set type default
set internet-service-id 589831
next
edit "Box-NTP"
set type default
set internet-service-id 589832
next
edit "Box-Inbound_Email"
set type default
set internet-service-id 589833
next
edit "Box-LDAP"
set type default
set internet-service-id 589838
next
edit "Box-NetBIOS.Session.Service"
set type default
set internet-service-id 589839
next
edit "Box-RTMP"
set type default
set internet-service-id 589840
next
edit "Box-NetBIOS.Name.Service"
set type default
set internet-service-id 589848
next
edit "Salesforce-Other"
set type default
set internet-service-id 655360
next
edit "Salesforce-Web"
set type default
set internet-service-id 655361
next
edit "Salesforce-ICMP"
set type default
set internet-service-id 655362
next
edit "Salesforce-DNS"
set type default
set internet-service-id 655363
next
edit "Salesforce-Outbound_Email"
set type default
set internet-service-id 655364
next
edit "Salesforce-SSH"
set type default
set internet-service-id 655366
next
edit "Salesforce-FTP"
set type default
set internet-service-id 655367
next
edit "Salesforce-NTP"
set type default
set internet-service-id 655368
next
edit "Salesforce-Inbound_Email"
set type default
set internet-service-id 655369
next
edit "Salesforce-LDAP"
set type default
set internet-service-id 655374
next
edit "Salesforce-NetBIOS.Session.Service"
set type default
set internet-service-id 655375
next
edit "Salesforce-RTMP"
set type default
set internet-service-id 655376
next
edit "Salesforce-NetBIOS.Name.Service"
set type default
set internet-service-id 655384
next
edit "Salesforce-Email.Relay"
set type default
set internet-service-id 655530
next
edit "Dropbox-Other"
set type default
set internet-service-id 720896
next
edit "Dropbox-Web"
set type default
set internet-service-id 720897
next
edit "Dropbox-ICMP"
set type default
set internet-service-id 720898
next
edit "Dropbox-DNS"
set type default
set internet-service-id 720899
next
edit "Dropbox-Outbound_Email"
set type default
set internet-service-id 720900
next
edit "Dropbox-SSH"
set type default
set internet-service-id 720902
next
edit "Dropbox-FTP"
set type default
set internet-service-id 720903
next
edit "Dropbox-NTP"
set type default
set internet-service-id 720904
next
edit "Dropbox-Inbound_Email"
set type default
set internet-service-id 720905
next
edit "Dropbox-LDAP"
set type default
set internet-service-id 720910
next
edit "Dropbox-NetBIOS.Session.Service"
set type default
set internet-service-id 720911
next
edit "Dropbox-RTMP"
set type default
set internet-service-id 720912
next
edit "Dropbox-NetBIOS.Name.Service"
set type default
set internet-service-id 720920
next
edit "Netflix-Other"
set type default
set internet-service-id 786432
next
edit "Netflix-Web"
set type default
set internet-service-id 786433
next
edit "Netflix-ICMP"
set type default
set internet-service-id 786434
next
edit "Netflix-DNS"
set type default
set internet-service-id 786435
next
edit "Netflix-Outbound_Email"
set type default
set internet-service-id 786436
next
edit "Netflix-SSH"
set type default
set internet-service-id 786438
next
edit "Netflix-FTP"
set type default
set internet-service-id 786439
next
edit "Netflix-NTP"
set type default
set internet-service-id 786440
next
edit "Netflix-Inbound_Email"
set type default
set internet-service-id 786441
next
edit "Netflix-LDAP"
set type default
set internet-service-id 786446
next
edit "Netflix-NetBIOS.Session.Service"
set type default
set internet-service-id 786447
next
edit "Netflix-RTMP"
set type default
set internet-service-id 786448
next
edit "Netflix-NetBIOS.Name.Service"
set type default
set internet-service-id 786456
next
edit "LinkedIn-Other"
set type default
set internet-service-id 851968
next
edit "LinkedIn-Web"
set type default
set internet-service-id 851969
next
edit "LinkedIn-ICMP"
set type default
set internet-service-id 851970
next
edit "LinkedIn-DNS"
set type default
set internet-service-id 851971
next
edit "LinkedIn-Outbound_Email"
set type default
set internet-service-id 851972
next
edit "LinkedIn-SSH"
set type default
set internet-service-id 851974
next
edit "LinkedIn-FTP"
set type default
set internet-service-id 851975
next
edit "LinkedIn-NTP"
set type default
set internet-service-id 851976
next
edit "LinkedIn-Inbound_Email"
set type default
set internet-service-id 851977
next
edit "LinkedIn-LDAP"
set type default
set internet-service-id 851982
next
edit "LinkedIn-NetBIOS.Session.Service"
set type default
set internet-service-id 851983
next
edit "LinkedIn-RTMP"
set type default
set internet-service-id 851984
next
edit "LinkedIn-NetBIOS.Name.Service"
set type default
set internet-service-id 851992
next
edit "Adobe-Other"
set type default
set internet-service-id 917504
next
edit "Adobe-Web"
set type default
set internet-service-id 917505
next
edit "Adobe-ICMP"
set type default
set internet-service-id 917506
next
edit "Adobe-DNS"
set type default
set internet-service-id 917507
next
edit "Adobe-Outbound_Email"
set type default
set internet-service-id 917508
next
edit "Adobe-SSH"
set type default
set internet-service-id 917510
next
edit "Adobe-FTP"
set type default
set internet-service-id 917511
next
edit "Adobe-NTP"
set type default
set internet-service-id 917512
next
edit "Adobe-Inbound_Email"
set type default
set internet-service-id 917513
next
edit "Adobe-LDAP"
set type default
set internet-service-id 917518
next
edit "Adobe-NetBIOS.Session.Service"
set type default
set internet-service-id 917519
next
edit "Adobe-RTMP"
set type default
set internet-service-id 917520
next
edit "Adobe-NetBIOS.Name.Service"
set type default
set internet-service-id 917528
next
edit "Adobe-Adobe.Experience.Cloud"
set type default
set internet-service-id 917640
next
edit "Adobe-Adobe.Sign"
set type default
set internet-service-id 917776
next
edit "Oracle-Other"
set type default
set internet-service-id 983040
next
edit "Oracle-Web"
set type default
set internet-service-id 983041
next
edit "Oracle-ICMP"
set type default
set internet-service-id 983042
next
edit "Oracle-DNS"
set type default
set internet-service-id 983043
next
edit "Oracle-Outbound_Email"
set type default
set internet-service-id 983044
next
edit "Oracle-SSH"
set type default
set internet-service-id 983046
next
edit "Oracle-FTP"
set type default
set internet-service-id 983047
next
edit "Oracle-NTP"
set type default
set internet-service-id 983048
next
edit "Oracle-Inbound_Email"
set type default
set internet-service-id 983049
next
edit "Oracle-LDAP"
set type default
set internet-service-id 983054
next
edit "Oracle-NetBIOS.Session.Service"
set type default
set internet-service-id 983055
next
edit "Oracle-RTMP"
set type default
set internet-service-id 983056
next
edit "Oracle-NetBIOS.Name.Service"
set type default
set internet-service-id 983064
next
edit "Oracle-Oracle.Cloud"
set type default
set internet-service-id 983171
next
edit "Hulu-Other"
set type default
set internet-service-id 1048576
next
edit "Hulu-Web"
set type default
set internet-service-id 1048577
next
edit "Hulu-ICMP"
set type default
set internet-service-id 1048578
next
edit "Hulu-DNS"
set type default
set internet-service-id 1048579
next
edit "Hulu-Outbound_Email"
set type default
set internet-service-id 1048580
next
edit "Hulu-SSH"
set type default
set internet-service-id 1048582
next
edit "Hulu-FTP"
set type default
set internet-service-id 1048583
next
edit "Hulu-NTP"
set type default
set internet-service-id 1048584
next
edit "Hulu-Inbound_Email"
set type default
set internet-service-id 1048585
next
edit "Hulu-LDAP"
set type default
set internet-service-id 1048590
next
edit "Hulu-NetBIOS.Session.Service"
set type default
set internet-service-id 1048591
next
edit "Hulu-RTMP"
set type default
set internet-service-id 1048592
next
edit "Hulu-NetBIOS.Name.Service"
set type default
set internet-service-id 1048600
next
edit "Pinterest-Other"
set type default
set internet-service-id 1114112
next
edit "Pinterest-Web"
set type default
set internet-service-id 1114113
next
edit "Pinterest-ICMP"
set type default
set internet-service-id 1114114
next
edit "Pinterest-DNS"
set type default
set internet-service-id 1114115
next
edit "Pinterest-Outbound_Email"
set type default
set internet-service-id 1114116
next
edit "Pinterest-SSH"
set type default
set internet-service-id 1114118
next
edit "Pinterest-FTP"
set type default
set internet-service-id 1114119
next
edit "Pinterest-NTP"
set type default
set internet-service-id 1114120
next
edit "Pinterest-Inbound_Email"
set type default
set internet-service-id 1114121
next
edit "Pinterest-LDAP"
set type default
set internet-service-id 1114126
next
edit "Pinterest-NetBIOS.Session.Service"
set type default
set internet-service-id 1114127
next
edit "Pinterest-RTMP"
set type default
set internet-service-id 1114128
next
edit "Pinterest-NetBIOS.Name.Service"
set type default
set internet-service-id 1114136
next
edit "LogMeIn-Other"
set type default
set internet-service-id 1179648
next
edit "LogMeIn-Web"
set type default
set internet-service-id 1179649
next
edit "LogMeIn-ICMP"
set type default
set internet-service-id 1179650
next
edit "LogMeIn-DNS"
set type default
set internet-service-id 1179651
next
edit "LogMeIn-Outbound_Email"
set type default
set internet-service-id 1179652
next
edit "LogMeIn-SSH"
set type default
set internet-service-id 1179654
next
edit "LogMeIn-FTP"
set type default
set internet-service-id 1179655
next
edit "LogMeIn-NTP"
set type default
set internet-service-id 1179656
next
edit "LogMeIn-Inbound_Email"
set type default
set internet-service-id 1179657
next
edit "LogMeIn-LDAP"
set type default
set internet-service-id 1179662
next
edit "LogMeIn-NetBIOS.Session.Service"
set type default
set internet-service-id 1179663
next
edit "LogMeIn-RTMP"
set type default
set internet-service-id 1179664
next
edit "LogMeIn-NetBIOS.Name.Service"
set type default
set internet-service-id 1179672
next
edit "LogMeIn-GoTo.Suite"
set type default
set internet-service-id 1179767
next
edit "Fortinet-Other"
set type default
set internet-service-id 1245184
next
edit "Fortinet-Web"
set type default
set internet-service-id 1245185
next
edit "Fortinet-ICMP"
set type default
set internet-service-id 1245186
next
edit "Fortinet-DNS"
set type default
set internet-service-id 1245187
next
edit "Fortinet-Outbound_Email"
set type default
set internet-service-id 1245188
next
edit "Fortinet-SSH"
set type default
set internet-service-id 1245190
next
edit "Fortinet-FTP"
set type default
set internet-service-id 1245191
next
edit "Fortinet-NTP"
set type default
set internet-service-id 1245192
next
edit "Fortinet-Inbound_Email"
set type default
set internet-service-id 1245193
next
edit "Fortinet-LDAP"
set type default
set internet-service-id 1245198
next
edit "Fortinet-NetBIOS.Session.Service"
set type default
set internet-service-id 1245199
next
edit "Fortinet-RTMP"
set type default
set internet-service-id 1245200
next
edit "Fortinet-NetBIOS.Name.Service"
set type default
set internet-service-id 1245208
next
edit "Fortinet-FortiGuard"
set type default
set internet-service-id 1245324
next
edit "Fortinet-FortiMail.Cloud"
set type default
set internet-service-id 1245325
next
edit "Fortinet-FortiCloud"
set type default
set internet-service-id 1245326
next
edit "Fortinet-FortiVoice.Cloud"
set type default
set internet-service-id 1245432
next
edit "Fortinet-FortiGuard.Secure.DNS"
set type default
set internet-service-id 1245454
next
edit "Fortinet-FortiEDR"
set type default
set internet-service-id 1245475
next
edit "Fortinet-FortiClient.EMS"
set type default
set internet-service-id 1245477
next
edit "Fortinet-FortiWeb.Cloud"
set type default
set internet-service-id 1245480
next
edit "Fortinet-FortiSASE"
set type default
set internet-service-id 1245481
next
edit "Fortinet-FortiGuard.SOCaaS"
set type default
set internet-service-id 1245514
next
edit "Fortinet-FortiDLP.Cloud"
set type default
set internet-service-id 1245546
next
edit "Fortinet-FortiMonitor"
set type default
set internet-service-id 1245558
next
edit "Kaspersky-Other"
set type default
set internet-service-id 1310720
next
edit "Kaspersky-Web"
set type default
set internet-service-id 1310721
next
edit "Kaspersky-ICMP"
set type default
set internet-service-id 1310722
next
edit "Kaspersky-DNS"
set type default
set internet-service-id 1310723
next
edit "Kaspersky-Outbound_Email"
set type default
set internet-service-id 1310724
next
edit "Kaspersky-SSH"
set type default
set internet-service-id 1310726
next
edit "Kaspersky-FTP"
set type default
set internet-service-id 1310727
next
edit "Kaspersky-NTP"
set type default
set internet-service-id 1310728
next
edit "Kaspersky-Inbound_Email"
set type default
set internet-service-id 1310729
next
edit "Kaspersky-LDAP"
set type default
set internet-service-id 1310734
next
edit "Kaspersky-NetBIOS.Session.Service"
set type default
set internet-service-id 1310735
next
edit "Kaspersky-RTMP"
set type default
set internet-service-id 1310736
next
edit "Kaspersky-NetBIOS.Name.Service"
set type default
set internet-service-id 1310744
next
edit "McAfee-Other"
set type default
set internet-service-id 1376256
next
edit "McAfee-Web"
set type default
set internet-service-id 1376257
next
edit "McAfee-ICMP"
set type default
set internet-service-id 1376258
next
edit "McAfee-DNS"
set type default
set internet-service-id 1376259
next
edit "McAfee-Outbound_Email"
set type default
set internet-service-id 1376260
next
edit "McAfee-SSH"
set type default
set internet-service-id 1376262
next
edit "McAfee-FTP"
set type default
set internet-service-id 1376263
next
edit "McAfee-NTP"
set type default
set internet-service-id 1376264
next
edit "McAfee-Inbound_Email"
set type default
set internet-service-id 1376265
next
edit "McAfee-LDAP"
set type default
set internet-service-id 1376270
next
edit "McAfee-NetBIOS.Session.Service"
set type default
set internet-service-id 1376271
next
edit "McAfee-RTMP"
set type default
set internet-service-id 1376272
next
edit "McAfee-NetBIOS.Name.Service"
set type default
set internet-service-id 1376280
next
edit "Symantec-Other"
set type default
set internet-service-id 1441792
next
edit "Symantec-Web"
set type default
set internet-service-id 1441793
next
edit "Symantec-ICMP"
set type default
set internet-service-id 1441794
next
edit "Symantec-DNS"
set type default
set internet-service-id 1441795
next
edit "Symantec-Outbound_Email"
set type default
set internet-service-id 1441796
next
edit "Symantec-SSH"
set type default
set internet-service-id 1441798
next
edit "Symantec-FTP"
set type default
set internet-service-id 1441799
next
edit "Symantec-NTP"
set type default
set internet-service-id 1441800
next
edit "Symantec-Inbound_Email"
set type default
set internet-service-id 1441801
next
edit "Symantec-LDAP"
set type default
set internet-service-id 1441806
next
edit "Symantec-NetBIOS.Session.Service"
set type default
set internet-service-id 1441807
next
edit "Symantec-RTMP"
set type default
set internet-service-id 1441808
next
edit "Symantec-NetBIOS.Name.Service"
set type default
set internet-service-id 1441816
next
edit "Symantec-Symantec.Cloud"
set type default
set internet-service-id 1441922
next
edit "VMware-Other"
set type default
set internet-service-id 1507328
next
edit "VMware-Web"
set type default
set internet-service-id 1507329
next
edit "VMware-ICMP"
set type default
set internet-service-id 1507330
next
edit "VMware-DNS"
set type default
set internet-service-id 1507331
next
edit "VMware-Outbound_Email"
set type default
set internet-service-id 1507332
next
edit "VMware-SSH"
set type default
set internet-service-id 1507334
next
edit "VMware-FTP"
set type default
set internet-service-id 1507335
next
edit "VMware-NTP"
set type default
set internet-service-id 1507336
next
edit "VMware-Inbound_Email"
set type default
set internet-service-id 1507337
next
edit "VMware-LDAP"
set type default
set internet-service-id 1507342
next
edit "VMware-NetBIOS.Session.Service"
set type default
set internet-service-id 1507343
next
edit "VMware-RTMP"
set type default
set internet-service-id 1507344
next
edit "VMware-NetBIOS.Name.Service"
set type default
set internet-service-id 1507352
next
edit "VMware-Workspace.ONE"
set type default
set internet-service-id 1507461
next
edit "AOL-Other"
set type default
set internet-service-id 1572864
next
edit "AOL-Web"
set type default
set internet-service-id 1572865
next
edit "AOL-ICMP"
set type default
set internet-service-id 1572866
next
edit "AOL-DNS"
set type default
set internet-service-id 1572867
next
edit "AOL-Outbound_Email"
set type default
set internet-service-id 1572868
next
edit "AOL-SSH"
set type default
set internet-service-id 1572870
next
edit "AOL-FTP"
set type default
set internet-service-id 1572871
next
edit "AOL-NTP"
set type default
set internet-service-id 1572872
next
edit "AOL-Inbound_Email"
set type default
set internet-service-id 1572873
next
edit "AOL-LDAP"
set type default
set internet-service-id 1572878
next
edit "AOL-NetBIOS.Session.Service"
set type default
set internet-service-id 1572879
next
edit "AOL-RTMP"
set type default
set internet-service-id 1572880
next
edit "AOL-NetBIOS.Name.Service"
set type default
set internet-service-id 1572888
next
edit "RealNetworks-Other"
set type default
set internet-service-id 1638400
next
edit "RealNetworks-Web"
set type default
set internet-service-id 1638401
next
edit "RealNetworks-ICMP"
set type default
set internet-service-id 1638402
next
edit "RealNetworks-DNS"
set type default
set internet-service-id 1638403
next
edit "RealNetworks-Outbound_Email"
set type default
set internet-service-id 1638404
next
edit "RealNetworks-SSH"
set type default
set internet-service-id 1638406
next
edit "RealNetworks-FTP"
set type default
set internet-service-id 1638407
next
edit "RealNetworks-NTP"
set type default
set internet-service-id 1638408
next
edit "RealNetworks-Inbound_Email"
set type default
set internet-service-id 1638409
next
edit "RealNetworks-LDAP"
set type default
set internet-service-id 1638414
next
edit "RealNetworks-NetBIOS.Session.Service"
set type default
set internet-service-id 1638415
next
edit "RealNetworks-RTMP"
set type default
set internet-service-id 1638416
next
edit "RealNetworks-NetBIOS.Name.Service"
set type default
set internet-service-id 1638424
next
edit "Zoho-Other"
set type default
set internet-service-id 1703936
next
edit "Zoho-Web"
set type default
set internet-service-id 1703937
next
edit "Zoho-ICMP"
set type default
set internet-service-id 1703938
next
edit "Zoho-DNS"
set type default
set internet-service-id 1703939
next
edit "Zoho-Outbound_Email"
set type default
set internet-service-id 1703940
next
edit "Zoho-SSH"
set type default
set internet-service-id 1703942
next
edit "Zoho-FTP"
set type default
set internet-service-id 1703943
next
edit "Zoho-NTP"
set type default
set internet-service-id 1703944
next
edit "Zoho-Inbound_Email"
set type default
set internet-service-id 1703945
next
edit "Zoho-LDAP"
set type default
set internet-service-id 1703950
next
edit "Zoho-NetBIOS.Session.Service"
set type default
set internet-service-id 1703951
next
edit "Zoho-RTMP"
set type default
set internet-service-id 1703952
next
edit "Zoho-NetBIOS.Name.Service"
set type default
set internet-service-id 1703960
next
edit "Zoho-Site24x7.Monitor"
set type default
set internet-service-id 1704153
next
edit "Mozilla-Other"
set type default
set internet-service-id 1769472
next
edit "Mozilla-Web"
set type default
set internet-service-id 1769473
next
edit "Mozilla-ICMP"
set type default
set internet-service-id 1769474
next
edit "Mozilla-DNS"
set type default
set internet-service-id 1769475
next
edit "Mozilla-Outbound_Email"
set type default
set internet-service-id 1769476
next
edit "Mozilla-SSH"
set type default
set internet-service-id 1769478
next
edit "Mozilla-FTP"
set type default
set internet-service-id 1769479
next
edit "Mozilla-NTP"
set type default
set internet-service-id 1769480
next
edit "Mozilla-Inbound_Email"
set type default
set internet-service-id 1769481
next
edit "Mozilla-LDAP"
set type default
set internet-service-id 1769486
next
edit "Mozilla-NetBIOS.Session.Service"
set type default
set internet-service-id 1769487
next
edit "Mozilla-RTMP"
set type default
set internet-service-id 1769488
next
edit "Mozilla-NetBIOS.Name.Service"
set type default
set internet-service-id 1769496
next
edit "TeamViewer-Other"
set type default
set internet-service-id 1835008
next
edit "TeamViewer-Web"
set type default
set internet-service-id 1835009
next
edit "TeamViewer-ICMP"
set type default
set internet-service-id 1835010
next
edit "TeamViewer-DNS"
set type default
set internet-service-id 1835011
next
edit "TeamViewer-Outbound_Email"
set type default
set internet-service-id 1835012
next
edit "TeamViewer-SSH"
set type default
set internet-service-id 1835014
next
edit "TeamViewer-FTP"
set type default
set internet-service-id 1835015
next
edit "TeamViewer-NTP"
set type default
set internet-service-id 1835016
next
edit "TeamViewer-Inbound_Email"
set type default
set internet-service-id 1835017
next
edit "TeamViewer-LDAP"
set type default
set internet-service-id 1835022
next
edit "TeamViewer-NetBIOS.Session.Service"
set type default
set internet-service-id 1835023
next
edit "TeamViewer-RTMP"
set type default
set internet-service-id 1835024
next
edit "TeamViewer-NetBIOS.Name.Service"
set type default
set internet-service-id 1835032
next
edit "TeamViewer-TeamViewer"
set type default
set internet-service-id 1835117
next
edit "HP-Other"
set type default
set internet-service-id 1900544
next
edit "HP-Web"
set type default
set internet-service-id 1900545
next
edit "HP-ICMP"
set type default
set internet-service-id 1900546
next
edit "HP-DNS"
set type default
set internet-service-id 1900547
next
edit "HP-Outbound_Email"
set type default
set internet-service-id 1900548
next
edit "HP-SSH"
set type default
set internet-service-id 1900550
next
edit "HP-FTP"
set type default
set internet-service-id 1900551
next
edit "HP-NTP"
set type default
set internet-service-id 1900552
next
edit "HP-Inbound_Email"
set type default
set internet-service-id 1900553
next
edit "HP-LDAP"
set type default
set internet-service-id 1900558
next
edit "HP-NetBIOS.Session.Service"
set type default
set internet-service-id 1900559
next
edit "HP-RTMP"
set type default
set internet-service-id 1900560
next
edit "HP-NetBIOS.Name.Service"
set type default
set internet-service-id 1900568
next
edit "HP-Aruba"
set type default
set internet-service-id 1900726
next
edit "Cisco-Other"
set type default
set internet-service-id 1966080
next
edit "Cisco-Web"
set type default
set internet-service-id 1966081
next
edit "Cisco-ICMP"
set type default
set internet-service-id 1966082
next
edit "Cisco-DNS"
set type default
set internet-service-id 1966083
next
edit "Cisco-Outbound_Email"
set type default
set internet-service-id 1966084
next
edit "Cisco-SSH"
set type default
set internet-service-id 1966086
next
edit "Cisco-FTP"
set type default
set internet-service-id 1966087
next
edit "Cisco-NTP"
set type default
set internet-service-id 1966088
next
edit "Cisco-Inbound_Email"
set type default
set internet-service-id 1966089
next
edit "Cisco-LDAP"
set type default
set internet-service-id 1966094
next
edit "Cisco-NetBIOS.Session.Service"
set type default
set internet-service-id 1966095
next
edit "Cisco-RTMP"
set type default
set internet-service-id 1966096
next
edit "Cisco-NetBIOS.Name.Service"
set type default
set internet-service-id 1966104
next
edit "Cisco-Webex"
set type default
set internet-service-id 1966183
next
edit "Cisco-Meraki.Cloud"
set type default
set internet-service-id 1966218
next
edit "Cisco-Duo.Security"
set type default
set internet-service-id 1966225
next
edit "Cisco-AppDynamic"
set type default
set internet-service-id 1966260
next
edit "Cisco-Webex.FedRAMP"
set type default
set internet-service-id 1966315
next
edit "Cisco-Secure.Endpoint"
set type default
set internet-service-id 1966324
next
edit "IBM-Other"
set type default
set internet-service-id 2031616
next
edit "IBM-Web"
set type default
set internet-service-id 2031617
next
edit "IBM-ICMP"
set type default
set internet-service-id 2031618
next
edit "IBM-DNS"
set type default
set internet-service-id 2031619
next
edit "IBM-Outbound_Email"
set type default
set internet-service-id 2031620
next
edit "IBM-SSH"
set type default
set internet-service-id 2031622
next
edit "IBM-FTP"
set type default
set internet-service-id 2031623
next
edit "IBM-NTP"
set type default
set internet-service-id 2031624
next
edit "IBM-Inbound_Email"
set type default
set internet-service-id 2031625
next
edit "IBM-LDAP"
set type default
set internet-service-id 2031630
next
edit "IBM-NetBIOS.Session.Service"
set type default
set internet-service-id 2031631
next
edit "IBM-RTMP"
set type default
set internet-service-id 2031632
next
edit "IBM-NetBIOS.Name.Service"
set type default
set internet-service-id 2031640
next
edit "IBM-IBM.Cloud"
set type default
set internet-service-id 2031748
next
edit "Citrix-Other"
set type default
set internet-service-id 2097152
next
edit "Citrix-Web"
set type default
set internet-service-id 2097153
next
edit "Citrix-ICMP"
set type default
set internet-service-id 2097154
next
edit "Citrix-DNS"
set type default
set internet-service-id 2097155
next
edit "Citrix-Outbound_Email"
set type default
set internet-service-id 2097156
next
edit "Citrix-SSH"
set type default
set internet-service-id 2097158
next
edit "Citrix-FTP"
set type default
set internet-service-id 2097159
next
edit "Citrix-NTP"
set type default
set internet-service-id 2097160
next
edit "Citrix-Inbound_Email"
set type default
set internet-service-id 2097161
next
edit "Citrix-LDAP"
set type default
set internet-service-id 2097166
next
edit "Citrix-NetBIOS.Session.Service"
set type default
set internet-service-id 2097167
next
edit "Citrix-RTMP"
set type default
set internet-service-id 2097168
next
edit "Citrix-NetBIOS.Name.Service"
set type default
set internet-service-id 2097176
next
edit "Twitter-Other"
set type default
set internet-service-id 2162688
next
edit "Twitter-Web"
set type default
set internet-service-id 2162689
next
edit "Twitter-ICMP"
set type default
set internet-service-id 2162690
next
edit "Twitter-DNS"
set type default
set internet-service-id 2162691
next
edit "Twitter-Outbound_Email"
set type default
set internet-service-id 2162692
next
edit "Twitter-SSH"
set type default
set internet-service-id 2162694
next
edit "Twitter-FTP"
set type default
set internet-service-id 2162695
next
edit "Twitter-NTP"
set type default
set internet-service-id 2162696
next
edit "Twitter-Inbound_Email"
set type default
set internet-service-id 2162697
next
edit "Twitter-LDAP"
set type default
set internet-service-id 2162702
next
edit "Twitter-NetBIOS.Session.Service"
set type default
set internet-service-id 2162703
next
edit "Twitter-RTMP"
set type default
set internet-service-id 2162704
next
edit "Twitter-NetBIOS.Name.Service"
set type default
set internet-service-id 2162712
next
edit "Dell-Other"
set type default
set internet-service-id 2228224
next
edit "Dell-Web"
set type default
set internet-service-id 2228225
next
edit "Dell-ICMP"
set type default
set internet-service-id 2228226
next
edit "Dell-DNS"
set type default
set internet-service-id 2228227
next
edit "Dell-Outbound_Email"
set type default
set internet-service-id 2228228
next
edit "Dell-SSH"
set type default
set internet-service-id 2228230
next
edit "Dell-FTP"
set type default
set internet-service-id 2228231
next
edit "Dell-NTP"
set type default
set internet-service-id 2228232
next
edit "Dell-Inbound_Email"
set type default
set internet-service-id 2228233
next
edit "Dell-LDAP"
set type default
set internet-service-id 2228238
next
edit "Dell-NetBIOS.Session.Service"
set type default
set internet-service-id 2228239
next
edit "Dell-RTMP"
set type default
set internet-service-id 2228240
next
edit "Dell-NetBIOS.Name.Service"
set type default
set internet-service-id 2228248
next
edit "Vimeo-Other"
set type default
set internet-service-id 2293760
next
edit "Vimeo-Web"
set type default
set internet-service-id 2293761
next
edit "Vimeo-ICMP"
set type default
set internet-service-id 2293762
next
edit "Vimeo-DNS"
set type default
set internet-service-id 2293763
next
edit "Vimeo-Outbound_Email"
set type default
set internet-service-id 2293764
next
edit "Vimeo-SSH"
set type default
set internet-service-id 2293766
next
edit "Vimeo-FTP"
set type default
set internet-service-id 2293767
next
edit "Vimeo-NTP"
set type default
set internet-service-id 2293768
next
edit "Vimeo-Inbound_Email"
set type default
set internet-service-id 2293769
next
edit "Vimeo-LDAP"
set type default
set internet-service-id 2293774
next
edit "Vimeo-NetBIOS.Session.Service"
set type default
set internet-service-id 2293775
next
edit "Vimeo-RTMP"
set type default
set internet-service-id 2293776
next
edit "Vimeo-NetBIOS.Name.Service"
set type default
set internet-service-id 2293784
next
edit "Redhat-Other"
set type default
set internet-service-id 2359296
next
edit "Redhat-Web"
set type default
set internet-service-id 2359297
next
edit "Redhat-ICMP"
set type default
set internet-service-id 2359298
next
edit "Redhat-DNS"
set type default
set internet-service-id 2359299
next
edit "Redhat-Outbound_Email"
set type default
set internet-service-id 2359300
next
edit "Redhat-SSH"
set type default
set internet-service-id 2359302
next
edit "Redhat-FTP"
set type default
set internet-service-id 2359303
next
edit "Redhat-NTP"
set type default
set internet-service-id 2359304
next
edit "Redhat-Inbound_Email"
set type default
set internet-service-id 2359305
next
edit "Redhat-LDAP"
set type default
set internet-service-id 2359310
next
edit "Redhat-NetBIOS.Session.Service"
set type default
set internet-service-id 2359311
next
edit "Redhat-RTMP"
set type default
set internet-service-id 2359312
next
edit "Redhat-NetBIOS.Name.Service"
set type default
set internet-service-id 2359320
next
edit "VK-Other"
set type default
set internet-service-id 2424832
next
edit "VK-Web"
set type default
set internet-service-id 2424833
next
edit "VK-ICMP"
set type default
set internet-service-id 2424834
next
edit "VK-DNS"
set type default
set internet-service-id 2424835
next
edit "VK-Outbound_Email"
set type default
set internet-service-id 2424836
next
edit "VK-SSH"
set type default
set internet-service-id 2424838
next
edit "VK-FTP"
set type default
set internet-service-id 2424839
next
edit "VK-NTP"
set type default
set internet-service-id 2424840
next
edit "VK-Inbound_Email"
set type default
set internet-service-id 2424841
next
edit "VK-LDAP"
set type default
set internet-service-id 2424846
next
edit "VK-NetBIOS.Session.Service"
set type default
set internet-service-id 2424847
next
edit "VK-RTMP"
set type default
set internet-service-id 2424848
next
edit "VK-NetBIOS.Name.Service"
set type default
set internet-service-id 2424856
next
edit "TrendMicro-Other"
set type default
set internet-service-id 2490368
next
edit "TrendMicro-Web"
set type default
set internet-service-id 2490369
next
edit "TrendMicro-ICMP"
set type default
set internet-service-id 2490370
next
edit "TrendMicro-DNS"
set type default
set internet-service-id 2490371
next
edit "TrendMicro-Outbound_Email"
set type default
set internet-service-id 2490372
next
edit "TrendMicro-SSH"
set type default
set internet-service-id 2490374
next
edit "TrendMicro-FTP"
set type default
set internet-service-id 2490375
next
edit "TrendMicro-NTP"
set type default
set internet-service-id 2490376
next
edit "TrendMicro-Inbound_Email"
set type default
set internet-service-id 2490377
next
edit "TrendMicro-LDAP"
set type default
set internet-service-id 2490382
next
edit "TrendMicro-NetBIOS.Session.Service"
set type default
set internet-service-id 2490383
next
edit "TrendMicro-RTMP"
set type default
set internet-service-id 2490384
next
edit "TrendMicro-NetBIOS.Name.Service"
set type default
set internet-service-id 2490392
next
edit "Tencent-Other"
set type default
set internet-service-id 2555904
next
edit "Tencent-Web"
set type default
set internet-service-id 2555905
next
edit "Tencent-ICMP"
set type default
set internet-service-id 2555906
next
edit "Tencent-DNS"
set type default
set internet-service-id 2555907
next
edit "Tencent-Outbound_Email"
set type default
set internet-service-id 2555908
next
edit "Tencent-SSH"
set type default
set internet-service-id 2555910
next
edit "Tencent-FTP"
set type default
set internet-service-id 2555911
next
edit "Tencent-NTP"
set type default
set internet-service-id 2555912
next
edit "Tencent-Inbound_Email"
set type default
set internet-service-id 2555913
next
edit "Tencent-LDAP"
set type default
set internet-service-id 2555918
next
edit "Tencent-NetBIOS.Session.Service"
set type default
set internet-service-id 2555919
next
edit "Tencent-RTMP"
set type default
set internet-service-id 2555920
next
edit "Tencent-NetBIOS.Name.Service"
set type default
set internet-service-id 2555928
next
edit "Tencent-VooV.Meeting"
set type default
set internet-service-id 2556219
next
edit "Ask-Other"
set type default
set internet-service-id 2621440
next
edit "Ask-Web"
set type default
set internet-service-id 2621441
next
edit "Ask-ICMP"
set type default
set internet-service-id 2621442
next
edit "Ask-DNS"
set type default
set internet-service-id 2621443
next
edit "Ask-Outbound_Email"
set type default
set internet-service-id 2621444
next
edit "Ask-SSH"
set type default
set internet-service-id 2621446
next
edit "Ask-FTP"
set type default
set internet-service-id 2621447
next
edit "Ask-NTP"
set type default
set internet-service-id 2621448
next
edit "Ask-Inbound_Email"
set type default
set internet-service-id 2621449
next
edit "Ask-LDAP"
set type default
set internet-service-id 2621454
next
edit "Ask-NetBIOS.Session.Service"
set type default
set internet-service-id 2621455
next
edit "Ask-RTMP"
set type default
set internet-service-id 2621456
next
edit "Ask-NetBIOS.Name.Service"
set type default
set internet-service-id 2621464
next
edit "CNN-Other"
set type default
set internet-service-id 2686976
next
edit "CNN-Web"
set type default
set internet-service-id 2686977
next
edit "CNN-ICMP"
set type default
set internet-service-id 2686978
next
edit "CNN-DNS"
set type default
set internet-service-id 2686979
next
edit "CNN-Outbound_Email"
set type default
set internet-service-id 2686980
next
edit "CNN-SSH"
set type default
set internet-service-id 2686982
next
edit "CNN-FTP"
set type default
set internet-service-id 2686983
next
edit "CNN-NTP"
set type default
set internet-service-id 2686984
next
edit "CNN-Inbound_Email"
set type default
set internet-service-id 2686985
next
edit "CNN-LDAP"
set type default
set internet-service-id 2686990
next
edit "CNN-NetBIOS.Session.Service"
set type default
set internet-service-id 2686991
next
edit "CNN-RTMP"
set type default
set internet-service-id 2686992
next
edit "CNN-NetBIOS.Name.Service"
set type default
set internet-service-id 2687000
next
edit "Myspace-Other"
set type default
set internet-service-id 2752512
next
edit "Myspace-Web"
set type default
set internet-service-id 2752513
next
edit "Myspace-ICMP"
set type default
set internet-service-id 2752514
next
edit "Myspace-DNS"
set type default
set internet-service-id 2752515
next
edit "Myspace-Outbound_Email"
set type default
set internet-service-id 2752516
next
edit "Myspace-SSH"
set type default
set internet-service-id 2752518
next
edit "Myspace-FTP"
set type default
set internet-service-id 2752519
next
edit "Myspace-NTP"
set type default
set internet-service-id 2752520
next
edit "Myspace-Inbound_Email"
set type default
set internet-service-id 2752521
next
edit "Myspace-LDAP"
set type default
set internet-service-id 2752526
next
edit "Myspace-NetBIOS.Session.Service"
set type default
set internet-service-id 2752527
next
edit "Myspace-RTMP"
set type default
set internet-service-id 2752528
next
edit "Myspace-NetBIOS.Name.Service"
set type default
set internet-service-id 2752536
next
edit "Tor-Relay.Node"
set type default
set internet-service-id 2818238
next
edit "Tor-Exit.Node"
set type default
set internet-service-id 2818243
next
edit "Baidu-Other"
set type default
set internet-service-id 2883584
next
edit "Baidu-Web"
set type default
set internet-service-id 2883585
next
edit "Baidu-ICMP"
set type default
set internet-service-id 2883586
next
edit "Baidu-DNS"
set type default
set internet-service-id 2883587
next
edit "Baidu-Outbound_Email"
set type default
set internet-service-id 2883588
next
edit "Baidu-SSH"
set type default
set internet-service-id 2883590
next
edit "Baidu-FTP"
set type default
set internet-service-id 2883591
next
edit "Baidu-NTP"
set type default
set internet-service-id 2883592
next
edit "Baidu-Inbound_Email"
set type default
set internet-service-id 2883593
next
edit "Baidu-LDAP"
set type default
set internet-service-id 2883598
next
edit "Baidu-NetBIOS.Session.Service"
set type default
set internet-service-id 2883599
next
edit "Baidu-RTMP"
set type default
set internet-service-id 2883600
next
edit "Baidu-NetBIOS.Name.Service"
set type default
set internet-service-id 2883608
next
edit "ntp.org-Other"
set type default
set internet-service-id 2949120
next
edit "ntp.org-Web"
set type default
set internet-service-id 2949121
next
edit "ntp.org-ICMP"
set type default
set internet-service-id 2949122
next
edit "ntp.org-DNS"
set type default
set internet-service-id 2949123
next
edit "ntp.org-Outbound_Email"
set type default
set internet-service-id 2949124
next
edit "ntp.org-SSH"
set type default
set internet-service-id 2949126
next
edit "ntp.org-FTP"
set type default
set internet-service-id 2949127
next
edit "ntp.org-NTP"
set type default
set internet-service-id 2949128
next
edit "ntp.org-Inbound_Email"
set type default
set internet-service-id 2949129
next
edit "ntp.org-LDAP"
set type default
set internet-service-id 2949134
next
edit "ntp.org-NetBIOS.Session.Service"
set type default
set internet-service-id 2949135
next
edit "ntp.org-RTMP"
set type default
set internet-service-id 2949136
next
edit "ntp.org-NetBIOS.Name.Service"
set type default
set internet-service-id 2949144
next
edit "Proxy-Proxy.Server"
set type default
set internet-service-id 3014850
next
edit "Botnet-C&C.Server"
set type default
set internet-service-id 3080383
next
edit "Spam-Spamming.Server"
set type default
set internet-service-id 3145920
next
edit "Phishing-Phishing.Server"
set type default
set internet-service-id 3211457
next
edit "Zendesk-Other"
set type default
set internet-service-id 3407872
next
edit "Zendesk-Web"
set type default
set internet-service-id 3407873
next
edit "Zendesk-ICMP"
set type default
set internet-service-id 3407874
next
edit "Zendesk-DNS"
set type default
set internet-service-id 3407875
next
edit "Zendesk-Outbound_Email"
set type default
set internet-service-id 3407876
next
edit "Zendesk-SSH"
set type default
set internet-service-id 3407878
next
edit "Zendesk-FTP"
set type default
set internet-service-id 3407879
next
edit "Zendesk-NTP"
set type default
set internet-service-id 3407880
next
edit "Zendesk-Inbound_Email"
set type default
set internet-service-id 3407881
next
edit "Zendesk-LDAP"
set type default
set internet-service-id 3407886
next
edit "Zendesk-NetBIOS.Session.Service"
set type default
set internet-service-id 3407887
next
edit "Zendesk-RTMP"
set type default
set internet-service-id 3407888
next
edit "Zendesk-NetBIOS.Name.Service"
set type default
set internet-service-id 3407896
next
edit "Zendesk-Zendesk.Suite"
set type default
set internet-service-id 3408047
next
edit "DocuSign-Other"
set type default
set internet-service-id 3473408
next
edit "DocuSign-Web"
set type default
set internet-service-id 3473409
next
edit "DocuSign-ICMP"
set type default
set internet-service-id 3473410
next
edit "DocuSign-DNS"
set type default
set internet-service-id 3473411
next
edit "DocuSign-Outbound_Email"
set type default
set internet-service-id 3473412
next
edit "DocuSign-SSH"
set type default
set internet-service-id 3473414
next
edit "DocuSign-FTP"
set type default
set internet-service-id 3473415
next
edit "DocuSign-NTP"
set type default
set internet-service-id 3473416
next
edit "DocuSign-Inbound_Email"
set type default
set internet-service-id 3473417
next
edit "DocuSign-LDAP"
set type default
set internet-service-id 3473422
next
edit "DocuSign-NetBIOS.Session.Service"
set type default
set internet-service-id 3473423
next
edit "DocuSign-RTMP"
set type default
set internet-service-id 3473424
next
edit "DocuSign-NetBIOS.Name.Service"
set type default
set internet-service-id 3473432
next
edit "ServiceNow-Other"
set type default
set internet-service-id 3538944
next
edit "ServiceNow-Web"
set type default
set internet-service-id 3538945
next
edit "ServiceNow-ICMP"
set type default
set internet-service-id 3538946
next
edit "ServiceNow-DNS"
set type default
set internet-service-id 3538947
next
edit "ServiceNow-Outbound_Email"
set type default
set internet-service-id 3538948
next
edit "ServiceNow-SSH"
set type default
set internet-service-id 3538950
next
edit "ServiceNow-FTP"
set type default
set internet-service-id 3538951
next
edit "ServiceNow-NTP"
set type default
set internet-service-id 3538952
next
edit "ServiceNow-Inbound_Email"
set type default
set internet-service-id 3538953
next
edit "ServiceNow-LDAP"
set type default
set internet-service-id 3538958
next
edit "ServiceNow-NetBIOS.Session.Service"
set type default
set internet-service-id 3538959
next
edit "ServiceNow-RTMP"
set type default
set internet-service-id 3538960
next
edit "ServiceNow-NetBIOS.Name.Service"
set type default
set internet-service-id 3538968
next
edit "GitHub-GitHub"
set type default
set internet-service-id 3604638
next
edit "Workday-Other"
set type default
set internet-service-id 3670016
next
edit "Workday-Web"
set type default
set internet-service-id 3670017
next
edit "Workday-ICMP"
set type default
set internet-service-id 3670018
next
edit "Workday-DNS"
set type default
set internet-service-id 3670019
next
edit "Workday-Outbound_Email"
set type default
set internet-service-id 3670020
next
edit "Workday-SSH"
set type default
set internet-service-id 3670022
next
edit "Workday-FTP"
set type default
set internet-service-id 3670023
next
edit "Workday-NTP"
set type default
set internet-service-id 3670024
next
edit "Workday-Inbound_Email"
set type default
set internet-service-id 3670025
next
edit "Workday-LDAP"
set type default
set internet-service-id 3670030
next
edit "Workday-NetBIOS.Session.Service"
set type default
set internet-service-id 3670031
next
edit "Workday-RTMP"
set type default
set internet-service-id 3670032
next
edit "Workday-NetBIOS.Name.Service"
set type default
set internet-service-id 3670040
next
edit "HubSpot-Other"
set type default
set internet-service-id 3735552
next
edit "HubSpot-Web"
set type default
set internet-service-id 3735553
next
edit "HubSpot-ICMP"
set type default
set internet-service-id 3735554
next
edit "HubSpot-DNS"
set type default
set internet-service-id 3735555
next
edit "HubSpot-Outbound_Email"
set type default
set internet-service-id 3735556
next
edit "HubSpot-SSH"
set type default
set internet-service-id 3735558
next
edit "HubSpot-FTP"
set type default
set internet-service-id 3735559
next
edit "HubSpot-NTP"
set type default
set internet-service-id 3735560
next
edit "HubSpot-Inbound_Email"
set type default
set internet-service-id 3735561
next
edit "HubSpot-LDAP"
set type default
set internet-service-id 3735566
next
edit "HubSpot-NetBIOS.Session.Service"
set type default
set internet-service-id 3735567
next
edit "HubSpot-RTMP"
set type default
set internet-service-id 3735568
next
edit "HubSpot-NetBIOS.Name.Service"
set type default
set internet-service-id 3735576
next
edit "Twilio-Other"
set type default
set internet-service-id 3801088
next
edit "Twilio-Web"
set type default
set internet-service-id 3801089
next
edit "Twilio-ICMP"
set type default
set internet-service-id 3801090
next
edit "Twilio-DNS"
set type default
set internet-service-id 3801091
next
edit "Twilio-Outbound_Email"
set type default
set internet-service-id 3801092
next
edit "Twilio-SSH"
set type default
set internet-service-id 3801094
next
edit "Twilio-FTP"
set type default
set internet-service-id 3801095
next
edit "Twilio-NTP"
set type default
set internet-service-id 3801096
next
edit "Twilio-Inbound_Email"
set type default
set internet-service-id 3801097
next
edit "Twilio-LDAP"
set type default
set internet-service-id 3801102
next
edit "Twilio-NetBIOS.Session.Service"
set type default
set internet-service-id 3801103
next
edit "Twilio-RTMP"
set type default
set internet-service-id 3801104
next
edit "Twilio-NetBIOS.Name.Service"
set type default
set internet-service-id 3801112
next
edit "Twilio-Elastic.SIP.Trunking"
set type default
set internet-service-id 3801277
next
edit "Coupa-Other"
set type default
set internet-service-id 3866624
next
edit "Coupa-Web"
set type default
set internet-service-id 3866625
next
edit "Coupa-ICMP"
set type default
set internet-service-id 3866626
next
edit "Coupa-DNS"
set type default
set internet-service-id 3866627
next
edit "Coupa-Outbound_Email"
set type default
set internet-service-id 3866628
next
edit "Coupa-SSH"
set type default
set internet-service-id 3866630
next
edit "Coupa-FTP"
set type default
set internet-service-id 3866631
next
edit "Coupa-NTP"
set type default
set internet-service-id 3866632
next
edit "Coupa-Inbound_Email"
set type default
set internet-service-id 3866633
next
edit "Coupa-LDAP"
set type default
set internet-service-id 3866638
next
edit "Coupa-NetBIOS.Session.Service"
set type default
set internet-service-id 3866639
next
edit "Coupa-RTMP"
set type default
set internet-service-id 3866640
next
edit "Coupa-NetBIOS.Name.Service"
set type default
set internet-service-id 3866648
next
edit "Atlassian-Other"
set type default
set internet-service-id 3932160
next
edit "Atlassian-Web"
set type default
set internet-service-id 3932161
next
edit "Atlassian-ICMP"
set type default
set internet-service-id 3932162
next
edit "Atlassian-DNS"
set type default
set internet-service-id 3932163
next
edit "Atlassian-Outbound_Email"
set type default
set internet-service-id 3932164
next
edit "Atlassian-SSH"
set type default
set internet-service-id 3932166
next
edit "Atlassian-FTP"
set type default
set internet-service-id 3932167
next
edit "Atlassian-NTP"
set type default
set internet-service-id 3932168
next
edit "Atlassian-Inbound_Email"
set type default
set internet-service-id 3932169
next
edit "Atlassian-LDAP"
set type default
set internet-service-id 3932174
next
edit "Atlassian-NetBIOS.Session.Service"
set type default
set internet-service-id 3932175
next
edit "Atlassian-RTMP"
set type default
set internet-service-id 3932176
next
edit "Atlassian-NetBIOS.Name.Service"
set type default
set internet-service-id 3932184
next
edit "Atlassian-Atlassian.Cloud"
set type default
set internet-service-id 3932388
next
edit "Atlassian-Atlassian.Notification"
set type default
set internet-service-id 3932436
next
edit "Xero-Other"
set type default
set internet-service-id 3997696
next
edit "Xero-Web"
set type default
set internet-service-id 3997697
next
edit "Xero-ICMP"
set type default
set internet-service-id 3997698
next
edit "Xero-DNS"
set type default
set internet-service-id 3997699
next
edit "Xero-Outbound_Email"
set type default
set internet-service-id 3997700
next
edit "Xero-SSH"
set type default
set internet-service-id 3997702
next
edit "Xero-FTP"
set type default
set internet-service-id 3997703
next
edit "Xero-NTP"
set type default
set internet-service-id 3997704
next
edit "Xero-Inbound_Email"
set type default
set internet-service-id 3997705
next
edit "Xero-LDAP"
set type default
set internet-service-id 3997710
next
edit "Xero-NetBIOS.Session.Service"
set type default
set internet-service-id 3997711
next
edit "Xero-RTMP"
set type default
set internet-service-id 3997712
next
edit "Xero-NetBIOS.Name.Service"
set type default
set internet-service-id 3997720
next
edit "Zuora-Other"
set type default
set internet-service-id 4063232
next
edit "Zuora-Web"
set type default
set internet-service-id 4063233
next
edit "Zuora-ICMP"
set type default
set internet-service-id 4063234
next
edit "Zuora-DNS"
set type default
set internet-service-id 4063235
next
edit "Zuora-Outbound_Email"
set type default
set internet-service-id 4063236
next
edit "Zuora-SSH"
set type default
set internet-service-id 4063238
next
edit "Zuora-FTP"
set type default
set internet-service-id 4063239
next
edit "Zuora-NTP"
set type default
set internet-service-id 4063240
next
edit "Zuora-Inbound_Email"
set type default
set internet-service-id 4063241
next
edit "Zuora-LDAP"
set type default
set internet-service-id 4063246
next
edit "Zuora-NetBIOS.Session.Service"
set type default
set internet-service-id 4063247
next
edit "Zuora-RTMP"
set type default
set internet-service-id 4063248
next
edit "Zuora-NetBIOS.Name.Service"
set type default
set internet-service-id 4063256
next
edit "AdRoll-Other"
set type default
set internet-service-id 4128768
next
edit "AdRoll-Web"
set type default
set internet-service-id 4128769
next
edit "AdRoll-ICMP"
set type default
set internet-service-id 4128770
next
edit "AdRoll-DNS"
set type default
set internet-service-id 4128771
next
edit "AdRoll-Outbound_Email"
set type default
set internet-service-id 4128772
next
edit "AdRoll-SSH"
set type default
set internet-service-id 4128774
next
edit "AdRoll-FTP"
set type default
set internet-service-id 4128775
next
edit "AdRoll-NTP"
set type default
set internet-service-id 4128776
next
edit "AdRoll-Inbound_Email"
set type default
set internet-service-id 4128777
next
edit "AdRoll-LDAP"
set type default
set internet-service-id 4128782
next
edit "AdRoll-NetBIOS.Session.Service"
set type default
set internet-service-id 4128783
next
edit "AdRoll-RTMP"
set type default
set internet-service-id 4128784
next
edit "AdRoll-NetBIOS.Name.Service"
set type default
set internet-service-id 4128792
next
edit "Xactly-Other"
set type default
set internet-service-id 4194304
next
edit "Xactly-Web"
set type default
set internet-service-id 4194305
next
edit "Xactly-ICMP"
set type default
set internet-service-id 4194306
next
edit "Xactly-DNS"
set type default
set internet-service-id 4194307
next
edit "Xactly-Outbound_Email"
set type default
set internet-service-id 4194308
next
edit "Xactly-SSH"
set type default
set internet-service-id 4194310
next
edit "Xactly-FTP"
set type default
set internet-service-id 4194311
next
edit "Xactly-NTP"
set type default
set internet-service-id 4194312
next
edit "Xactly-Inbound_Email"
set type default
set internet-service-id 4194313
next
edit "Xactly-LDAP"
set type default
set internet-service-id 4194318
next
edit "Xactly-NetBIOS.Session.Service"
set type default
set internet-service-id 4194319
next
edit "Xactly-RTMP"
set type default
set internet-service-id 4194320
next
edit "Xactly-NetBIOS.Name.Service"
set type default
set internet-service-id 4194328
next
edit "Intuit-Other"
set type default
set internet-service-id 4259840
next
edit "Intuit-Web"
set type default
set internet-service-id 4259841
next
edit "Intuit-ICMP"
set type default
set internet-service-id 4259842
next
edit "Intuit-DNS"
set type default
set internet-service-id 4259843
next
edit "Intuit-Outbound_Email"
set type default
set internet-service-id 4259844
next
edit "Intuit-SSH"
set type default
set internet-service-id 4259846
next
edit "Intuit-FTP"
set type default
set internet-service-id 4259847
next
edit "Intuit-NTP"
set type default
set internet-service-id 4259848
next
edit "Intuit-Inbound_Email"
set type default
set internet-service-id 4259849
next
edit "Intuit-LDAP"
set type default
set internet-service-id 4259854
next
edit "Intuit-NetBIOS.Session.Service"
set type default
set internet-service-id 4259855
next
edit "Intuit-RTMP"
set type default
set internet-service-id 4259856
next
edit "Intuit-NetBIOS.Name.Service"
set type default
set internet-service-id 4259864
next
edit "Marketo-Other"
set type default
set internet-service-id 4325376
next
edit "Marketo-Web"
set type default
set internet-service-id 4325377
next
edit "Marketo-ICMP"
set type default
set internet-service-id 4325378
next
edit "Marketo-DNS"
set type default
set internet-service-id 4325379
next
edit "Marketo-Outbound_Email"
set type default
set internet-service-id 4325380
next
edit "Marketo-SSH"
set type default
set internet-service-id 4325382
next
edit "Marketo-FTP"
set type default
set internet-service-id 4325383
next
edit "Marketo-NTP"
set type default
set internet-service-id 4325384
next
edit "Marketo-Inbound_Email"
set type default
set internet-service-id 4325385
next
edit "Marketo-LDAP"
set type default
set internet-service-id 4325390
next
edit "Marketo-NetBIOS.Session.Service"
set type default
set internet-service-id 4325391
next
edit "Marketo-RTMP"
set type default
set internet-service-id 4325392
next
edit "Marketo-NetBIOS.Name.Service"
set type default
set internet-service-id 4325400
next
edit "Bill-Other"
set type default
set internet-service-id 4456448
next
edit "Bill-Web"
set type default
set internet-service-id 4456449
next
edit "Bill-ICMP"
set type default
set internet-service-id 4456450
next
edit "Bill-DNS"
set type default
set internet-service-id 4456451
next
edit "Bill-Outbound_Email"
set type default
set internet-service-id 4456452
next
edit "Bill-SSH"
set type default
set internet-service-id 4456454
next
edit "Bill-FTP"
set type default
set internet-service-id 4456455
next
edit "Bill-NTP"
set type default
set internet-service-id 4456456
next
edit "Bill-Inbound_Email"
set type default
set internet-service-id 4456457
next
edit "Bill-LDAP"
set type default
set internet-service-id 4456462
next
edit "Bill-NetBIOS.Session.Service"
set type default
set internet-service-id 4456463
next
edit "Bill-RTMP"
set type default
set internet-service-id 4456464
next
edit "Bill-NetBIOS.Name.Service"
set type default
set internet-service-id 4456472
next
edit "Shopify-Other"
set type default
set internet-service-id 4521984
next
edit "Shopify-Web"
set type default
set internet-service-id 4521985
next
edit "Shopify-ICMP"
set type default
set internet-service-id 4521986
next
edit "Shopify-DNS"
set type default
set internet-service-id 4521987
next
edit "Shopify-Outbound_Email"
set type default
set internet-service-id 4521988
next
edit "Shopify-SSH"
set type default
set internet-service-id 4521990
next
edit "Shopify-FTP"
set type default
set internet-service-id 4521991
next
edit "Shopify-NTP"
set type default
set internet-service-id 4521992
next
edit "Shopify-Inbound_Email"
set type default
set internet-service-id 4521993
next
edit "Shopify-LDAP"
set type default
set internet-service-id 4521998
next
edit "Shopify-NetBIOS.Session.Service"
set type default
set internet-service-id 4521999
next
edit "Shopify-RTMP"
set type default
set internet-service-id 4522000
next
edit "Shopify-NetBIOS.Name.Service"
set type default
set internet-service-id 4522008
next
edit "Shopify-Shopify"
set type default
set internet-service-id 4522162
next
edit "MuleSoft-Other"
set type default
set internet-service-id 4587520
next
edit "MuleSoft-Web"
set type default
set internet-service-id 4587521
next
edit "MuleSoft-ICMP"
set type default
set internet-service-id 4587522
next
edit "MuleSoft-DNS"
set type default
set internet-service-id 4587523
next
edit "MuleSoft-Outbound_Email"
set type default
set internet-service-id 4587524
next
edit "MuleSoft-SSH"
set type default
set internet-service-id 4587526
next
edit "MuleSoft-FTP"
set type default
set internet-service-id 4587527
next
edit "MuleSoft-NTP"
set type default
set internet-service-id 4587528
next
edit "MuleSoft-Inbound_Email"
set type default
set internet-service-id 4587529
next
edit "MuleSoft-LDAP"
set type default
set internet-service-id 4587534
next
edit "MuleSoft-NetBIOS.Session.Service"
set type default
set internet-service-id 4587535
next
edit "MuleSoft-RTMP"
set type default
set internet-service-id 4587536
next
edit "MuleSoft-NetBIOS.Name.Service"
set type default
set internet-service-id 4587544
next
edit "Cornerstone-Other"
set type default
set internet-service-id 4653056
next
edit "Cornerstone-Web"
set type default
set internet-service-id 4653057
next
edit "Cornerstone-ICMP"
set type default
set internet-service-id 4653058
next
edit "Cornerstone-DNS"
set type default
set internet-service-id 4653059
next
edit "Cornerstone-Outbound_Email"
set type default
set internet-service-id 4653060
next
edit "Cornerstone-SSH"
set type default
set internet-service-id 4653062
next
edit "Cornerstone-FTP"
set type default
set internet-service-id 4653063
next
edit "Cornerstone-NTP"
set type default
set internet-service-id 4653064
next
edit "Cornerstone-Inbound_Email"
set type default
set internet-service-id 4653065
next
edit "Cornerstone-LDAP"
set type default
set internet-service-id 4653070
next
edit "Cornerstone-NetBIOS.Session.Service"
set type default
set internet-service-id 4653071
next
edit "Cornerstone-RTMP"
set type default
set internet-service-id 4653072
next
edit "Cornerstone-NetBIOS.Name.Service"
set type default
set internet-service-id 4653080
next
edit "Eventbrite-Other"
set type default
set internet-service-id 4718592
next
edit "Eventbrite-Web"
set type default
set internet-service-id 4718593
next
edit "Eventbrite-ICMP"
set type default
set internet-service-id 4718594
next
edit "Eventbrite-DNS"
set type default
set internet-service-id 4718595
next
edit "Eventbrite-Outbound_Email"
set type default
set internet-service-id 4718596
next
edit "Eventbrite-SSH"
set type default
set internet-service-id 4718598
next
edit "Eventbrite-FTP"
set type default
set internet-service-id 4718599
next
edit "Eventbrite-NTP"
set type default
set internet-service-id 4718600
next
edit "Eventbrite-Inbound_Email"
set type default
set internet-service-id 4718601
next
edit "Eventbrite-LDAP"
set type default
set internet-service-id 4718606
next
edit "Eventbrite-NetBIOS.Session.Service"
set type default
set internet-service-id 4718607
next
edit "Eventbrite-RTMP"
set type default
set internet-service-id 4718608
next
edit "Eventbrite-NetBIOS.Name.Service"
set type default
set internet-service-id 4718616
next
edit "Paychex-Other"
set type default
set internet-service-id 4784128
next
edit "Paychex-Web"
set type default
set internet-service-id 4784129
next
edit "Paychex-ICMP"
set type default
set internet-service-id 4784130
next
edit "Paychex-DNS"
set type default
set internet-service-id 4784131
next
edit "Paychex-Outbound_Email"
set type default
set internet-service-id 4784132
next
edit "Paychex-SSH"
set type default
set internet-service-id 4784134
next
edit "Paychex-FTP"
set type default
set internet-service-id 4784135
next
edit "Paychex-NTP"
set type default
set internet-service-id 4784136
next
edit "Paychex-Inbound_Email"
set type default
set internet-service-id 4784137
next
edit "Paychex-LDAP"
set type default
set internet-service-id 4784142
next
edit "Paychex-NetBIOS.Session.Service"
set type default
set internet-service-id 4784143
next
edit "Paychex-RTMP"
set type default
set internet-service-id 4784144
next
edit "Paychex-NetBIOS.Name.Service"
set type default
set internet-service-id 4784152
next
edit "NewRelic-Other"
set type default
set internet-service-id 4849664
next
edit "NewRelic-Web"
set type default
set internet-service-id 4849665
next
edit "NewRelic-ICMP"
set type default
set internet-service-id 4849666
next
edit "NewRelic-DNS"
set type default
set internet-service-id 4849667
next
edit "NewRelic-Outbound_Email"
set type default
set internet-service-id 4849668
next
edit "NewRelic-SSH"
set type default
set internet-service-id 4849670
next
edit "NewRelic-FTP"
set type default
set internet-service-id 4849671
next
edit "NewRelic-NTP"
set type default
set internet-service-id 4849672
next
edit "NewRelic-Inbound_Email"
set type default
set internet-service-id 4849673
next
edit "NewRelic-LDAP"
set type default
set internet-service-id 4849678
next
edit "NewRelic-NetBIOS.Session.Service"
set type default
set internet-service-id 4849679
next
edit "NewRelic-RTMP"
set type default
set internet-service-id 4849680
next
edit "NewRelic-NetBIOS.Name.Service"
set type default
set internet-service-id 4849688
next
edit "NewRelic-Synthetic.Monitor"
set type default
set internet-service-id 4849970
next
edit "Splunk-Other"
set type default
set internet-service-id 4915200
next
edit "Splunk-Web"
set type default
set internet-service-id 4915201
next
edit "Splunk-ICMP"
set type default
set internet-service-id 4915202
next
edit "Splunk-DNS"
set type default
set internet-service-id 4915203
next
edit "Splunk-Outbound_Email"
set type default
set internet-service-id 4915204
next
edit "Splunk-SSH"
set type default
set internet-service-id 4915206
next
edit "Splunk-FTP"
set type default
set internet-service-id 4915207
next
edit "Splunk-NTP"
set type default
set internet-service-id 4915208
next
edit "Splunk-Inbound_Email"
set type default
set internet-service-id 4915209
next
edit "Splunk-LDAP"
set type default
set internet-service-id 4915214
next
edit "Splunk-NetBIOS.Session.Service"
set type default
set internet-service-id 4915215
next
edit "Splunk-RTMP"
set type default
set internet-service-id 4915216
next
edit "Splunk-NetBIOS.Name.Service"
set type default
set internet-service-id 4915224
next
edit "Domo-Other"
set type default
set internet-service-id 4980736
next
edit "Domo-Web"
set type default
set internet-service-id 4980737
next
edit "Domo-ICMP"
set type default
set internet-service-id 4980738
next
edit "Domo-DNS"
set type default
set internet-service-id 4980739
next
edit "Domo-Outbound_Email"
set type default
set internet-service-id 4980740
next
edit "Domo-SSH"
set type default
set internet-service-id 4980742
next
edit "Domo-FTP"
set type default
set internet-service-id 4980743
next
edit "Domo-NTP"
set type default
set internet-service-id 4980744
next
edit "Domo-Inbound_Email"
set type default
set internet-service-id 4980745
next
edit "Domo-LDAP"
set type default
set internet-service-id 4980750
next
edit "Domo-NetBIOS.Session.Service"
set type default
set internet-service-id 4980751
next
edit "Domo-RTMP"
set type default
set internet-service-id 4980752
next
edit "Domo-NetBIOS.Name.Service"
set type default
set internet-service-id 4980760
next
edit "FreshBooks-Other"
set type default
set internet-service-id 5046272
next
edit "FreshBooks-Web"
set type default
set internet-service-id 5046273
next
edit "FreshBooks-ICMP"
set type default
set internet-service-id 5046274
next
edit "FreshBooks-DNS"
set type default
set internet-service-id 5046275
next
edit "FreshBooks-Outbound_Email"
set type default
set internet-service-id 5046276
next
edit "FreshBooks-SSH"
set type default
set internet-service-id 5046278
next
edit "FreshBooks-FTP"
set type default
set internet-service-id 5046279
next
edit "FreshBooks-NTP"
set type default
set internet-service-id 5046280
next
edit "FreshBooks-Inbound_Email"
set type default
set internet-service-id 5046281
next
edit "FreshBooks-LDAP"
set type default
set internet-service-id 5046286
next
edit "FreshBooks-NetBIOS.Session.Service"
set type default
set internet-service-id 5046287
next
edit "FreshBooks-RTMP"
set type default
set internet-service-id 5046288
next
edit "FreshBooks-NetBIOS.Name.Service"
set type default
set internet-service-id 5046296
next
edit "Tableau-Other"
set type default
set internet-service-id 5111808
next
edit "Tableau-Web"
set type default
set internet-service-id 5111809
next
edit "Tableau-ICMP"
set type default
set internet-service-id 5111810
next
edit "Tableau-DNS"
set type default
set internet-service-id 5111811
next
edit "Tableau-Outbound_Email"
set type default
set internet-service-id 5111812
next
edit "Tableau-SSH"
set type default
set internet-service-id 5111814
next
edit "Tableau-FTP"
set type default
set internet-service-id 5111815
next
edit "Tableau-NTP"
set type default
set internet-service-id 5111816
next
edit "Tableau-Inbound_Email"
set type default
set internet-service-id 5111817
next
edit "Tableau-LDAP"
set type default
set internet-service-id 5111822
next
edit "Tableau-NetBIOS.Session.Service"
set type default
set internet-service-id 5111823
next
edit "Tableau-RTMP"
set type default
set internet-service-id 5111824
next
edit "Tableau-NetBIOS.Name.Service"
set type default
set internet-service-id 5111832
next
edit "Druva-Other"
set type default
set internet-service-id 5177344
next
edit "Druva-Web"
set type default
set internet-service-id 5177345
next
edit "Druva-ICMP"
set type default
set internet-service-id 5177346
next
edit "Druva-DNS"
set type default
set internet-service-id 5177347
next
edit "Druva-Outbound_Email"
set type default
set internet-service-id 5177348
next
edit "Druva-SSH"
set type default
set internet-service-id 5177350
next
edit "Druva-FTP"
set type default
set internet-service-id 5177351
next
edit "Druva-NTP"
set type default
set internet-service-id 5177352
next
edit "Druva-Inbound_Email"
set type default
set internet-service-id 5177353
next
edit "Druva-LDAP"
set type default
set internet-service-id 5177358
next
edit "Druva-NetBIOS.Session.Service"
set type default
set internet-service-id 5177359
next
edit "Druva-RTMP"
set type default
set internet-service-id 5177360
next
edit "Druva-NetBIOS.Name.Service"
set type default
set internet-service-id 5177368
next
edit "Act-on-Other"
set type default
set internet-service-id 5242880
next
edit "Act-on-Web"
set type default
set internet-service-id 5242881
next
edit "Act-on-ICMP"
set type default
set internet-service-id 5242882
next
edit "Act-on-DNS"
set type default
set internet-service-id 5242883
next
edit "Act-on-Outbound_Email"
set type default
set internet-service-id 5242884
next
edit "Act-on-SSH"
set type default
set internet-service-id 5242886
next
edit "Act-on-FTP"
set type default
set internet-service-id 5242887
next
edit "Act-on-NTP"
set type default
set internet-service-id 5242888
next
edit "Act-on-Inbound_Email"
set type default
set internet-service-id 5242889
next
edit "Act-on-LDAP"
set type default
set internet-service-id 5242894
next
edit "Act-on-NetBIOS.Session.Service"
set type default
set internet-service-id 5242895
next
edit "Act-on-RTMP"
set type default
set internet-service-id 5242896
next
edit "Act-on-NetBIOS.Name.Service"
set type default
set internet-service-id 5242904
next
edit "GoodData-Other"
set type default
set internet-service-id 5308416
next
edit "GoodData-Web"
set type default
set internet-service-id 5308417
next
edit "GoodData-ICMP"
set type default
set internet-service-id 5308418
next
edit "GoodData-DNS"
set type default
set internet-service-id 5308419
next
edit "GoodData-Outbound_Email"
set type default
set internet-service-id 5308420
next
edit "GoodData-SSH"
set type default
set internet-service-id 5308422
next
edit "GoodData-FTP"
set type default
set internet-service-id 5308423
next
edit "GoodData-NTP"
set type default
set internet-service-id 5308424
next
edit "GoodData-Inbound_Email"
set type default
set internet-service-id 5308425
next
edit "GoodData-LDAP"
set type default
set internet-service-id 5308430
next
edit "GoodData-NetBIOS.Session.Service"
set type default
set internet-service-id 5308431
next
edit "GoodData-RTMP"
set type default
set internet-service-id 5308432
next
edit "GoodData-NetBIOS.Name.Service"
set type default
set internet-service-id 5308440
next
edit "SurveyMonkey-Other"
set type default
set internet-service-id 5373952
next
edit "SurveyMonkey-Web"
set type default
set internet-service-id 5373953
next
edit "SurveyMonkey-ICMP"
set type default
set internet-service-id 5373954
next
edit "SurveyMonkey-DNS"
set type default
set internet-service-id 5373955
next
edit "SurveyMonkey-Outbound_Email"
set type default
set internet-service-id 5373956
next
edit "SurveyMonkey-SSH"
set type default
set internet-service-id 5373958
next
edit "SurveyMonkey-FTP"
set type default
set internet-service-id 5373959
next
edit "SurveyMonkey-NTP"
set type default
set internet-service-id 5373960
next
edit "SurveyMonkey-Inbound_Email"
set type default
set internet-service-id 5373961
next
edit "SurveyMonkey-LDAP"
set type default
set internet-service-id 5373966
next
edit "SurveyMonkey-NetBIOS.Session.Service"
set type default
set internet-service-id 5373967
next
edit "SurveyMonkey-RTMP"
set type default
set internet-service-id 5373968
next
edit "SurveyMonkey-NetBIOS.Name.Service"
set type default
set internet-service-id 5373976
next
edit "Cvent-Other"
set type default
set internet-service-id 5439488
next
edit "Cvent-Web"
set type default
set internet-service-id 5439489
next
edit "Cvent-ICMP"
set type default
set internet-service-id 5439490
next
edit "Cvent-DNS"
set type default
set internet-service-id 5439491
next
edit "Cvent-Outbound_Email"
set type default
set internet-service-id 5439492
next
edit "Cvent-SSH"
set type default
set internet-service-id 5439494
next
edit "Cvent-FTP"
set type default
set internet-service-id 5439495
next
edit "Cvent-NTP"
set type default
set internet-service-id 5439496
next
edit "Cvent-Inbound_Email"
set type default
set internet-service-id 5439497
next
edit "Cvent-LDAP"
set type default
set internet-service-id 5439502
next
edit "Cvent-NetBIOS.Session.Service"
set type default
set internet-service-id 5439503
next
edit "Cvent-RTMP"
set type default
set internet-service-id 5439504
next
edit "Cvent-NetBIOS.Name.Service"
set type default
set internet-service-id 5439512
next
edit "Blackbaud-Other"
set type default
set internet-service-id 5505024
next
edit "Blackbaud-Web"
set type default
set internet-service-id 5505025
next
edit "Blackbaud-ICMP"
set type default
set internet-service-id 5505026
next
edit "Blackbaud-DNS"
set type default
set internet-service-id 5505027
next
edit "Blackbaud-Outbound_Email"
set type default
set internet-service-id 5505028
next
edit "Blackbaud-SSH"
set type default
set internet-service-id 5505030
next
edit "Blackbaud-FTP"
set type default
set internet-service-id 5505031
next
edit "Blackbaud-NTP"
set type default
set internet-service-id 5505032
next
edit "Blackbaud-Inbound_Email"
set type default
set internet-service-id 5505033
next
edit "Blackbaud-LDAP"
set type default
set internet-service-id 5505038
next
edit "Blackbaud-NetBIOS.Session.Service"
set type default
set internet-service-id 5505039
next
edit "Blackbaud-RTMP"
set type default
set internet-service-id 5505040
next
edit "Blackbaud-NetBIOS.Name.Service"
set type default
set internet-service-id 5505048
next
edit "InsideSales-Other"
set type default
set internet-service-id 5570560
next
edit "InsideSales-Web"
set type default
set internet-service-id 5570561
next
edit "InsideSales-ICMP"
set type default
set internet-service-id 5570562
next
edit "InsideSales-DNS"
set type default
set internet-service-id 5570563
next
edit "InsideSales-Outbound_Email"
set type default
set internet-service-id 5570564
next
edit "InsideSales-SSH"
set type default
set internet-service-id 5570566
next
edit "InsideSales-FTP"
set type default
set internet-service-id 5570567
next
edit "InsideSales-NTP"
set type default
set internet-service-id 5570568
next
edit "InsideSales-Inbound_Email"
set type default
set internet-service-id 5570569
next
edit "InsideSales-LDAP"
set type default
set internet-service-id 5570574
next
edit "InsideSales-NetBIOS.Session.Service"
set type default
set internet-service-id 5570575
next
edit "InsideSales-RTMP"
set type default
set internet-service-id 5570576
next
edit "InsideSales-NetBIOS.Name.Service"
set type default
set internet-service-id 5570584
next
edit "ServiceMax-Other"
set type default
set internet-service-id 5636096
next
edit "ServiceMax-Web"
set type default
set internet-service-id 5636097
next
edit "ServiceMax-ICMP"
set type default
set internet-service-id 5636098
next
edit "ServiceMax-DNS"
set type default
set internet-service-id 5636099
next
edit "ServiceMax-Outbound_Email"
set type default
set internet-service-id 5636100
next
edit "ServiceMax-SSH"
set type default
set internet-service-id 5636102
next
edit "ServiceMax-FTP"
set type default
set internet-service-id 5636103
next
edit "ServiceMax-NTP"
set type default
set internet-service-id 5636104
next
edit "ServiceMax-Inbound_Email"
set type default
set internet-service-id 5636105
next
edit "ServiceMax-LDAP"
set type default
set internet-service-id 5636110
next
edit "ServiceMax-NetBIOS.Session.Service"
set type default
set internet-service-id 5636111
next
edit "ServiceMax-RTMP"
set type default
set internet-service-id 5636112
next
edit "ServiceMax-NetBIOS.Name.Service"
set type default
set internet-service-id 5636120
next
edit "Apptio-Other"
set type default
set internet-service-id 5701632
next
edit "Apptio-Web"
set type default
set internet-service-id 5701633
next
edit "Apptio-ICMP"
set type default
set internet-service-id 5701634
next
edit "Apptio-DNS"
set type default
set internet-service-id 5701635
next
edit "Apptio-Outbound_Email"
set type default
set internet-service-id 5701636
next
edit "Apptio-SSH"
set type default
set internet-service-id 5701638
next
edit "Apptio-FTP"
set type default
set internet-service-id 5701639
next
edit "Apptio-NTP"
set type default
set internet-service-id 5701640
next
edit "Apptio-Inbound_Email"
set type default
set internet-service-id 5701641
next
edit "Apptio-LDAP"
set type default
set internet-service-id 5701646
next
edit "Apptio-NetBIOS.Session.Service"
set type default
set internet-service-id 5701647
next
edit "Apptio-RTMP"
set type default
set internet-service-id 5701648
next
edit "Apptio-NetBIOS.Name.Service"
set type default
set internet-service-id 5701656
next
edit "Veracode-Other"
set type default
set internet-service-id 5767168
next
edit "Veracode-Web"
set type default
set internet-service-id 5767169
next
edit "Veracode-ICMP"
set type default
set internet-service-id 5767170
next
edit "Veracode-DNS"
set type default
set internet-service-id 5767171
next
edit "Veracode-Outbound_Email"
set type default
set internet-service-id 5767172
next
edit "Veracode-SSH"
set type default
set internet-service-id 5767174
next
edit "Veracode-FTP"
set type default
set internet-service-id 5767175
next
edit "Veracode-NTP"
set type default
set internet-service-id 5767176
next
edit "Veracode-Inbound_Email"
set type default
set internet-service-id 5767177
next
edit "Veracode-LDAP"
set type default
set internet-service-id 5767182
next
edit "Veracode-NetBIOS.Session.Service"
set type default
set internet-service-id 5767183
next
edit "Veracode-RTMP"
set type default
set internet-service-id 5767184
next
edit "Veracode-NetBIOS.Name.Service"
set type default
set internet-service-id 5767192
next
edit "Anaplan-Other"
set type default
set internet-service-id 5832704
next
edit "Anaplan-Web"
set type default
set internet-service-id 5832705
next
edit "Anaplan-ICMP"
set type default
set internet-service-id 5832706
next
edit "Anaplan-DNS"
set type default
set internet-service-id 5832707
next
edit "Anaplan-Outbound_Email"
set type default
set internet-service-id 5832708
next
edit "Anaplan-SSH"
set type default
set internet-service-id 5832710
next
edit "Anaplan-FTP"
set type default
set internet-service-id 5832711
next
edit "Anaplan-NTP"
set type default
set internet-service-id 5832712
next
edit "Anaplan-Inbound_Email"
set type default
set internet-service-id 5832713
next
edit "Anaplan-LDAP"
set type default
set internet-service-id 5832718
next
edit "Anaplan-NetBIOS.Session.Service"
set type default
set internet-service-id 5832719
next
edit "Anaplan-RTMP"
set type default
set internet-service-id 5832720
next
edit "Anaplan-NetBIOS.Name.Service"
set type default
set internet-service-id 5832728
next
edit "Rapid7-Other"
set type default
set internet-service-id 5898240
next
edit "Rapid7-Web"
set type default
set internet-service-id 5898241
next
edit "Rapid7-ICMP"
set type default
set internet-service-id 5898242
next
edit "Rapid7-DNS"
set type default
set internet-service-id 5898243
next
edit "Rapid7-Outbound_Email"
set type default
set internet-service-id 5898244
next
edit "Rapid7-SSH"
set type default
set internet-service-id 5898246
next
edit "Rapid7-FTP"
set type default
set internet-service-id 5898247
next
edit "Rapid7-NTP"
set type default
set internet-service-id 5898248
next
edit "Rapid7-Inbound_Email"
set type default
set internet-service-id 5898249
next
edit "Rapid7-LDAP"
set type default
set internet-service-id 5898254
next
edit "Rapid7-NetBIOS.Session.Service"
set type default
set internet-service-id 5898255
next
edit "Rapid7-RTMP"
set type default
set internet-service-id 5898256
next
edit "Rapid7-NetBIOS.Name.Service"
set type default
set internet-service-id 5898264
next
edit "Rapid7-Scanner"
set type default
set internet-service-id 5898406
next
edit "AnyDesk-AnyDesk"
set type default
set internet-service-id 5963927
next
edit "ESET-Eset.Service"
set type default
set internet-service-id 6029426
next
edit "Slack-Other"
set type default
set internet-service-id 6094848
next
edit "Slack-Web"
set type default
set internet-service-id 6094849
next
edit "Slack-ICMP"
set type default
set internet-service-id 6094850
next
edit "Slack-DNS"
set type default
set internet-service-id 6094851
next
edit "Slack-Outbound_Email"
set type default
set internet-service-id 6094852
next
edit "Slack-SSH"
set type default
set internet-service-id 6094854
next
edit "Slack-FTP"
set type default
set internet-service-id 6094855
next
edit "Slack-NTP"
set type default
set internet-service-id 6094856
next
edit "Slack-Inbound_Email"
set type default
set internet-service-id 6094857
next
edit "Slack-LDAP"
set type default
set internet-service-id 6094862
next
edit "Slack-NetBIOS.Session.Service"
set type default
set internet-service-id 6094863
next
edit "Slack-RTMP"
set type default
set internet-service-id 6094864
next
edit "Slack-NetBIOS.Name.Service"
set type default
set internet-service-id 6094872
next
edit "Slack-Slack"
set type default
set internet-service-id 6095024
next
edit "ADP-Other"
set type default
set internet-service-id 6160384
next
edit "ADP-Web"
set type default
set internet-service-id 6160385
next
edit "ADP-ICMP"
set type default
set internet-service-id 6160386
next
edit "ADP-DNS"
set type default
set internet-service-id 6160387
next
edit "ADP-Outbound_Email"
set type default
set internet-service-id 6160388
next
edit "ADP-SSH"
set type default
set internet-service-id 6160390
next
edit "ADP-FTP"
set type default
set internet-service-id 6160391
next
edit "ADP-NTP"
set type default
set internet-service-id 6160392
next
edit "ADP-Inbound_Email"
set type default
set internet-service-id 6160393
next
edit "ADP-LDAP"
set type default
set internet-service-id 6160398
next
edit "ADP-NetBIOS.Session.Service"
set type default
set internet-service-id 6160399
next
edit "ADP-RTMP"
set type default
set internet-service-id 6160400
next
edit "ADP-NetBIOS.Name.Service"
set type default
set internet-service-id 6160408
next
edit "Blackboard-Other"
set type default
set internet-service-id 6225920
next
edit "Blackboard-Web"
set type default
set internet-service-id 6225921
next
edit "Blackboard-ICMP"
set type default
set internet-service-id 6225922
next
edit "Blackboard-DNS"
set type default
set internet-service-id 6225923
next
edit "Blackboard-Outbound_Email"
set type default
set internet-service-id 6225924
next
edit "Blackboard-SSH"
set type default
set internet-service-id 6225926
next
edit "Blackboard-FTP"
set type default
set internet-service-id 6225927
next
edit "Blackboard-NTP"
set type default
set internet-service-id 6225928
next
edit "Blackboard-Inbound_Email"
set type default
set internet-service-id 6225929
next
edit "Blackboard-LDAP"
set type default
set internet-service-id 6225934
next
edit "Blackboard-NetBIOS.Session.Service"
set type default
set internet-service-id 6225935
next
edit "Blackboard-RTMP"
set type default
set internet-service-id 6225936
next
edit "Blackboard-NetBIOS.Name.Service"
set type default
set internet-service-id 6225944
next
edit "SAP-Other"
set type default
set internet-service-id 6291456
next
edit "SAP-Web"
set type default
set internet-service-id 6291457
next
edit "SAP-ICMP"
set type default
set internet-service-id 6291458
next
edit "SAP-DNS"
set type default
set internet-service-id 6291459
next
edit "SAP-Outbound_Email"
set type default
set internet-service-id 6291460
next
edit "SAP-SSH"
set type default
set internet-service-id 6291462
next
edit "SAP-FTP"
set type default
set internet-service-id 6291463
next
edit "SAP-NTP"
set type default
set internet-service-id 6291464
next
edit "SAP-Inbound_Email"
set type default
set internet-service-id 6291465
next
edit "SAP-LDAP"
set type default
set internet-service-id 6291470
next
edit "SAP-NetBIOS.Session.Service"
set type default
set internet-service-id 6291471
next
edit "SAP-RTMP"
set type default
set internet-service-id 6291472
next
edit "SAP-NetBIOS.Name.Service"
set type default
set internet-service-id 6291480
next
edit "SAP-HANA"
set type default
set internet-service-id 6291612
next
edit "SAP-SuccessFactors"
set type default
set internet-service-id 6291618
next
edit "SAP-SAP.Ariba"
set type default
set internet-service-id 6291766
next
edit "Snap-Snapchat"
set type default
set internet-service-id 6357108
next
edit "Zoom.us-Zoom.Meeting"
set type default
set internet-service-id 6422646
next
edit "Sophos-Other"
set type default
set internet-service-id 6488064
next
edit "Sophos-Web"
set type default
set internet-service-id 6488065
next
edit "Sophos-ICMP"
set type default
set internet-service-id 6488066
next
edit "Sophos-DNS"
set type default
set internet-service-id 6488067
next
edit "Sophos-Outbound_Email"
set type default
set internet-service-id 6488068
next
edit "Sophos-SSH"
set type default
set internet-service-id 6488070
next
edit "Sophos-FTP"
set type default
set internet-service-id 6488071
next
edit "Sophos-NTP"
set type default
set internet-service-id 6488072
next
edit "Sophos-Inbound_Email"
set type default
set internet-service-id 6488073
next
edit "Sophos-LDAP"
set type default
set internet-service-id 6488078
next
edit "Sophos-NetBIOS.Session.Service"
set type default
set internet-service-id 6488079
next
edit "Sophos-RTMP"
set type default
set internet-service-id 6488080
next
edit "Sophos-NetBIOS.Name.Service"
set type default
set internet-service-id 6488088
next
edit "Cloudflare-Other"
set type default
set internet-service-id 6553600
next
edit "Cloudflare-Web"
set type default
set internet-service-id 6553601
next
edit "Cloudflare-ICMP"
set type default
set internet-service-id 6553602
next
edit "Cloudflare-DNS"
set type default
set internet-service-id 6553603
next
edit "Cloudflare-Outbound_Email"
set type default
set internet-service-id 6553604
next
edit "Cloudflare-SSH"
set type default
set internet-service-id 6553606
next
edit "Cloudflare-FTP"
set type default
set internet-service-id 6553607
next
edit "Cloudflare-NTP"
set type default
set internet-service-id 6553608
next
edit "Cloudflare-Inbound_Email"
set type default
set internet-service-id 6553609
next
edit "Cloudflare-LDAP"
set type default
set internet-service-id 6553614
next
edit "Cloudflare-NetBIOS.Session.Service"
set type default
set internet-service-id 6553615
next
edit "Cloudflare-RTMP"
set type default
set internet-service-id 6553616
next
edit "Cloudflare-NetBIOS.Name.Service"
set type default
set internet-service-id 6553624
next
edit "Cloudflare-CDN"
set type default
set internet-service-id 6553737
next
edit "Pexip-Pexip.Meeting"
set type default
set internet-service-id 6619256
next
edit "Zscaler-Other"
set type default
set internet-service-id 6684672
next
edit "Zscaler-Web"
set type default
set internet-service-id 6684673
next
edit "Zscaler-ICMP"
set type default
set internet-service-id 6684674
next
edit "Zscaler-DNS"
set type default
set internet-service-id 6684675
next
edit "Zscaler-Outbound_Email"
set type default
set internet-service-id 6684676
next
edit "Zscaler-SSH"
set type default
set internet-service-id 6684678
next
edit "Zscaler-FTP"
set type default
set internet-service-id 6684679
next
edit "Zscaler-NTP"
set type default
set internet-service-id 6684680
next
edit "Zscaler-Inbound_Email"
set type default
set internet-service-id 6684681
next
edit "Zscaler-LDAP"
set type default
set internet-service-id 6684686
next
edit "Zscaler-NetBIOS.Session.Service"
set type default
set internet-service-id 6684687
next
edit "Zscaler-RTMP"
set type default
set internet-service-id 6684688
next
edit "Zscaler-NetBIOS.Name.Service"
set type default
set internet-service-id 6684696
next
edit "Zscaler-Zscaler.Cloud"
set type default
set internet-service-id 6684793
next
edit "Yandex-Other"
set type default
set internet-service-id 6750208
next
edit "Yandex-Web"
set type default
set internet-service-id 6750209
next
edit "Yandex-ICMP"
set type default
set internet-service-id 6750210
next
edit "Yandex-DNS"
set type default
set internet-service-id 6750211
next
edit "Yandex-Outbound_Email"
set type default
set internet-service-id 6750212
next
edit "Yandex-SSH"
set type default
set internet-service-id 6750214
next
edit "Yandex-FTP"
set type default
set internet-service-id 6750215
next
edit "Yandex-NTP"
set type default
set internet-service-id 6750216
next
edit "Yandex-Inbound_Email"
set type default
set internet-service-id 6750217
next
edit "Yandex-LDAP"
set type default
set internet-service-id 6750222
next
edit "Yandex-NetBIOS.Session.Service"
set type default
set internet-service-id 6750223
next
edit "Yandex-RTMP"
set type default
set internet-service-id 6750224
next
edit "Yandex-NetBIOS.Name.Service"
set type default
set internet-service-id 6750232
next
edit "mail.ru-Other"
set type default
set internet-service-id 6815744
next
edit "mail.ru-Web"
set type default
set internet-service-id 6815745
next
edit "mail.ru-ICMP"
set type default
set internet-service-id 6815746
next
edit "mail.ru-DNS"
set type default
set internet-service-id 6815747
next
edit "mail.ru-Outbound_Email"
set type default
set internet-service-id 6815748
next
edit "mail.ru-SSH"
set type default
set internet-service-id 6815750
next
edit "mail.ru-FTP"
set type default
set internet-service-id 6815751
next
edit "mail.ru-NTP"
set type default
set internet-service-id 6815752
next
edit "mail.ru-Inbound_Email"
set type default
set internet-service-id 6815753
next
edit "mail.ru-LDAP"
set type default
set internet-service-id 6815758
next
edit "mail.ru-NetBIOS.Session.Service"
set type default
set internet-service-id 6815759
next
edit "mail.ru-RTMP"
set type default
set internet-service-id 6815760
next
edit "mail.ru-NetBIOS.Name.Service"
set type default
set internet-service-id 6815768
next
edit "Alibaba-Other"
set type default
set internet-service-id 6881280
next
edit "Alibaba-Web"
set type default
set internet-service-id 6881281
next
edit "Alibaba-ICMP"
set type default
set internet-service-id 6881282
next
edit "Alibaba-DNS"
set type default
set internet-service-id 6881283
next
edit "Alibaba-Outbound_Email"
set type default
set internet-service-id 6881284
next
edit "Alibaba-SSH"
set type default
set internet-service-id 6881286
next
edit "Alibaba-FTP"
set type default
set internet-service-id 6881287
next
edit "Alibaba-NTP"
set type default
set internet-service-id 6881288
next
edit "Alibaba-Inbound_Email"
set type default
set internet-service-id 6881289
next
edit "Alibaba-LDAP"
set type default
set internet-service-id 6881294
next
edit "Alibaba-NetBIOS.Session.Service"
set type default
set internet-service-id 6881295
next
edit "Alibaba-RTMP"
set type default
set internet-service-id 6881296
next
edit "Alibaba-NetBIOS.Name.Service"
set type default
set internet-service-id 6881304
next
edit "Alibaba-Alibaba.Cloud"
set type default
set internet-service-id 6881402
next
edit "Alibaba-DingTalk"
set type default
set internet-service-id 6881623
next
edit "GoDaddy-Other"
set type default
set internet-service-id 6946816
next
edit "GoDaddy-Web"
set type default
set internet-service-id 6946817
next
edit "GoDaddy-ICMP"
set type default
set internet-service-id 6946818
next
edit "GoDaddy-DNS"
set type default
set internet-service-id 6946819
next
edit "GoDaddy-Outbound_Email"
set type default
set internet-service-id 6946820
next
edit "GoDaddy-SSH"
set type default
set internet-service-id 6946822
next
edit "GoDaddy-FTP"
set type default
set internet-service-id 6946823
next
edit "GoDaddy-NTP"
set type default
set internet-service-id 6946824
next
edit "GoDaddy-Inbound_Email"
set type default
set internet-service-id 6946825
next
edit "GoDaddy-LDAP"
set type default
set internet-service-id 6946830
next
edit "GoDaddy-NetBIOS.Session.Service"
set type default
set internet-service-id 6946831
next
edit "GoDaddy-RTMP"
set type default
set internet-service-id 6946832
next
edit "GoDaddy-NetBIOS.Name.Service"
set type default
set internet-service-id 6946840
next
edit "GoDaddy-GoDaddy.Email"
set type default
set internet-service-id 6946939
next
edit "Bluejeans-Other"
set type default
set internet-service-id 7012352
next
edit "Bluejeans-Web"
set type default
set internet-service-id 7012353
next
edit "Bluejeans-ICMP"
set type default
set internet-service-id 7012354
next
edit "Bluejeans-DNS"
set type default
set internet-service-id 7012355
next
edit "Bluejeans-Outbound_Email"
set type default
set internet-service-id 7012356
next
edit "Bluejeans-SSH"
set type default
set internet-service-id 7012358
next
edit "Bluejeans-FTP"
set type default
set internet-service-id 7012359
next
edit "Bluejeans-NTP"
set type default
set internet-service-id 7012360
next
edit "Bluejeans-Inbound_Email"
set type default
set internet-service-id 7012361
next
edit "Bluejeans-LDAP"
set type default
set internet-service-id 7012366
next
edit "Bluejeans-NetBIOS.Session.Service"
set type default
set internet-service-id 7012367
next
edit "Bluejeans-RTMP"
set type default
set internet-service-id 7012368
next
edit "Bluejeans-NetBIOS.Name.Service"
set type default
set internet-service-id 7012376
next
edit "Bluejeans-Bluejeans.Meeting"
set type default
set internet-service-id 7012476
next
edit "Webroot-Webroot.SecureAnywhere"
set type default
set internet-service-id 7078013
next
edit "Avast-Other"
set type default
set internet-service-id 7143424
next
edit "Avast-Web"
set type default
set internet-service-id 7143425
next
edit "Avast-ICMP"
set type default
set internet-service-id 7143426
next
edit "Avast-DNS"
set type default
set internet-service-id 7143427
next
edit "Avast-Outbound_Email"
set type default
set internet-service-id 7143428
next
edit "Avast-SSH"
set type default
set internet-service-id 7143430
next
edit "Avast-FTP"
set type default
set internet-service-id 7143431
next
edit "Avast-NTP"
set type default
set internet-service-id 7143432
next
edit "Avast-Inbound_Email"
set type default
set internet-service-id 7143433
next
edit "Avast-LDAP"
set type default
set internet-service-id 7143438
next
edit "Avast-NetBIOS.Session.Service"
set type default
set internet-service-id 7143439
next
edit "Avast-RTMP"
set type default
set internet-service-id 7143440
next
edit "Avast-NetBIOS.Name.Service"
set type default
set internet-service-id 7143448
next
edit "Avast-Avast.Security"
set type default
set internet-service-id 7143550
next
edit "Wetransfer-Other"
set type default
set internet-service-id 7208960
next
edit "Wetransfer-Web"
set type default
set internet-service-id 7208961
next
edit "Wetransfer-ICMP"
set type default
set internet-service-id 7208962
next
edit "Wetransfer-DNS"
set type default
set internet-service-id 7208963
next
edit "Wetransfer-Outbound_Email"
set type default
set internet-service-id 7208964
next
edit "Wetransfer-SSH"
set type default
set internet-service-id 7208966
next
edit "Wetransfer-FTP"
set type default
set internet-service-id 7208967
next
edit "Wetransfer-NTP"
set type default
set internet-service-id 7208968
next
edit "Wetransfer-Inbound_Email"
set type default
set internet-service-id 7208969
next
edit "Wetransfer-LDAP"
set type default
set internet-service-id 7208974
next
edit "Wetransfer-NetBIOS.Session.Service"
set type default
set internet-service-id 7208975
next
edit "Wetransfer-RTMP"
set type default
set internet-service-id 7208976
next
edit "Wetransfer-NetBIOS.Name.Service"
set type default
set internet-service-id 7208984
next
edit "Sendgrid-Sendgrid.Email"
set type default
set internet-service-id 7274623
next
edit "Ubiquiti-UniFi"
set type default
set internet-service-id 7340160
next
edit "Lifesize-Lifesize.Cloud"
set type default
set internet-service-id 7405697
next
edit "Okta-Other"
set type default
set internet-service-id 7471104
next
edit "Okta-Web"
set type default
set internet-service-id 7471105
next
edit "Okta-ICMP"
set type default
set internet-service-id 7471106
next
edit "Okta-DNS"
set type default
set internet-service-id 7471107
next
edit "Okta-Outbound_Email"
set type default
set internet-service-id 7471108
next
edit "Okta-SSH"
set type default
set internet-service-id 7471110
next
edit "Okta-FTP"
set type default
set internet-service-id 7471111
next
edit "Okta-NTP"
set type default
set internet-service-id 7471112
next
edit "Okta-Inbound_Email"
set type default
set internet-service-id 7471113
next
edit "Okta-LDAP"
set type default
set internet-service-id 7471118
next
edit "Okta-NetBIOS.Session.Service"
set type default
set internet-service-id 7471119
next
edit "Okta-RTMP"
set type default
set internet-service-id 7471120
next
edit "Okta-NetBIOS.Name.Service"
set type default
set internet-service-id 7471128
next
edit "Okta-Okta"
set type default
set internet-service-id 7471307
next
edit "Cybozu-Other"
set type default
set internet-service-id 7536640
next
edit "Cybozu-Web"
set type default
set internet-service-id 7536641
next
edit "Cybozu-ICMP"
set type default
set internet-service-id 7536642
next
edit "Cybozu-DNS"
set type default
set internet-service-id 7536643
next
edit "Cybozu-Outbound_Email"
set type default
set internet-service-id 7536644
next
edit "Cybozu-SSH"
set type default
set internet-service-id 7536646
next
edit "Cybozu-FTP"
set type default
set internet-service-id 7536647
next
edit "Cybozu-NTP"
set type default
set internet-service-id 7536648
next
edit "Cybozu-Inbound_Email"
set type default
set internet-service-id 7536649
next
edit "Cybozu-LDAP"
set type default
set internet-service-id 7536654
next
edit "Cybozu-NetBIOS.Session.Service"
set type default
set internet-service-id 7536655
next
edit "Cybozu-RTMP"
set type default
set internet-service-id 7536656
next
edit "Cybozu-NetBIOS.Name.Service"
set type default
set internet-service-id 7536664
next
edit "VNC-Other"
set type default
set internet-service-id 7602176
next
edit "VNC-Web"
set type default
set internet-service-id 7602177
next
edit "VNC-ICMP"
set type default
set internet-service-id 7602178
next
edit "VNC-DNS"
set type default
set internet-service-id 7602179
next
edit "VNC-Outbound_Email"
set type default
set internet-service-id 7602180
next
edit "VNC-SSH"
set type default
set internet-service-id 7602182
next
edit "VNC-FTP"
set type default
set internet-service-id 7602183
next
edit "VNC-NTP"
set type default
set internet-service-id 7602184
next
edit "VNC-Inbound_Email"
set type default
set internet-service-id 7602185
next
edit "VNC-LDAP"
set type default
set internet-service-id 7602190
next
edit "VNC-NetBIOS.Session.Service"
set type default
set internet-service-id 7602191
next
edit "VNC-RTMP"
set type default
set internet-service-id 7602192
next
edit "VNC-NetBIOS.Name.Service"
set type default
set internet-service-id 7602200
next
edit "Egnyte-Egnyte"
set type default
set internet-service-id 7667846
next
edit "CrowdStrike-CrowdStrike.Falcon.Cloud"
set type default
set internet-service-id 7733383
next
edit "Aruba.it-Other"
set type default
set internet-service-id 7798784
next
edit "Aruba.it-Web"
set type default
set internet-service-id 7798785
next
edit "Aruba.it-ICMP"
set type default
set internet-service-id 7798786
next
edit "Aruba.it-DNS"
set type default
set internet-service-id 7798787
next
edit "Aruba.it-Outbound_Email"
set type default
set internet-service-id 7798788
next
edit "Aruba.it-SSH"
set type default
set internet-service-id 7798790
next
edit "Aruba.it-FTP"
set type default
set internet-service-id 7798791
next
edit "Aruba.it-NTP"
set type default
set internet-service-id 7798792
next
edit "Aruba.it-Inbound_Email"
set type default
set internet-service-id 7798793
next
edit "Aruba.it-LDAP"
set type default
set internet-service-id 7798798
next
edit "Aruba.it-NetBIOS.Session.Service"
set type default
set internet-service-id 7798799
next
edit "Aruba.it-RTMP"
set type default
set internet-service-id 7798800
next
edit "Aruba.it-NetBIOS.Name.Service"
set type default
set internet-service-id 7798808
next
edit "ISLOnline-Other"
set type default
set internet-service-id 7864320
next
edit "ISLOnline-Web"
set type default
set internet-service-id 7864321
next
edit "ISLOnline-ICMP"
set type default
set internet-service-id 7864322
next
edit "ISLOnline-DNS"
set type default
set internet-service-id 7864323
next
edit "ISLOnline-Outbound_Email"
set type default
set internet-service-id 7864324
next
edit "ISLOnline-SSH"
set type default
set internet-service-id 7864326
next
edit "ISLOnline-FTP"
set type default
set internet-service-id 7864327
next
edit "ISLOnline-NTP"
set type default
set internet-service-id 7864328
next
edit "ISLOnline-Inbound_Email"
set type default
set internet-service-id 7864329
next
edit "ISLOnline-LDAP"
set type default
set internet-service-id 7864334
next
edit "ISLOnline-NetBIOS.Session.Service"
set type default
set internet-service-id 7864335
next
edit "ISLOnline-RTMP"
set type default
set internet-service-id 7864336
next
edit "ISLOnline-NetBIOS.Name.Service"
set type default
set internet-service-id 7864344
next
edit "ISLOnline-ISLOnline"
set type default
set internet-service-id 7864667
next
edit "Akamai-CDN"
set type default
set internet-service-id 7929993
next
edit "Akamai-Linode.Cloud"
set type default
set internet-service-id 7930148
next
edit "Rackspace-CDN"
set type default
set internet-service-id 7995529
next
edit "Instart-CDN"
set type default
set internet-service-id 8061065
next
edit "Bitdefender-Other"
set type default
set internet-service-id 8126464
next
edit "Bitdefender-Web"
set type default
set internet-service-id 8126465
next
edit "Bitdefender-ICMP"
set type default
set internet-service-id 8126466
next
edit "Bitdefender-DNS"
set type default
set internet-service-id 8126467
next
edit "Bitdefender-Outbound_Email"
set type default
set internet-service-id 8126468
next
edit "Bitdefender-SSH"
set type default
set internet-service-id 8126470
next
edit "Bitdefender-FTP"
set type default
set internet-service-id 8126471
next
edit "Bitdefender-NTP"
set type default
set internet-service-id 8126472
next
edit "Bitdefender-Inbound_Email"
set type default
set internet-service-id 8126473
next
edit "Bitdefender-LDAP"
set type default
set internet-service-id 8126478
next
edit "Bitdefender-NetBIOS.Session.Service"
set type default
set internet-service-id 8126479
next
edit "Bitdefender-RTMP"
set type default
set internet-service-id 8126480
next
edit "Bitdefender-NetBIOS.Name.Service"
set type default
set internet-service-id 8126488
next
edit "Pingdom-Other"
set type default
set internet-service-id 8192000
next
edit "Pingdom-Web"
set type default
set internet-service-id 8192001
next
edit "Pingdom-ICMP"
set type default
set internet-service-id 8192002
next
edit "Pingdom-DNS"
set type default
set internet-service-id 8192003
next
edit "Pingdom-Outbound_Email"
set type default
set internet-service-id 8192004
next
edit "Pingdom-SSH"
set type default
set internet-service-id 8192006
next
edit "Pingdom-FTP"
set type default
set internet-service-id 8192007
next
edit "Pingdom-NTP"
set type default
set internet-service-id 8192008
next
edit "Pingdom-Inbound_Email"
set type default
set internet-service-id 8192009
next
edit "Pingdom-LDAP"
set type default
set internet-service-id 8192014
next
edit "Pingdom-NetBIOS.Session.Service"
set type default
set internet-service-id 8192015
next
edit "Pingdom-RTMP"
set type default
set internet-service-id 8192016
next
edit "Pingdom-NetBIOS.Name.Service"
set type default
set internet-service-id 8192024
next
edit "UptimeRobot-Other"
set type default
set internet-service-id 8257536
next
edit "UptimeRobot-Web"
set type default
set internet-service-id 8257537
next
edit "UptimeRobot-ICMP"
set type default
set internet-service-id 8257538
next
edit "UptimeRobot-DNS"
set type default
set internet-service-id 8257539
next
edit "UptimeRobot-Outbound_Email"
set type default
set internet-service-id 8257540
next
edit "UptimeRobot-SSH"
set type default
set internet-service-id 8257542
next
edit "UptimeRobot-FTP"
set type default
set internet-service-id 8257543
next
edit "UptimeRobot-NTP"
set type default
set internet-service-id 8257544
next
edit "UptimeRobot-Inbound_Email"
set type default
set internet-service-id 8257545
next
edit "UptimeRobot-LDAP"
set type default
set internet-service-id 8257550
next
edit "UptimeRobot-NetBIOS.Session.Service"
set type default
set internet-service-id 8257551
next
edit "UptimeRobot-RTMP"
set type default
set internet-service-id 8257552
next
edit "UptimeRobot-NetBIOS.Name.Service"
set type default
set internet-service-id 8257560
next
edit "UptimeRobot-UptimeRobot.Monitor"
set type default
set internet-service-id 8257709
next
edit "Quovadisglobal-Other"
set type default
set internet-service-id 8323072
next
edit "Quovadisglobal-Web"
set type default
set internet-service-id 8323073
next
edit "Quovadisglobal-ICMP"
set type default
set internet-service-id 8323074
next
edit "Quovadisglobal-DNS"
set type default
set internet-service-id 8323075
next
edit "Quovadisglobal-Outbound_Email"
set type default
set internet-service-id 8323076
next
edit "Quovadisglobal-SSH"
set type default
set internet-service-id 8323078
next
edit "Quovadisglobal-FTP"
set type default
set internet-service-id 8323079
next
edit "Quovadisglobal-NTP"
set type default
set internet-service-id 8323080
next
edit "Quovadisglobal-Inbound_Email"
set type default
set internet-service-id 8323081
next
edit "Quovadisglobal-LDAP"
set type default
set internet-service-id 8323086
next
edit "Quovadisglobal-NetBIOS.Session.Service"
set type default
set internet-service-id 8323087
next
edit "Quovadisglobal-RTMP"
set type default
set internet-service-id 8323088
next
edit "Quovadisglobal-NetBIOS.Name.Service"
set type default
set internet-service-id 8323096
next
edit "Splashtop-Splashtop"
set type default
set internet-service-id 8388751
next
edit "Zoox-Other"
set type default
set internet-service-id 8454144
next
edit "Zoox-Web"
set type default
set internet-service-id 8454145
next
edit "Zoox-ICMP"
set type default
set internet-service-id 8454146
next
edit "Zoox-DNS"
set type default
set internet-service-id 8454147
next
edit "Zoox-Outbound_Email"
set type default
set internet-service-id 8454148
next
edit "Zoox-SSH"
set type default
set internet-service-id 8454150
next
edit "Zoox-FTP"
set type default
set internet-service-id 8454151
next
edit "Zoox-NTP"
set type default
set internet-service-id 8454152
next
edit "Zoox-Inbound_Email"
set type default
set internet-service-id 8454153
next
edit "Zoox-LDAP"
set type default
set internet-service-id 8454158
next
edit "Zoox-NetBIOS.Session.Service"
set type default
set internet-service-id 8454159
next
edit "Zoox-RTMP"
set type default
set internet-service-id 8454160
next
edit "Zoox-NetBIOS.Name.Service"
set type default
set internet-service-id 8454168
next
edit "Skyfii-Other"
set type default
set internet-service-id 8519680
next
edit "Skyfii-Web"
set type default
set internet-service-id 8519681
next
edit "Skyfii-ICMP"
set type default
set internet-service-id 8519682
next
edit "Skyfii-DNS"
set type default
set internet-service-id 8519683
next
edit "Skyfii-Outbound_Email"
set type default
set internet-service-id 8519684
next
edit "Skyfii-SSH"
set type default
set internet-service-id 8519686
next
edit "Skyfii-FTP"
set type default
set internet-service-id 8519687
next
edit "Skyfii-NTP"
set type default
set internet-service-id 8519688
next
edit "Skyfii-Inbound_Email"
set type default
set internet-service-id 8519689
next
edit "Skyfii-LDAP"
set type default
set internet-service-id 8519694
next
edit "Skyfii-NetBIOS.Session.Service"
set type default
set internet-service-id 8519695
next
edit "Skyfii-RTMP"
set type default
set internet-service-id 8519696
next
edit "Skyfii-NetBIOS.Name.Service"
set type default
set internet-service-id 8519704
next
edit "CoffeeBean-Other"
set type default
set internet-service-id 8585216
next
edit "CoffeeBean-Web"
set type default
set internet-service-id 8585217
next
edit "CoffeeBean-ICMP"
set type default
set internet-service-id 8585218
next
edit "CoffeeBean-DNS"
set type default
set internet-service-id 8585219
next
edit "CoffeeBean-Outbound_Email"
set type default
set internet-service-id 8585220
next
edit "CoffeeBean-SSH"
set type default
set internet-service-id 8585222
next
edit "CoffeeBean-FTP"
set type default
set internet-service-id 8585223
next
edit "CoffeeBean-NTP"
set type default
set internet-service-id 8585224
next
edit "CoffeeBean-Inbound_Email"
set type default
set internet-service-id 8585225
next
edit "CoffeeBean-LDAP"
set type default
set internet-service-id 8585230
next
edit "CoffeeBean-NetBIOS.Session.Service"
set type default
set internet-service-id 8585231
next
edit "CoffeeBean-RTMP"
set type default
set internet-service-id 8585232
next
edit "CoffeeBean-NetBIOS.Name.Service"
set type default
set internet-service-id 8585240
next
edit "Cloud4Wi-Other"
set type default
set internet-service-id 8650752
next
edit "Cloud4Wi-Web"
set type default
set internet-service-id 8650753
next
edit "Cloud4Wi-ICMP"
set type default
set internet-service-id 8650754
next
edit "Cloud4Wi-DNS"
set type default
set internet-service-id 8650755
next
edit "Cloud4Wi-Outbound_Email"
set type default
set internet-service-id 8650756
next
edit "Cloud4Wi-SSH"
set type default
set internet-service-id 8650758
next
edit "Cloud4Wi-FTP"
set type default
set internet-service-id 8650759
next
edit "Cloud4Wi-NTP"
set type default
set internet-service-id 8650760
next
edit "Cloud4Wi-Inbound_Email"
set type default
set internet-service-id 8650761
next
edit "Cloud4Wi-LDAP"
set type default
set internet-service-id 8650766
next
edit "Cloud4Wi-NetBIOS.Session.Service"
set type default
set internet-service-id 8650767
next
edit "Cloud4Wi-RTMP"
set type default
set internet-service-id 8650768
next
edit "Cloud4Wi-NetBIOS.Name.Service"
set type default
set internet-service-id 8650776
next
edit "Panda-Panda.Security"
set type default
set internet-service-id 8716432
next
edit "Ewon-Talk2M"
set type default
set internet-service-id 8781970
next
edit "Nutanix-Nutanix.Cloud"
set type default
set internet-service-id 8847507
next
edit "Backblaze-Other"
set type default
set internet-service-id 8912896
next
edit "Backblaze-Web"
set type default
set internet-service-id 8912897
next
edit "Backblaze-ICMP"
set type default
set internet-service-id 8912898
next
edit "Backblaze-DNS"
set type default
set internet-service-id 8912899
next
edit "Backblaze-Outbound_Email"
set type default
set internet-service-id 8912900
next
edit "Backblaze-SSH"
set type default
set internet-service-id 8912902
next
edit "Backblaze-FTP"
set type default
set internet-service-id 8912903
next
edit "Backblaze-NTP"
set type default
set internet-service-id 8912904
next
edit "Backblaze-Inbound_Email"
set type default
set internet-service-id 8912905
next
edit "Backblaze-LDAP"
set type default
set internet-service-id 8912910
next
edit "Backblaze-NetBIOS.Session.Service"
set type default
set internet-service-id 8912911
next
edit "Backblaze-RTMP"
set type default
set internet-service-id 8912912
next
edit "Backblaze-NetBIOS.Name.Service"
set type default
set internet-service-id 8912920
next
edit "Extreme-Extreme.Cloud"
set type default
set internet-service-id 8978580
next
edit "XING-Other"
set type default
set internet-service-id 9043968
next
edit "XING-Web"
set type default
set internet-service-id 9043969
next
edit "XING-ICMP"
set type default
set internet-service-id 9043970
next
edit "XING-DNS"
set type default
set internet-service-id 9043971
next
edit "XING-Outbound_Email"
set type default
set internet-service-id 9043972
next
edit "XING-SSH"
set type default
set internet-service-id 9043974
next
edit "XING-FTP"
set type default
set internet-service-id 9043975
next
edit "XING-NTP"
set type default
set internet-service-id 9043976
next
edit "XING-Inbound_Email"
set type default
set internet-service-id 9043977
next
edit "XING-LDAP"
set type default
set internet-service-id 9043982
next
edit "XING-NetBIOS.Session.Service"
set type default
set internet-service-id 9043983
next
edit "XING-RTMP"
set type default
set internet-service-id 9043984
next
edit "XING-NetBIOS.Name.Service"
set type default
set internet-service-id 9043992
next
edit "Genesys-PureCloud"
set type default
set internet-service-id 9109653
next
edit "BlackBerry-Cylance"
set type default
set internet-service-id 9175190
next
edit "DigiCert-OCSP"
set type default
set internet-service-id 9240728
next
edit "Infomaniak-SwissTransfer"
set type default
set internet-service-id 9306265
next
edit "Fuze-Fuze"
set type default
set internet-service-id 9371802
next
edit "Truecaller-Truecaller"
set type default
set internet-service-id 9437339
next
edit "GlobalSign-OCSP"
set type default
set internet-service-id 9502872
next
edit "VeriSign-OCSP"
set type default
set internet-service-id 9568408
next
edit "Sony-PlayStation.Network"
set type default
set internet-service-id 9633952
next
edit "Acronis-Cyber.Cloud"
set type default
set internet-service-id 9699489
next
edit "RingCentral-RingCentral"
set type default
set internet-service-id 9765027
next
edit "FSecure-FSecure"
set type default
set internet-service-id 9830564
next
edit "Kaseya-Kaseya.Cloud"
set type default
set internet-service-id 9896101
next
edit "Shodan-Scanner"
set type default
set internet-service-id 9961638
next
edit "Censys-Scanner"
set type default
set internet-service-id 10027174
next
edit "Valve-Steam"
set type default
set internet-service-id 10092711
next
edit "YouSeeU-Bongo"
set type default
set internet-service-id 10158248
next
edit "Cato-Cato.Cloud"
set type default
set internet-service-id 10223785
next
edit "SolarWinds-SpamExperts"
set type default
set internet-service-id 10289323
next
edit "SolarWinds-Pingdom.Probe"
set type default
set internet-service-id 10289326
next
edit "SolarWinds-SolarWinds.RMM"
set type default
set internet-service-id 10289379
next
edit "8X8-8X8.Cloud"
set type default
set internet-service-id 10354860
next
edit "Zattoo-Zattoo.TV"
set type default
set internet-service-id 10420401
next
edit "Datto-Datto.RMM"
set type default
set internet-service-id 10485939
next
edit "Datto-Datto.BCDR"
set type default
set internet-service-id 10486083
next
edit "Barracuda-Barracuda.Cloud"
set type default
set internet-service-id 10551477
next
edit "Naver-Line"
set type default
set internet-service-id 10617015
next
edit "Disney-Disney+"
set type default
set internet-service-id 10682552
next
edit "DNS-DoH_DoT"
set type default
set internet-service-id 10748089
next
edit "DNS-Root.Name.Servers"
set type default
set internet-service-id 10748156
next
edit "DNS-ARPA.Name.Servers"
set type default
set internet-service-id 10748206
next
edit "Quad9-Quad9.Standard.DNS"
set type default
set internet-service-id 10813626
next
edit "Stretchoid-Scanner"
set type default
set internet-service-id 10879142
next
edit "Poly-RealConnect.Service"
set type default
set internet-service-id 10944700
next
edit "Telegram-Telegram"
set type default
set internet-service-id 11010249
next
edit "Spotify-Spotify"
set type default
set internet-service-id 11075786
next
edit "NextDNS-NextDNS"
set type default
set internet-service-id 11141324
next
edit "Fastly-CDN"
set type default
set internet-service-id 11206793
next
edit "Neustar-UltraDNS.Probes"
set type default
set internet-service-id 11272397
next
edit "Malicious-Malicious.Server"
set type default
set internet-service-id 11337935
next
edit "NIST-ITS"
set type default
set internet-service-id 11403472
next
edit "Jamf-Jamf.Cloud"
set type default
set internet-service-id 11469009
next
edit "Alcatel.Lucent-Rainbow"
set type default
set internet-service-id 11534546
next
edit "Forcepoint-Forcepoint.Cloud"
set type default
set internet-service-id 11600083
next
edit "Datadog-Datadog"
set type default
set internet-service-id 11665620
next
edit "Mimecast-Mimecast"
set type default
set internet-service-id 11731157
next
edit "MediaFire-Other"
set type default
set internet-service-id 11796480
next
edit "MediaFire-Web"
set type default
set internet-service-id 11796481
next
edit "MediaFire-ICMP"
set type default
set internet-service-id 11796482
next
edit "MediaFire-DNS"
set type default
set internet-service-id 11796483
next
edit "MediaFire-Outbound_Email"
set type default
set internet-service-id 11796484
next
edit "MediaFire-SSH"
set type default
set internet-service-id 11796486
next
edit "MediaFire-FTP"
set type default
set internet-service-id 11796487
next
edit "MediaFire-NTP"
set type default
set internet-service-id 11796488
next
edit "MediaFire-Inbound_Email"
set type default
set internet-service-id 11796489
next
edit "MediaFire-LDAP"
set type default
set internet-service-id 11796494
next
edit "MediaFire-NetBIOS.Session.Service"
set type default
set internet-service-id 11796495
next
edit "MediaFire-RTMP"
set type default
set internet-service-id 11796496
next
edit "MediaFire-NetBIOS.Name.Service"
set type default
set internet-service-id 11796504
next
edit "Pandora-Pandora"
set type default
set internet-service-id 11862230
next
edit "SiriusXM-SiriusXM"
set type default
set internet-service-id 11927767
next
edit "Hopin-Hopin"
set type default
set internet-service-id 11993304
next
edit "RedShield-RedShield.Cloud"
set type default
set internet-service-id 12058842
next
edit "InterneTTL-Scanner"
set type default
set internet-service-id 12124326
next
edit "VadeSecure-VadeSecure.Cloud"
set type default
set internet-service-id 12189915
next
edit "Netskope-Netskope.Cloud"
set type default
set internet-service-id 12255452
next
edit "ClickMeeting-ClickMeeting"
set type default
set internet-service-id 12320989
next
edit "Tenable-Tenable.io.Cloud.Scanner"
set type default
set internet-service-id 12386528
next
edit "Vidyo-VidyoCloud"
set type default
set internet-service-id 12452065
next
edit "OpenNIC-OpenNIC.DNS"
set type default
set internet-service-id 12517602
next
edit "Sectigo-Sectigo"
set type default
set internet-service-id 12583141
next
edit "DigitalOcean-DigitalOcean.Platform"
set type default
set internet-service-id 12648679
next
edit "Pitney.Bowes-Pitney.Bowes.Data.Center"
set type default
set internet-service-id 12714216
next
edit "VPN-Anonymous.VPN"
set type default
set internet-service-id 12779753
next
edit "Blockchain-Crypto.Mining.Pool"
set type default
set internet-service-id 12845290
next
edit "FactSet-FactSet"
set type default
set internet-service-id 12910830
next
edit "Bloomberg-Bloomberg"
set type default
set internet-service-id 12976367
next
edit "Five9-Five9"
set type default
set internet-service-id 13041904
next
edit "Gigas-Gigas.Cloud"
set type default
set internet-service-id 13107441
next
edit "Imperva-Imperva.Cloud.WAF"
set type default
set internet-service-id 13172978
next
edit "INAP-INAP"
set type default
set internet-service-id 13238515
next
edit "Azion-Azion.Platform"
set type default
set internet-service-id 13304053
next
edit "Hurricane.Electric-Hurricane.Electric.Internet.Services"
set type default
set internet-service-id 13369590
next
edit "NodePing-NodePing.Probe"
set type default
set internet-service-id 13435127
next
edit "Frontline-Frontline"
set type default
set internet-service-id 13500665
next
edit "Tally-Tally.ERP"
set type default
set internet-service-id 13566202
next
edit "Hosting-Bulletproof.Hosting"
set type default
set internet-service-id 13631739
next
edit "Okko-Okko.TV"
set type default
set internet-service-id 13697277
next
edit "Voximplant-Voximplant.Platform"
set type default
set internet-service-id 13762829
next
edit "OVHcloud-OVHcloud"
set type default
set internet-service-id 13828367
next
edit "OVHcloud-OVH.Telecom"
set type default
set internet-service-id 13828461
next
edit "SentinelOne-SentinelOne.Cloud"
set type default
set internet-service-id 13893905
next
edit "Kakao-Kakao.Services"
set type default
set internet-service-id 13959442
next
edit "Stripe-Stripe"
set type default
set internet-service-id 14024979
next
edit "NetScout-Scanner"
set type default
set internet-service-id 14090406
next
edit "Recyber-Scanner"
set type default
set internet-service-id 14155942
next
edit "Cyber.Casa-Scanner"
set type default
set internet-service-id 14221478
next
edit "GTHost-Dedicated.Instant.Servers"
set type default
set internet-service-id 14287132
next
edit "ivi-ivi.Streaming"
set type default
set internet-service-id 14352669
next
edit "BinaryEdge-Scanner"
set type default
set internet-service-id 14418086
next
edit "Fintech-MarketMap.Terminal"
set type default
set internet-service-id 14483742
next
edit "xMatters-xMatters.Platform"
set type default
set internet-service-id 14549279
next
edit "Blizzard-Battle.Net"
set type default
set internet-service-id 14614816
next
edit "Axon-Evidence"
set type default
set internet-service-id 14680353
next
edit "CDN77-CDN"
set type default
set internet-service-id 14745737
next
edit "GCore.Labs-CDN"
set type default
set internet-service-id 14811273
next
edit "Matrix42-FastViewer"
set type default
set internet-service-id 14876962
next
edit "Bunny.net-CDN"
set type default
set internet-service-id 14942345
next
edit "StackPath-CDN"
set type default
set internet-service-id 15007881
next
edit "Edgio-CDN"
set type default
set internet-service-id 15073417
next
edit "CacheFly-CDN"
set type default
set internet-service-id 15138953
next
edit "Paylocity-Paylocity"
set type default
set internet-service-id 15204646
next
edit "Qualys-Qualys.Cloud.Platform"
set type default
set internet-service-id 15270183
next
edit "Dailymotion-Other"
set type default
set internet-service-id 15335424
next
edit "Dailymotion-Web"
set type default
set internet-service-id 15335425
next
edit "Dailymotion-ICMP"
set type default
set internet-service-id 15335426
next
edit "Dailymotion-DNS"
set type default
set internet-service-id 15335427
next
edit "Dailymotion-Outbound_Email"
set type default
set internet-service-id 15335428
next
edit "Dailymotion-SSH"
set type default
set internet-service-id 15335430
next
edit "Dailymotion-FTP"
set type default
set internet-service-id 15335431
next
edit "Dailymotion-NTP"
set type default
set internet-service-id 15335432
next
edit "Dailymotion-Inbound_Email"
set type default
set internet-service-id 15335433
next
edit "Dailymotion-LDAP"
set type default
set internet-service-id 15335438
next
edit "Dailymotion-NetBIOS.Session.Service"
set type default
set internet-service-id 15335439
next
edit "Dailymotion-RTMP"
set type default
set internet-service-id 15335440
next
edit "Dailymotion-NetBIOS.Name.Service"
set type default
set internet-service-id 15335448
next
edit "LaunchDarkly-LaunchDarkly.Platform"
set type default
set internet-service-id 15401258
next
edit "Medianova-CDN"
set type default
set internet-service-id 15466633
next
edit "NetDocuments-NetDocuments.Platform"
set type default
set internet-service-id 15532331
next
edit "Vonage-Vonage.Contact.Center"
set type default
set internet-service-id 15597869
next
edit "Vonage-Vonage.Video.API"
set type default
set internet-service-id 15597872
next
edit "Veritas-Enterprise.Vault.Cloud"
set type default
set internet-service-id 15663407
next
edit "UK.NCSC-Scanner"
set type default
set internet-service-id 15728806
next
edit "Restream-Restream.Platform"
set type default
set internet-service-id 15794481
next
edit "ArcticWolf-ArcticWolf.Cloud"
set type default
set internet-service-id 15860019
next
edit "CounterPath-Bria"
set type default
set internet-service-id 15925556
next
edit "CriminalIP-Scanner"
set type default
set internet-service-id 15990950
next
edit "IPFS-IPFS.Gateway"
set type default
set internet-service-id 16056629
next
edit "Internet.Census.Group-Scanner"
set type default
set internet-service-id 16122022
next
edit "Performive-Performive.Cloud"
set type default
set internet-service-id 16187706
next
edit "OneLogin-OneLogin"
set type default
set internet-service-id 16253244
next
edit "Shadowserver-Scanner"
set type default
set internet-service-id 16318630
next
edit "Turkcell-Suit.Conference"
set type default
set internet-service-id 16384317
next
edit "LeakIX-Scanner"
set type default
set internet-service-id 16449702
next
edit "Infoblox-BloxOne"
set type default
set internet-service-id 16515390
next
edit "Nice-CXone"
set type default
set internet-service-id 16580927
next
edit "Hetzner-Hetzner.Hosting.Service"
set type default
set internet-service-id 16646464
next
edit "ThreatLocker-ThreatLocker"
set type default
set internet-service-id 16712001
next
edit "ZPE-ZPE.Cloud"
set type default
set internet-service-id 16777538
next
edit "ColoCrossing-ColoCrossing.Hosting.Service"
set type default
set internet-service-id 16843076
next
edit "Sinch-Mailgun"
set type default
set internet-service-id 16908613
next
edit "SpaceX-Starlink"
set type default
set internet-service-id 16974150
next
edit "Ingenuity-Ingenuity.Cloud.Service"
set type default
set internet-service-id 17039688
next
edit "Skyhigh.Security-Secure.Web.Gateway"
set type default
set internet-service-id 17105227
next
edit "Stark.Industries-Stark.Industries.Hosting.Service"
set type default
set internet-service-id 17170764
next
edit "StatusCake-StatusCake.Monitor"
set type default
set internet-service-id 17236307
next
edit "NAP-NAPLAN"
set type default
set internet-service-id 17301844
next
edit "Elastic-Elastic.Cloud"
set type default
set internet-service-id 17367382
next
edit "NFON-NFON"
set type default
set internet-service-id 17432920
next
edit "SERVERD-SERVERD.Hosting.Service"
set type default
set internet-service-id 17498457
next
edit "MEGA-MEGA.Cloud"
set type default
set internet-service-id 17563994
next
edit "Hadrian-Scanner"
set type default
set internet-service-id 17629350
next
edit "Dotcom.Monitor-Dotcom.Monitor"
set type default
set internet-service-id 17695068
next
edit "Ahrefs-AhrefsBot"
set type default
set internet-service-id 17760605
next
edit "Semrush-SemrushBot"
set type default
set internet-service-id 17826142
next
edit "Zero.Networks-Zero.Networks"
set type default
set internet-service-id 17891679
next
edit "Vultr-Vultr.Cloud"
set type default
set internet-service-id 17957216
next
edit "EGI-EGI.Hosting.Service"
set type default
set internet-service-id 18022753
next
edit "ONYPHE-Scanner"
set type default
set internet-service-id 18088102
next
edit "Proofpoint-Proofpoint"
set type default
set internet-service-id 18153828
next
edit "Lookout-Lookout.Cloud"
set type default
set internet-service-id 18219365
next
edit "Heimdal-Heimdal.Security"
set type default
set internet-service-id 18284902
next
edit "Yealink-Yealink.Meeting"
set type default
set internet-service-id 18350439
next
edit "Secomea-Secomea"
set type default
set internet-service-id 18415976
next
edit "CallTower-CT.Cloud"
set type default
set internet-service-id 18481513
next
edit "OpenAI-OpenAI.Bot"
set type default
set internet-service-id 18547052
next
edit "Alpemix-Alpemix"
set type default
set internet-service-id 18612590
next
edit "M247-M247.Hosting.Service"
set type default
set internet-service-id 18678127
next
edit "Quintex-Quintex.Hosting.Service"
set type default
set internet-service-id 18743664
next
edit "Aeza-Aeza.Hosting.Service"
set type default
set internet-service-id 18809201
next
edit "Amanah-Amanah.Hosting.Service"
set type default
set internet-service-id 18874738
next
edit "ByteDance-Lark"
set type default
set internet-service-id 18940275
next
edit "KnowBe4-KnowBe4"
set type default
set internet-service-id 19005812
next
edit "Keeper-Keeper.Security"
set type default
set internet-service-id 19071349
next
edit "NinjaOne-NinjaOne"
set type default
set internet-service-id 19136887
next
end
config firewall internet-service-addition
end
config firewall internet-service-append
set addr-mode ipv4
set match-port 0
set append-port 0
end
config firewall internet-service-definition
end
config webfilter ips-urlfilter-cache-setting
set dns-retry-interval 0
set extended-ttl 0
end
config system ips-urlfilter-dns
end
config system ips-urlfilter-dns6
end
config system health-check-fortiguard
edit "Fortinet"
set server "www.fortinet.com"
set protocol http
next
end
config webfilter fortiguard
set cache-mode ttl
set cache-prefix-match enable
set cache-mem-permille 1
set ovrd-auth-port-http 8008
set ovrd-auth-port-https 8010
set ovrd-auth-port-https-flow 8015
set ovrd-auth-port-warning 8020
set ovrd-auth-https enable
set warn-auth-https enable
set close-ports disable
set request-packet-size-limit 0
set embed-image enable
end
config system resource-limits
end
config log syslogd setting
set status disable
set vrf-select 0
end
config log syslogd2 setting
set status disable
set vrf-select 0
end
config log syslogd3 setting
set status disable
set vrf-select 0
end
config log syslogd4 setting
set status disable
set vrf-select 0
end
config log webtrends setting
set status disable
end
config log memory global-setting
set max-size 83832954
set full-first-warning-threshold 75
set full-second-warning-threshold 90
set full-final-warning-threshold 95
end
config log syslogd filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log syslogd2 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log syslogd3 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log syslogd4 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log webtrends filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log fortiguard setting
set status enable
set access-config enable
set ssl-min-proto-version default
set source-ip 0.0.0.0
set interface-select-method auto
set vrf-select 0
set upload-option 5-minute
set priority default
set max-log-rate 0
set enc-algorithm high
set conn-timeout 10
end
config log fortiguard filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log fortianalyzer setting
set status disable
set vrf-select 0
end
config log fortianalyzer2 setting
set status disable
set vrf-select 0
end
config log fortianalyzer3 setting
set status disable
set vrf-select 0
end
config log fortianalyzer-cloud setting
set status disable
set vrf-select 0
end
config firewall ssl setting
set proxy-connect-timeout 30
set ssl-dh-bits 2048
set ssl-send-empty-frags enable
set no-matching-cipher-action bypass
set cert-cache-capacity 200
set cert-cache-timeout 10
set session-cache-capacity 500
set session-cache-timeout 20
set kxp-queue-threshold 16
set ssl-queue-threshold 32
set abbreviate-handshake enable
end
config firewall ipv6-eh-filter
set hop-opt disable
set dest-opt disable
set routing enable
set routing-type 0
set fragment disable
set auth disable
set no-next disable
end
config firewall global
set banned-ip-persistency disabled
end
config system speed-test-setting
set latency-threshold 60
set multiple-tcp-stream 4
end
config dlp settings
set config-builder-timeout 60
end
config system standalone-cluster
set standalone-group-id 0
set group-member-id 0
set layer2-connection unavailable
unset session-sync-dev
set encryption disable
set asymmetric-traffic-control cps-preferred
config cluster-peer
end
end
config switch-controller system
set parallel-process-override disable
set data-sync-interval 60
set iot-weight-threshold 1
set iot-scan-interval 60
set iot-holdoff 5
set iot-mac-idle 1440
set nac-periodic-interval 60
set dynamic-periodic-interval 60
set tunnel-mode compatible
set caputp-echo-interval 30
set caputp-max-retransmit 5
end
config wireless-controller timers
set echo-interval 30
set nat-session-keep-alive 0
set discovery-interval 5
set client-idle-timeout 300
set client-idle-rehome-timeout 20
set auth-timeout 5
set rogue-ap-log 0
set fake-ap-log 1
set sta-cap-cleanup 0
set rogue-ap-cleanup 0
set rogue-sta-cleanup 0
set wids-entry-cleanup 0
set ble-device-cleanup 60
set sta-stats-interval 10
set vap-stats-interval 15
set radio-stats-interval 15
set sta-capability-interval 30
set sta-locate-timer 1800
set ipsec-intf-cleanup 120
set ble-scan-report-intv 30
set drma-interval 60
set ap-reboot-wait-interval1 0
set ap-reboot-wait-time ''
set ap-reboot-wait-interval2 0
end
config emailfilter fortishield
set spam-submit-srv "www.nospammer.net"
set spam-submit-force enable
set spam-submit-txt2htm enable
end
config emailfilter options
set dns-timeout 7
end
config system fortiguard
set fortiguard-anycast enable
set fortiguard-anycast-source fortinet
set protocol https
set port 443
set load-balance-servers 1
set auto-join-forticloud enable
set update-server-location automatic
set sandbox-region "Global"
set sandbox-inline-scan disable
set update-ffdb enable
set update-uwdb enable
set update-dldb enable
set update-extdb enable
set update-build-proxy enable
set vdom ''
set auto-firmware-upgrade disable
set FDS-license-expiring-days 15
set antispam-force-off disable
set antispam-cache enable
set antispam-cache-ttl 1800
set antispam-cache-mpermille 1
set antispam-timeout 7
set outbreak-prevention-force-off disable
set outbreak-prevention-cache enable
set outbreak-prevention-cache-ttl 300
set outbreak-prevention-cache-mpermille 1
set outbreak-prevention-timeout 7
set webfilter-force-off disable
set webfilter-cache enable
set webfilter-cache-ttl 3600
set webfilter-timeout 15
set anycast-sdns-server-ip 0.0.0.0
set anycast-sdns-server-port 853
unset sdns-options
set source-ip 0.0.0.0
set source-ip6 ::
set proxy-server-ip ''
set proxy-server-port 0
set proxy-username ''
set proxy-password ENC
7DMuoLRE/yq1gepLDnPt3r61jsusLqasx5rR2oGKHRDDpZy/WOhOML5I2yl9Zoc4vpG+Tkt4FetgZmw8zwt
sNROQQ07rL1GIhXAceNYGsM
iZmym/u7JpU/
ZfJpBE2ezBwblwG5EEeaq66QQ8GUrPJfCVTkyzq9f0SIxRWbD71BaoFiF3h+Kw7HnMMJvVvVZy7sjyYVlmM
jY3dkVA
set ddns-server-ip 0.0.0.0
set ddns-server-ip6 ::
set ddns-server-port 443
set interface-select-method auto
set vrf-select 0
end
config endpoint-control fctems
edit 1
set status disable
next
edit 2
set status disable
next
edit 3
set status disable
next
edit 4
set status disable
next
edit 5
set status disable
next
edit 6
set status disable
next
edit 7
set status disable
next
end
config ips global
set fail-open disable
set database extended
set traffic-submit disable
set anomaly-mode continuous
set session-limit-mode heuristic
set socket-size 64
set engine-count 0
set sync-session-ttl enable
set np-accel-mode basic
set ips-reserve-cpu disable
set cp-accel-mode advanced
set deep-app-insp-timeout 0
set deep-app-insp-db-limit 0
set exclude-signatures ot
set packet-log-queue-depth 128
set ngfw-max-scan-range 4096
set av-mem-limit 0
config tls-active-probe
set interface-select-method auto
end
end
config system email-server
set type custom
set server "fortinet-notifications.com"
set port 465
set source-ip 0.0.0.0
set source-ip6 ::
set authenticate disable
set validate-server disable
set security smtps
set ssl-min-proto-version default
set interface-select-method auto
set vrf-select 0
end
config system session-helper
edit 1
set name pptp
set protocol 6
set port 1723
next
edit 2
set name h323
set protocol 6
set port 1720
next
edit 3
set name ras
set protocol 17
set port 1719
next
edit 4
set name tns
set protocol 6
set port 1521
next
edit 5
set name tftp
set protocol 17
set port 69
next
edit 6
set name rtsp
set protocol 6
set port 554
next
edit 7
set name rtsp
set protocol 6
set port 7070
next
edit 8
set name rtsp
set protocol 6
set port 8554
next
edit 9
set name ftp
set protocol 6
set port 21
next
edit 10
set name mms
set protocol 6
set port 1863
next
edit 11
set name pmap
set protocol 6
set port 111
next
edit 12
set name pmap
set protocol 17
set port 111
next
edit 13
set name sip
set protocol 17
set port 5060
next
edit 14
set name dns-udp
set protocol 17
set port 53
next
edit 15
set name rsh
set protocol 6
set port 514
next
edit 16
set name rsh
set protocol 6
set port 512
next
edit 17
set name dcerpc
set protocol 6
set port 135
next
edit 18
set name dcerpc
set protocol 17
set port 135
next
edit 19
set name mgcp
set protocol 17
set port 2427
next
edit 20
set name mgcp
set protocol 17
set port 2727
next
end
config system fips-cc
end
config system tos-based-priority
end
config system dscp-based-priority
end
config system probe-response
set mode none
end
config system lte-modem
set status disable
set extra-init ''
set authtype none
set apn ''
set modem-port 255
end
config system auto-install
set auto-install-config enable
set auto-install-image enable
set default-config-file "fgt_system.conf"
set default-image-file "image.out"
end
config system console
set output more
set login enable
set fortiexplorer enable
end
config system ntp
set ntpsync enable
set type fortiguard
set syncinterval 60
set source-ip 0.0.0.0
set source-ip6 ::
set server-mode enable
set authentication disable
set interface "fortilink"
end
config system ftm-push
set proxy enable
set server-port 4433
set server-cert "Fortinet_GUI_Server"
set server ''
set status disable
end
config system geoip-override
end
config system fortisandbox
set status disable
set email ''
end
config system fortindr
set status disable
end
config system affinity-interrupt
end
config system affinity-packet-redistribution
end
config system vdom-exception
end
config system csf
set status disable
set forticloud-account-enforcement enable
end
config automation setting
set max-concurrent-stitches 256
set fabric-sync enable
end
config system automation-trigger
edit "Network Down"
set description "Default automation trigger configuration for when a
network connection goes down."
set trigger-type event-based
set event-type event-log
set logid 20099
config fields
edit 1
set name "status"
set value "DOWN"
next
end
next
edit "HA Failover"
set description "Default automation trigger configuration for when an HA
failover occurs."
set trigger-type event-based
set event-type ha-failover
next
edit "Reboot"
set description "Default automation trigger configuration for when a
FortiGate is rebooted."
set trigger-type event-based
set event-type reboot
next
edit "FortiAnalyzer Connection Down"
set description "Default automation trigger configuration for when the
FortiAnalyzer connection is lost."
set trigger-type event-based
set event-type event-log
set logid 22902
next
edit "License Expired Notification"
set description "Default automation trigger configuration for when a
license is near expiration."
set trigger-type event-based
set event-type license-near-expiry
set license-type any
next
edit "Local Cert Expired Notification"
set description "Default automation trigger configuration for when a local
certificate is near expiration."
set trigger-type event-based
set event-type ioc
next
edit "Compromised Host - High"
set description "Default automation trigger configuration for when a high
severity compromised host is detected."
set trigger-type event-based
set event-type ioc
next
edit "Incoming Webhook Call"
set description "Default automation trigger configuration for an incoming
webhook."
set trigger-type event-based
set event-type incoming-webhook
next
edit "Security Rating Notification"
set description "Default automation trigger configuration for when a new
Security Rating report is available."
set trigger-type event-based
set event-type security-rating-summary
set report-type any
next
edit "Compromised Host"
set description "An incident of compromise has been detected on a host
endpoint."
set trigger-type event-based
set event-type ioc
next
edit "Any Security Rating Notification"
set description "A security rating summary report has been generated."
set trigger-type event-based
set event-type security-rating-summary
set report-type posture
next
edit "AV & IPS DB update"
set description "The antivirus and IPS database has been updated."
set trigger-type event-based
set event-type virus-ips-db-updated
next
edit "Configuration Change"
set description "An administrator\'s session that changed a FortiGate\'s
configuration has ended."
set trigger-type event-based
set event-type config-change
next
edit "Conserve Mode"
set description "A FortiGate has entered conserve mode due to low memory."
set trigger-type event-based
set event-type low-memory
next
edit "High CPU"
set description "A FortiGate has high CPU usage."
set trigger-type event-based
set event-type high-cpu
next
edit "License Expiry"
set description "A FortiGate license is near expiration."
set trigger-type event-based
set event-type license-near-expiry
set license-type any
next
edit "Anomaly Logs"
set description "An anomalous event has occurred."
set trigger-type event-based
set event-type anomaly-logs
next
edit "IPS Logs"
set description "An IPS event has occurred."
set trigger-type event-based
set event-type ips-logs
next
edit "SSH Logs"
set description "A SSH event has occurred."
set trigger-type event-based
set event-type ssh-logs
next
edit "Traffic Violation"
set description "A traffic policy has been violated."
set trigger-type event-based
set event-type traffic-violation
next
edit "Virus Logs"
set description "A virus event has occurred."
set trigger-type event-based
set event-type virus-logs
next
edit "Webfilter Violation"
set description "A webfilter policy has been violated."
set trigger-type event-based
set event-type webfilter-violation
next
edit "Admin Login"
set description "A FortiOS event with specified log ID has occurred."
set trigger-type event-based
set event-type event-log
set logid 32001
next
edit "Local Certificate Expiry"
set description "A local certificate is near expiration."
set trigger-type event-based
set event-type local-cert-near-expiry
next
edit "Auto Firmware upgrade"
set description "Automatic firmware upgrade."
set trigger-type event-based
set event-type event-log
set logid 22094 22095 32263
next
end
config system automation-condition
end
config system automation-action
edit "Default Email"
set description "Default automation action configuration for sending an
email with basic information on the log event."
set action-type email
set forticare-email disable
set email-from ''
set email-subject "%%log.logdesc%%"
set minimum-interval 0
set message "%%log%%"
set replacement-message disable
next
edit "FortiExplorer Notification"
set description "Default automation action configuration for sending a
notification to any FortiExplorer mobile application."
set action-type fortiexplorer-notification
set minimum-interval 0
next
edit "Quarantine on FortiSwitch + FortiAP"
set description "Default automation action configuration for quarantining a
MAC address on FortiSwitches and FortiAPs."
set action-type quarantine
next
edit "Quarantine FortiClient EMS Endpoint"
set description "Default automation action configuration for quarantining a
FortiClient EMS endpoing device."
set action-type quarantine-forticlient
next
edit "Reboot FortiGate"
set description "Default automation action configuration for rebooting this
FortiGate unit."
set action-type system-actions
set system-action reboot
set minimum-interval 300
next
edit "Shutdown FortiGate"
set description "Default automation action configuration for shuting down
this FortiGate unit."
set action-type system-actions
set system-action shutdown
set minimum-interval 0
next
edit "Backup Config Disk"
set description "Default automation action configuration for backing up the
configuration on disk."
set action-type system-actions
set system-action backup-config
set minimum-interval 0
next
edit "Access Layer Quarantine"
set description "Quarantine the MAC address on access layer devices
(FortiSwitch and FortiAP)."
set action-type quarantine
next
edit "FortiClient Quarantine"
set description "Use FortiClient EMS to quarantine the endpoint device."
set action-type quarantine-forticlient
next
edit "FortiNAC Quarantine"
set description "Use FortiNAC to quarantine the endpoint device."
set action-type quarantine-fortinac
next
edit "IP Ban"
set description "Ban the IP address specified in the automation trigger
event."
set action-type ban-ip
next
edit "Email Notification"
set description "Send a custom email notification to the FortiCare email
address registered on this device."
set action-type email
set forticare-email enable
set email-from ''
set email-subject "%%log.logdesc%%"
set minimum-interval 0
set message "%%log%%"
set replacement-message disable
next
edit "CLI Script - System Status"
set description "Execute a CLI script to return the system status."
set action-type cli-script
set minimum-interval 0
set script "get system status"
set output-size 10
set timeout 0
set execute-security-fabric disable
set accprofile "super_admin_readonly"
next
end
config system automation-destination
end
config system automation-stitch
edit "Network Down"
set description "Default automation stitch to send an email when a network
goes down."
set status disable
set trigger "Network Down"
set condition-logic and
config actions
edit 1
set action "Default Email"
set delay 0
set required disable
next
end
next
edit "HA Failover"
set description "Default automation stitch to send an email when a HA
failover is detected."
set status disable
set trigger "HA Failover"
set condition-logic and
config actions
edit 1
set action "Default Email"
set delay 0
set required disable
next
end
next
edit "Reboot"
set description "Default automation stitch to send an email when a
FortiGate is rebooted."
set status disable
set trigger "Reboot"
set condition-logic and
config actions
edit 1
set action "Default Email"
set delay 0
set required disable
next
end
next
edit "FortiAnalyzer Connection Down"
set description "Default automation stitch to send a FortiExplorer
notification when the connection to FortiAnalyzer is lost.
"
set status enable
set trigger "FortiAnalyzer Connection Down"
set condition-logic and
config actions
edit 1
set action "FortiExplorer Notification"
set delay 0
set required disable
next
end
next
edit "License Expired Notification"
set description "Default automation stitch to send a FortiExplorer
notification when a license is near expiration."
set status enable
set trigger "License Expired Notification"
set condition-logic and
config actions
edit 1
set action "FortiExplorer Notification"
set delay 0
set required disable
next
end
next
edit "Compromised Host Quarantine"
set description "Default automation stitch to quarantine a high severity
compromised host on FortiAPs, FortiSwitches, and For
tiClient EMS."
set status disable
set trigger "Compromised Host - High"
set condition-logic and
config actions
edit 1
set action "Quarantine on FortiSwitch + FortiAP"
set delay 0
set required disable
next
edit 2
set action "Quarantine FortiClient EMS Endpoint"
set delay 0
set required disable
next
end
next
edit "Incoming Webhook Quarantine"
set description "Default automation stitch to quarantine a provided MAC
address on FortiAPs, FortiSwitches, and FortiClient E
MS using an Incoming Webhook."
set status disable
set trigger "Incoming Webhook Call"
set condition-logic and
config actions
edit 1
set action "Quarantine on FortiSwitch + FortiAP"
set delay 0
set required disable
next
edit 2
set action "Quarantine FortiClient EMS Endpoint"
set delay 0
set required disable
next
end
next
edit "Security Rating Notification"
set description "Default automation stitch to send a FortiExplorer
notification when a new Security Rating report is availabl
e."
set status enable
set trigger "Security Rating Notification"
set condition-logic and
config actions
edit 1
set action "FortiExplorer Notification"
set delay 0
set required disable
next
end
next
edit "Firmware upgrade notification"
set description "Automatic firmware upgrade notification."
set status enable
set trigger "Auto Firmware upgrade"
set condition-logic or
config actions
edit 1
set action "Email Notification"
set delay 0
set required disable
next
end
next
end
config monitoring npu-hpe
set status disable
set interval 1
set multipliers 4 4 4 4 8 8 8 8 8 8 8 8
end
config system saml
set status disable
end
config system federated-upgrade
set status disabled
set upgrade-id 0
set next-path-index 0
set ignore-signing-errors disable
set initial-version 0-0-0-0
set starter-admin ''
end
config system device-upgrade
end
config system ike
set embryonic-limit 1000
set dh-multiprocess enable
set dh-worker-count 0
set dh-mode hardware
set dh-keypair-cache enable
set dh-keypair-count 100
set dh-keypair-throttle enable
config dh-group-1
set mode global
set keypair-cache global
end
config dh-group-2
set mode global
set keypair-cache global
end
config dh-group-5
set mode global
set keypair-cache global
end
config dh-group-14
set mode global
set keypair-cache global
end
config dh-group-15
set mode global
set keypair-cache global
end
config dh-group-16
set mode global
set keypair-cache global
end
config dh-group-17
set mode global
set keypair-cache global
end
config dh-group-18
set mode global
set keypair-cache global
end
config dh-group-19
set mode global
set keypair-cache global
end
config dh-group-20
set mode global
set keypair-cache global
end
config dh-group-21
set mode global
set keypair-cache global
end
config dh-group-27
set mode global
set keypair-cache global
end
config dh-group-28
set mode global
set keypair-cache global
end
config dh-group-29
set mode global
set keypair-cache global
end
config dh-group-30
set mode global
set keypair-cache global
end
config dh-group-31
set mode global
set keypair-cache global
end
config dh-group-32
set mode global
set keypair-cache global
end
end
config system acme
set source-ip 0.0.0.0
set source-ip6 ::
end
config system ipam
set status enable
set server-type fabric-root
set automatic-conflict-resolution disable
set require-subnet-size-match enable
set manage-lan-addresses enable
set manage-lan-extension-addresses enable
set manage-ssid-addresses enable
config pools
edit "default-pool"
set description ''
set subnet 172.31.0.0 255.255.0.0
next
edit "lan-pool"
set description ''
set subnet 192.168.0.0 255.255.0.0
next
end
config rules
edit "role-lan"
set description ''
set device "*"
set interface "*"
set role lan
set pool "lan-pool"
set dhcp enable
next
end
end
config system fabric-vpn
set status disable
end
config system security-rating controls
end
config system ssh-config
set ssh-enc-algo aes256-ctr [email protected]
set ssh-hsk-algo ecdsa-sha2-nistp521 ecdsa-sha2-nistp384 ecdsa-sha2-nistp256
rsa-sha2-256 rsa-sha2-512 ssh-ed25519
set ssh-hsk-override disable
set ssh-kex-algo diffie-hellman-group14-sha256 diffie-hellman-group16-sha512
diffie-hellman-group18-sha512 diffie-hellman-group-e
xchange-sha256 [email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384
ecdh-sha2-nistp521
set ssh-mac-algo hmac-sha2-256 [email protected] hmac-sha2-512
[email protected]
end
config wireless-controller hotspot20 anqp-venue-name
end
config wireless-controller hotspot20 anqp-venue-url
end
config wireless-controller hotspot20 anqp-network-auth-type
end
config wireless-controller hotspot20 anqp-roaming-consortium
end
config wireless-controller hotspot20 anqp-nai-realm
end
config wireless-controller hotspot20 anqp-3gpp-cellular
end
config wireless-controller hotspot20 anqp-ip-address-type
end
config wireless-controller hotspot20 h2qp-operator-name
end
config wireless-controller hotspot20 h2qp-wan-metric
end
config wireless-controller hotspot20 h2qp-conn-capability
end
config wireless-controller hotspot20 icon
end
config wireless-controller hotspot20 h2qp-osu-provider
end
config wireless-controller hotspot20 qos-map
end
config wireless-controller hotspot20 h2qp-advice-of-charge
end
config wireless-controller hotspot20 h2qp-osu-provider-nai
end
config wireless-controller hotspot20 h2qp-terms-and-conditions
end
config wireless-controller hotspot20 hs-profile
end
config wireless-controller vap
end
config system object-tagging
edit "default"
set address optional
set device optional
set interface optional
set multiple enable
set color 0
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set policer-status enable
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set policer-status enable
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
end
config switch-controller fortilink-settings
end
config system stp
set switch-priority 32768
set hello-time 2
set forward-delay 15
set max-age 20
set max-hops 20
end
config system settings
set lan-extension-controller-addr ''
set opmode nat
set policy-offload-level disable
set ngfw-mode profile-based
set http-external-dest fortiweb
set firewall-session-dirty check-all
set bfd disable
set utf8-spam-tagging enable
set wccp-cache-engine disable
set vpn-stats-log ipsec pptp l2tp ssl
set vpn-stats-period 600
set v4-ecmp-mode source-ip-based
set fw-session-hairpin disable
set prp-trailer-action disable
set snat-hairpin-traffic enable
set dhcp-proxy disable
set dhcp-proxy-vrf-select 0
set central-nat disable
set lldp-reception global
set lldp-transmission global
set link-down-access enable
set nat46-generate-ipv6-fragment-header disable
set nat46-force-ipv4-packet-forwarding disable
set nat64-force-ipv6-packet-forwarding enable
set detect-unknown-esp enable
set intree-ses-best-route disable
set auxiliary-session disable
set asymroute disable
set asymroute-icmp disable
set tcp-session-without-syn disable
set ses-denied-traffic disable
set ses-denied-multicast-traffic disable
set strict-src-check disable
set allow-linkdown-path disable
set asymroute6 disable
set asymroute6-icmp disable
set sctp-session-without-init disable
set sip-expectation disable
set sip-nat-trace enable
set h323-direct-model disable
set status enable
set sip-tcp-port 5060
set sip-udp-port 5060
set sip-ssl-port 5061
set sccp-port 2000
set multicast-forward enable
set multicast-ttl-notchange disable
set allow-subnet-overlap disable
set deny-tcp-with-icmp disable
set ecmp-max-paths 255
set discovered-device-timeout 28
set email-portal-check-dns enable
set default-voip-alg-mode proxy-based
set gui-icap enable
set gui-implicit-policy enable
set gui-dns-database enable
set gui-load-balance enable
set gui-multicast-policy enable
set gui-dos-policy enable
set gui-object-colors enable
set gui-route-tag-address-creation disable
set gui-voip-profile enable
set gui-ap-profile enable
set gui-security-profile-group disable
set gui-local-in-policy enable
set gui-explicit-proxy enable
set gui-dynamic-routing enable
set gui-sslvpn-personal-bookmarks enable
set gui-sslvpn-realms enable
set gui-policy-based-ipsec enable
set gui-threat-weight enable
set gui-spamfilter enable
set gui-file-filter enable
set gui-application-control enable
set gui-ips enable
set gui-dhcp-advanced enable
set gui-vpn enable
set gui-sslvpn enable
set gui-wireless-controller enable
set gui-advanced-wireless-features enable
set gui-switch-controller enable
set gui-fortiap-split-tunneling disable
set gui-webfilter-advanced disable
set gui-traffic-shaping enable
set gui-wan-load-balancing enable
set gui-antivirus enable
set gui-webfilter enable
set gui-videofilter enable
set gui-dnsfilter enable
set gui-waf-profile enable
set gui-dlp-profile enable
set gui-dlp-advanced enable
set gui-virtual-patch-profile enable
set gui-casb enable
set gui-fortiextender-controller enable
set gui-advanced-policy enable
set gui-allow-unnamed-policy enable
set gui-email-collection enable
set gui-multiple-interface-policy enable
set gui-policy-disclaimer enable
set gui-ztna enable
set gui-ot enable
set gui-dynamic-device-os-id enable
set location-id 0.0.0.0
set ike-session-resume disable
set ike-quick-crash-detect disable
set ike-dn-format with-space
set ike-port 500
set ike-tcp-port 4500
set ike-policy-route disable
set block-land-attack disable
set fqdn-session-check disable
set ext-resource-session-check disable
set dyn-addr-session-check disable
set default-policy-expiry-days 30
set gui-enforce-change-summary require
set internet-service-database-cache disable
set internet-service-app-ctrl-size 32768
end
config system sit-tunnel
end
config system arp-table
end
config system ipv6-neighbor-cache
end
config system replacemsg-group
end
config system session-ttl
set default 3600
end
config system dhcp server
edit 2
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service default
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service specify
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 192.168.1.99
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "mgmt"
config ip-range
edit 1
set start-ip 192.168.1.110
set end-ip 192.168.1.210
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam disable
set ddns-update disable
set vci-match disable
set shared-subnet disable
set ntp-server1 0.0.0.0
set ntp-server2 0.0.0.0
set ntp-server3 0.0.0.0
next
edit 3
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service specify
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service local
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 10.255.1.1
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "fortilink"
config ip-range
edit 1
set start-ip 10.255.1.2
set end-ip 10.255.1.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam disable
set ddns-update disable
set vci-match enable
set vci-string "FortiSwitch" "FortiExtender"
set shared-subnet disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-server3 0.0.0.0
set dns-server4 0.0.0.0
next
edit 4
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service specify
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service specify
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 192.168.101.1
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "port1"
config ip-range
edit 1
set start-ip 192.168.101.2
set end-ip 192.168.101.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam disable
set ddns-update disable
set vci-match disable
set shared-subnet disable
set dns-server1 10.216.16.251
set dns-server2 10.216.16.252
set dns-server3 0.0.0.0
set dns-server4 0.0.0.0
set ntp-server1 0.0.0.0
set ntp-server2 0.0.0.0
set ntp-server3 0.0.0.0
next
edit 5
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service specify
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service specify
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 192.168.10.1
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "port5"
config ip-range
edit 1
set start-ip 192.168.10.200
set end-ip 192.168.10.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam disable
set ddns-update disable
set vci-match disable
set shared-subnet disable
set dns-server1 10.216.16.251
set dns-server2 10.216.16.252
set dns-server3 0.0.0.0
set dns-server4 0.0.0.0
set ntp-server1 0.0.0.0
set ntp-server2 0.0.0.0
set ntp-server3 0.0.0.0
next
edit 6
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service specify
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service specify
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 172.16.20.1
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "WIFI"
config ip-range
edit 1
set start-ip 172.16.20.1
set end-ip 172.16.20.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam enable
set auto-managed-status enable
set ddns-update disable
set vci-match disable
config exclude-range
edit 1
set start-ip 172.16.20.1
set end-ip 172.16.20.1
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set shared-subnet disable
set dns-server1 10.216.16.251
set dns-server2 10.216.16.252
set dns-server3 0.0.0.0
set dns-server4 0.0.0.0
set ntp-server1 0.0.0.0
set ntp-server2 0.0.0.0
set ntp-server3 0.0.0.0
next
edit 7
set status enable
set lease-time 0
set mac-acl-default-action assign
set forticlient-on-net-status disable
set dns-service default
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service default
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 192.168.3.254
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "lan"
config ip-range
edit 1
set start-ip 192.168.3.1
set end-ip 192.168.3.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 0
set auto-configuration disable
set dhcp-settings-from-fortiipam enable
set auto-managed-status enable
set ddns-update disable
set vci-match disable
config exclude-range
edit 1
set start-ip 192.168.3.254
set end-ip 192.168.3.254
set vci-match disable
set uci-match disable
set lease-time 0
next
end
set shared-subnet disable
next
end
config system dhcp6 server
end
config system modem
set status disable
set pin-init ''
set network-init ''
set lockdown-lac ''
set mode standalone
set auto-dial disable
set dial-on-demand disable
set idle-timer 5
set redial none
set reset 0
set connect-timeout 90
set wireless-port 0
set dont-send-CR1 disable
set phone1 ''
set dial-cmd1 ''
set username1 ''
set passwd1 ENC
QS4U1AC2TwjTMFBmuk9e8p0Ok+nZfLUdr1n69ycq0HjcHGOMc6KXEkLI313lN3AvWXudc8alHLnoTo75orq
S2UTUzcHoBsM6F6NV6UROXEJRfwMFj
hTQFvsNfKPvjtLb6/
XFBwhUvDYRlyxCZYIm2WPeUpunCeWsmGhj9aJE0awdkuHBn5MZeCfy2PAAmMG7qvwsq1lmMjY3dkVA
set extra-init1 ''
set peer-modem1 generic
set ppp-echo-request1 enable
set authtype1 pap chap mschap mschapv2
set dont-send-CR2 disable
set phone2 ''
set dial-cmd2 ''
set username2 ''
set passwd2 ENC
iI6emPL71/PemqDCXMc9x6jQKi1iCCq7M+6WwLHKjhvsIxX9CHKw5E5JJFm6BQsdwd5CYWlZG5yG0D8b6lQ
4L0fvW6pulL7vY9F7Z6RJ2HXgcMgqL
h64iJSHpuUNpDrW0fIX8Z+HkT246zZgSWoIQZWNqu5RDKF0aG+IIjuIuSlZR0iNE0Gh28qu9vZ3LJbUW0Ar
PllmMjY3dkVA
set extra-init2 ''
set peer-modem2 generic
set ppp-echo-request2 enable
set authtype2 pap chap mschap mschapv2
set dont-send-CR3 disable
set phone3 ''
set dial-cmd3 ''
set username3 ''
set passwd3 ENC
iTZDC4p9ZrYzRVrYrsP0sw7nfL6z5oyZ6kNhd5RGJcK5c3gsc5MLclgG8311IwpX50tJqWWyK43EJBWfjah
BLbfG8tCHI1rFvqs382sC8VEv9F9L8
d4UIIiNMUYTBbvW43iwLiH/KTPZVGmqA+Niuc0IjC+/
eV55Pz6iDKcEu9fJwhjglllQGaQwdtIw2LC5yA7/fllmMjY3dkVA
set extra-init3 ''
set peer-modem3 generic
set ppp-echo-request3 enable
set altmode enable
set authtype3 pap chap mschap mschapv2
set distance 1
set priority 1
end
config system 3g-modem custom
end
config system zone
end
config firewall address
edit "EMS_ALL_UNMANAGEABLE_CLIENTS"
set uuid 6836424c-dce1-51ef-8b77-e93804e711cf
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
edit "EMS_ALL_UNKNOWN_CLIENTS"
set uuid 68366f1a-dce1-51ef-1a5f-a32860edd281
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
edit "none"
set uuid 5618b086-dce1-51ef-d9f1-4d0f7fe74b65
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 255.255.255.255
next
edit "login.microsoftonline.com"
set uuid 5618b6d0-dce1-51ef-931f-77227f508a50
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoftonline.com"
set cache-ttl 0
next
edit "login.microsoft.com"
set uuid 5618bbf8-dce1-51ef-3ba3-b8093147d841
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoft.com"
set cache-ttl 0
next
edit "login.windows.net"
set uuid 5618c030-dce1-51ef-e102-a0e06e883ff0
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.windows.net"
set cache-ttl 0
next
edit "gmail.com"
set uuid 5618c490-dce1-51ef-a905-a29b06e980c4
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "gmail.com"
set cache-ttl 0
next
edit "wildcard.google.com"
set uuid 5618c8be-dce1-51ef-113c-69212fb4b2ac
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.google.com"
set cache-ttl 0
next
edit "wildcard.dropbox.com"
set uuid 5618ccce-dce1-51ef-7964-6bcd88ce3ca9
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.dropbox.com"
set cache-ttl 0
next
edit "all"
set uuid 56f5a608-dce1-51ef-987a-5cc9d0400522
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid 56f5a7de-dce1-51ef-dbac-6762abd492f4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FABRIC_DEVICE"
set uuid 56f5a946-dce1-51ef-6989-b7ff0efa4df0
set type ipmask
set comment "IPv4 addresses of Fabric Devices."
set associated-interface ''
set color 0
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "SSLVPN_TUNNEL_ADDR1"
set uuid 56f607b0-dce1-51ef-d4cf-2098c4e4aea7
set type iprange
set comment ''
set color 0
set fabric-object disable
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "lan"
set uuid 58e4b896-dce1-51ef-7154-5dd585ea9e5c
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.3.0 255.255.255.0
set interface "lan"
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid 00000000-0000-0000-0000-000000000000
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
edit "Local-Ufico address"
set uuid 67e157d0-dced-51ef-aac7-b99ea0b211c2
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.0.0 255.255.255.0
set interface "Local-Ufico"
next
edit "BO_Zone address"
set uuid 8bd05e6e-dcef-51ef-3315-2bafc54cdc37
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.216.19.0 255.255.255.0
set interface "BO_Zone"
next
edit "551 address"
set uuid cc24f93e-dcef-51ef-c88d-b0090c5ea22b
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 150.150.150.0 255.255.255.0
set interface "551"
next
edit "Areas_Trust-999 address"
set uuid fc46db82-dcef-51ef-aaa8-c771aa7a1d31
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.12.16.0 255.255.255.0
set interface "Areas_Trust-999"
next
edit "BackOfficeDell address"
set uuid 3fa267f2-dcf0-51ef-0858-2f982d59e6b0
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.216.16.0 255.255.255.0
set interface "BackOfficeDell"
next
edit "Camera-Vlan-2 address"
set uuid 6bc401d8-dcf0-51ef-414f-e0016a794eab
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.2.0 255.255.255.0
set interface "Camera-Vlan-2"
next
edit "inside-99 address"
set uuid 91a064b4-dcf0-51ef-84fe-3199dbfe4f01
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.168.0 255.255.255.0
set interface "inside-99"
next
edit "Mawared-DB-33 address"
set uuid c47e3cda-dcf0-51ef-a49b-bc5882397b70
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.33.0 255.255.255.0
set interface "Mawared-DB-33"
next
edit "MGMT-SW-40 address"
set uuid ea8559ea-dcf0-51ef-2a07-359e6e568ca6
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.40.0 255.255.255.0
set interface "MGMT-SW-40"
next
edit "OMS_Zone address"
set uuid 124d115c-dcf1-51ef-df80-7b5dcc35b233
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.214.19.0 255.255.255.0
set interface "OMS_Zone"
next
edit "Servers-90 address"
set uuid 37b70204-dcf1-51ef-efd4-27463b150780
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.214.16.0 255.255.255.0
set interface "Servers-90"
next
edit "Web-95 address"
set uuid 6aa5a4ae-dcf1-51ef-bf03-21905a500f96
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.212.16.0 255.255.255.0
set interface "Web-95"
next
edit "WIFI address"
set uuid a9f48f6c-dcf1-51ef-a24f-19e6e6bc5376
set type interface-subnet
set comment ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.20.0 255.255.255.0
set interface "WIFI"
next
edit "185.193.177.239/32"
set uuid d57783a2-dd13-51ef-8ad7-d493d0660a96
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 185.193.177.239 255.255.255.255
next
edit "185.193.177.239"
set uuid 0a0a854a-dd84-51ef-a01a-75f81233431e
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 185.193.177.239 255.255.255.255
next
edit "86.108.14.118/32"
set uuid cf9ef4ba-de8a-51ef-f9d8-8c6c5112b27e
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 86.108.14.118 255.255.255.255
next
edit "10.216.16.251/32"
set uuid 693d87bc-de8b-51ef-a3e9-5cab594671c6
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.216.16.251 255.255.255.255
next
edit "10.216.16.252/32"
set uuid 8267d454-de8b-51ef-bfba-5ed927bb68d8
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.216.16.252 255.255.255.255
next
edit "172.16.20.104/32"
set uuid f4a7ffa2-e2ce-51ef-dca9-50cb83cf2e7b
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.20.104 255.255.255.255
next
edit "172.16.20.108/32"
set uuid 04044834-e2cf-51ef-f5c0-8695b42de5ff
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.20.108 255.255.255.255
next
edit "10.212.16.21"
set uuid 2de098e6-e3c0-51ef-f290-f57e0f51a1d7
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.212.16.21 255.255.255.255
next
edit "Madfooatcom"
set uuid b42feada-e3c2-51ef-7393-12376308acb4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.12.16.152 255.255.255.255
next
edit "172.16.20.194/32"
set uuid 7c27e17a-e781-51ef-b9ab-8acaccde7f73
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.20.194 255.255.255.255
next
edit "172.16.20.176/32"
set uuid 97b03834-e781-51ef-64fd-b5754823355d
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.20.176 255.255.255.255
next
edit "10.216.16.250/32"
set uuid a2d36ae4-e946-51ef-6fa7-e40286c370b4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.216.16.250 255.255.255.255
next
end
config firewall multicast-address
edit "all"
set type multicastrange
set start-ip 224.0.0.0
set end-ip 239.255.255.255
set comment ''
set associated-interface ''
set color 0
next
edit "all_hosts"
set type multicastrange
set start-ip 224.0.0.1
set end-ip 224.0.0.1
set comment ''
set associated-interface ''
set color 0
next
edit "all_routers"
set type multicastrange
set start-ip 224.0.0.2
set end-ip 224.0.0.2
set comment ''
set associated-interface ''
set color 0
next
edit "Bonjour"
set type multicastrange
set start-ip 224.0.0.251
set end-ip 224.0.0.251
set comment ''
set associated-interface ''
set color 0
next
edit "EIGRP"
set type multicastrange
set start-ip 224.0.0.10
set end-ip 224.0.0.10
set comment ''
set associated-interface ''
set color 0
next
edit "OSPF"
set type multicastrange
set start-ip 224.0.0.5
set end-ip 224.0.0.6
set comment ''
set associated-interface ''
set color 0
next
end
config firewall address6-template
end
config firewall address6
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid 56f6095e-dce1-51ef-b0b7-0b6aab518653
set type ipprefix
set ip6 fdff:ffff::/120
set color 0
set comment ''
set fabric-object disable
next
edit "all"
set uuid 5618dd4a-dce1-51ef-49ae-1c882a57c844
set type ipprefix
set ip6 ::/0
set color 0
set comment ''
set fabric-object disable
next
edit "none"
set uuid 5618e114-dce1-51ef-c14d-8a84f36ad23d
set type ipprefix
set ip6 ::/128
set color 0
set comment ''
set fabric-object disable
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
set comment ''
set color 0
next
end
config system ipv6-tunnel
end
config firewall addrgrp
edit "G Suite"
set type default
set category default
set member "gmail.com" "wildcard.google.com"
set comment ''
set uuid 5618d174-dce1-51ef-3e9f-7c23c4172ab6
set exclude disable
set color 0
set fabric-object disable
next
edit "Microsoft Office 365"
set type default
set category default
set member "login.microsoftonline.com" "login.microsoft.com"
"login.windows.net"
set comment ''
set uuid 5618d700-dce1-51ef-4480-975a9a13a294
set exclude disable
set color 0
set fabric-object disable
next
end
config firewall addrgrp6
end
config firewall wildcard-fqdn custom
edit "adobe"
set uuid 561b4bde-dce1-51ef-8b22-0cdad432eb74
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "Adobe Login"
set uuid 561b4cce-dce1-51ef-e44a-cdc1e4696fb1
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "android"
set uuid 561b4daa-dce1-51ef-d639-66c016ac9b3b
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "apple"
set uuid 561b4e7c-dce1-51ef-d510-523ab37b2a5e
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "appstore"
set uuid 561b4f62-dce1-51ef-0bbb-ff00ac7286ce
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "auth.gfx.ms"
set uuid 561b5034-dce1-51ef-0e64-698e633833f6
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "citrix"
set uuid 561b5110-dce1-51ef-f2e5-05e751082fbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "dropbox.com"
set uuid 561b51e2-dce1-51ef-98a8-c2e4ce7a2265
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "eease"
set uuid 561b52c8-dce1-51ef-6ce2-2063a40a2c82
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "firefox update server"
set uuid 561b53a4-dce1-51ef-3a1e-9537a22a0e4b
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "fortinet"
set uuid 561b5476-dce1-51ef-e578-36e1820eec91
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "googleapis.com"
set uuid 561b5552-dce1-51ef-e75d-a01fe887f7a2
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "google-drive"
set uuid 561b5624-dce1-51ef-424d-dc86aee3ad3c
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "google-play2"
set uuid 561b5714-dce1-51ef-ae42-40be0f784e74
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "google-play3"
set uuid 561b57f0-dce1-51ef-3779-04ec4d7dbdb6
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "Gotomeeting"
set uuid 561b58c2-dce1-51ef-ba35-7d603057e9e4
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "icloud"
set uuid 561b5a3e-dce1-51ef-d7fd-29cc1c38356b
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "itunes"
set uuid 561b5b38-dce1-51ef-6571-7beb855b9d5b
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "microsoft"
set uuid 561b5c14-dce1-51ef-80c0-9b74d4815926
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "skype"
set uuid 561b5cf0-dce1-51ef-3f5a-3741798bda0c
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "softwareupdate.vmware.com"
set uuid 561b5dcc-dce1-51ef-8234-c0fccf39285c
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "verisign"
set uuid 561b5eb2-dce1-51ef-bde7-bf747ad3a4e3
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
edit "Windows update 2"
set uuid 561b5f98-dce1-51ef-3688-ab4e050eb335
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "live.com"
set uuid 561b606a-dce1-51ef-b305-6893f2f3396d
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "google-play"
set uuid 561b6150-dce1-51ef-50dc-3ae158c9cf53
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "update.microsoft.com"
set uuid 561b6236-dce1-51ef-336b-3ecae94a9c56
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "swscan.apple.com"
set uuid 561b631c-dce1-51ef-dd75-755c2e6a1d0a
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "autoupdate.opera.com"
set uuid 561b63f8-dce1-51ef-92c2-5fdd3c0c136f
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
edit "cdn-apple"
set uuid 561b64d4-dce1-51ef-2eb0-78c0e0ddcadb
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "mzstatic-apple"
set uuid 561b65c4-dce1-51ef-21d1-ce901f3ff693
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
end
config firewall wildcard-fqdn group
end
config firewall traffic-class
end
config firewall service category
edit "General"
set uuid 65abbcd2-de49-51ef-08d5-a2f9b59184e2
set comment "General services."
set fabric-object disable
next
edit "Web Access"
set uuid 65abc65a-de49-51ef-320e-24bc3b34b4d8
set comment "Web access."
set fabric-object disable
next
edit "File Access"
set uuid 65abc736-de49-51ef-6a93-7fae49739eec
set comment "File access."
set fabric-object disable
next
edit "Email"
set uuid 65abc7f4-de49-51ef-aa22-7d81193da835
set comment "Email services."
set fabric-object disable
next
edit "Network Services"
set uuid 65abc8bc-de49-51ef-1b0e-d13623b056d0
set comment "Network services."
set fabric-object disable
next
edit "Authentication"
set uuid 65abc984-de49-51ef-3718-be2176228201
set comment "Authentication service."
set fabric-object disable
next
edit "Remote Access"
set uuid 65abca42-de49-51ef-1a94-16c6fd2f9d5c
set comment "Remote access."
set fabric-object disable
next
edit "Tunneling"
set uuid 65abcb00-de49-51ef-63ec-210bb08170e3
set comment "Tunneling service."
set fabric-object disable
next
edit "VoIP, Messaging & Other Applications"
set uuid 65abcbdc-de49-51ef-e26a-48050bf17a37
set comment "VoIP, messaging, and other applications."
set fabric-object disable
next
edit "Web Proxy"
set uuid 65abcca4-de49-51ef-587d-022ef72eebf3
set comment "Explicit web proxy."
set fabric-object disable
next
end
config firewall service custom
edit "ALL"
set uuid 54ef5180-dd0c-51ef-524e-dce7d22eeecf
set proxy disable
set category "General"
set protocol IP
set helper auto
set comment ''
set color 0
set fabric-object disable
set protocol-number 0
next
edit "FTP"
set uuid 54ef52e8-dd0c-51ef-ea1d-4fbe9d9f0f08
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_GET"
set uuid 54ef53ba-dd0c-51ef-206b-a465e57ac7c8
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_PUT"
set uuid 54ef5482-dd0c-51ef-537f-052a24ed9139
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DNS"
set uuid 5a2b0cfc-dd0c-51ef-fe78-a8f9e6f653f8
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 53
set udp-portrange 53
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTP"
set uuid 5a2b12c4-dd0c-51ef-a395-e11fc72ba50e
set proxy disable
set category "Web Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 80
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTPS"
set uuid 5a2b1756-dd0c-51ef-ecee-d77aedc3bf95
set proxy disable
set category "Web Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 443
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAP"
set uuid 5a2b1bc0-dd0c-51ef-6bf3-a8ea8dc80717
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 143
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAPS"
set uuid 5a2b2020-dd0c-51ef-e7b4-f1d436c4d41a
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 993
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP"
set uuid 5a2b2480-dd0c-51ef-41db-2898dda27702
set proxy disable
set category "Authentication"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DCE-RPC"
set uuid 5a2b28fe-dd0c-51ef-97ed-5816b7c0e614
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 135
set udp-portrange 135
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3"
set uuid 5a2b2dae-dd0c-51ef-e559-31545ac04b7f
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 110
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3S"
set uuid 5a2b3574-dd0c-51ef-de7b-484d79b6c933
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 995
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SAMBA"
set uuid 5a2b39ca-dd0c-51ef-eafd-39a88997d4a2
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 139
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTP"
set uuid 5a2b3e20-dd0c-51ef-9f45-ae6a568569fa
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 25
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTPS"
set uuid 5a2b45d2-dd0c-51ef-52b5-6a1ff4c5b09c
set proxy disable
set category "Email"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 465
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "KERBEROS"
set uuid 5a2b52de-dd0c-51ef-ea1e-d5dea54ea65c
set proxy disable
set category "Authentication"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 88 464
set udp-portrange 88 464
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP_UDP"
set uuid 5a2b57e8-dd0c-51ef-beac-75fd22fa6f9b
set proxy disable
set category "Authentication"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 389
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMB"
set uuid 5a2b5c5c-dd0c-51ef-1777-8a24b67c7642
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 445
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_TCP"
set uuid 5a2b728c-dd0c-51ef-48a6-13d56c32fe9f
set proxy disable
set category "General"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1-65535
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_UDP"
set uuid 5a2b773c-dd0c-51ef-17e8-27a1e98728b2
set proxy disable
set category "General"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1-65535
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_ICMP"
set uuid 5a2b7bc4-dd0c-51ef-c55a-b0b055cc9d6d
set proxy disable
set category "General"
set protocol ICMP
set helper auto
set comment ''
set color 0
set fabric-object disable
unset icmptype
next
edit "ALL_ICMP6"
set uuid 5a2b806a-dd0c-51ef-4d39-535bcfb2e6ef
set proxy disable
set category "General"
set protocol ICMP6
set helper auto
set comment ''
set color 0
set fabric-object disable
unset icmptype
next
edit "GRE"
set uuid 5a2b8506-dd0c-51ef-65ac-6bb6c062023a
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set fabric-object disable
set protocol-number 47
next
edit "AH"
set uuid 5a2b89a2-dd0c-51ef-6dac-614558ac329b
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set fabric-object disable
set protocol-number 51
next
edit "ESP"
set uuid 5a2b8e52-dd0c-51ef-1eeb-c90b0a454b97
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set fabric-object disable
set protocol-number 50
next
edit "AOL"
set uuid 5a2b92ee-dd0c-51ef-fe7d-2a67fa108b28
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5190-5194
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "BGP"
set uuid 5a2b96c2-dd0c-51ef-c253-a99fcb23ea6f
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 179
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP"
set uuid 5a2b9b22-dd0c-51ef-445b-4b846beda7e6
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 67-68
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FINGER"
set uuid 5a2b9f8c-dd0c-51ef-6fe2-32c1a33f09e6
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 79
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "GOPHER"
set uuid 5a2ba36a-dd0c-51ef-1720-ba76e78f6213
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 70
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "H323"
set uuid 5a2ba91e-dd0c-51ef-476a-19d7edb49823
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720 1503
set udp-portrange 1719
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IKE"
set uuid 5a2bae82-dd0c-51ef-ef8d-42294fdbfba2
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 500 4500
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Internet-Locator-Service"
set uuid 5a2bb30a-dd0c-51ef-12ba-ef9a4c6c6175
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IRC"
set uuid 5a2bb6de-dd0c-51ef-8fde-a62a701f1947
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6660-6669
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "L2TP"
set uuid 5a2bbb84-dd0c-51ef-7d99-b310d39e457d
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1701
set udp-portrange 1701
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NetMeeting"
set uuid 5a2bc034-dd0c-51ef-f80a-a07ede3e476e
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NFS"
set uuid 5a2bc3ea-dd0c-51ef-7ff1-a7021d0b8afa
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111 2049
set udp-portrange 111 2049
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NNTP"
set uuid 5a2bc89a-dd0c-51ef-08d3-72b4fd71f0f7
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 119
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NTP"
set uuid 5a2bcc5a-dd0c-51ef-609f-87a974d333d4
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 123
set udp-portrange 123
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "OSPF"
set uuid 5a2bd10a-dd0c-51ef-49ee-7003df8177f0
set proxy disable
set category "Network Services"
set protocol IP
set helper auto
set comment ''
set color 0
set fabric-object disable
set protocol-number 89
next
edit "PC-Anywhere"
set uuid 5a2bd5b0-dd0c-51ef-e03d-697972d1eb3a
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5631
set udp-portrange 5632
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING"
set uuid 5a2bda56-dd0c-51ef-addb-0f1b810d82e7
set proxy disable
set category "Network Services"
set protocol ICMP
set helper auto
set comment ''
set color 0
set fabric-object disable
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set uuid 5a2bdf56-dd0c-51ef-4325-c11567d784a4
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set fabric-object disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set uuid 5a2be3b6-dd0c-51ef-ee43-a3c8dba607fd
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set fabric-object disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set uuid 5a2be80c-dd0c-51ef-a290-f4915b6aa0d5
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set fabric-object disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set uuid 5a2bec76-dd0c-51ef-c7c1-9f467873622b
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111
set udp-portrange 111
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PPTP"
set uuid 5a2bf216-dd0c-51ef-8906-3d55b86b10de
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1723
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "QUAKE"
set uuid 5a2bfd6a-dd0c-51ef-c21a-385b9287ad68
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 26000 27000 27910 27960
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RAUDIO"
set uuid 5a2c017a-dd0c-51ef-9081-2be30b3229d9
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 7070
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "REXEC"
set uuid 5a2c0544-dd0c-51ef-76f8-21e595140855
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 512
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RIP"
set uuid 5a2c092c-dd0c-51ef-8971-69eaf128dbc6
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 520
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RLOGIN"
set uuid 5a2c0d96-dd0c-51ef-0b57-e1a4db8c80b7
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 513:512-1023
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RSH"
set uuid 5a2c117e-dd0c-51ef-b2b0-b59d035e5b26
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 514:512-1023
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SCCP"
set uuid 5a2c1566-dd0c-51ef-2b44-f24b2adba7f6
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2000
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP"
set uuid 5a2c19da-dd0c-51ef-52a7-ac56f7fcf807
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060-5070
set udp-portrange 35000-55000
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP-MSNmessenger"
set uuid 5a2c1e94-dd0c-51ef-f8f0-a43de76586e6
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1863
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SNMP"
set uuid 5a2c22f4-dd0c-51ef-8483-70568eac9f17
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 161-162
set udp-portrange 161-162
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SSH"
set uuid 5a2c27a4-dd0c-51ef-9302-4a680bd9686f
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 22
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SYSLOG"
set uuid 5a2c2c04-dd0c-51ef-63d2-6a9cc7e13ecd
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 514
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TALK"
set uuid 5a2c3050-dd0c-51ef-e5fc-6e0d2db31c8b
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 517-518
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TELNET"
set uuid 5a2c342e-dd0c-51ef-1f18-dbc6f9b2bec8
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 23
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TFTP"
set uuid 5a2c3884-dd0c-51ef-2f9c-580691dcf2c8
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 69
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MGCP"
set uuid 5a2c3ea6-dd0c-51ef-e3a2-b10bb7184ad0
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2428
set udp-portrange 2427 2727
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UUCP"
set uuid 5a2c44b4-dd0c-51ef-64f4-8a291ae7d77b
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 540
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VDOLIVE"
set uuid 5a2c4888-dd0c-51ef-63e0-2abe3c730350
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7010
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WAIS"
set uuid 5a2c4c84-dd0c-51ef-14ea-eb98c4e0bebb
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 210
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINFRAME"
set uuid 5a2c5062-dd0c-51ef-747a-c2ad2fda0c66
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1494 2598
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "X-WINDOWS"
set uuid 5a2c5422-dd0c-51ef-bca4-6b5446774583
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6000-6063
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING6"
set uuid 5a2c58a0-dd0c-51ef-6d41-64939ca76bde
set proxy disable
set category ''
set protocol ICMP6
set helper auto
set comment ''
set color 0
set fabric-object disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set uuid 5a2c5d3c-dd0c-51ef-fc32-896d6c51d540
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433 1434
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MYSQL"
set uuid 5a2c61c4-dd0c-51ef-602c-1b7a3e69421c
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3306
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RDP"
set uuid 5a2c6624-dd0c-51ef-f4f3-9676df33d686
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3389
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VNC"
set uuid 5a2c6a7a-dd0c-51ef-6d66-df597a841bae
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5900
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP6"
set uuid 5a2c6ee4-dd0c-51ef-ef6c-e9d0bd20c1e6
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 546 547
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SQUID"
set uuid 5a2c734e-dd0c-51ef-d70d-bf77d0df17d0
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3128
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SOCKS"
set uuid 5a2c77c2-dd0c-51ef-cafc-03045726c2bb
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1080
set udp-portrange 1080
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINS"
set uuid 5a2c7c5e-dd0c-51ef-73af-8bfaf3a76640
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1512
set udp-portrange 1512
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS"
set uuid 5a2c8104-dd0c-51ef-eccf-9a481b40151a
set proxy disable
set category "Authentication"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1812 1813
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS-OLD"
set uuid 5a2c865e-dd0c-51ef-599f-347f968d5074
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1645 1646
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "CVSPSERVER"
set uuid 5a2c8adc-dd0c-51ef-96e8-baa81521bb52
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2401
set udp-portrange 2401
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "AFS3"
set uuid 5a2c8f0a-dd0c-51ef-5382-27e7e4670b8b
set proxy disable
set category "File Access"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TRACEROUTE"
set uuid 5a2c9400-dd0c-51ef-a4d1-1e053b7f9f75
set proxy disable
set category "Network Services"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 33434-33535
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RTSP"
set uuid 5a2c9874-dd0c-51ef-e59e-d63cc36e231c
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 554 7070 8554
set udp-portrange 554
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MMS"
set uuid 5a2c9d42-dd0c-51ef-39c8-3587a92920c3
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1755
set udp-portrange 1024-5000
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NONE"
set uuid 5a2ca170-dd0c-51ef-2fa1-e8411659bdc8
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "webproxy"
set uuid 54ef35b0-dd0c-51ef-29fb-dee058910f7c
set proxy enable
set category "Web Proxy"
set protocol ALL
set helper auto
set comment ''
set color 0
set app-service-type disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0-65535:0-65535
next
edit "TCP-49302"
set uuid 01490690-de8b-51ef-4abd-d46d4d3cf43c
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 49302
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-3376"
set uuid 0a5d8864-de90-51ef-e1bb-752563b31c40
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3376
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP- 61616"
set uuid 79a6172a-e01d-51ef-0be7-c86e881aada2
set proxy disable
set category ''
set protocol TCP/UDP/UDP-Lite/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 61616
unset udp-portrange
unset udplite-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
end
config firewall service group
edit "Email Access"
set uuid 54ef5586-dd0c-51ef-a362-27b9934c270a
set proxy disable
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Web Access"
set uuid 54ef67b0-dd0c-51ef-0028-0e0b215cb02b
set proxy disable
set member "DNS" "HTTP" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Windows AD"
set uuid 54ef6d5a-dd0c-51ef-f364-3853cde51865
set proxy disable
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
set comment ''
set color 0
set fabric-object disable
next
edit "Exchange Server"
set uuid 54ef7818-dd0c-51ef-e38f-b8bfbeb0e5b8
set proxy disable
set member "DCE-RPC" "DNS" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
end
config firewall internet-service-group
end
config firewall internet-service-extension
end
config firewall internet-service-custom
edit "BuiltIn-Google-Gmail"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Meta-Whatsapp"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Apple-App.Store"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Skype_Teams"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Office365"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Azure"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Outlook"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Microsoft.Update"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-WNS"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Microsoft-Intune"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Amazon-AWS"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Amazon-Amazon.SES"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Adobe-Adobe.Sign"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Oracle-Oracle.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-LogMeIn-GoTo.Suite"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Symantec-Symantec.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-VMware-Workspace.ONE"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-TeamViewer-TeamViewer"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-HP-Aruba"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cisco-Webex"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cisco-Meraki.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cisco-Duo.Security"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cisco-AppDynamic"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cisco-Secure.Endpoint"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-IBM-IBM.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Tencent-VooV.Meeting"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Zendesk-Zendesk.Suite"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-GitHub-GitHub"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-AnyDesk-AnyDesk"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-ESET-Eset.Service"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Slack-Slack"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-SAP-HANA"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-SAP-SuccessFactors"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-SAP-SAP.Ariba"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Zoom.us-Zoom.Meeting"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Pexip-Pexip.Meeting"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Zscaler-Zscaler.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Alibaba-DingTalk"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-GoDaddy-GoDaddy.Email"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Webroot-Webroot.SecureAnywhere"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Avast-Avast.Security"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Lifesize-Lifesize.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Okta-Okta"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Egnyte-Egnyte"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-CrowdStrike-CrowdStrike.Falcon.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Splashtop-Splashtop"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Panda-Panda.Security"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Ewon-Talk2M"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Nutanix-Nutanix.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Extreme-Extreme.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Genesys-PureCloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-BlackBerry-Cylance"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-DigiCert-OCSP"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Acronis-Cyber.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-RingCentral-RingCentral"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Valve-Steam"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Cato-Cato.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-SolarWinds-SpamExperts"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-8X8-8X8.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Datto-Datto.RMM"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Datto-Datto.BCDR"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Barracuda-Barracuda.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Poly-RealConnect.Service"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Jamf-Jamf.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Alcatel.Lucent-Rainbow"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Datadog-Datadog"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Mimecast-Mimecast"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Pandora-Pandora"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-SiriusXM-SiriusXM"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-VadeSecure-VadeSecure.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Netskope-Netskope.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Sectigo-Sectigo"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Pitney.Bowes-Pitney.Bowes.Data.Center"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-FactSet-FactSet"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Bloomberg-Bloomberg"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Five9-Five9"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Frontline-Frontline"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Tally-Tally.ERP"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Voximplant-Voximplant.Platform"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Kakao-Kakao.Services"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Stripe-Stripe"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-xMatters-xMatters.Platform"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Axon-Evidence"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Matrix42-FastViewer"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-LaunchDarkly-LaunchDarkly.Platform"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-NetDocuments-NetDocuments.Platform"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Vonage-Vonage.Contact.Center"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Veritas-Enterprise.Vault.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Restream-Restream.Platform"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-CounterPath-Bria"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-OneLogin-OneLogin"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Turkcell-Suit.Conference"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Infoblox-BloxOne"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Nice-CXone"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-ThreatLocker-ThreatLocker"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-ZPE-ZPE.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Skyhigh.Security-Secure.Web.Gateway"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-MEGA-MEGA.Cloud"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
edit "BuiltIn-Proofpoint-Proofpoint"
set reputation 3
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
set addr-mode ipv4
set protocol 0
next
edit 6
set addr-mode ipv6
set protocol 0
next
end
next
end
config firewall internet-service-custom-group
end
config firewall network-service-dynamic
end
config system external-resource
end
config vpn certificate ca
end
config vpn certificate remote
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set password ENC
k/m5TQ8XVA+ut42jQEE5Ink5TyG/7h4wu5mlwbdPBFPpxKrmjsqYpmXvejR7M4KohmYXq8hjmsUagleGCsm
b7WuHkrBcM7o2w/QNC2V/N5TS
4MBsn4XRZbC1ZhTFhZZVksC91ZLdwtCJf/LBaoplldz3s4trVaneV5ph5ikfqzK5YtGQzCmTjzJS0fBQ0/
inz4c6allmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will
use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQxfP0m4qZ5JkFDOfD
VT1wKAICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEGBIT/aYtZYVwLPz
qdV2C6sEggTQKxIqJcTArhZRmNAQXmq57lK2AqeUHCnnYNScH15k2UOjwDj9e2TL
HjORt4DsNPWEMjkiAHepXhSNF2tDa0iEWUMuMcxWrxv5OAMMQovt4HE1zynrXutj
tADe25jxDHHQnP2inWWLNOCoVg5+YLIKsbYUn/mxLGcgIQSfs24QrzQkGgkhKYc1
5J4IV1sbnrw8A9vDQeIr0M/TZN/AaMxZM8LMVSGsVj3oANlIEukzDHJAwNQjKh7z
E4+/VsTPQnqIubixcoGh7jgcbMJQjux4aotdgmKX7jEBwZlOQhvxrKSv4wDjfcgT
VzOQAX+u74rTfIBdwG5l0Fgo1NJfLcYpRao/+z+WtWfuXWsdRZs+3ASrT8/RtNXY
WwwH+NbgTZp+kmeG3FQQrmlBfU28yHnqjE8Iw3UZLUEnwSiRX0LF++qR8zn2gumi
473jZmVPuqnieZ8aa8aWe7EdH/N8aCh17NqtSwodO4inh1sJquEOZRwUox1n66J3
P+jo7BHlxDroj3UfMfBtk9tWBpRm/H+dcZP+mk5p2G6StG6gRXIoAGNzOaEj0/5b
WGjr+j0yZpnVm3XEW0LuQhX+Ysmuj9GVoq0l4+u8OtSJQMr9swy+CSH8EkPrNmgB
vdlBQZVCo8uuAY7KwC5GZUYeTSWpTZMa0t9jN2gwovczhod4AtU4fHFaRsrXgt0p
ZK38A9t8kJNVHboXpaIk5+6/dEbdPAqZ6dDXbgatOSLePzH8B/RUJwGvyLO2E5ct
xlPDHdtv58ere3NxJPoGklVnkohM4IwS2Qm2Wb6HoREsXQBROvEv8AyxA6s6BWmO
8qIIIfIsx69+eymSHs5jA1GRSgHBn3Zpfd3vQT6SQBS0A9U7cUdYGDeZMbpI9EYw
fbkBMFXoxLvDs326mK9iqgyFUT76ImFq1nvx01rs871Fv9O8tUX5OFLlV5OxtbUS
i+IjAdldTi9J3kcu5bS2duII9Q3uqL6dYXW0H8LbyAIbRUYGw49VqMj3wJM1+azy
3bWAKBnXxxqJ9mDbMJe3dW1gSmKNkT3DWv+Epcw/eBXAh22vO3Y88Zaimady86dC
5I8X7W4ew4nCLz9ybJGmH6DVCZAbm6ZWSZS3SvKHNFPNS11mnfv+siIrlHrwf3DY
JIF00SlSpQSCtq3dYUvCPQE285EeodzcVmzBu7dibRPF0+98ahyCxJJov8gE8i+r
JVEYw/6qW0m59KfGb8blS0RcQITVLmkJIj8K8A0rbXxUuIUvVfK9jLUfZfxpx8K+
ukWsF44GEwLQliU2bp1e+SlFWw5CdH0dgklTBrme8A1K1p09lQ1XP0eCMixOBbGR
ui8U0MNz8jRJaT2TB+uiG3EkPdTRGeWT5Zs3/SAcz/OlBx5FFEmHXgmkwDxDigVI
bjI8kIPcx6xCrPJqSgb+hE7UIfPGawmOdTIbb5ngaK4dZG8OiR2jYvhr7cmZJjMy
CtV/ABwlZdSkKX9sFNpSjU0ij4gPk7gUsrJrg2dXik4Joe/xdOOZ5ZfbZqu2b/bl
Kxle+X9J8TJ+3rgTmdPgxeBkpZMvu7YrxKMe2W/ru8tHym33vXD0diCZAhh5csAP
eEAEwLdNz7pCybkQ2+tnZqeZOZZ7jKbj+Q9HXmPjcW+kZ6sHzlJT8u8=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID8zCCAtugAwIBAgIIYubZXpf6rK4wDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTI1MDEyNzE5MDMwMloXDTM1MDEyODE5MDMw
MlowgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH
DAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEZHMjAwRlQ5MjM5MzExODAxIzAhBgkq
hkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArboW+yAr/6a4nAt8m0NxDIP5SZRBkDZ+y1b3lQQ171bu
BwEwXnYmi4pEY+TO8InAXNWFCsrY3DyWcXwQfxfJ56V0qPtcTFsjreEe51YjoMAA
lFUPMAuJb42zeA8jGRpJBkHctnsuHaMxD+yPqKI/z8nswbBm9yVoxMfk2ol/9Bo5
kqc/B85+OoULDviyn4jcTHByPy5e2TJU9alyokYqvlqWEBgbthmiM11F/AKDQLHF
YKQe7BpFPRPQKBR1G4nK80PooIhKkY9QnEBZHaq3NmUEis52Ru3ZWLRpGl/wgRYc
od7I6TDdCmW8oQT2+jc/R6ZBa91v2TwbwIDTwWXdUQIDAQABox0wGzAMBgNVHRME
BTADAQH/MAsGA1UdDwQEAwICBDANBgkqhkiG9w0BAQsFAAOCAQEAA4a7VaGh9cLw
7Nrlr5RlK5ai7sd5k7CKHGxyyYvlQ/4xLH+FC7lQILsBlH4Yei6A6F+16fyFBx6N
yKjdF5Dhje3jL2zMEpv0w5DtkIdE2hjmQ2KcfzLvkZ4FbVoiCsxrBlCFwRBLbzQK
AK7aOxhPRdn4ekyRuRNKOIvrKIXIdtPHZIluFmkz+Yp7r0z7m0Q/NmsSuSu9N4Af
0mqFn7x7+W0kp0jOMxBrZOoW1tHaby5Fa1fTl/SUi9LoZl+z7hbWxFmHWQmgIcnx
e2uH+ZYvaoBxaPa0FyAzsafrgTeASj0WmX9tumEAmtc8UNIiMO3ZD2/2qtO7GeYn
KJMue9tQ/g==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set password ENC
zFRsjiks+RvZRnkw/xwaUtnRs4blSn32IMp2jtqeob1c/F50Eshn2ZOA6pqw7PA8GfrSQOs1TvlSw22ijss
+3SZ/OattBQXknwpmyZ4hIKUD
taQQYPVmi+8PubcRbT2fw3YBcNUqb30Q2RDvYBbga830aFxCX8OWhJpiUoh+1t+6FFZAAJXXJlAFmBUahFa
RIT60cFlmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will
use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQY04pzU7gMDyUuDTW
/icajwICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEHv/dEOaXkIVqAxz
MLBpuZwEggTQ4gtpHBeXJ7Rb6FGUWxji+IZ1MeVmLSz4lbHRnGcBjHhKZ89C8yYK
+2o/8NlvM1MuTxY5Cxi8E6/ReM9qjPZQhQpFd+YKpUKd8akgeFbt20rw5ROvf6uQ
FOfuZO/LK0KEsJQBdVyqXGPonX8ZybmujjcFqFIuWVO6Tx10MKrkkDCGXIpXAwTE
iZxdoODpXaego0OHYZkrvxRrCgeVtIvBY8pU+rtdbK+BaOtPMFk0XHTl7TMsjWlM
ddnbfVhNewCylW3Ned2PB9mKpmm4G38tC3RyQuTH96U2A1+mzZ2rlWWrLsFu5YPj
ps2eWh3Ayxh4TIsVi554uZKGF/G1KpEM7SmN6RQogVBZNMQB87pCyPyHUWU6X7Fq
WfruRQS/RBZxB6HUpU911nxJ/fXMHO1PlFDjSwLN+NcUJiNjKVchFgGq9KG86Pxl
HP+GkR7O7EN6Mfajxlw+xTn83/YvttL1PDzzeIVKvZ0LUp5v26s7hbjn5WLAcgf0
2IXnwZ3Rc7sLrI7kDqdbqYunF0tWjyTbW1ECnuA2Ar0jh3HxMSmHeeC5fffSjIvd
H8oTby0KNUzPihtX3LLcUNBglMkTgNwKBA05ANKJytHXBV6TlylwRzUEuqNM2/WE
MJEptP3O8g5KL4w62uno9XYULz2kWNzOLm9b/o25JO1SUVz6v+q35iqODzGbWZr8
ca0RLVKfLD97srfobxNXAyKEe60gx4C1oQpzNSxqwY4lNd6EtFcFUmVCuHupNplk
+2tjTpzpvUva34XHj+zH3SOPXjFKiojHKVPwN9bBwaV83laqJUkiiIolCzS7Ke+h
BpAUMMCdZoj8YmaV0cTOqd+0Nni+9O3SdsppWBMJNN2e50nMoYlYqvQLG7sFTveV
6kif0EsZAS1uM1XbubDpd7/vmG7zwSTryQ8JgB8KL23Mnx1ByzBq+/CgGei0QJG1
d2Hn1BJ35FF6T7oUwKB6AzzKiOwQyZ7mD8DXDl+yrXS+W3gJ9ktJV2o3dP1/VAtW
I7DbYyYiThCGr7ltXwOis/o/1PsMwCiB3EMtDrdxGoduEHoNz5Hf+jMtyTI/vawt
Ws5KT4var8ye4lJNdvxCrJuH4/X70wk/3L373n+J7DHJXU67LPKMJgAZH2pF81NW
UiabWRr6ySKPpxo5aO0eEyNmGGbfBc41DDQmgCRjgB56fzz+Vq28DU8rcaDeDFMt
AGwX3JIs+2IfDL96UkcTyywpNVVb/ZLqiD1cEkjp3lwvmNnXZSRTCYpOiKBz0fTQ
sA9XfXfrmW10yEbA8PWpBd9mCoebvvX0+zizWgY+fI7vXr5eRvrIyiwUcx39GX57
A0MbSC/nxcN1xSu49w4l4teWiLUftJDER/GKxfc1CsLrFYAZX9pRj0vlSKwH1HCC
vFP2DR8l4NwyB0YLFwEYcfnQnHhY7Yuhx0ADUrMa5sjE/qe1I9w75rZbohQuDi6Z
oHVYWMbhHLRB9R92mp6qf/AqTwu60ElRObFZb42Mer5s6qk/6VNfFnihvINM9Xss
7wshFj25KRDyCF8/ubEwZiRjCGxzeg7blYT+nYzivCXE5rkasQO2MvQGbZII6FFS
8wSa44lAA71IWSfFPG2uNxH+0sKGUXdSXD8xUxW1psRqRCr2dBNKBD8=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIIae1KWGaKijswDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxHjAcBgNVBAMMFUZvcnRpbmV0IFVudHJ1c3RlZCBDQTEjMCEGCSqGSIb3DQEJ
ARYUc3VwcG9ydEBmb3J0aW5ldC5jb20wHhcNMjUwMTI3MTkwMzAyWhcNMzUwMTI4
MTkwMzAyWjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQ
BgNVBAcMCVN1bm55dmFsZTERMA8GA1UECgwIRm9ydGluZXQxHjAcBgNVBAsMFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAwwVRm9ydGluZXQgVW50cnVzdGVk
IENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ7CHseI4yMRSXhjVhn5LbTtrOVVNiJa
FoafkLg6N/ScVME/T0m4qQm4HR2fvmbGc56ogHXD28F83tGpWPjdvGk7KuAVBeKj
yKMzpB90U4m7Hl9Ix9uumxXSSArFui1CkPbkZt8lATeMyvNDySf+vVfqQv9VUIuO
5viXwf8vNxpjSWzqGfBDdcqCBwEth9fTJJim3ziokvqdKAoh6wixCuSHFvqG2yeT
RiZylJ3WnPQSxksN0+NpfLdYmmtYBfWfAWLWaIHGU83lfHnEeQk9sXyxlEN4QoM3
ZDhGxzBfV0XzJB9NHvpQ6w2RfG6YYt1EAk53/dALnIloDYN0YvK2QWsCAwEAAaMd
MBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQELBQADggEB
ADJRxNcJTbgJj2+Pr/qJmyiBpMIQRnUxaRKnlRO0qtnrvUcFrbUzyViNK4TGsKDO
vtZ0ZYYGvimor80DObjXMSbnLGLJg3qGLS3xwBK3yimWae0ypUXMa02gVhhzJ+Iv
gSgUaj7KRjNtCZK0sJUHdf7kz7PwKChBqbGkOqjA2tfUsjTq9vf4YTNEpIpVBQHG
WRtncWLMzdGWhg/iI3GFvoKpZWM7Q6d+Se0CJQ/PBlHlNCeI/B35snqI6BIlWTuu
Dvqh7IfP78+cUa3Z8d8zHj3HU0hwMKF8aPCuRme93IhdxtgwgCiQXjlDh7PWryoc
Wy+TMZu+01Iq0o6MMc+pFQY=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set password ENC lixLHdNlkECBeI5rb+r9EYodu+In1zQBkdRZ8Ceut6bmXqLh1P+
+YMExqyBX5E5IeUaLo5XH92CoiYuV+CS+OHKLY0HUBLOIPj8MdODzsOAr
sx43xihu78D1XNvdMm3q5/wFcLoc0JWSc3N55MIi/
JDW1xJOOeuMd20dAdkbPitnHWOXI8QF1+7Lz1Abtrh0JYI4gFlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQFq9W0GS9tb3s0MhR
gIzFhQICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEASq+aBOvz7gveEf
NIGENHQEggTQASQPmbpH80IQBIxSlqEfmgjB2gSAu14GVLaMys3qAVKxfzgNSF9N
Amx5obX9diHcS90XTSaZro13woqsE7LBsRoJeHlw8ma0sVSexPw7q9lEjF7W3LNn
Nk6uQ/DaLUh4RWUJKZhFWk1Xtl9S+WJFYUSWeQxc9ZMegoyYayt93cgIoTdWW7DS
OyiBEMYBBG8L63L1a5C2cEQYtsbagmgqw/cw5S3WxfKkDyzG76O/5FrcjwVjDXTO
U8gMdlhu0p++OdtOEVKXWNXWpgnC/7/XIprPGg5gPuwZJeKY+pCSnW/1i1V3Fh06
8/xJH0KHUo2AbtK6PQ2PGCRDfg6HHDNmcO6PdsPg0ytefjyYv3eF34LrydPStapY
n8yAzaKHJFtA6dYYRq5afADrp8AcHeARwl6NAFGErlWbas+tz8a2RT6aN+kM7dHA
LlizY93AU64LYSPRWf3Hh1BesSQPpUdBcO4D9BAI7P4z7kw84N/qoI5gbjafAOcb
jGy0IuqezGqFshu07AWAbtycAfE9x4dx8vClV6I9d5l4RSPOHhr909HYocfFuRt8
btO+0LkxvYHQnpMEmMdlbKjrSHXLj7qsdX7GkIBih19s4uTJayn3moFIJ3KPG651
1fXIQ7+/kmTzxVegt8pZMmcaixE7/LkJrSkjjBsYRM1JSIZcf6toyrUdoMpiyJn8
51Kk+xBV37051rNCBCpn4nQrd8lap/TnSHVzPjmprSuAKfmm1vf0T9HWLxgHsaR7
22KjXjr2vdswrw3Y2/j2h5fUdTKvaNva3EXOFyF4GGpNZoi/YMtToMMBjdw3m/zh
fYoHkha36ulLiQdh8+hcqLSxyliIXz/DI0oQS9YgQIrRf7xZsSjXai2WFqDerSxp
UPUOW/5wNUughuYSe7u5LIil+sQRh80pTZ4WE/QGJvhJItfON98Wt0dXFybc5ktJ
lIst41gPtpRAaJyoDAn6QenmbKJSH3/UESvbYkb2H0h9qCEvxXtL3e1/hWTczIp6
tOvhdLt1VXznCGlA8rPyjTXNRtXM/i/FlCSgWiYpqGwbAbO7ecoRao5cMPanNBb6
VFNYQbBo+IW7W6x+ZKwWTVT8bF4N+lfkXR9DZXONlfZeo9nN6FS7u+eHR8Am1/xh
9WhnjMpl66UsN2pYR/EXkiENZ7HSA9w+YMlpUOF/r0kbbfBaz4cEakJVIg+t71Bl
SSbMP/35RuoPVpC5lCL+DCcDkxKgrAmbBRFSoPHI3n3LVpv3tSPe6dJhiPF0C8d4
IHhJjDsVKktamM5aAenNuGb43jkFS4eqk3Y0LxJkfTCVAuWoxDDWZwgtLhpxnCbJ
CL1CbHJB3LCX+jsuihcOd9f37eBBtLJgb9QQ0s6I6A8CMGx/+5b5b0f/737Jh1OS
TYX0VSjdZpPhMTRmd6OKUwePitez6fqHjOe9qdf6MeUK3tUI93Y7jiCuG3DV6rWp
eMkdMdDcB5A3CW+ijZ9OBtGmt5z/8M28MCAlkcaTp3IVmdd6OlUxp9Y/c0DuFTF+
dgICmqOiD53aN4qQ3FRG2uvGX6gNMC3GiqCTwICIY0iREAOQPx0jGhT6Bc2XtnyP
yhf2/Q7bSfSGrwo2pmz8O+ulsMbsUHWW1b099e3f0H5yfo5+9N7nof8=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIIHOK22LiUApYwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MDEyNzE5MDMwMloXDTI3MDUwMjE5MDMwMlowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwakZdEJK7Oi8
NryKI+ABcTUhWqX2hRpLL99Uu855HeBio8qax9c2oBeq4xV4QRh3aGZ/yC64YwWt
ZlkODuMduuvstjTUn1gsh8ShydiQfGwOWUHTMz5stxZ3bQIKwQHRiQwjFFG3YysC
Tn97Zi7ERyauuRqXzfAYwPYXVL/xx5Tg8vHlss3LS1wUfvlwgA8vObR2ySy0Mcwu
RZb5EGKt8eR6QM6WxpbLYjJhpfR35/AY4GZlxVn/nful3TjRq4CW/yylHWcCZsZw
uPL23Djf3ES7UzyM2uRPFnatqMHF69j8UrbXdY+nA8bMAyY9tZEx+tJYSf5ifzKK
YcOFHXg/ZwIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQCWpd4mPgCymW3f5/Hnv+Dqt+XrN9APqGHybxJj
1rXKpspJo/rXaD9MuXESgYV2DqKMaW7gj8NG2EszsJxuqjmCJ9FYSqCoSEypgIGr
LmHgz9l6rijNFc81Z/cXHXYLz+Kk9/HVZpMofYBW1udXJfjf9+q7+nZYv3idLVh3
GVKQMWYvFRfKdw1h/TSGKXeADzCQ/b+jyucYDQDY0N8G4AP0/Cys6l6iF+c/sNlr
bDrRuEEACxVno20LK3nBB70SustyvdsImVREUpqCeIrj7GBazX3VhYJgPSb6RxpD
uJgYqomdwOn+FpgbvvysrkC1Seq1/cjHoWWuCyXOczeIrTZl
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_GUI_Server"
set password ENC
ajA9UWCz1a2gnq5hp8FvRQzX/34GHxbjeGunxJGmfPm/f/qqFqZ7zzS/9VaXhMHXhINyAqrIJmq5+2RywZv
yzSP+narlb8n0ktPLzjlhdhYG
zCxMbnnFjtYydNGuhhpfFxVc3F5U0djy4ZJUzQEfKS5lvGG54CG3AYcenoLkDr+Jnf4/
aV7eWn6OVtTgUf91NPsQTVlmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will
use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJtTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQM9hZOTcA6sJ5D230
6luuZgICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEKv68eGBpE3szIuV
mCTN8csEgglQ1v1psAdl13Sd76wtqnVIPQU0/fXNCTMA+X1fovtMF2bEkbAbo89G
3ljhzQlNDn7rVHGkjEeFQGbGqKqBMW5WNx0lefLU5lY0j6xKTm75c6qgqCKIplbT
eiuXgFB1pQ1+vJL5R4L1KCG2cNDboT2Xgv9U9DLr9iGZl2XA6pT0+RcoB/OJ2czo
8b2dFpAEgKPU99vWtgt6LX8VeUkrzAhnX9rWN3vrtb7hWd5toZCxhG/KCOBE4RbV
FRQnOjpS3nKu/hSb91CWFRL8/MopvQi6u3iXsn3DSXPpciH3SOekWd8DH1D7EnjD
G6Ij7hVdDDgwMbqjVwfOe9GtR+x8NPeqw2qM/Wk4YFOs54zqp2L7RsCeMBPYfr6f
wOla90MTei3QByK92RaLpbS6gvo1XK8pVnHwHLEAPKvC2NBxIYITMXlAqtbFGury
oWJwTxVcUzeSTDuGgC0keiyVaRKXFkr2huAFhE4DAIWU/P6NkN7LIh6B93DNNdnC
Aa+YBaJhkTcEbroJ981A64d5NECjqFQWxxJ4JdOJ17aMWdWx3Ts+6DbhkrcEUkIS
rDlCkmuH4Qafv+WAAyU3jiirzLd7ALALsWDeURpLoQoe3vMk20kFjuzWX3bS+Ot3
mE/RqU6v4wRZHsfcNZBVe31J4Nf4D9iWItgKA8oMTbUMowImTk6SbCCN/50sDdWz
CPabRpqrRsHmfLXAFbxJU58scD5jLnkzp7SJN5JBf077D8PWVLveN1r+oXm6OKX6
UkYW05aUHmSGDN/c/u0eYU1VSWBC0DZeRtWtde49svyxxugHra6znep34b1FryKi
ZZeQ0T9JbkWN+Uph+8LlkFbtGacK3ix8wmVOU4pp1zUntGu4ufWPhuWAPQrP/4E2
bCvmkjTNTkspHTvPbRyimp7z3Zy9k83s+irNW7eFIEB6bSwIr+80mquQnrPoJ5Hv
uHfU8RyTGGcNoLMwpQfclcF7eRzY3BRrqA2Ny4+dl+h/gkRY5RaH6y8G1xg/lgst
P1Kxbhs10BEtqFHEgfpgbtTqqEmXHUZaQvjRG6avpLsxGil4faozui8OVJ3oDBnK
NmxSfeypmBm4x08yQLgzZhllfJengbu9DGdeW8Fg0IxjMK0yNog6NucgvP2YqeQ+
MJ+MltCsnINZWsNCAKTmgDqRw1g0UNt+iLv64v7UNZ2EDD93gAuUKM+zqSR4ryM5
m0maKnJnvmm+XBB6EaJSCK0Kvu0BrsJY2+6sLSWYJHe34+wgbKMRsJdfHmF/3HhX
S6g/0GkK0VNtH/5t/+uMUBmj/wwCYYIR1IkYEXJx8V+Iv6AjxhNfhXSJSQQe3Ee4
bAV52XGN/bBhJ6/F8WPbaJ5j17Ky01xz464VzgS28BlFnKQ1qCWpuV3E16K08OYO
cjuU4sd5rShn3TH96QiM5bzHXNtMzhnlFjJ8g2YrwxxQlA3TbTVXva1j31evBlbZ
o/Y5VtlhziNGh5S7VIof7b51NUcy0e+KF2Oeg3kYCUUIZ0m/qaO6JMZnIoR0nWqn
I9w5WJ9tUgjkoaF4kAUoC06JXLnWDaNlvcW9Y4cMzcCbUCCmvrVT0ucg04A68xG4
tFPhdUjWyR5yyNVj+/SIiWjt0sL1xgp5lehlOzXOy/d2QAKEI/d8ATtz/ec+Lpne
z4NTnms0/2e+Y5gySuIKmhCx3ik+NBqnBl7HiwEkEvVlbky4WKDH8DZNXnbuXzbe
jvUeh9cPPprdNYOshjYJoVA87Gm1JWmWiW14bsDIhUu52+CFpUqjGvCnFe1lhWG2
Hh99D9B9c2csGhi1o7VJzOHKWBUYIDNmarHHR5C63hvfrsWgFRz5MHVqQp15Mjec
ZBN6v9J70ODAz3/Tk0JVZbOzYH39XxATO2ojiq50MzX8zgSJWZ1s0xHsSmenHI/h
Kqs8MAeBg1nUbOBBbTSO5lNEfb0pliootRGS/KSMTS6iaagEU2adx+ayqj9ZypCe
GjkocaQOGnT/7D8Hk4gj+AOMOy9tdKvvii0nLSSoPiqpxjny7Qzu9ItNI33D3GOK
43VTp/0bbJqwpVO+zR0WwKhX7hZX9Ew+gnijNXNZaVWRe/T8qEJh2UkV8JoFzTVu
uY3aYteCptDXIYOAwDSNvQAC/QLE35o7p6RqrmpP0qrC1/F9yBWq80F0MKxXxvB2
nYfiVTuCPkkiLRcsKcpCt2KhToutMub1FQoHL3+28OPvszgI3URpjBHmdRBYIaHm
0aE7SbXa8K8SfG7rvcrLTEhlGhMsGLUGmXgmbrkCqGhBzgdiNkjSL10J584BTApN
Wp96GtTj7u9ZiwVxSSIapbbma605Yz2OrqEEw+diNbQhIoKp8x2YUKKnq+vNcCbt
Iv2j1DQNY3n+3qH4WMPRj4F30uUPbte1QBXKBmMV8J5J9lrijBd5/AG0eSNnov0v
aKgjOoXCuK2xvbRvLyDjtBeSnbDJipzWPjSb2TiXboO82M1mGxSM/hj5PRZkQToh
L53U+QMTKeQKteX6cz5hcZ0FIlPqXoflrzvR9DgpOz5miXr8E/3p4xwNjt/CHfWZ
RfrjHv0Vd7z0bXxqbpWJj0VdGMWsH3huw2D7LlXelQr53616cWmBtLSMoR0PYbnY
T1OLuxMf9Zv6vcAwcdhHLuO5Aa0r4seywRHyNzk+A0vkWVm1zcLBvB0bVVeJ7yEn
YB4d9/a9t32gqwzj18opRBPGiGkqlNS+vbQAHwu7OvXOZ5ZoaoSnoBiYGB1z6NLY
gkX2I74cd0WrhUeS+iRopswarW2dieuuyGdJIVmrPPFGfwiNKbO+WX+2Vq9O8s5C
SAHemRmxYvT64X40VgXSkQX7bStPJVJCzr59tGhL0w20Xw91dXH4BSkbVvsxMFmW
gogbbGCIWx19gt18y7cvwGaUAzODkfm5yMgtrWUiKdyJeMKPnBIwAvtnMiXAJl7X
BlUaI2bmXjcRp06KzTmzrSTOgHCkt2tfRElUtcyVBT9okq2S+w/G1+WDgD4/J06l
C0WaJRd2KNsPuSE7hlPJAsFNDr7nP+IBVdGSfLCGZVuBZ5a54KHWo54tZkZ/2v49
Ynszyb3POkDrTkERefErstcT8Sz6tiLe1k/oBo6m215wPgCQV7j4xmwCvp1aFjha
nV6fUh8iZxZtRR3XPP9iEuSOSfISbpxURgJnyEinU1iVVZ37qInQBlg=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIIK7DUm4bLeVQwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTI1MDIwMjE5MDkzOVoXDTI3MDUwODE5MDkz
OVowdjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQBgNVBAcM
CVN1bm55dmFsZTEWMBQGA1UECgwNRm9ydGluZXQgTHRkLjESMBAGA1UECwwJRm9y
dGlHYXRlMRIwEAYDVQQDDAlGb3J0aUdhdGUwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQC8IEsVTnqFURtKP9/WaOPnm04ZQg8p5u4tE0xcR9t40Q4eYYCl
npyUL7o5gL+GpH6DKhTahT+27J+WoGqnUkhZVenWrK5Oojf80HMavBFUv9BEKzrN
gEuRQXElZ8Fl2NUpslo9gA451R47PRkhJN/l/C2LWIvfEvOhFIDEuTeGwcDpm+ov
JiDo21fB4XH0hrb2FNcKCG8eblWXK+Eirt+lzPSqoZW5qJL0IGXU30OW+UtA7d2J
qb6IZtVFVGcXuGFkMJSahNUzw443oxnxnz3ksXGcyqCEIJb0tlH8UlLdWFPWlcK2
ZfjhRkRguoa6CRn1+XqBQNN7eInwkI6n2fsRowEv3N7gqxnk8qUivvwasawwm9gx
rDFfH4KI8ytJk/m2WZrChXl7RU17z1yqWiQsPFO5oiCLuGKsL4QD0f1WOo/0+kYb
Vmv0m9h6qWc9hyc92AiRCcjiBtLHkMZ+pVUqnN+xNZ1ZGXmYRdmu2Tb9zqvZGM9E
7K3EdJP4QZi5dpjKnQ2ySQuxTDrA5qzvTXMTmgerC4TNv89dxr916IbKBCo5Rjk2
crM5EU0f0Bh/b88M6491LByqn9YgImB3xVmKtvNt6q0Opm8b8435ygV/pS6pjBOH
L/U2NLGqFOyMuDoCT7n1m2+BEy5PkpViN4nAi8sbBtvC8XRUusdQc2r8rQIDAQAB
o4IBkTCCAY0wCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8E
BAMCB4AwHQYDVR0OBBYEFEuWnxN23LykhIsldCFN9uiwp3DtMIHHBgNVHSMEgb8w
gbyhga+kgawwgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIw
EAYDVQQHDAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVD
ZXJ0aWZpY2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEZHMjAwRlQ5MjM5MzExODAx
IzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tgghi5tlel/qsrjB1
BgNVHREEbjBshwQKDBB+hwQK2BMBhwQK2BABhwTAqAIBhwTAqADIhwTAqBv+hwTA
qBn+hwSsECgBhwQK1hMBhwQK1hABhwSsEBQBhwQK1BABhwSsEDIKhwTAqKgKhwTA
qAP+hwTAqAFjhwTAqAoBhwSyFLxCMA0GCSqGSIb3DQEBCwUAA4IBAQAiXmuWCo5w
JwsqWvjvrYx/aLsKsEI0KKNG3OfmajzcQUjPU1gCuDG87fH9NX9lrHFbzVYnSR37
w4TD4xw9lQtv623UPfpCKKRTcd0SIhfYQ1y68jMwgkupiaqPf0x0y2acQTihC7ZK
54cbhELXxSPHZOIKX2M0wBAFSzUbI2MwBDKvIKEtDVkFUwRx5dzZ+58yizIHMKgX
A19Pgtc5VTMP1CSC02eD5DuzCu74U+hho5lJ6lE3iaCH1hgzGAJ/npnwc7HXsiDX
WztQG5aFsBib47Ovoxeu2nrPjodwxb/ZsF5FF8Oq2jEYdAJ5Uan/kKSc939eQnMT
jPjABPOXYH1p
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set password ENC
9QjtbDBwi657c9bWYOfUQ1kwT0Ae3z/+4N1KtTzX4TslBGN0Bsz2H97DWsHSUBIwlYXxXvVGUM+G9wNQIQl
BOJ/pHb88Hl0d6Lnb3e1A9kaS
xhblZR5G7uVirKFzcik0TxfXvJ1YHNBLQTyF3tPJa+CvOVpq5mfsbwOxAUlecKK91HhiopmkgPN9d81lU5q
gsRmwtllmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIC5TBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQDOZIAzIQhkrFsF7O
eWoTcQICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEOxEOUnIR3BCa1qR
u2w40RIEggKASjIdhg7y63BCjlaccrHOl3V7qLTfhDS2xR8eSML2D1Ukpc1QNvW3
ciB+oH0WuVuPK5SuLKp0h4+ockEqH/nqC3sNo6oMzL/DFx4GesDjKPqiRlP2OJpl
47TDvHmEPtotQr0xY1ZR2mZGHMy5PcoeFmFDgyn43TWMWDvUAuPIG9DvcFxUEkyF
Dop+fJNAAw60Nobg72eLU3pAMF22wSwGbUvKfKf0r0RLTtqTSqAyYhZ4r4Xwa5VF
uadnGv5yeAIs5mbHtgF1sYJclgabt/JthezGMmqjYyZ4yKZgW4diOKQLDNBfI64w
ly4LXnuyOC9PZDpWL40+xwJaDG5mxHp2zSm5dbc1HmYeKpIoQk1vVMD9nDG2ko88
/+KTfi41Qneo5SXIJBOu+JErzO3+vycksg7MNhuE9HuA7EuBkmB3KYIWUYTz9puC
+rLD88Y0KHMMmE4fnjyQEGFkM6YHLDLWoqi2uNMagZVGDL2vmGk2gWbv9BmsQtb+
2XLvsTXMAgULHWU0LXvYvpFaFs2lpl3hRDHFppDuo9Ej+vYAd4aY0sEebtGFHjL+
rXjiIcp7fU9WBCURXBO+D7FhIStWZxIJF+igyUT59yX3rOjLOETZmXncTJZ5c1/f
XMQBSyHYtI9Rgz7to16HxEhQzdoL4EfZEJFvF/cYBonzkX2P/aOz4rVtKRfYIr9N
zK9nRf7aaqV4AHj77Lamggj/LziVpqegBQCb69hNgTmPMgVVfRbuRA9YRQ7kvlnl
DldL7ts5i9/ddfcQJzgPmYhciafdf2Jkb13n/lvtFmaJjPyx/EZhqbi9nc1Y39tM
6ffmjbQXuNnb52AZdRZISur4a5fZRSRmJw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAkSgAwIBAgIIUSEMfSBiOZQwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MDEyNzE5MDMwMloXDTI3MDUwMjE5MDMwMlowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDY4NyFLFpnk6dNOeiQ
v+NqmHQtaZ4OEGstEYXHToZN1jHiWiy9BUmmMuDqnEA5sH/PUpwbygkimQvDzzWC
dhoNRuLSEH6ZxZ79kDwjdCVIZK6dAjiliTAdnn0lWiSWFnS5fYw+XxBkqrGvniPW
i3QfQqRn/AFCg+KHrgeGU0qbCQIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4GBAIabyoyVhDaxzXYiaruqoRUh
wub1oXmtN/fHdTdKG2j0E2Z6kMh7WRpkc6fXJhqVAX4HEACKThYsFH9kcoCUWaoV
83qW6HBtjaq92S2ClGMNzb7s7/mdc5wlaaN3Cn6tjz/vqR2KtMovaqyag0Kj3FzF
18BVP7cS/VNMqS9/j2Y3
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set password ENC
BLiPcGgVeJneZtZxtHABKz73tAcawFAF7HbaJqWx2GkX8WjsZS0cK/KmFgCu9UYeBpkGZUXdukYEixlPQog
vpcf2SlyHo/3nlfNhpUxvMJ9K
xflEQ7LA8XgGLXGB1DD0hhN3awkAPJv6uVldWti78//
dBxKAW5SEReBWE1UazvyGMQdApZ5pJ662EU7iNvtSfmkiBllmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQTnoG1T6M4ZpCbrpj
P+Pz2gICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEB/4Q8YWx16DoOa0
coDg7ysEggTQJRXycrReq5ctDUlHb3jMtaIW/BAkro7WPHkuwRhoGSWiUCYes8Kt
gtOBdArEwNmsMpubWc2/BGOZMhHDFzL6cnLJ+xKqTNqlH7U4I+89qc8reCpdZ/80
3gnI+IimH5lGbjIeMuU0ErhQWZNUCCGdGqlO13krSZBhim5QDDTZgBKKfQIiFwl/
GeTuoQQSLG/xF2ACMq2iFQ5N/8ELBrUx+twbdzU3wiaVbn7L/HI3Hbv8vbAB7SS/
6z2VVOHnvu0X2yBqaKcHYbCY+PwA59wPiMR6g8wB+bvn34WamdjINsaQ8EcWxcE0
ScpeOfcdTYfuMvpjTvbz1s3s9AZ8kGV3hB4cFWpz/2gTHVKSoF/HXlBzgtVRJTtg
8TVOoyzRvy9OJQCjmedjt94rTkFcS5lfnxIv0IkZRmJ5owLWwEsFuj1zuIytywL/
8vdVZM7uKhUX1sO5u+6pjbMa5N4Me9GoSK3GPk3Sgt7FbuP30680u75uWebxo5Zu
z33HYy5UdOTH9z0l6Kmai43m63+QvEkDOuSMQFmib/YOA1V8mV2htkPMDlA9Ezm+
i9RQLRNehTRmhqWOIxIlKl+xkaOey6V2q278sI8baD/d4PxhkDId6VDz77hoHqpl
ZgyOnHOiu0x2XMrdKf+5pJFNM9i5QVb6A6lUHgHlYhsQabJdoslW4kHRBkgRnp4k
OJn3cVX5KCPFEZMvTyEAL9+1/PPdI+F+CApmRWtcdi5E5xga1GD+MwIUbOfh3LFd
7kJXEGLZ/hqe7FZH9spMdNiEbVNn+wDZeuWNZ5+ZrdDICpiYtyc0+0wW9rwuhe1K
r39lH/Hi7EAc9OlDOyT9Q6zlXisWzUTQXeyP2w/1GwrB41tI5bKuEa0PnE8t5GVc
A6CQTgiv/RPG+Cw3JKgCmnH/13bliLSbJinDha38qm37CUllbc52MHsYf9GUo33j
3AV3U+AoXllG7UsqWwGINtVUKkDHE2s66CvpIuhcC41QNFDtvgqBCqAPRism14LO
mSpis3PaGdSiPxQ0SY1RjRWBmQ5tEIT8n1LsN80YKoY/ayCrLLUenXwLgNCH69Bj
j9hAfzZECQooXuVu3nqKZKzQLXycJg4LulfFsqaMxl/SnR56vHWLogkIiHcLdGCl
OwxIHXK9X742pqOC8DoggqZZtouKvUGZO0hTRx4E0VzIRfWUxm0WXLGfXLYzlNic
SQ9od38QY8rFpEuYoF1J3OpS5KE8qq4pZge2xukiRBmuB/U/AY7oLnJg8OwZAojN
VQnKzjgR76NrdZhjRfFBpQzMROBXrSxD88a1VSnV9f504Lj5f9M1qVpIf3rKa4q+
BFFzpb6hv5VA7HiTyJv298/OYHVlS26O2MGhSr2VGANnZNlDzIO8uc4r0EBngN1g
mQ4wdv+R2rKSUikYcYej96cRy3wKWNulptfnBq1ZAYIiyVIOskz2B8gvQwDW51vz
zP7d1yj2fx2wIcTgHRjOq0GbcCrLaVmFdZzkUcPW58LRfe/tKTF47OXPAfvQFZp1
cgl87gDa6mNbRIvPBx6b1w78WXeY7/+rpYFgCFEJoXomlkzjS0BYvJtEUPnj7Ega
4dQEPGItcIhTqdanQ3qM0lLKzMARr8mqet+x/vY5PwHbnsMLXkAPOGE=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIINf8gyXyF6UQwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MDEyNzE5MDMwMloXDTI3MDUwMjE5MDMwMlowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Fm13SK3vLdE
YhRgDAzWYVkD8p/OLqJw2C2IJEZbDHzCS5lTod1gcbDQj+OSPUMmMH6KSMR+pl65
jJjaaHzzFPOEamK/NN7dVDj2tV1Ze55sia6lPQ1LyN99BaTa1qiceDWp9/ZD6RX8
jwbjOJgBXv6Qmp/Vv+KHkRhDTr/zCR3qjzBfWpfsHV9mMl8K2UPyN9J/dGfn25vN
EAF5QnoyzIgybBEeNL3lB6YSWVAuM95U71TSmkDLnALFcvzcg50Pd4q7AZ2EWkcl
SlKRtLeMq5DwZCqXDeEEUlQsaxgVJCc7TPu8AkAfzloxIEUK5pA4poBTNtuMT9ve
uOUIVqea/wIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQAoPj1sLIar/VBWUtFmngqopYsr6sYJAlNvpZ2T
qV4UmlGc6e89d03vMcAXD25MlxCHhdri6ZuNzESsmKmYsMp8VGM8EWhhJsIeNDSF
++/w5pBzLA6e64GoZRlkMxygi5hMmz9EwqgxuGFBbx10ThlWDZ48gOLsBiX5ht1w
FMSgbODVB23CdDad3EejDL8wOmQJl6Rlj5iiUpfzVs1YGSqm97YjqA0VU8unu30+
zV3mgpL/tTnsrRAM62AatdbFB2sDQLOrC+ltbdMen1k/rLez7N+D7nFQrrM0FUpg
lWUhahYDistOxUmsY/QL9zj9zZtYpbqiWSncNWjW/XqEPIkn
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set password ENC
x/k6c7FEuWQskA/ymOT97bI9fbAJI1a4/ppNZD/nufi7s14O0Wjb1wcoekp4tu5gl3HiGUZYNtsdks8DLDN
Eb0E9hUijLmpTLswZ2bzQIDzf
IJWZOWwIAL08Z+hV26xS3YtTgGyNJWapuCyXaHcrd586DPksgfsg6ZNyHKIoJhP8W3NdDK1bEynUq9qqsqS
JSLhp3VlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJtTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQhFRHpX5wqAXkfYs5
U/QH5gICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEMfA1u9z9it/O69g
oUl+XeoEgglQZL0VEvX4OZYqrzn+YEx3cdXPt/xAiR69kzFqgD9XYcElR9LAlIih
EZAyJFlARUia8ICKTh19DGCgYn9C26W0WLb82ztpR1nLS1Ri/6k1hTjZSD7meQp3
fuF45dtAdJ33XTEz3xoJrZ4JWWuJfKUWgz3T8lyc/b5XNwERb0APvQuHmYeF4N/v
ux7vbwFluFYsvzQFgxXaaJgZDsJSmsOmd0Krbjp0ICR1jn0+C3K86bx9/qCAkYhW
Gz+ljzvoEo7rn73CmNEsV5Kc1K/twrlooyTgPiA7VL5cjXKFngMx1DSLAxPefsi6
wokYwTXtfB84z5NsWm1YENfagyrG1D71+9slfT4X/xf/MKB96R7zzvz9i3l676rX
5LkVjq7uTAB07WNt1cjMhABzdzty4xzDApOZi2vS7kgf+oGtUU/FEzU6SbeWqaYd
fvKT7L4Vy6uTZsqF9XIpQ4pk90arf/svDF2XtMiq51wseUck5mOEf9cOWifJhKR5
OPSWED+A241CapAz2u8oq5iuHrKdqg5cnFT+mBeJPjhz1BgjtdKTHsmrQQxRshKB
1u+pO/4Ev7wRbuW4f0W2gvdeHwvvozOPkFS6vbUzPWcEqqkjTElHfBacMgIdNLoy
kuYrjuObjkNY/84XOUIG2E3uGrugl6IXMy5P8cLEqmptzR12LEChlTx4IOh5C1UI
hhv2rJw85BdW9cW6f5ZpQ70Qz/HfWKfc4dPA3i4BzefOT/g2to8NR0mWLJGSNDQZ
otMEoSuKiKcZ94ivs2WQozGop32jZ3JXKAr6w20YPYzmLZc0XSgj3LarFBZHAYiC
RH5xyBdxEz2vKj2oaIsoqm4QLeiYDEkopITvgI7+Az5MEdL2fOhQgla+aJCl66z3
fvwqKvF2zbctsK+nOsAcMRZS5YY8O/Z5FyCa7LYvRczgAe+2pCGTJa6IKwN7Af5U
Obxi6KtPXhvS7IvG/qySeHgXT+kkwA75cQticLupkCGMgrsqCiRi+LBtZPaoNWvp
1fzfS2cZiyQFMvWqTvh8oCT4mOC79WZ3VAET6PX4x8y+lVmEWWwWzAosyjAgrCd3
vnW6JZr7wZ3xWeWonLX/e7bW9eUfIgSDdo2LsgEQrzFOHQ3Bp2E2Q0lm3/cnglgO
qIIlXUE2PG0IW16XAbTjKq2ZL6bSm9cQumPu0awRr/6758tVCKIk48UKozOWWieu
rtfzjpb9MV4xWxDWhPuA+Udswzg3cQGfy5eznMhj3E5h37U0WaEv6uHl8JrHS8el
l7Kc8NFS4jPHWL4F6J6+Hvz3hhKuhB1G+/ecI/By4gvZ40fK4NahetpolbHYxG98
KN8rdsqIrYMGXQpcZ3nrc48atNI1daEIwHouvBD5IXLp1+bilcXzbtI6UaVVAAYN
9sVZT+whTxN49HsiHNy1gc5QTaquKbWbMW0YMRmDpyb0FjDtUCDrrTPTTQGLS/db
yONZ/yhNCSEgCdADs6YH30ZvtE+cbnpS4RWmfnQhSpJsfC5LNCJmq/7wq2u66ZaD
j5uz3vQgb3SsGr8yZcqUOs4Zi0AEIWBNwv1GA6oon/cI5efkzHGmHfe08lINNaxa
ZD9KkUSH4znzizbU2O4piVLuiu0HHSMYBh8H8y6Ca5x5YhWEyt8ScOUopOsngAga
E388nRiOXIKug6HRLEgwXFIW47B2NxoW+lKzB/LKRZeGcCLTztk1zXKYxWJXbwfz
4dqeb/7XH28qg1tEX4RY71WO7tyMT+V+tHAuhN7PlanvYEJUgJN0tcM7YdJnYDi4
7VhySxfNGn7NQZAPYy6nTaiy+Cuex3p6iFHfTuDIPft66seATyJvLNsI1vrHyr68
Al0/uorshWfj3evh9RWoL0Ir3vdzqjTo8yaQkIuzL/X90EDjitgSXJdmhkTH/zH/
7YSR95kdlsFcGJ+IK6rL5ikafCTK5a/T0dLBXGGbmdKNKEJHO78TPvYef0qWXA9k
U0aao6vYcsv+JVNow+kDwdB4+zQ0s0whf8L7xFiQtbq+gzSMeBrqKGmtR0ZcZulg
146cpnZKOLcptIgbJ1Vneq7WsvICQT37yZWxfjINkSOlRdTcxKHPknIQKfQVPZsr
YE4K0a8odu6FFpasQqoYHhjC5MIpXv+DrGH0m3AJi34khIr3rB6KmQU0upwq8v4o
PNcDfOzrmP5xbWsVmbHz7xrm47n42bQs+fSseSIyo3o8WPhLrFM4fG0eHxuDZeCZ
MDgtSgMUfp5WRoeTkTFtpR/GkfS7Rde3liF2ILrUovlWZnO+0uAnyTTvsk8dOB6X
65oV2ltsMKEf3VXWtvc1MtY1eF/MEGClW8bJ/FVgOg9EKz9lCjMycVmpdBC3UwkZ
wrRcf4qgzQVMRUQ3WwpRuF2PBO6qfYEvpT3E0Y0HmIwk5khEd8UuN6BUCQYUtDK/
U+HH9t4Xf3TLWCIQvZOJxZjwBBwBNifciVkjO3RAxokPW9qPdpIgsx2lf/lQbtyt
McJ83NoRcB2PP2Jq7zm/NJr5h41Xpl4l4hIkJxEAI6ld2yCc4lmL2fDlOCWaSRVB
yKhnq9xIFJausTvpo7+NCDIszAFbpO+cByM6Z7IkVuAfGCCxb0tAnPT+5gSnqO9g
xwT0eIjUncgFryh4fyhz5TrAltMzDpfdfU548fl+xLOlT5eSUT/pEUWPv6CRZCdr
WugIhEM5nn+aoIPs7cBGGk2rGhWWZ7L11mqI8lXczIsHoimG1jz2ht7xEkOzetCa
RsDmqu6wlR9DOFvR1ZqjRL1zNxQn60GVF+KamLMc+KG3JvrJvxc4+IKUrTEfaFTj
mqxvZwrFCckel0jAmkUHvjuegqQGBn72zFxkWq1WLM4O0+c2x5H7i8f4ZPps1wrM
gt2rTw87DlTkcBSi8A0axu6zZ+pfumq06SSHDULh06vYpQQVvMhi/P6W1q7jO224
v1DT6dHtKCFmqgYcMwelsVmWKCFkqifkwtnqtj3k4wYVbixIK0l7c74nfN4NhJ5F
IuQJBukE/UX83+Wcg5fLRo6Tuz/ZTKbAGUXA7hghoZCkgqkL+IpFYH35cBOy3/RA
/TPgXe671gbfpjwqeLic1Kfvzmr8WyF/Sdq1uPRffs7LEvV2TcCuEsrvHQth3avt
s/1PEs8m3rGpCmZIK28Dp+15jb7sqYc86rVZDiqlBhToNJuoamTLUyw=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIF4DCCA8igAwIBAgIICLkw2yvWoOwwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MDEyNzE5MDMwMloXDTI3MDUwMjE5MDMwMlowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHMjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA01z0XwWwUFFX
pwuQaKyoG11fRL3j0df4Bfezf6TOC1jM65On/5GVQKEJM4dOhE4jBiVZ+8TXKFb8
aI80/zOSGepIDpM98YbdtInHry7Q7++9ASonON5r/FNU6zAsbLXn8VqKoy5bExjf
TIiEU2q5jGx6zd8w4p2tipDIP5KmHYuvmfViYYI6sErY0YrygjEYeESdLn04Fu3n
gMpREq5s+iAobIWpER4LZvCUtfVGaaMHixvjYVrXIW9LDi4t9e/FFyU9LAOH1kCu
VgHhtZxhsYC/muM8GtE5Kd8XZbfUU8XETL++T5dAb5uQXIRHR3IePoeeiVkmn6N4
bSAPJRriSJKm+v7+nkd7vR7NvsAGoR0eBLtSFbTvV9pzEHEJxbyIO9XaJeDosmX9
JQPOpyhtvsvx7GkfGGRtxtto8Hg8PnwcWS3caFPFDCgw+K4JcyfLyEdd1Gk2L0YU
dN/TBGBO0uuYOeb4SwfHuykdBKm6saz3rveArzGUIpfIEeYxu2SHasp4YPaE6qC4
rz0d7btgAjg6L3FmaEWRb2usSn4MABsnSQ7Uoiiwcux/9BL7HPBvkL6MsXWan0eG
KONzuV3k4Gw0wAFsEwrIqe0CBhl526Yjq2PXnQHJUsjUXSFTGetBQ4WB/BXczWRb
rsz7g/JwdrPnYb8XATDzST7AXNP5o2sCAwEAAaMiMCAwCQYDVR0TBAIwADATBgNV
HSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAWBAiwH7d+4WMa+rq
7EqzBABpgdTg/OB+Tipwvga+Sx5dNMHbwVHA//cJysEfQV7EsrV8sjdEe/BIvJEq
vy+tlzY4zSLgskAxYH59ww10bUE//CVSYRdYq3OqSQqLCql3QFVyOCWu1KYbHyc9
TbdLNeyHSUS87+3ycijxbifdvRSr+RUrBnp6uDPyug9BZxT6ayponbEhZPpRNmt3
s18CVYCygGRJForzNKb2quwfUCdMPK9uppnJP4xQbYXFBolxQa8t8CLQxEo8K9rv
QiHfAaolNDv0WLkQ5oxEPOeVbu/SKCz5dwO6sBsrSFgxmrHIIp+DHOZEY7BfhArX
PIo/wVzRiKGCa2HDaeq2W7aod0g4WxryIxR6kEl/9RG2yHQaTWwvV9l0UgT87QF+
jcDlk0K7EFWPieE+3nsrL5fdaHpAXwcglp9QuKxR5WCF1hqx8oFYM0+Fp3Gmn+NQ
AKMv1/GSKVGjTgwgL3Cj5LU4cVrS0Pe26nLtJGJdy+SX5uVSbJN1maa9rfRkg1cW
qqwbzzevdA0JczUUjR4fM1ytEBvtpxuPqzrKJ+0QYeCY3EtMd2n8Fmz0ZTDA/QEP
3z6ajZvkx2v8qdwpBdwQ+SqXfUPf/DIjgDijIHYld9A1/2QsMeQ7rRvdrcPNeh2S
R2p40P506N9Q3VrpA0gM08CE2jU=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set password ENC
iHantQGZuFz9IRAOavogH2UwibiRbd/5dAqr4o5H2ulmD47ho8ylsb3geF7QurQmKpCBR3V9dTDDiR2e7UU
R7I+QofeH3Pog7ICZSoGWJOcF
z7mCNwxhxWJJwZ/
daHf8gOTPHybv2u51lNbJcBAsRjkT3dIuWznJb9PypsxV9oUIH61SLxTKU8aZi7QKq8gjpC16lFlmMjY3dk
VA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBxTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQepFci3TTp/mxWOBR
ovrFIQICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEG7Ce/GTJm6NBEQ7
CU9CygwEggFg0Ny1Imf7mz5bnSMeNur5M2rRCVS13Ur9OXXmpuNwkHOC/J9aOf9u
FCpvaP+fj//iVFzyIjc0VjeWZ95194cm41o8OmHbwXMQYMCZI3rjbcXDgX24/N0G
fmrjOBRCWShbki00tkJa6KHnfvmfDKlnKJVjSKIsue1GTyAGLAiO07cftoXzFVdc
N3Uck6WHyDPQndPG5S25Y96hZ4WZHw/rzN3tbleZMIciXHB2J/NZUqM2vCX8Sx4I
cusAjy1KqA5/z9TMIyGkKPvagfvd0ocjQzvYRyK4k5YfO2PwiW/+lO8I47nrhNyt
hIVf7FIzHIoIZ0La4OaBbpJlsJyaQMwalUVEpHAPkBTL6WJ02cYtZHEKFIQLzgJr
IJJmip2F2FSOT3aXSCUCvPt07/GmqcBi2veYfcFIUAwwmFYfBN7aPKRFkNILQuvk
5Y/t+Cyj/tCH3JYdn4jOUjj/34uDQe0yIQ==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIDnTCCA1ugAwIBAgIIHNg3yNzyKIgwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
RzIwMEZUOTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yNTAxMjcxOTAzMDJaFw0yNzA1MDIxOTAzMDJaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
RzIwMEZUOTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQClnQcWYMdHwOYza1NZoD5UMMKU
w8YXfUd3P9Qap499vp3DyF5zTrAUczbjyLFikKarQ7bgORPxwjZznsfY8vIVnfXJ
UJREloMSOfLUT9h4xa5Ds0OwvOIw94pxI+ys8cl/9qd1cf2uf1iGKp8rxBsCqT9G
2jDZJQntLKZ6gAJZrwIVAOLloFopMHgsyQ3MiaahZaBOQInzAoGBAI92pqCXNoIV
PWamrmC0/n8jUwUWNOOCFuQk2ttdX3qYkx4SkBkU5PL1HeOIE/06VUX/C/Mu7cPp
CS5hA+fQDymXm0cjScgkPokLx14IxpH/U1e2t8CIWw1i/RVgBDkanrWj+ID92wCh
MEojVSlssr28veYUNOkpvMLTOKioGYi5A4GEAAKBgB5J4QtcedIQtsPEo51ZA87m
yCaeBUmfDYkhl95qrfuIX5D6hODcuUq9ZTyKq+WLuLO9kPVc7zM/GWsMQXHLLxP4
QwkO0wAHo+9+GJXFItOWGqtEpGDerYbtDRpc9ujwijvRZbsbCoHeDNQTP+rWMqpQ
z6k+iS8edEe9YkwX0MqgoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMAsGCWCGSAFlAwQDAgMvADAsAhQe2qsyQTsm3q5QKdV9lEQ25eElKgIUJ/3Z
3Y1k0fvg4bLIMJlqr1i8roQ=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set password ENC
GJtvp7bo7ZCHgZa1RsrALh74dRr5as0UaAlZ9+uKZS4wUHQTVu6RDTBARxgih/4H55o+G56NYLw5TT/
dFWGLvPaMkYcpK/T1mwBMOznqiNrA
Ye5ZeZA7EMpPiUT+z1dSxowxBehIZk9YbgNwkxQ02lgc7LO2TYKaM3JlBoylQO1CdCi15SNH/
SQ1+X95hNWJ6SSW3VlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIC1TBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQboRVBrefiTzSFqMJ
dxl2pgICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEOxi4AVvVC9/qSpt
nNBhmVoEggJwIJ6vbooBkz+583z2Cw5SLovM97ReElhXQ5bT3vdEFqPC8bQNL9Fc
JoooIFCHEWtjqDVpWOgqs2lcRE9a2YII1flsWXFwZY44evz6ZPYHdPyKP2ES3O5O
ewjz6rkwywsJrWn55iYyqiD3bFlbJmFKLQhk1AT7/crkV+kMTbiIj1wQNFuo+zr5
/VJsXrBee7nMC64EAltuTqHe+sXUb2dZMxrDzd15GLdFgBknARYGDXFkrAGFPDdQ
AJmAP792xu60ZPFSlgNKGLfxxD2my+3+74TjWpMpxt6nb68QpOycBZTAYuGYIidw
h9ulg03G2IdVXl0q41dcrbihX7x72CVIeABq3QO6m9lAitsa/gFYFDAYrgt31zPD
mGtmSgY3ZgqUuTEMWx7LBMv7qvb1S/uJhH/eLqwQ9ZQzOTOyjV+AztZxHxkoIrsC
D1vHZzAvp0q8kaf5bhopPq/UVZs1UUUBVynPjFBZc9fyH4cH1rJ4PyZKHzXQEUjX
ASb+ebVvXT80Bn7edUnW0AvcyiczfRn0mYOj+Cy6xzKLjGls/ogyAfpvyAmx2dUG
+bq1dvw9svOx05R5pJQk6aly5MpDzpFdXfs1rtFmzgVPew4bRMITkd6dZaf6LnDn
cZX2QAAu9UeVnUGALKNukX1ZS3Qd6t8cK+k1mTpiV+jnXBPULYzpevuhZPHxUues
BkKMLI/YhRzULIn4sRWSm9as7m/mdDNjhWLmaWK0ppqPAgRfMOODUPHJgiXg+S7u
cGk3GqMa+R/ELJ2EqRvqCjMwql/bB1g3B+JCPlOI9JFCozXbeM/nbZVSDDrLaxqR
7SgLAODOfr+Y
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIFRTCCBOugAwIBAgIIWdRHi7NpyLMwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
RzIwMEZUOTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yNTAxMjcxOTAzMDNaFw0yNzA1MDIxOTAzMDNaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
RzIwMEZUOTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCA0cwggI5BgcqhkjOOAQBMIICLAKCAQEAlPO4frlIA27cNSpk1cu2Yiys
URiqiSWyqKSXjlf7zEQpa5kMguqqytQnqWvC/2Fh2Eg++ztLy4ItrQeOJOFGlFoI
a9gAQZS7hjG7ipY1DNZwX49GMZz1Zm1n0uc6EjAxGtYgTKXwJkJ2ol7cWAIojYC+
QYCsTQE4brmSluzPUj3EEkP7qjp6QASktsc8IOugftRah9b7ZaXJ32niM2YXJMP6
7pwH9QUPPuNQhCQYPaNUY3yrXVvHYe1hLh7iJ23sv+E64WmQwhJoyxKINZNzte3p
/geQMTm0+AAUpTNYHTLy6xKs297/NRIo7cGsvJ27EI6NeDAvXcEibtX88dpipwIh
AI1p7bEZPmNjhIJ+HpLVPppJ827hTogseLFyXdMVN9DLAoIBAG5edRduzCehni07
usJczi5i1u9PFHqSzJWDkxL/m+nqkiwonuDi122LCoAnOPQBdWGkzP9jlbqIOJMb
PP8DlmrIpMuVtg7LgCVu1MOkU4eFOTkmIKYmLq3LcZ3UbzQiu6guZ1OQAYa2d+vy
eLK/x40qpVrSq5vVJ5iVxbyyzrjWbxo3adywpSvxjjrqrDQkpAoyfhrFzEx0ds9v
3MtDTPg3Ke3oomOQuzOmTimdDZu5FfXdAAelATDaivowBnpfvnJ1KxbEri7YKJ8k
kZIYnJs/R8bS6EmHsOCsmGpff2xHjDIKy7QNYCht+AlPi5pFmCNOvzD8JBDmCLe+
x4RFh9IDggEGAAKCAQEAgDjlYnznu9PEhDuMzNnkn+K8eE9fWfiseHiUVS0LaCNq
2kdtEjP1Z9Rdnw/O/GsArbwdPX9J8sdGGHX9Yn6ASNXXXfyueQjeJp6ug+b+bMF3
wl6ye0Hq9opYHio8nP88EUIdHBbwqgWC0fl2WWw2KBXDuHemQrwX2/Rxa80cORMD
yTaxDPvQNr7lbCS4kHasFNCFHyK4Jo2P0dMAgWk6gGRuRZe3ZAPUfljW46qRVyAw
s4i/uHDJn7AvIFQDzLRuv3aAXRgZ4g6ffUpBdNaX+35o0PrtQBkpsUK0pQEd8htQ
H/82QQHHT06oszs1bgQc0wUIVLJAp/jhbEU9DFXUkqMiMCAwCQYDVR0TBAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDATALBglghkgBZQMEAwIDRwAwRAIgc2QOXiBTWAKT
n+tgJA2GTwTYGaN+BNet6QzMk3dprRsCIFggF+9ptLe+m3i3TZ1w4scWLbWNZxX5
OX0GKUT2x8ns
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set password ENC
U+d4TSXwY6Ga6Fb9wzCDHcanQACSNyw29QPZrrqH6eddliKf5oxPT3VaJd4no0F4V22DUb5rjdBBQq6VGgM
89z8JwQN0nD3rfOr8ZwplmUhQ
GaAYLKdaw1YmvKQIiw1hYw+oNehEe2Og72yTH+zQpanHiBznd7BjvNGzzvAojY4h3V3fAU7u6YkmuDKKb6C
WK17+JFlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIH0MF8GCSqGSIb3DQEFDTBSMDEGCSqGSIb3DQEFDDAkBBB459Gw2Q87ipGAfuaz
wZt8AgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQTlZZxW2wZKFDnx7/
5rd4eQSBkCwaz29SVlQbADAcBfjLGy9teZACDP0w3CgGNieiOHk/T7sMkegPxVwu
/5PtpduFQ67b48m29zRPXMkOoc4EXVUjV+qByFNa4MDEZZgYfJG5D6a3WowSPqts
bcQehwZ6/JMao+QqFE6Sr7HlvXfWdm1TOZhPnvJ9O/MdcEIWm1vcs3RtA7+KbvHC
V3bWBHm4Tw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVTCCAfqgAwIBAgIILqXETAMNn6MwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MDEyNzE5MDMwM1oXDTI3MDUwMjE5MDMwM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETy3NuHZhgK1elTK93Xw/1QP8
B5QQshC1Y6Mxc8IHHBzZ0ElVsgEH5jrwiLmPIMHGVzuxX0KVPmNMobyaK8vQOKMi
MCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNJ
ADBGAiEAsEYNTiAzIhRP9A2nfh2nSL5DFcEc1mlTQCwVBf8jFf4CIQD+iphv5iQw
BrZIrKtrRXRFHXpiJ3wG7DyuGLfHtF4hNA==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set password ENC
AxtpxD39JR9vgvepde/7S4kRbC0s83dTKeGOYNfs+OaySBcjEimwCYvZ423w91CC7HnMvZvaTd6Ktz7wRPz
33oPcWztjXZKlxk5PWzNBUuif
DdlXg4a7gmSqyuw5Vdo+qZJe9abSjWgADy6AN/H9jSR4xwV6/MG/8+/
jeG6+d4bx5pd2aZmUgXHpa2D+GWQnZM4SullmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBJDBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQ//nrubxSTZ2JrYqu
bw5qtwICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEECFJCc8EIO5tz4/v
2Rsys18EgcCNX5ejfkwlC6OWNzYHExRMu+qMjFxzZN5JtXpOvCDLB5zJgCpdktKV
LegwM9t56OWKPWpZj/iMk23MKNkFX/Cm/+4Yo8jgGmmD4hPWw/QLKvjiJN8W/wHP
U7lHrxr8RZlcbhv+xRNy/0Ip9Ar7aW+F3yWCx6DL2oBqLp5CDhOKp6HYDtmpKF1f
eQGVOlwGcvEtAenBvmRveaZ/PN67iCd2Ff9ixTl3EmdbIOKFtE4Oso7YiJM3Jk/J
V7FalH8E+7Q=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICkTCCAhegAwIBAgIIChWzWfxcpJgwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MDEyNzE5MDMwM1oXDTI3MDUwMjE5MDMwM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEM94WSNX4cU4p7LcFe6LsjXVImq6Y
HsCm9iD7/ZLHP0RAn/NEsYMV8tXnRfG+upp/mME1DKZmLCTykOml4L19r7q3rd8C
eUyT0NRen2C+aEEDe9IoMmm1Th9YVCPQweSGoyIwIDAJBgNVHRMEAjAAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2gAMGUCMQDRgx4kUjrnoSqGQAll
RrurRteFwHpgH9B2scoU7l9kYJ7QcBXGADqtiTuDGMQUsUMCMFGhKkVLgM580qOr
Nu6r+8k1DJthSf694miEWZ9MMp0GJMK8IBd0Os832IzogCu35Q==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set password ENC
1ithqIXuKdXSp6Olk5viXgwNt1Xgo3CQPhCCUsX8kDDkZXTelpu0oTKZCM8H+0ZW5xtfsJRC3R2V/
5EVHPdynHh2l/lXpJ70Y5TdFljSB4O1
VgvuvkeR11QWCHfR4fwkjUT0IVruvkprfDthmgj9BH5IM1JDSwgCaf/XRij/R3CME/
djVcsyeFt8CHNPWQJ6UqEKHVlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBZTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQ76PmM3/7ov/Eelj3
whbKhgICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEF9z1HKBfqiTs2pU
wW497pEEggEA7orIOMELH08jaAkK5tuUXfAjF+8/e31SyYNk+Y7i1xE9M0bJD01W
ETYcKz97juWij74mozeVn6cy7a88dx9K5wgKcPTnezRWh740bBtL+o3DIZ3nxOBT
6KEQr6tx1/P0fVYKSQD9XLfiWj7U/lKyI8zMQ9pGgFKCCaqGTz0rpakk1H+8pmpM
MkOtbMeoVsdYSkPrLMREKos9GAndWrgdT3L5EGP3t81Ofi2NJUqk5dJQa5pnEQlF
5B65fIyI1ZWuruG1WetqBABLEk1fjJOgdxcWBkfQA8UwCc8nKYZ5kaFxtoa3Jwzd
t3QjHjSSs5N9jQCBYpBBXS427+55SP2kAQ==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC3DCCAj2gAwIBAgIIYjWqLaQ1CnkwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MDEyNzE5MDMwM1oXDTI3MDUwMjE5MDMwM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
MjAwRlQ5MjM5MzExODAxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBBmIJlaaRvT6/cmIU4zA+ye53
os77pixtuC11w/N3BMr9q6TH/AjbLwWQmNKSHRaKVlmMBWgyzk9R/omnQ7BjVQIA
59DNRfUWEwix8QjvAklGrdE6UFlGT4ouFqJpSRCxPTbc+UH7ymGPU546OjOPX0O1
+cjvT0fqbP1p9bn5bEfQgUyjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwCgYIKoZIzj0EAwIDgYwAMIGIAkIBbVl5G1xIqcUh4BEsKxKcpOZKy/pP
3t6P75NJSILWIjLU0SNJ92Q3skR/KvpWQ50hlCUvJyPmLykUoPqaBYosbP8CQgHh
8UGKDczlAxU/xgfEciLb9KOCeuJLwDXaeLSknFdYN9dgMPYsfW4xbOPQZ5GQfAYv
IPKQTL+hLRwVGXdFmiS3+w==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set password ENC
A2JRd10ABvlHEVVCaEAPbAUOM957a4e/yVPj9kkYrc2A/u+Nv7LsL6HWAuIZv3wx7qEUJZSItacHJDK+6Pn
Nxm4USLjdKFgyBZ+6uD8IYWcL
zOoCqJKhg+G0PCOhXYfwgHLESrF9Oj0e8knerWjKLHhMuebhFkj3UjDIQXCkjed4wb651f0xO8B9KxLZTi0
YbFnPL1lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGjMF8GCSqGSIb3DQEFDTBSMDEGCSqGSIb3DQEFDDAkBBC/FFX5wUJWscHFZvPg
grqIAgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQbixN5OelJzeZ7nGX
6Gs/dQRABXEgh0ngqvjEZ7yjTgaTySbbXG2M1QbyfsFQAO7CfZ8faDukkxFFbHQX
k8X8m+oM5o2IFU/0AgkvPLLuqrTBaw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICFDCCAcagAwIBAgIIa14HFE4P1eYwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGRzIwMEZU
OTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yNTAxMjcxOTAzMDNaFw0yNzA1MDIxOTAzMDNaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGRzIwMEZU
OTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAq
MAUGAytlcAMhAO49osluYr9tot7yWvLv3Y+VhBvsAfH6cbB7kVur6PbfoyIwIDAJ
BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAUGAytlcANBAG3YwEVnvc9Q
5KGGWV1+Pyvsi5B13f0nV6+X2jBajMAsRQz1FjfY4pohDqLEwHKKaLTABJX1W4ew
J95idMNZegw=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set password ENC
ijiB8vhzYvAS25bGEjX11IDyuQ/yjIKenaO5VjH9EmWzbXagiSKUNFfj5lLdNiLBzxsHvMFCItPg9WuJS3W
28dFCm38h9mOhs6b3lk9Wv7OC
PNqe7PK6AfPmCMsLVbooTtH+8DHDaC8U+T7AXsHNB/Y1pAP3k2Es/
i+KyjmZQMQKR8MAgvBF5ukCjj+GxZ6MeJjBiVlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory
and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGzMF8GCSqGSIb3DQEFDTBSMDEGCSqGSIb3DQEFDDAkBBDo5OqyRS57isSZo2os
eYX/AgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQyzS7srtqMwQ+8ZCl
kerBjQRQu/mb3nf3TyXKXCLQIXw3TB1ypMMWkbLdQfzfuDnBOJNt+EQRPk0+oAIA
yI5xSlkkxa3UsttJGfnv8JMbaJ8knf50SxKCNsHBQgJTUJuxT3o=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICXzCCAd+gAwIBAgIIfMzmLlIqvxgwBQYDK2VxMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGRzIwMEZU
OTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yNTAxMjcxOTAzMDNaFw0yNzA1MDIxOTAzMDNaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGRzIwMEZU
OTIzOTMxMTgwMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBD
MAUGAytlcQM6ABVw37NFYBmxjbaHP1mCIlg5E8CQxYCzKVuLts90XA1TasoknJex
mOc3oN3ypisvuyZs4E4NRrAVAKMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggr
BgEFBQcDATAFBgMrZXEDcwB+P7sb7jYNBUQg5jaVvE1forzt/NM0okDQ16GqDzAY
clGITAawuNNIGrg77DlFRL8R7F0JgysZA4BTaKfAumS8mTLA9IC4Il6FJmHGpKCF
D3ixBtRvkGx+S6udAU+qq4e9czfAb+tFzjjBLTyPM+zcLwA=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config vpn certificate crl
end
config vpn certificate ocsp-server
end
config vpn certificate setting
set ocsp-status disable
set ocsp-option server
set proxy ''
set source-ip ''
set ocsp-default-server ''
set interface-select-method auto
set vrf-select 0
set check-ca-cert enable
set check-ca-chain disable
set subject-match substring
set subject-set subset
set cn-match substring
set cn-allow-multi enable
config crl-verification
set expiry ignore
set leaf-crl-absence ignore
set chain-crl-absence ignore
end
set strict-ocsp-check disable
set ssl-min-proto-version default
set cmp-save-extra-certs disable
set cmp-key-usage-checking enable
set cert-expire-warning 14
set certname-rsa1024 "Fortinet_SSL_RSA1024"
set certname-rsa2048 "Fortinet_SSL_RSA2048"
set certname-rsa4096 "Fortinet_SSL_RSA4096"
set certname-dsa1024 "Fortinet_SSL_DSA1024"
set certname-dsa2048 "Fortinet_SSL_DSA2048"
set certname-ecdsa256 "Fortinet_SSL_ECDSA256"
set certname-ecdsa384 "Fortinet_SSL_ECDSA384"
set certname-ecdsa521 "Fortinet_SSL_ECDSA521"
set certname-ed25519 "Fortinet_SSL_ED25519"
set certname-ed448 "Fortinet_SSL_ED448"
end
config webfilter ftgd-local-cat
edit "custom1"
set status enable
set id 140
next
edit "custom2"
set status enable
set id 141
next
end
config ips sensor
edit "default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "all_default"
set comment "All predefined signatures with default setting."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity all
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "all_default_pass"
set comment "All predefined signatures with PASS action."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity all
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action pass
set quarantine none
next
end
next
edit "protect_http_server"
set comment "Protect against HTTP server-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location server
set severity all
set protocol HTTP
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "protect_email_server"
set comment "Protect against email server-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location server
set severity all
set protocol SMTP POP3 IMAP
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "protect_client"
set comment "Protect against client-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location client
set severity all
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "high_security"
set comment "Blocks all Critical/High/Medium and some Low severity
vulnerabilities"
set replacemsg-group ''
set block-malicious-url enable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status enable
set log enable
set log-packet disable
set log-attack-context disable
set action block
set quarantine none
next
edit 2
set location all
set severity low
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config diameter-filter profile
end
config firewall shaper traffic-shaper
edit "high-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set cos-marking disable
set overhead 0
next
edit "medium-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority medium
set per-policy enable
set diffserv disable
set cos-marking disable
set overhead 0
next
edit "low-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority low
set per-policy enable
set diffserv disable
set cos-marking disable
set overhead 0
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set cos-marking disable
set overhead 0
next
edit "shared-1M-pipe"
set guaranteed-bandwidth 0
set maximum-bandwidth 1024
set bandwidth-unit kbps
set priority high
set per-policy disable
set diffserv disable
set cos-marking disable
set overhead 0
next
end
config firewall shaper per-ip-shaper
end
config firewall proxy-address
edit "IPv4-address"
set uuid 56f5ad60-dce1-51ef-db0b-abed1950aaf9
set type host-regex
set host-regex "^([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\.([0-
9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])){3}$"
set referrer disable
set case-sensitivity disable
set color 0
set comment ''
next
edit "IPv6-address"
set uuid 56f5aed2-dce1-51ef-e250-785d08e3f752
set type host-regex
set host-regex "^\\[(([0-9a-f]{0,4}:){1,7}[0-9a-f]{1,4})\\]$"
set referrer disable
set case-sensitivity disable
set color 0
set comment ''
next
end
config firewall proxy-addrgrp
end
config web-proxy profile
end
config web-proxy global
set ssl-cert "Fortinet_Factory"
set ssl-ca-cert "Fortinet_CA_SSL"
set fast-policy-match enable
set ldap-user-cache disable
set proxy-fqdn "default.fqdn"
set max-request-length 8
set max-message-length 32
set strict-web-check disable
set forward-proxy-auth disable
set forward-server-affinity-timeout 30
set max-waf-body-cache-length 1
set webproxy-profile ''
set learn-client-ip disable
set policy-category-deep-inspect enable
set log-policy-pending disable
set log-forward-server disable
set log-app-id disable
set proxy-transparent-cert-inspection disable
set request-obs-fold keep
end
config web-proxy explicit
set status disable
set secure-web-proxy disable
set http-connection-mode static
set interface-select-method sdwan
set vrf-select -1
set strict-guest disable
set pref-dns-result ipv4
set https-replacement-message enable
set ssl-algorithm low
end
config web-proxy forward-server
end
config web-proxy isolator-server
end
config web-proxy forward-server-group
end
config web-proxy debug-url
end
config web-proxy wisp
end
config ftp-proxy explicit
set status disable
set ssl disable
end
config web-proxy fast-fallback
end
config web-proxy url-match
end
config application custom
end
config application list
edit "default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "block-high-risk"
set comment ''
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set category 2 6
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action block
set log enable
set log-packet disable
set session-ttl 0
set quarantine none
next
edit 2
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config application group
end
config dlp data-type
edit "edm-keyword"
set pattern ".+"
set verify ''
set match-around ''
set transform "/\\0/i"
set comment ''
next
edit "keyword"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "regex"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "hex"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "mip-label"
set pattern "^[[:xdigit:]]{8}-[[:xdigit:]]{4}-[[:xdigit:]]{4}-[[:xdigit:]]
{4}-[[:xdigit:]]{12}$"
set verify ''
set match-around ''
set transform "built-in"
set comment ''
next
edit "credit-card"
set pattern "\\b([2-6]{1}\\d{3})[- ]?(\\d{4})[- ]?(\\d{2})[- ]?(\\d{2})
[- ]?(\\d{2,4})\\b"
set verify "builtin)credit-card"
set verify2 ''
set match-around ''
set look-back 20
set look-ahead 1
set transform "\\b\\1[- ]?\\2[- ]?\\3[- ]?\\4[- ]?\\5\\b"
set verify-transformed-pattern disable
set comment ''
next
edit "ssn-us"
set pattern "\\b(\\d{3})-(\\d{2})-(\\d{4})\\b"
set verify "(?<!-)\\b(?!666|000|9\\d{2})\\d{3}-(?!00)\\d{2}-(?!0{4})\\
d{4}\\b(?!-)"
set verify2 ''
set match-around ''
set look-back 12
set look-ahead 1
set transform "\\b\\1-\\2-\\3\\b"
set verify-transformed-pattern disable
set comment ''
next
end
config dlp dictionary
end
config dlp exact-data-match
end
config dlp sensor
end
config dlp filepattern
edit 1
set name "builtin-patterns"
set comment ''
config entries
edit "*.bat"
set filter-type pattern
next
edit "*.com"
set filter-type pattern
next
edit "*.dll"
set filter-type pattern
next
edit "*.doc"
set filter-type pattern
next
edit "*.exe"
set filter-type pattern
next
edit "*.gz"
set filter-type pattern
next
edit "*.hta"
set filter-type pattern
next
edit "*.ppt"
set filter-type pattern
next
edit "*.rar"
set filter-type pattern
next
edit "*.scr"
set filter-type pattern
next
edit "*.tar"
set filter-type pattern
next
edit "*.tgz"
set filter-type pattern
next
edit "*.vb?"
set filter-type pattern
next
edit "*.wps"
set filter-type pattern
next
edit "*.xl?"
set filter-type pattern
next
edit "*.zip"
set filter-type pattern
next
edit "*.pif"
set filter-type pattern
next
edit "*.cpl"
set filter-type pattern
next
end
next
edit 2
set name "all_executables"
set comment ''
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp profile
edit "default"
set comment "Default profile."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "sniffer-profile"
set comment "Log a summary of email and web traffic."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
edit "Content_Summary"
set comment ''
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post ftp nntp cifs
next
edit "Content_Archive"
set comment ''
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post ftp nntp cifs
next
edit "Large-File"
set comment ''
set feature-set flow
set replacemsg-group ''
config rule
edit 1
set name "Large-File-Filter"
set severity medium
set type file
set proto smtp pop3 imap http-get http-post
set filter-by none
set file-size 5120
unset file-type
set archive disable
set action log-only
next
end
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
end
config webfilter content
end
config webfilter content-header
end
config webfilter urlfilter
end
config videofilter youtube-key
end
config videofilter keyword
end
config videofilter profile
end
config webfilter ips-urlfilter-setting
set device ''
set distance 1
set gateway 0.0.0.0
set geo-filter ''
end
config webfilter ips-urlfilter-setting6
set device ''
set distance 1
set gateway6 ::
set geo-filter ''
end
config emailfilter bword
end
config emailfilter block-allow-list
end
config emailfilter mheader
end
config emailfilter dnsbl
end
config emailfilter iptrust
end
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set url-block-detected high
set botnet-connection-detected critical
config malware
set virus-infected critical
set inline-block critical
set file-blocked low
set command-blocked disable
set oversized disable
set virus-scan-error high
set switch-proto disable
set mimefragmented disable
set virus-file-type-executable medium
set virus-outbreak-prevention critical
set content-disarm medium
set malware-list medium
set ems-threat-feed medium
set fsa-malicious critical
set fsa-high-risk high
set fsa-medium-risk medium
end
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
set level low
next
edit 2
set category 6
set level medium
next
end
end
config icap server
end
config icap server-group
end
config icap profile
edit "default"
set replacemsg-group ''
set comment ''
set request disable
set response disable
unset file-transfer
set streaming-content-bypass disable
set ocr-only disable
set 204-response disable
set preview disable
set methods delete get head options post put trace connect other
set icap-block-log disable
set chunk-encap disable
unset extension-feature
set timeout 30
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$auth_user_uri"
set base64-encoding enable
next
edit 2
set name "X-Authenticated-Groups"
set content "$auth_group_uri"
set base64-encoding enable
next
end
next
end
config system network-visibility
set destination-visibility enable
set source-location enable
set destination-hostname-visibility enable
set destination-location enable
end
config user peer
end
config user peergrp
end
config vpn qkd
end
config user certificate
end
config user radius
end
config user tacacs+
end
config user exchange
end
config user ldap
end
config user krb-keytab
end
config user domain-controller
end
config user pop3
end
config user scim
end
config user saml
end
config user external-identity-provider
end
config user fsso
end
config user adgrp
end
config user fsso-polling
end
config user fortitoken
edit "FTKMOB516FD6B177"
set status active
set comments ''
set license "FTMTRIAL046F9F6B"
set activation-code ''
set activation-expire 0
set reg-id ''
set os-ver ''
next
edit "FTKMOB51AB044207"
set status active
set comments ''
set license "FTMTRIAL046F9F6B"
set activation-code ''
set activation-expire 0
set reg-id ''
set os-ver ''
next
end
config user password-policy
end
config user local
edit "guest"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 0000-00-00 00:00:00
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
xHQ+2moXAKfko6G8nvx4u6JqxQqQzhUqHXEf5K/PXsp1Ohjk97SNxpr22WCtwNePGauMvLIcKaegtyOGMba
WXnumw3kUKyEatvlVVtHq/b
E/eVeb2topAoV3iwUeAhcANiGnBaFQmBCubYWWKa/
cnzMqfXgE1ihb8OZQ5I+npGNtCM670hh7NQH70dtRzNMIpjwQ3VlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
bSWyn7Vx0KT95+jdhBWc6IcDOL0Jz+7Yz7NXjmfvRVPaOlHfJN7yjG5YKPnTH75rsBiGAa6PgpA8Cls08RU
YgCvenYGrwyzBEG//k+eBijPCld
3ZojX2hVCX23XHpSvusHf/XrMmLHLlIu2lMW9BwiS/
AMKKrHhqwyDrGv3weOLNIRdwA07rxUgg9X2IGCEouYRtcFlmMjY3dkVA
next
edit "Ahmed.Salah"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-28 04:28:44
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
Iju7zZKJ76NZc1a1RJJN9nx9LMCyRiLYWKh+YardjenTXwQCtM6dtKIobjfby0UJVVs8YAWUKoD+2tQqdr+
2rJA3DMKlJfjfYn+JLSlhAw
9nWPXTlOxIZjEfKPoRTdSuDzSUZ0KBBaLJk9gyHvazorJ0iDq5f0n0gmF4pLxppGy9IG1GmdHKFqhKJdwdO
ugSWzK/xVlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
TPZ7YKjTzXU+ktVrmxl0ynFdzazyRrxKG0Mcn5TAXBk6BCTPaBqoUasewAvWOuEGzSWmx3576J1AaD3x6Gv
S90gDz+TFpos8wJvPoCh/Ck+nct
9qQ71eIpZw8MAi4LNk0cD8hGkJVMlTENFjkudk4fLpbzLFqfuXBwgiG49sQAcQZd8SHAhmDyrdpBpUymP4o
cfUUllmMjY3dkVA
next
edit "Shereen.Alfawaeer"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-30 15:06:38
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
Ytj14quJ/YOqKf1evGWapeAVQmg/x3S9PIfn5wUN02QQzXuZyaEZMGY0bWug34hIlQqQL5/
staETUSQByoufVwp3PaJdF67dVn1/ga6oWl
cPjWrxMZ7bqixPg10HAyCB5atig/
1ru3tcHJCaARBfYhIRvorf2P3FKajbsJeFybitVzcxZ0lYZ3O3z5YpDwOUuzGgc1lmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
UCKQmjVeRjE5OJS8zpRduA/X/6cDxnez2tLBrfCWUmvphNwZKbpqRtoqIFzkN9JQhJJYyT/
AzbhxYtH6C36Ap+eAU1r2uaIwE+D6TMhgrAuU+F
k3zVY9FkzbVIQ5ON5S5ycGbLF0VgWmijVafy2YpjeB4xqug/
cV57vwt3ytqYhyl7twGgTiLN7sAIvrgmp8VGnyeFlmMjY3dkVA
next
edit "Maher.Daana"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-30 12:15:26
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
1I1tPofzdREsASEqKBfsvcRuiFZJc+Yxbx3TNJ4QtmZnqlap2eIjW23dNxaPlKFU6zSfyK6A/C4vNZY/
WWbxrKgELxjk1vL6Dihb8G66xG
4XmiXbAH0bVM7qhMZIltTu94Z7oxmZ4s2zUYAaGKl4lS0Gx/
blWclZaWghgJb10EerbuqWgetaZehF2GModcWSW0qLy1lmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
KH+EZ6Jtmj8Lq8lT0jRP8nrdPQsXnucfOHHyVTejNeTFHBOR2H9htlewLuHfhjoNJYs879RD37Otj8349XN
a4MS37yANrtoGIZI++WNwsT3xqx
DJIsoXDUYadkrLTb4isMgnEXg+280SKvc0cJpvZD0YlxZQerfaWtYJOAdbQ2qlx/
fc9IWQQVoYM9jKcmqq9gYl1llmMjY3dkVA
next
edit "Mohammad.Tommalieh"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-30 14:57:30
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
RH06cyTJW7kBdkGsu6cl2C0rLBiZfjPayDkSaiqx1bpkT4doEl2X/2+xOFZ9Uw+2MGscwD7MCy/
Avgnzafkm0gdbK0JTK8qcr223o4oeff
J5JI07CVj8c2bpwL/G/
tYlMdXBie89ig9rfA1PvHISb8bsjCGezI0wbja9LNTHKcOpPt57jj1TceInXHee9CM2KSlQhVlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
+EIF1okIynsjNOaz4HhVdriTAdCSK5nFIEiownKCZ5GkS+/d3WRDAtcVnRjOTWpK00tccarBLWxHI3zeNSh
iXp4amZ3nBN5Ywc1S1qnNQX+Zoq
Wb8EMhS8S/wX/BqbT80tV3x33f1fRgFFHNepzbdnMna2NQe6QlwnRr290L8QGnlY+u77OK7PO/
COynLWLRUJ55dllmMjY3dkVA
next
edit "Mohammad.Eleiwat"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-30 14:52:44
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
9uARtp1LBwBlCRZMX57s3ba7kCJvASiXeU+VsY3jsmSRYLUmeUKgohTF5tsA4V+l1eS7mmogmzoVmXrUqpa
olqmH4SLj6kzC/hpeqYTI4o
KFp0g1HnNGiaD32WllLpltA9YtfPoERE0k6JBG5B/fWHntmHp3yfM4EUxhE8yO5P6pGb8ibL/
lEBgPByGqy2C8uHMwfFlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
SMk7nYR0V6mEEfPUZdFZ+uORuuzaEvAFMBNAqwFtE9AmMMDX2ObpwVUqKQd+QH1XR35Wo+uWpKTXV8i3u5D
DNvWshYiq0t/wQWHs+hrwxd+nSQ
oHJi5rS3mjN0W2TFy/fVa3bMBpzHCTLbPXPXphy/2vkKZloCmIoOGlogSOll/
PqmNGkzOw+jibzd9R1Gf5JIKbH1lmMjY3dkVA
next
edit "Mohammad.Sami"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-02-02 13:49:42
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
hTCFTs/+MkSCKPaYFxnmApdnOoLAioT1OOTZK1xSwXLLi1rFspYIHtL/Tp6rEXHdXM+1qrixiArxyRwWL5A
CCSpfEwhq6wolD8GyMYcxvm
nm/ZZz4Ifms7pOQB/G4e436sR1X6Jt7JHFaaH/4QDEh6xPZxCs2A1ys+/
lm4XR558Hc7J5rhlJGGBQjfZVNMNas2MwAVlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
N9sGyqLCAzRpcVmp+QYq8UOvD4fT6AJzDgIN90LpPOADs3YOamqYO0y2GjRDob9PZgORwCE95gz4Y+bRTyd
l21GGXCfP7UHIIQhNj86x6gl2fa
8n1MmrmEQOU3Jv3gWLyyEW+ggzgRJ+WtSZCbmvkDvWKRnuZucJZD9fTg8Tj7nJOWpPRdJRTSJhbnKvs5grh
CI0YllmMjY3dkVA
next
edit "Muthana.Abuhadhoud"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-01-30 15:01:45
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
zAff3BmG1u69vWEm2kHRhIj8/Wy6lJNLD3HZ2L5DNsjYloqImqS5jHmv7YMKgsRGZIXb/
tyAeMLDgiyrjKrY5pJCu6JenYDRlX6IuziqFi
rx5trKwH1/
uvjKeH+g9zU98UhffQ1Z4owGrbFFeY2fK2mExuEFeyK9oVac64BWdPAnj4PofQ06oV3NkCpir/
fEXyZg7FlmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
8/NeabhCDIjDL/OHC52679/yCYy9ECm8ibZZdvGn7OKg70MiGV+9oJknYvo9ybVtdXj0k4FCx2j9llHO5A4
JM1jD8GOgy5CX+YgeeY/7tk/Rj6
eDgvSP0JygbRE2t27sbEa3kr10wOpp01jEBLxuL+h9KQnNtmCwIll1PrMOjrte/iNCdhnauQSut9ttW0/
IU9jGXVlmMjY3dkVA
next
edit "avaya"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-02-09 13:52:40
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC
RqhvFI06PTPZwRMS/YnvisxYhFH3QTIb3h/2bIk4IWkn2or3U59JwH9WZiqVbbjwyi21MTov4NP7j0b8WWY
+DuZX/iMLb5UdKHhKYEwPqS
7jqYcfsxbRPgv+D9vK9QEybL3ZdRB0O8/
hdz66Kmf2MmninW3Q1jahmQgiZwzDs7G3zTN+nplKJ18nQSijd6fcd16HellmMjY3dkVA
set ppk-identity ''
set qkd-profile ''
set passwd ENC
zqNUQPzkqybUamnC1K8FJrpRbdvGw6MyIYYobGvi9yJMoLq2+nW0soH072XYNoKtqmsw6n168Jchj+kXmFz
Y8BYDI5S7fgTzYIV25SDplfvtKd
ZTgbhtNBSQQVhdvshtYpiFpJ0YH9Jpv54mnHo0AS/
trhpdeGRzn75CjmL9ujTJPKGET21IVWr1T8o+wSKiNQG1g1lmMjY3dkVA
next
end
config user setting
set auth-type http https ftp telnet
set auth-cert "Fortinet_Factory"
set auth-ca-cert ''
set auth-secure-http disable
set auth-http-basic disable
set auth-ssl-allow-renegotiation disable
set auth-src-mac enable
set auth-on-demand implicitly
set auth-timeout 5
set auth-timeout-type idle-timeout
set auth-portal-timeout 3
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
set per-policy-disclaimer disable
set auth-ssl-min-proto-version default
unset auth-ssl-max-proto-version
set auth-ssl-sigalgs all
set default-user-password-policy ''
end
config user quarantine
set quarantine enable
set traffic-policy ''
set firewall-groups ''
end
config user group
edit "SSO_Guest_Users"
set authtimeout 0
set http-digest-realm ''
next
edit "Guest-group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "guest"
next
edit "OMS"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "Ahmed.Salah"
next
edit "AVAYA"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "Shereen.Alfawaeer" "Maher.Daana" "Mohammad.Tommalieh"
"Mohammad.Eleiwat" "Mohammad.Sami" "Muthana.Abuhadhoud"
next
end
config user security-exempt-list
end
config vpn ssl web realm
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set os-type windows
set type av
set version ''
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set os-type windows
set type fw
set version ''
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set os-type windows
set type av
set version ''
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set os-type windows
set type fw
set version ''
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set os-type windows
set type av
set version ''
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set os-type windows
set type fw
set version ''
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set os-type windows
set type av
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set os-type windows
set type fw
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set os-type windows
set type av
set version ''
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set os-type windows
set type fw
set version ''
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set os-type windows
set type av
set version ''
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set os-type windows
set type av
set version ''
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set os-type windows
set type fw
set version ''
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set os-type windows
set type av
set version ''
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set os-type windows
set type fw
set version ''
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set os-type windows
set type av
set version ''
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set os-type windows
set type fw
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set os-type windows
set type fw
set version ''
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set os-type windows
set type av
set version ''
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set os-type windows
set type fw
set version ''
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set os-type windows
set type av
set version ''
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set os-type windows
set type fw
set version ''
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set os-type windows
set type av
set version ''
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set os-type windows
set type fw
set version ''
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set client-src-range disable
set landing-page-mode disable
set display-bookmark enable
set user-bookmark enable
set default-protocol web
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set focus-bookmark disable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme security-fabric
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "web-access"
set tunnel-mode disable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set dns-suffix ''
set landing-page-mode disable
set display-bookmark enable
set user-bookmark enable
set default-protocol web
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set focus-bookmark disable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme security-fabric
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "tunnel-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode disable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set client-src-range disable
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
next
end
config vpn ssl settings
set status enable
set reqclientcert disable
set ssl-max-proto-ver tls1-3
set ssl-min-proto-ver tls1-2
set banned-cipher SHA1 SHA256 SHA384
set ciphersuite TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-
POLY1305-SHA256
set ssl-insert-empty-fragment enable
set https-redirect disable
set x-content-type-options enable
set ssl-client-renegotiation disable
set force-two-factor-auth disable
set servercert "Fortinet_Factory"
set algorithm high
set idle-timeout 300
set auth-timeout 28800
set login-attempt-limit 2
set login-block-time 60
set login-timeout 30
set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1"
set tunnel-ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set dns-suffix ''
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set url-obscuration disable
set http-compression disable
set http-only-cookie enable
set port 10443
set port-precedence enable
set auto-tunnel-static-route enable
set header-x-forwarded-for add
set source-interface "port15"
set source-address "all"
set source-address-negate disable
set source-address6 "all"
set source-address6-negate disable
set default-portal "full-access"
config authentication-rule
edit 1
set groups "AVAYA"
set portal "full-access"
set realm ''
set client-cert disable
set cipher high
set auth any
next
end
set browser-language-detection enable
set dtls-tunnel enable
set check-referer disable
set http-request-header-timeout 20
set http-request-body-timeout 30
set auth-session-check-source-ip enable
set tunnel-connect-without-reauth disable
set hsts-include-subdomains disable
set transform-backward-slashes disable
set encode-2f-sequence disable
set encrypt-and-store-password disable
set client-sigalgs all
set dual-stack-mode disable
set tunnel-addr-assigned-method first-available
set saml-redirect-port 8020
set ztna-trusted-client disable
set server-hostname ''
set dtls-hello-timeout 10
set dtls-heartbeat-idle-timeout 3
set dtls-heartbeat-interval 3
set dtls-heartbeat-fail-count 3
set dtls-max-proto-ver dtls1-2
set dtls-min-proto-ver dtls1-0
end
config vpn ssl web user-group-bookmark
end
config vpn ssl web user-bookmark
end
config vpn ssl client
end
config voip profile
edit "default"
set comment "Default VoIP profile."
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line pass
set malformed-header-via pass
set malformed-header-from pass
set malformed-header-to pass
set malformed-header-call-id pass
set malformed-header-cseq pass
set malformed-header-rack pass
set malformed-header-rseq pass
set malformed-header-contact pass
set malformed-header-record-route pass
set malformed-header-route pass
set malformed-header-expires pass
set malformed-header-content-type pass
set malformed-header-content-length pass
set malformed-header-max-forwards pass
set malformed-header-allow pass
set malformed-header-p-asserted-identity pass
set malformed-header-sdp-v pass
set malformed-header-sdp-o pass
set malformed-header-sdp-s pass
set malformed-header-sdp-i pass
set malformed-header-sdp-c pass
set malformed-header-sdp-b pass
set malformed-header-sdp-z pass
set malformed-header-sdp-k pass
set malformed-header-sdp-a pass
set malformed-header-sdp-t pass
set malformed-header-sdp-r pass
set malformed-header-sdp-m pass
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
edit "strict"
set feature-set voipd
set comment ''
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line discard
set malformed-header-via discard
set malformed-header-from discard
set malformed-header-to discard
set malformed-header-call-id discard
set malformed-header-cseq discard
set malformed-header-rack discard
set malformed-header-rseq discard
set malformed-header-contact discard
set malformed-header-record-route discard
set malformed-header-route discard
set malformed-header-expires discard
set malformed-header-content-type discard
set malformed-header-content-length discard
set malformed-header-max-forwards discard
set malformed-header-allow discard
set malformed-header-p-asserted-identity discard
set malformed-header-sdp-v discard
set malformed-header-sdp-o discard
set malformed-header-sdp-s discard
set malformed-header-sdp-i discard
set malformed-header-sdp-c discard
set malformed-header-sdp-b discard
set malformed-header-sdp-z discard
set malformed-header-sdp-k discard
set malformed-header-sdp-a discard
set malformed-header-sdp-t discard
set malformed-header-sdp-r discard
set malformed-header-sdp-m discard
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
end
config system sdwan
set status disable
set load-balance-mode source-ip-based
set speedtest-bypass-routing disable
set duplication-max-num 2
set duplication-max-discrepancy 250
set neighbor-hold-down disable
set neighbor-hold-down-time 0
set app-perf-log-period 0
set neighbor-hold-boot-time 0
set fail-detect disable
config zone
edit "virtual-wan-link"
set advpn-select disable
set service-sla-tie-break cfg-order
set minimum-sla-meet-members 1
next
end
config health-check
edit "Default_DNS"
set fortiguard disable
set probe-packets enable
set addr-mode ipv4
set system-dns enable
set detect-mode active
set ha-priority 1
set dns-request-domain "www.example.com"
set dns-match-ip 0.0.0.0
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set embed-measured-health disable
set sla-id-redistribute 0
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
set vrf 0
set source 0.0.0.0
set mos-codec g711
unset class-id
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
set priority-in-sla 0
set priority-out-sla 0
next
end
next
edit "Default_Office_365"
set fortiguard disable
set probe-packets enable
set addr-mode ipv4
set server "www.office.com"
set detect-mode active
set protocol https
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 120000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set embed-measured-health disable
set sla-id-redistribute 0
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
set vrf 0
set source 0.0.0.0
set mos-codec g711
unset class-id
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
set priority-in-sla 0
set priority-out-sla 0
next
end
next
edit "Default_Gmail"
set fortiguard disable
set probe-packets enable
set addr-mode ipv4
set server "gmail.com"
set detect-mode active
set protocol ping
set ha-priority 1
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set embed-measured-health disable
set sla-id-redistribute 0
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
set vrf 0
set source 0.0.0.0
set mos-codec g711
unset class-id
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
set priority-in-sla 0
set priority-out-sla 0
next
end
next
edit "Default_Google Search"
set fortiguard disable
set probe-packets enable
set addr-mode ipv4
set server "www.google.com"
set detect-mode active
set protocol https
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 120000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set embed-measured-health disable
set sla-id-redistribute 0
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
set vrf 0
set source 0.0.0.0
set mos-codec g711
unset class-id
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
set priority-in-sla 0
set priority-out-sla 0
next
end
next
edit "Default_FortiGuard"
set fortiguard disable
set probe-packets enable
set addr-mode ipv4
set server "fortiguard.com"
set detect-mode active
set protocol https
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 120000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set embed-measured-health disable
set sla-id-redistribute 0
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
set vrf 0
set source 0.0.0.0
set mos-codec g711
unset class-id
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
set priority-in-sla 0
set priority-out-sla 0
next
end
next
end
end
config vpn ipsec fec
end
config vpn kmip-server
end
config vpn ipsec phase1
end
config vpn ipsec phase2
end
config vpn ipsec manualkey
end
config vpn ipsec concentrator
end
config vpn ipsec phase1-interface
edit "Amman-to-Dubai"
set type static
set interface "port15"
set ip-version 4
set ike-version 1
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
set mode main
set peertype any
set monitor-min 0
set net-device enable
set passive-mode disable
set exchange-ip-addr4 0.0.0.0
set exchange-ip-addr6 ::
set packet-redistribution disable
set mode-cfg disable
set proposal aes256-sha1
set add-route enable
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 2
set suite-b disable
set wizard-type custom
set xauthtype disable
set mesh-selector-type disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender enable
set auto-discovery-receiver enable
set auto-discovery-forwarder disable
set auto-discovery-shortcuts independent
set auto-discovery-crossover allow
set auto-discovery-offer-interval 5
set encapsulation none
set nattraversal enable
set rekey enable
set fec-egress disable
set fec-ingress disable
set link-cost 0
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set remote-gw 213.42.31.146
set add-gw-route disable
set psksecret ENC
M9Njae5x2Ig36ytjvmD/62F7HsfaMYMho/1QdKXTs7c9RncPQwbtVcUvhzEW9DRCXDZefU5Tr52qgRrr5iZ
+p8dSaNSZ7TLnbkLEbqUwtml
rSBZfbJf1OqSJ78cnmuP39Vo8DkVZxi84OhqJvkvkJhVpYOjoa6AkNQKch3O/
Ugt7IKIIsz1U1+Kfb4isCbXAgfG/YllmMjY3dkVA
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "MEPS"
set type static
set interface "port16"
set ip-version 4
set ike-version 2
set local-gw 185.193.177.239
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set monitor-min 0
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 14
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set transport udp
set remote-gw 185.57.120.5
set add-gw-route disable
set psksecret ENC
zV6jl87kizMSEeXZTiiqmoRGsWdCi/8VH2IrhItMFejp1FHiODlLZqhbS8WFmTP+p5POfGuQRZmLdRR2uT3
3fd6JUUfaRbDXmvF0Vc8nBk1
4iXfWo99ht+riTBhDIUh4rXKgAwdKgz35AhhrGeAxWQPKEvPZPjo8Na6I6Qa/+VZE33Je/+GM/
q5rBdA809J2eYP8+1lmMjY3dkVA
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "re"
set type dynamic
set interface "port15"
set ip-version 4
set ike-version 1
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
set mode aggressive
set peertype any
set monitor-min 0
set net-device disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg enable
set ipv4-wins-server1 0.0.0.0
set ipv4-wins-server2 0.0.0.0
set proposal aes128-sha256 aes256-sha256 aes128-sha1 aes256-sha1
set add-route enable
set localid ''
set localid-type auto
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments "VPN: re (Created by VPN wizard)"
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set wizard-type dialup-forticlient
set xauthtype auto
set reauth disable
set authusrgrp "Guest-group"
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set rekey enable
set enforce-unique-id disable
set fec-egress disable
set fec-ingress disable
set link-cost 0
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set default-gw 0.0.0.0
set default-gw-priority 0
set assign-ip enable
set assign-ip-from range
set ipv4-start-ip 10.100.10.1
set ipv4-end-ip 10.100.10.50
set ipv4-netmask 255.255.255.255
set dns-mode auto
set ipv4-split-include ''
set split-include-service ''
set ipv6-start-ip ::
set ipv6-end-ip ::
set ipv6-prefix 128
set ipv6-split-include ''
set ip-delay-interval 0
set unity-support enable
set domain ''
set banner ''
set include-local-lan disable
set ipv4-split-exclude ''
set ipv6-split-exclude ''
set save-password enable
set client-auto-negotiate disable
set client-keep-alive disable
set psksecret ENC
F3VgckyQNbNkXI1nxIgxBa4dYRyfpQQhQTFuDvvytxtHGXFfUL5bTAPsmS0F+nHhSsxgMRQGKDar0OLOZcJ
9f13lFPmuneDRDNpIJ20UX/U
aeZ8pA9eDDeStyvMOgx96XjmdBdiF74UxiN4HRcAbf4a0HcAmRZCimxeiDtucLk4viow6OUsy7Nrw2CdxZw
rj3CBeo1lmMjY3dkVA
set keepalive 10
set distance 15
set priority 1
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "GTN"
set type static
set interface "port15"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set monitor-min 0
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes256gcm-prfsha512 aes256gcm-prfsha384 aes256gcm-prfsha256
set localid
"218229dc54764c41a072236f2301f438.32822703.ipsec.cloudflare.com"
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 14
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set transport udp
set remote-gw 162.159.71.68
set add-gw-route disable
set psksecret ENC
sZunUAA6/IP6Tfb122UmUCa7Kd1X5JXkOzqWCwN0AFv0qCdAER/AzE70Ik6QcZReejZj7i2GbW5q7qRM//
730adFyWSQf8jA01hKefiWB2q
ekp05MICvtjyBBaYTb7vzSK0NBfQoql63nDO2kHeNy0ZXO5MzQWU44IZTP7uF+zpMOIbJmitRrMqJu4I6jk
LpPm6UCVlmMjY3dkVA
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "GTN2"
set type static
set interface "port15"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set monitor-min 0
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes256gcm-prfsha512 aes256gcm-prfsha384 aes256gcm-prfsha256
set localid
"412b913d73644a4e8d5679e5c7432d79.32822703.ipsec.cloudflare.com"
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 14
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set transport udp
set remote-gw 172.64.247.29
set add-gw-route disable
set psksecret ENC
47KULmMWwL3bgqNv614AFrrfg+0qLte1SfOnO1JeUQgDg4JXMhjcJFHnxaZU1AHYYCCRdIVLo7nLCi6DnCs
Lm5pQrgoG6SfGPII1iYG4ylA
1J9aKCwQtn1Mq0BcTUi7mNjtTO6iln2Jkb2zS15CcXTGKsPs3TVHbDE0F53jChxDkio4Jd04mXJk1Zhwotg
erAPylC1lmMjY3dkVA
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "MadfooatCom_VPN"
set type static
set interface "port16"
set ip-version 4
set ike-version 2
set local-gw 185.193.177.239
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set monitor-min 0
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 14
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set transport udp
set remote-gw 93.115.2.240
set add-gw-route disable
set psksecret ENC
T0NCs+Ma0QOgjbXhKp5uCtle+XTU9lezz/3sMByaB6tLUKPuVw+yvjg2HBHRP33oyBATtWWiiMYGyAf2eMD
VF8U48MUJrfwSsGw5rc8+iro
XKj7Z9PmHiugFvCJQ3UV8B45h2SbFAtuRQoGnZ34KK92SF1m8nYwWKtXqZYzYmhMFussX3wSuPGGWAQ+tEZ
HIVAj6e1lmMjY3dkVA
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "DR_Amman_Dubai"
set type static
set interface "port15"
set ip-version 4
set ike-version 1
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
set mode main
set peertype any
set monitor-min 0
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes256-sha1
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set comments ''
set npu-offload enable
set dhgrp 2
set suite-b disable
set wizard-type custom
set xauthtype disable
set mesh-selector-type disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set rekey enable
set fec-egress disable
set fec-ingress disable
set link-cost 0
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set remote-gw 151.253.224.86
set add-gw-route disable
set psksecret ENC
tXyyuGJ/TNH76O8oNqQGisFNjNPIX149YUFlmC+VgQqL/Nye5EQ71xHYtxoJpCnpU1IJFF5pmBDqsZcpe0G
/vFWYnAK/DTlu/TDYjYt3qVM
QJBidTKVjv+3gARL1fZGn/UsDJki/
Eb31uvQA2Oa0luIVD1q6br5EkwuJ3WUkf+v5hLrAeI6g8d1BwbCU9Mv2ezl/sllmMjY3dkVA
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
end
config vpn ipsec phase2-interface
edit "Amman-to-Dubai"
set phase1name "Amman-to-Dubai"
set proposal aes256-sha1
set pfs disable
set replay enable
set keepalive enable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 28800
set src-subnet 192.168.25.0 255.255.255.0
set dst-subnet 172.18.81.9 255.255.255.255
next
edit "DR_Amman_Dubai"
set phase1name "DR_Amman_Dubai"
set proposal aes256-sha1
set pfs disable
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 28800
set src-subnet 192.168.25.0 255.255.255.0
set dst-subnet 172.19.41.9 255.255.255.255
next
edit "GTN"
set phase1name "GTN"
set proposal aes256gcm aes128gcm
set pfs enable
set dhgrp 14
set replay disable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
edit "GTN2"
set phase1name "GTN2"
set proposal aes256gcm aes128gcm
set pfs enable
set dhgrp 14
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
edit "Local"
set phase1name "MEPS"
set proposal aes256-sha256
set pfs enable
set dhgrp 14
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type range
set src-port 0
set dst-addr-type ip
set dst-port 0
set keylifeseconds 3600
set src-start-ip 10.12.16.64
set src-end-ip 10.12.16.67
set dst-start-ip 172.125.65.6
next
edit "MEPS"
set phase1name "MEPS"
set proposal aes128-sha1
set pfs enable
set dhgrp 14
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type ip
set src-port 0
set dst-addr-type ip
set dst-port 0
set keylifeseconds 3600
set src-start-ip 10.12.16.150
set dst-start-ip 172.125.65.6
next
edit "OP1"
set phase1name "MEPS"
set proposal aes256-sha256
set pfs enable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.12.16.64 255.255.255.255
set dst-subnet 172.125.65.7 255.255.255.255
next
edit "OP2"
set phase1name "MEPS"
set proposal aes256-sha256
set pfs enable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.12.16.65 255.255.255.255
set dst-subnet 172.125.65.7 255.255.255.255
next
edit "OP3"
set phase1name "MEPS"
set proposal aes256-sha256
set pfs enable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.12.16.66 255.255.255.255
set dst-subnet 172.125.65.7 255.255.255.255
next
edit "OP4"
set phase1name "MEPS"
set proposal aes256-sha256
set pfs enable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.12.16.67 255.255.255.255
set dst-subnet 172.125.65.7 255.255.255.255
next
edit "MadfooatCom_VPN"
set phase1name "MadfooatCom_VPN"
set proposal aes256-sha256
set pfs enable
set dhgrp 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 28800
set src-subnet 10.12.16.152 255.255.255.255
set dst-subnet 10.211.211.240 255.255.255.248
next
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config system evpn
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
edit 24
set category 96
set action block
set log enable
next
edit 25
set category 98
set action block
set log enable
next
edit 26
set category 99
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set strip-ech enable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps
mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https
ftps mapi cifs ssh
set destination NULL
end
config antivirus exempt-list
end
config ssh-filter profile
end
config antivirus profile
edit "default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set fortisandbox-mode analytics-everything
set fortisandbox-max-upload 10
unset analytics-ignore-filetype
unset analytics-accept-filetype
set analytics-db disable
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan enable
set external-blocklist-enable-all disable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
edit "sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set fortisandbox-mode analytics-everything
set fortisandbox-max-upload 10
unset analytics-ignore-filetype
unset analytics-accept-filetype
set analytics-db disable
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan enable
set external-blocklist-enable-all disable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set fortisandbox-mode analytics-everything
set fortisandbox-max-upload 10
unset analytics-ignore-filetype
unset analytics-accept-filetype
set analytics-db disable
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set fortisandbox disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan enable
set external-blocklist-enable-all disable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
end
config file-filter profile
edit "default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter ftgd-risk-level
edit "high"
set high 100
set low 91
next
edit "suspicious"
set high 90
set low 71
next
edit "moderate"
set high 70
set low 51
next
edit "low"
set high 50
set low 21
next
edit "trustworthy"
set high 20
set low 1
next
edit "unrated"
set high 0
set low 0
next
end
config webfilter profile
edit "default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 13
set action block
set log enable
next
edit 8
set category 14
set action block
set log enable
next
edit 9
set category 15
set action block
set log enable
next
edit 10
set category 16
set action block
set log enable
next
edit 11
set category 26
set action block
set log enable
next
edit 12
set category 57
set action block
set log enable
next
edit 13
set category 61
set action block
set log enable
next
edit 14
set category 63
set action block
set log enable
next
edit 15
set category 64
set action block
set log enable
next
edit 16
set category 65
set action block
set log enable
next
edit 17
set category 66
set action block
set log enable
next
edit 18
set category 67
set action block
set log enable
next
edit 19
set category 83
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
edit 24
set category 96
set action block
set log enable
next
edit 25
set category 98
set action block
set log enable
next
edit 26
set category 99
set action block
set log enable
next
edit 27
set category 1
set action monitor
set log enable
next
edit 28
set category 3
set action monitor
set log enable
next
edit 29
set category 4
set action monitor
set log enable
next
edit 30
set category 5
set action monitor
set log enable
next
edit 31
set category 6
set action monitor
set log enable
next
edit 32
set category 12
set action monitor
set log enable
next
edit 33
set category 59
set action monitor
set log enable
next
edit 34
set category 62
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
edit 88
set category 96
set action monitor
set log enable
next
edit 89
set category 97
set action monitor
set log enable
next
edit 90
set category 98
set action monitor
set log enable
next
edit 91
set category 99
set action monitor
set log enable
next
edit 92
set category 100
set action monitor
set log enable
next
edit 93
set category 101
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 13
set action block
set log enable
next
edit 8
set category 14
set action block
set log enable
next
edit 9
set category 15
set action block
set log enable
next
edit 10
set category 16
set action block
set log enable
next
edit 11
set category 26
set action block
set log enable
next
edit 12
set category 57
set action block
set log enable
next
edit 13
set category 61
set action block
set log enable
next
edit 14
set category 63
set action block
set log enable
next
edit 15
set category 64
set action block
set log enable
next
edit 16
set category 65
set action block
set log enable
next
edit 17
set category 66
set action block
set log enable
next
edit 18
set category 67
set action block
set log enable
next
edit 19
set category 83
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
edit 24
set category 96
set action block
set log enable
next
edit 25
set category 98
set action block
set log enable
next
edit 26
set category 99
set action block
set log enable
next
edit 27
set category 1
set action monitor
set log enable
next
edit 28
set category 3
set action monitor
set log enable
next
edit 29
set category 4
set action monitor
set log enable
next
edit 30
set category 5
set action monitor
set log enable
next
edit 31
set category 6
set action monitor
set log enable
next
edit 32
set category 12
set action monitor
set log enable
next
edit 33
set category 59
set action monitor
set log enable
next
edit 34
set category 62
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "monitor-all"
set comment "Monitor and log all visited URLs, flow-based."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 1
set action monitor
set log enable
next
edit 2
set category 3
set action monitor
set log enable
next
edit 3
set category 4
set action monitor
set log enable
next
edit 4
set category 5
set action monitor
set log enable
next
edit 5
set category 6
set action monitor
set log enable
next
edit 6
set category 12
set action monitor
set log enable
next
edit 7
set category 59
set action monitor
set log enable
next
edit 8
set category 62
set action monitor
set log enable
next
edit 9
set category 83
set action monitor
set log enable
next
edit 10
set category 2
set action monitor
set log enable
next
edit 11
set category 7
set action monitor
set log enable
next
edit 12
set category 8
set action monitor
set log enable
next
edit 13
set category 9
set action monitor
set log enable
next
edit 14
set category 11
set action monitor
set log enable
next
edit 15
set category 13
set action monitor
set log enable
next
edit 16
set category 14
set action monitor
set log enable
next
edit 17
set category 15
set action monitor
set log enable
next
edit 18
set category 16
set action monitor
set log enable
next
edit 19
set category 57
set action monitor
set log enable
next
edit 20
set category 63
set action monitor
set log enable
next
edit 21
set category 64
set action monitor
set log enable
next
edit 22
set category 65
set action monitor
set log enable
next
edit 23
set category 66
set action monitor
set log enable
next
edit 24
set category 67
set action monitor
set log enable
next
edit 25
set category 19
set action monitor
set log enable
next
edit 26
set category 24
set action monitor
set log enable
next
edit 27
set category 25
set action monitor
set log enable
next
edit 28
set category 72
set action monitor
set log enable
next
edit 29
set category 75
set action monitor
set log enable
next
edit 30
set category 76
set action monitor
set log enable
next
edit 31
set category 26
set action monitor
set log enable
next
edit 32
set category 61
set action monitor
set log enable
next
edit 33
set category 86
set action monitor
set log enable
next
edit 34
set category 17
set action monitor
set log enable
next
edit 35
set category 18
set action monitor
set log enable
next
edit 36
set category 20
set action monitor
set log enable
next
edit 37
set category 23
set action monitor
set log enable
next
edit 38
set category 28
set action monitor
set log enable
next
edit 39
set category 29
set action monitor
set log enable
next
edit 40
set category 30
set action monitor
set log enable
next
edit 41
set category 33
set action monitor
set log enable
next
edit 42
set category 34
set action monitor
set log enable
next
edit 43
set category 35
set action monitor
set log enable
next
edit 44
set category 36
set action monitor
set log enable
next
edit 45
set category 37
set action monitor
set log enable
next
edit 46
set category 38
set action monitor
set log enable
next
edit 47
set category 39
set action monitor
set log enable
next
edit 48
set category 40
set action monitor
set log enable
next
edit 49
set category 42
set action monitor
set log enable
next
edit 50
set category 44
set action monitor
set log enable
next
edit 51
set category 46
set action monitor
set log enable
next
edit 52
set category 47
set action monitor
set log enable
next
edit 53
set category 48
set action monitor
set log enable
next
edit 54
set category 54
set action monitor
set log enable
next
edit 55
set category 55
set action monitor
set log enable
next
edit 56
set category 58
set action monitor
set log enable
next
edit 57
set category 68
set action monitor
set log enable
next
edit 58
set category 69
set action monitor
set log enable
next
edit 59
set category 70
set action monitor
set log enable
next
edit 60
set category 71
set action monitor
set log enable
next
edit 61
set category 77
set action monitor
set log enable
next
edit 62
set category 78
set action monitor
set log enable
next
edit 63
set category 79
set action monitor
set log enable
next
edit 64
set category 80
set action monitor
set log enable
next
edit 65
set category 82
set action monitor
set log enable
next
edit 66
set category 85
set action monitor
set log enable
next
edit 67
set category 87
set action monitor
set log enable
next
edit 68
set category 31
set action monitor
set log enable
next
edit 69
set category 41
set action monitor
set log enable
next
edit 70
set category 43
set action monitor
set log enable
next
edit 71
set category 49
set action monitor
set log enable
next
edit 72
set category 50
set action monitor
set log enable
next
edit 73
set category 51
set action monitor
set log enable
next
edit 74
set category 52
set action monitor
set log enable
next
edit 75
set category 53
set action monitor
set log enable
next
edit 76
set category 56
set action monitor
set log enable
next
edit 77
set category 81
set action monitor
set log enable
next
edit 78
set category 84
set action monitor
set log enable
next
edit 79
set category 0
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
edit 88
set category 96
set action monitor
set log enable
next
edit 89
set category 97
set action monitor
set log enable
next
edit 90
set category 98
set action monitor
set log enable
next
edit 91
set category 99
set action monitor
set log enable
next
edit 92
set category 100
set action monitor
set log enable
next
edit 93
set category 101
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url enable
set web-content-log disable
set web-filter-command-block-log disable
set web-filter-cookie-log disable
set web-url-log disable
set web-invalid-domain-log disable
set web-ftgd-err-log disable
set extended-log disable
next
end
config webfilter override
end
config webfilter ftgd-local-rating
end
config webfilter ftgd-local-risk
end
config webfilter search-engine
edit "google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "yandex"
set hostname "yandex\\..*"
set url "^\\/((|yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
set safesearch-str "regex::%22screen_name%22:%22([A-Za-z0-9_]{4,15})
%22::twitter.com/\\1"
next
edit "google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
set safesearch-str "regex::(?:\\?|&)u=([^&]+)::\\1"
next
edit "google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
set safesearch-str "case::google-translate"
next
end
config emailfilter profile
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-iptrust-table
next
edit "default"
set comment "Malware and phishing URL filtering."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-iptrust-table
next
end
config virtual-patch profile
edit "default"
set comment ''
set severity info low medium high critical
set action block
set log enable
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
set webproxy enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic disable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log tacacs+accounting setting
set status disable
set source-ip ''
set interface-select-method auto
set vrf-select 0
end
config log tacacs+accounting2 setting
set status disable
set source-ip ''
set interface-select-method auto
set vrf-select 0
end
config log tacacs+accounting3 setting
set status disable
set source-ip ''
set interface-select-method auto
set vrf-select 0
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set http-transaction enable
set anomaly enable
set voip enable
set forti-switch enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set extended-log disable
set local-in-allow enable
set local-in-deny-unicast enable
set local-in-deny-broadcast enable
set local-in-policy-log disable
set local-out enable
set local-out-ioc-detection enable
set daemon-log disable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set expolicy-implicit-log disable
set log-policy-comment disable
set rest-api-set disable
set rest-api-get disable
set long-live-session-stat enable
set extended-utm-log disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config system pcp-server
set status disable
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set uuid 65ac51d8-de49-51ef-d82c-53c243af1b53
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set uuid 6a4e6fe6-de49-51ef-1f5a-13bd56912904
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set uuid 6a4e7216-de49-51ef-3396-d9dfdbe6f822
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
edit "192.168.0.1"
set type overload
set startip 192.168.25.55
set endip 192.168.25.55
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
edit "avaya1"
set id 0
set uuid 0b01a7e8-dd8a-51ef-3a96-c32c4379ea0d
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 8443
set mappedport 8443
set portmapping-type 1-to-1
next
edit "avaya2"
set id 0
set uuid fbd8f9b4-dd8a-51ef-a50f-d6d6b0e8cd48
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 9443
set mappedport 9443
set portmapping-type 1-to-1
next
edit "avaya3"
set id 0
set uuid 11a5bdfe-dd8b-51ef-f1ff-ac165b7153f2
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 5222
set mappedport 5222
set portmapping-type 1-to-1
next
edit "avaya4"
set id 0
set uuid 223fb93a-dd8b-51ef-6624-fac86d8d8ae6
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 5269
set mappedport 5269
set portmapping-type 1-to-1
next
edit "avaya5"
set id 0
set uuid 33e613fa-dd8b-51ef-6901-603e0eaa80ad
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 8063
set mappedport 8063
set portmapping-type 1-to-1
next
edit "avaya6"
set id 0
set uuid 47c8d8ee-dd8b-51ef-5a2e-54454676aaeb
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.99"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 8080
set mappedport 8080
set portmapping-type 1-to-1
next
edit "avaya7"
set id 0
set uuid 5d2100c2-dd8b-51ef-74be-6697d78542ee
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.93"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 5070
set mappedport 5070
set portmapping-type 1-to-1
next
edit "avaya8"
set id 0
set uuid 6ef0c4a4-dd8b-51ef-b8d4-c76ef7ad7419
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.93"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 5071
set mappedport 5071
set portmapping-type 1-to-1
next
edit "avaya9"
set id 0
set uuid 951ed21a-dd8b-51ef-5f27-2cb940158d03
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "192.168.168.93"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol udp
set extport 35000-55000
set mappedport 35000-55000
set portmapping-type m-to-n
next
edit "WEB-Server-HTTPS"
set id 0
set uuid b4148ea4-de8e-51ef-f0c3-432fcf16e1d1
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.212.16.150"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 443
set mappedport 443
set portmapping-type 1-to-1
next
edit "web-App-Port3376"
set id 0
set uuid edfe97e0-de8e-51ef-d1a5-a5c71ade09c3
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.212.16.150"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 3376
set mappedport 3376
set portmapping-type 1-to-1
next
edit "WEB-Server-HTTP"
set id 0
set uuid 12eed448-de8f-51ef-6737-4144508c8a5f
set comment ''
set type static-nat
set extip 185.193.177.239
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.212.16.150"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 80
set mappedport 80
set portmapping-type 1-to-1
next
edit "back-sql"
set id 0
set uuid afc0deac-de93-51ef-99ea-4f8ed8d25a73
set comment ''
set type static-nat
set extip 178.20.188.66
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.216.16.150"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 49302
set mappedport 49302
set portmapping-type 1-to-1
next
edit "back-mysql"
set id 0
set uuid cffea744-de93-51ef-ae2d-0265d533f3e6
set comment ''
set type static-nat
set extip 178.20.188.66
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.216.16.150"
set extintf "any"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 1433
set mappedport 1433
set portmapping-type 1-to-1
next
edit "Efawaterkom"
set id 0
set uuid 512d8112-e611-51ef-79ab-e445a386d6c3
set comment ''
set type static-nat
set extip 178.20.188.69
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.12.16.152"
set extintf "port15"
set arp-reply enable
set nat-source-vip disable
set portforward enable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
set protocol tcp
set extport 3389
set mappedport 3389
set portmapping-type 1-to-1
next
end
config firewall vip6
end
config firewall vipgrp
edit "avaya"
set uuid 9aea7e38-dd8b-51ef-0dfb-66f22fbf8c9b
set interface "any"
set color 0
set comments ''
set member "avaya1" "avaya2" "avaya3" "avaya4" "avaya5" "avaya6" "avaya7"
"avaya8" "avaya9"
next
edit "web-95"
set uuid 6ebb7120-de92-51ef-764c-bdccd83c89e1
set interface "any"
set color 0
set comments ''
set member "web-App-Port3376" "WEB-Server-HTTP" "WEB-Server-HTTPS"
next
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "Fortinet_SSH_RSA2048"
set password ENC
tQF4KJ34Ytdo0+oddyjc0UPPSLFDFHg3TCkSyUNIEgNdU7HFl3NifdPA+Op8b5JyGbmOerbEK3k8vQQNNWL
ul0Vj9UoqQVUi4ouho8T7jPC5
qcGYwuVtNJskqpG/otC4Tmg1ixNoGT2oMMQXi7Cq6YmoCnvFk3U+u/uyh1ErtDur0t+
+RbQL2pKULX2eACN3WH6jGVlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAXJkuynO
lYQHhnqa4lLV6BAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQChAlYWlmmy
AxVFkTb2iRUceK3LJ5oF6aWslXFxR+deDZDnQCByc59akKcdGslBuhnMrMFh4PuhUTcmn+
U9cJtAcrWGjo/QzGG8A5IImPOMoKK1EF/77knKc+krZ58LpvPIM99AceF/3oVooJpQBK4M
Fu/MRzefqfe0icYQ2LCC07NNZ4Ef/+zGYnoIkmPxx+yC5C7yxAdjcwikS8TwT53Q2BK41c
LxXzhqQ4hCX3msVO+Y3Quqb/+Fe9Nh+KFsopHci4fM6mfPWFiLp4scMgkjE9U+W+lLvuYH
Ujsoviy7o7xIhLw4eE36+L3Tk/0r/Bn7qkE6qVr9XR8sCDgIRwG3AAADwKVXEtQ3mHdyJN
4+FjkP7EnvMTJXI1ciC12shskBYrbSAZBvjN6zicj5G6Oxrq+VOlOWElh1ChxT1tMWEmMC
qbFbyr3NwiYCI5ImJ3AOdqAHIua2qJC2DnWcGPfSbAW5ulHIPK0SDiNNjT6UVRAEs+Gd2e
d41JVxfiZ13mIBo73Gv+FtWi9NxvYkerZMKfqfr0BR56e2dvXv9g5pnKnOB6PRiMaRzB7X
JDDeqyarDXgfZCt0wt0HfDu3fxaJe7ftPR+MI04AZkG2qZQ6F8E+IFpZVJp14eI6etfMlb
EjzFT9VgGO3iWL37R7sJOLdC5Omsr6f10kRpS+T5rw9ApoO1GYy0JdkX602Ln+r8PS/iE6
1vSP8Kx0VLfCelBIHg76RxK6J6rqVFCC/CvzzJwkEaPf2TblNQ48esCP23dNVUosPrHGSo
6UnrsNiNctaVrmr4VfZvfPXlKcjfdmuFJ8rgmSZeOa1H0I3CNpqU88C6dsDwZRL9OixmC0
xH9WcQS1afYr7rVUvvTGyOuT5HLNFdQGNPkPLogFfiO/WaGeU+ScuaiAgxOQGf8ZYY5H+U
zZNQmfBr29BhInNvxMz2o1Y3UrXZhRhPV98doN5Aw+jZfnglGaeqDgyj/5feLMLEvDOvTt
qjQkKjL+M07nz2jyG0mdePOZZ/nIwpsntrdfLnk9UWyH4rCMqS16iElTVrykhG3GB+ngo3
XsvJJhrMoQyroKmgIVJHaKvlR7IWV35RXLroxoLd38yEsqyoLEha6g5GsG6QSb0HPk0Hmb
G1f+rUsodqCyt0PllVKZxEMIvabevsfsIT0oq9FnDO04LuN0FDhEwz3ljMiG0N3duFgVf/
zkUHIVVz/WMlhKWs3/vW6cSLAYxu0rcRSQE4+b0HLz41nKJpl/HCFJMPNOaaiyyfYHQm1E
zPEwaUCIO+iFrzuDskwASZOk0eFzzbdnhTiSftuhXAEcLHBVj6PFl2bNNNP+cbx23nK//1
8FlpPYBFyHwxgoVM6tWSsb3B6XBMZmP9YIX+InEslQjmzQsUE69mlo5JMWtbuLctWyen2l
e1+zgzWueiVXRTrovCbSKGLPSN5JFmhnr5lg1I3chKaedvR0idPBX4LRtxLRIbNwWJ5PGr
11e55wSFrgmxP63NLuq6kRv7c8SddyjL1Bu2TXuNGIl+ohiymRgj9pFHmy7GalpVP/u7EJ
m9ak3CTsyzI5nNMwCSuULNdO58tCwTA12TTFTUHFURcSu6FiXiawALJ7RpiJ9/zaVxgynK
w/Qv4CIg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQChAlYWlmmyAxVFkTb2iRUceK3LJ5oF6aWslXFxR+deDZDnQCByc59
akKcdGslBuhnMrMFh4
PuhUTcmn+U9cJtAcrWGjo/QzGG8A5IImPOMoKK1EF/77knKc+krZ58LpvPIM99AceF/3oVooJpQBK4MFu/
MRzefqfe0icYQ2LCC07NNZ4Ef/+zGYnoIkmPxx+yC5C7yxAdjcw
ikS8TwT53Q2BK41cLxXzhqQ4hCX3msVO+Y3Quqb/
+Fe9Nh+KFsopHci4fM6mfPWFiLp4scMgkjE9U+W+lLvuYHUjsoviy7o7xIhLw4eE36+L3Tk/0r/
Bn7qkE6qVr9XR8sCDg
IRwG3"
set source built-in
next
edit "Fortinet_SSH_DSA1024"
set password ENC
7ToNlz8lRj1nIGX2+6gZl8sf8rqHZIIIso+Jqrdr8EXBKCBllU6NpvSMjluKdqYJ0abZZIkjSbU/
krwwGYA4z9lTCi8iNt6yjv5N2oWFveid
yyxgd3+rwE4YI99UQEaHKPdWjBliorGuvgJ5gydFvrcZGgNDKbPfFNKbvqbOEGSR5kJTcm2nb25md1mgsTo
Zvjb8UFlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBPdFS9uE
0uxLtYOybIiVV2AAAAEAAAAAEAAAGxAAAAB3NzaC1kc3MAAACBAI9MGgR19KCLFu66MBm8
H5rYn80+mkAKe9XS0zHAlGmEuP89UV7Vsoqz1DsKp7FGKM3t0RO+0hm7A1yvCuDre3sKTL
7Q/fumSduhto6Bu4/bjY4NvB11EGMZTZF1CrELxuT+ZLIwkC7qqtmLSqKLq2xHSFZvBcz6
m3ViMPjxVVQVAAAAFQD9TGmg6TTCd1ck9zQNSXk9sB+wCwAAAIA/Y9ZSqJL3r65yjgLVdA
FkqiVZU1tBAjkbYCXvObtXJ9wnEMJp3P1Wk5O1XR7BlZqFGHrqv4zozVzSyIdfnEB0rgCb
LRnHwstWePPlceLMLpJ1LQiRUriEkvpV0xNgruNJliZJteiwW0G4OC/tJ4NucB2tkVqnzy
6SbhC98a4vBgAAAIAioOedzPy90tzj6Gjx+l34bUAURUDukQZRd5M8T0d7+JkquI9F6ARh
ZWDJPSNhNlhKXZtGIJIH6tdNU6MSbXNrNHjj6ulrhbviEthyn1q4qaeJB0N27aVt7pElKo
/RrBipKrdmoygiNfOEv7hUUt66cGHH4rBffydWIcXsMMesEQAAAeCE5Y/yADbOJ/mQNrwS
avFOLhJ0DxF8UyWOiIm3v8TQnfIitYm8HVLJmZ/0ODnZ4UiEDGNjLOynNXsMQx+nIPToGT
smdLDyF8iDvU183VqEa1fRdyQSDnKq/0i3Rx2FyHrsv/P110cAA5988se0MnKtoZ4wOo5S
TCFv/bbdp9mYuOp6LI9sI7wlUVcWOU8xQfFQu1hGzp681DPIzwWsfwWjPc2NK/QB308Aed
etgC0umfV8BCU9QVeV9x1sLiVTfv3+K24RQDXv+zlql9ajmLduh4zLXI87WjpOixhihEDK
GPidy+xkM8p5KQgB3++IvDnGeYfOHZ70aTNCnb2HXbsaZVTJfCKFddXRENiqcwIw6xOrpU
mLYr6qkhvoueR/Rg6GWVUB9gokGpdiBFwnCR8QBeqMnu0p+qr62JnJTNl1BnCudKpf97se
jFamN22S9BB8GvzddMS4RZyC5leXw9Vh60flL5mjz+LejV6SxNLa7lE9rP9POxgx0xhV61
pso/5Smt1B/1bmO9lEXmb9JU+tJmhHu0zyXR1uOc/HyJubSnaXd7/qKnv82rPZ2318lc09
ediRDxSnPLqQSDmCVHqtKGbdeFSU5IEH3CLVs2RnetqvJ4B0t69KZY9SgLhuB60=
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss
AAAAB3NzaC1kc3MAAACBAI9MGgR19KCLFu66MBm8H5rYn80+mkAKe9XS0zHAlGmEuP89UV7Vsoqz1DsKp7F
GKM3t0RO+0hm7A1yvC
uDre3sKTL7Q/fumSduhto6Bu4/
bjY4NvB11EGMZTZF1CrELxuT+ZLIwkC7qqtmLSqKLq2xHSFZvBcz6m3ViMPjxVVQVAAAAFQD9TGmg6TTCd1
ck9zQNSXk9sB+wCwAAAIA/Y9
ZSqJL3r65yjgLVdAFkqiVZU1tBAjkbYCXvObtXJ9wnEMJp3P1Wk5O1XR7BlZqFGHrqv4zozVzSyIdfnEB0r
gCbLRnHwstWePPlceLMLpJ1LQiRUriEkvpV0xNgruNJliZJtei
wW0G4OC/
tJ4NucB2tkVqnzy6SbhC98a4vBgAAAIAioOedzPy90tzj6Gjx+l34bUAURUDukQZRd5M8T0d7+JkquI9F6A
RhZWDJPSNhNlhKXZtGIJIH6tdNU6MSbXNrNHjj6ulr
hbviEthyn1q4qaeJB0N27aVt7pElKo/RrBipKrdmoygiNfOEv7hUUt66cGHH4rBffydWIcXsMMesEQ=="
set source built-in
next
edit "Fortinet_SSH_ECDSA256"
set password ENC 3KnXujwIewYCB/B/iDGJPVZWobpdiSsaRb6/z8GIqxfHXGH7+
+SkX9gPbal5imndxOnf2vQ/cj4Hau2HsdUsPukXM47obe/fRQKwH+6/Jhqw
Mqeyqc/gkV6f9k60UL2GOCkRHVF41hqrN0BVsv3zwDrnEgXjzNm3LPfR/
YzpYQQzLMlMeB8jpmlqIXJy6kZw8DCiCllmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCb72wnVF
GinZa2zpzxJyQiAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBLxPSvK8+YYJyw8OJE0yvjsXI/D6gp7Scntih/QLIksXb/y3vSFEKs7s+9
5xWmmkyJC+pSPB2wwFhrqqMyiQTqgAAACgMUt+B1KfURGGE27l5WuiHLJAz5n944CBuq4Z
n3fcLcroe3sC/lkhJAc7P1IMYTZUHk9aqoTvTO/iBCUE47xde+MeqCGMphNZZZdhCypII7
pxwKnN8aMgn0OFEblYsBIGGyxAy+/q7eZxsJCzsAnBGdtqLPDSBCGUrHCUG6rihotTVmjQ
G522sFM5eXCcs4RiXAFtQ5Ka+8ACnT2cJWvBRQ==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLxPSvK8+YYJyw8OJE0yvjsXI/
D6gp7Scntih
/QLIksXb/y3vSFEKs7s+95xWmmkyJC+pSPB2wwFhrqqMyiQTqg="
set source built-in
next
edit "Fortinet_SSH_ECDSA384"
set password ENC
M23dMF7ENR2s+sL1CIgEnp6KDBv6QXRUWikG1wN/43wyTfQpnItdhqRa8u2aTjy/9Se6tZoP8uvuYOmWWCY
QhL2K9LnWlgeRIG8MePYp2wpT
r7xyPXA591PfLO2QnwQuxoejjACIndr7M+vY3MKfks+RBpQwkvwTOOhkwjf+wDQ4NKYnZ/gS0dbsi+
+H6v1dnLkE0FlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABD52nCHAe
1g8iPRo0M/1cmBAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBJi/Hx9GCGUhikJ2hlR8fb4/op4qzrSfwrNDSyhxdXWTH8Cj31Mbrt3m/A
WjB3rCBdmDhMVw+DSJmvuYpdwjpofV0OjNpSyczy2ojXIY05JBHzyNvVkQ9culrMZ0XPpZ
LgAAANCXp6emkyWt74bklSHicEnASC91/uTks7w1/hmsU/2EuXz5KTMJau+WcRXfI09I8m
TyGbU2zq4+ck0AKNKCIzMa3tBxRTdJYzlO4b48GqoodgcQVv/VTgXSrG55lPVzh2uBHfkI
pSqNlQTZEtdWaqvLgJMS7xSoJ+mOGyPMHXkDToraMaYCPPbygTDtKEVJcFHvqX5gmuyHV2
waQhTTdOfYpjd6gT1UEWnnZyFGG8JKmJoVML5CxQ2YdIijhyhO2c/VrObtVzq0/2Mxf8cm
55gN
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384
AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBJi/Hx9GCGUhikJ2hlR8fb4/
op4qzrSfwrNDS
yhxdXWTH8Cj31Mbrt3m/
AWjB3rCBdmDhMVw+DSJmvuYpdwjpofV0OjNpSyczy2ojXIY05JBHzyNvVkQ9culrMZ0XPpZLg=="
set source built-in
next
edit "Fortinet_SSH_ECDSA521"
set password ENC
NEvSdvz7Upc8o4CHZB2hMkV3zdTZnPgEiSL4Xf+zqITp4UP7s4lZ2dOtN1uTyX+G+DQQdtHyueU3YgY2uh7
HddLxLmqOpst6KDWLVpmyeDaW
oCpoJ2GnqpRPAj2mXbkdA9B7YfFLQoq7PUi5+iDV36qXAs/nSQjtXZYRIxs6DT/
hRTdw8iIU58S2K62SLNPAMKgGXllmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCnPCyWxi
kDQeltrTEHeJKOAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBAE9EQfqdPoXc57cVg8+A+f4IRbtsB6ZsDoDUU4psG21MKJ+/x3JZ5j5nG
rFcs3n68IUjRaRdu9IKmGKN6j7EzGRSgCgWfe7DKnYahRs4PQRLcyurypGAqat55YzCOa0
XrMthf7hKSivo3gQHGvGQMtgL5EKlGdptJEzdogU2WyrhHeFcgAAAQA01BEjb/Kbm9zkuF
jk8h1qUADYIWiH69gl0kz2dW+TRXxVxzPgyfxCStzuDabCmf2ITcYMn2mJ+ttOEE1Wgg8n
Ws7EYyUCIbpAsynArqsBziWG4WkGYI1uh1qSXI918oA01ROzOBv3xDaxzWtecaoC/VEnmw
6pj7tpKb9Tf4UFJk9oSP0Ggay81iX0APH/woFfoqsATYAq8d6IFzx6uCJLu9Ne/7FF7oaC
/r2UEy96l0gVGz4VIsMy06dNWx8UulOWVH5Z0PXeNlIM7po+ame2AkkF8ywC12dymBUCTg
is+xGHmL2X876lPjwUcDbvrrKy0ME1RMrRJFDkf+xV7h9N
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521
AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAE9EQfqdPoXc57cVg8+A+f4IRbtsB6
ZsDoDU
U4psG21MKJ+/
x3JZ5j5nGrFcs3n68IUjRaRdu9IKmGKN6j7EzGRSgCgWfe7DKnYahRs4PQRLcyurypGAqat55YzCOa0XrMt
hf7hKSivo3gQHGvGQMtgL5EKlGdptJEzdogU2W
yrhHeFcg=="
set source built-in
next
edit "Fortinet_SSH_ED25519"
set password ENC
16PFEtJiYHstQkTJ3sTrAzgcPTj0GHs+2pL/3hPQl9WaMFQnrXeSDWcWkDAuPmDGMDMJ0IzbDrD/
Z2NXqXDxqE2huqKmg0jP+5zwxotdvRT4
553zQK/
wo9qev0pq7NAH+6ZenMm4ClFBFfasZcTC1IkH3tWsDiBZqHzVc6SsPj7ktPAs1qDQvXdWbJkdBeVg2NkmYV
lmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAhIaIKGW
3fZZoiv5w/TQDEAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAINvmEBSxKn+EXrT+
Urc0AZZZZ1twZqdIuq8MMzJqx+KhAAAAkNxMEmvwfYlM45BXaq7wy54ZJbvL1Zkzuymyuj
gJT98zF5eGdNBdl0BnoCbS7oopuou79HmPs3m0qc/TzKZlRR5N87VkicAdSdqEetw9JGBG
BvXejS5KpuxtBWi42+k6m2xXbr9Er1pK7HURc11Ps0/QCkWYkXbAVlOBABDiQXZ6u13NVa
CRT63WqdOYXT6GIg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAINvmEBSxKn+EXrT+Urc0AZZZZ1twZqdIuq8MMzJqx+Kh"
set source built-in
next
end
config firewall ssh local-ca
edit "Fortinet_SSH_CA"
set password ENC
HEt+cUhYR97oyUflR81pAMXQfDHFw6XgoTCB2c/YybhFfXirtNbIA1aYA+uRL4BYdVkmhViRy32kebXn3YY
QjFwd1ey7T14Q5Z0ZNuKgRR95
ThknOxe0xrWmMOF02G6cxG9hGBjJwhfMtTZk/T731Es6/fN8bjblRl3avxbgM5BcNSZ1U/
GzzVGKrovc89u3mZ/tzVlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDqE7GGki
DDGMw3nPkKRQHpAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC0/ytPhhLT
2aQtewF3AQofgZnzwylHuKq13AYJ34qWbz4mN3U14JKv0QGX02FsiUaNZ6Oo1JpD6pMT3T
VEUFskg613/hb6GBKlNox1DKlFAxx2uFRFpbUVNo+S5mDwjMKg5GeyYLgVhQjNiBTlJsf5
i7NV7HQXJTz2h/SXiBksep511B42aZOLzWrhwjkbtxYKaH/psZwQQKND0bz/dD2/pWps3a
mi/oB3RRXF7RQ0NYL/UK4cgGQ6CiBIanFTZ2TWrUQZ311W/BNRKz1QBF3vH819el5DlTXW
Slvez8+98gYBg2x/hTJ9GdQalBHv6V7uihgU5bKiFhzuFezv+2UHAAADwOSNKp7u/HFgH+
/gXQATdZcA0Aly9Q8vXMpUIdRHgWshcr6XkEmXIh9VT9s5JGHMpoMVVj45ErAbAsT91skb
okLQ+6kH/lG4jSY4jIe2AtDGbAz5Y5NdBZqpnRu9v7UPZQ6pinXnFLMQ6M99aKdJbj34qx
81TT9kyAzwBb71n3D0SK2yYl2LuYxug2zjVNiHUofcj0meyTp14+JC5HW0Kyb9NC+7RHqG
ha1ldOpfQyknzw3cE071xHBrXa3hJ8UuufBmZvJb42b4p7Vkf/p/zltzxtTEKi00zQnRGT
IQPT2hH/LmvMtP17oK9ENWAwRKqzVBvcjADdUC+CuyOx/TpSCj8vtHh+7WFEU7p38Q6pMW
1MTIPXZkVhK6BrwIOpF4B6Ogsam9fdYfoww1aKJKSR+oPqK1F8AEFQfhVfxEwd+1Xqi22c
LlQtpzLf8iDK+NfFIX6fAoxI8iJoNBXfi7EeGKBYT86VqdREEeaMAi/WsuJ44sbKDzMION
Zs68ZJVfdQwS+5Y52IkSuGVtJTWnvePdCSWgaxkH8IHbQlUgbVSlzhz59+FcxRq98CuMNr
JbijwqLhNzGYGI269ot9UxHsLeHqr6uZwOnCjuzZGX/hCMW1xs9qgN97sdyyEU2Jdm/IH2
VKVdSETesyjsYtIjm8hbKjh0jrKF7Lmb+LhS1vRfQEaGo2W7Xu+vD0U8KnQfdJ2uP7uxqk
lBbVPR9s/ZkHwkkQbYvLJG4jGOz7j/avMPh1SMuRYHw3XAXbeko/aoN3K8EYMfd0rFBpgK
6pmFRzHG0UiwCqOgbYn+cD6v0zpYwrdtrDmydPxxv3FjJ8gQ1kcyM1CzqVXikodNjTIXrb
GfkSZ+A7DL3dGmFm2pUju2ern/2YmdGY2E0qKYzjNHprn01Abc65ohxGnDV4Wzx6TFpArc
BvBcE9eaSZGE3kKPXaJaEUid3HQ8RSOtWBPdGidhWFz1drnyZ1Lz3E2ANe2YOdVm4GiO1w
GQoLeQIo3MZBNODdLnqkelxD0DRLQS/0QzST584MY/9KfbpHg9dYwibR0r9bwCw0IzI3OY
A0dnRLsx14cHHX2j8K9PebRgMNPaLn2qjV/s4tVBi0dZaWXIzUtFq8Ge9yq7zMuBomUyMB
cAMhoNlrhjokqyAuYQuYgIGXkdd3soJpbeOo13HtpdYq+EUasDkbGbHtRWoQFKtDK7CRUm
fTIT0/ZTbncQkdRRw+w6uvONoWPQCmTRI4338H+IDCJsGvh5F3HjLEnFq2ioxyg38MgRLv
D5gs5tog==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC0/ytPhhLT2aQtewF3AQofgZnzwylHuKq13AYJ34qWbz4mN3U14JK
v0QGX02FsiUaNZ6Oo1
JpD6pMT3TVEUFskg613/
hb6GBKlNox1DKlFAxx2uFRFpbUVNo+S5mDwjMKg5GeyYLgVhQjNiBTlJsf5i7NV7HQXJTz2h/
SXiBksep511B42aZOLzWrhwjkbtxYKaH/psZwQQK
ND0bz/dD2/pWps3ami/oB3RRXF7RQ0NYL/UK4cgGQ6CiBIanFTZ2TWrUQZ311W/
BNRKz1QBF3vH819el5DlTXWSlvez8+98gYBg2x/hTJ9GdQalBHv6V7uihgU5bKiFhzuFez
v+2UH"
set source built-in
next
edit "Fortinet_SSH_CA_Untrusted"
set password ENC
PsroW7tWf3aIVuMkXo9e25qGA6pjQRsszD849sGfqcXD488YPuj5GERTSDsUmST8HX+fJyWKFuxbx02/
XSvf3MnQGc8rWyxNokwFWT9p1Hrl
gCWWzsOVEZWx+cRCvDC9CcX1t0NhbCW0dxbPAEjeDrP7hfzcom7mV0C4zpWQabRPGCog4tHqJ3RMV6yue35
nUNg50VlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB0bht/q/
Ic9HRbMfn9CzDpAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDEBZt5nrVz
bVSFAItfVFMNDtR3yIbnQA8qE68qVm39kj2CN1OMVNgxO9r/mHkb78E86AptN9P5ndfRDO
bC3bZ1o8Fx/AQ+uX94x5ieRKXxAyDoqwS3SXaPAyDPShg6IUJB2Ht44bFETtvDei8xkM7a
MQYl7qSKbFw+mWSEC/dIpOCZ9kzIPd8cOFhr4iTh2eR/+AFVH8+QFmyJjOTVCT1omNaBK8
gJy1j4CMZUFFQmHaSg9sLiAAhneUZpiqI6tlf7zaoc08YRi2Dyg/1SDpVzNOk018cNyFLr
NBJD5vpgNSsGJzTpj2t3A7a3vrjCaeu07XKHz+X2bHMtby9IjVaHAAADwAB53YumGqG5ph
zlSTjB1DP4l7RjlZ986Vh+c5Z4ndqtlWoELkQYuAWLNDyi1VMMHRnuG2hGFc9lMSRo97C4
dXO8tN9Q4RJFqt93R5O1MNRB+Zq9z4jj03gs64b1nSc2SQu70nioll/YEujsohpLA0xtU+
IxYbxy/a4Q+f/KvoTv0RJCooaeIvHUMI17+fgeZcOoARN/YSH2xyt6t5keALSRXMx4hmxz
cDahUeGiqcIz24H+QsYHSkGR0cLhaZLvrtzdJVDxB66sL/DvhtZG9kvV9ArV8PfeLm8lTG
utewcCF2m1EVl1+88M/Oe3uyilOscHiHiSUkVUtUf5SrFqIAyFHU4EPRSUvZtJ4hOPif5t
OSzyTmqIq2toMGLcAatf5AWJpdZ/U/79BEVKEdMSJr8i/QPYs91okBNDrmxwHj/81+6zJ8
Cw8Vk8euAfjFy5m2CyXD52/gGs1N9kiJ3GopQkrd2MJ5NuOrUlwm9/o/NXNo3BXsqf2a/m
2U5mxvPlBnM+S4GsnsIhppFzzBxai64n11EuGHuPj3KecdLb8iFbQIKzmA3TJCozXMY8uf
6+yep8x6gaN3oi5aGjWmbwhy5GkjurfNYULSgT2G/sdUcd68pSqKxRcIYT9tQOSFP/9aND
0SW9x9FGhV1pOQ/Q+KE+J6FQ8l6ouBrxQrcCQqC7ugGh61HCSdGn+9MwnpvDcmuWc+mSUq
8rdp39rCGueHmU9z15OxXWKHLTeTmP5ngozripE7eC7TKeixVC8kcMkBxIVfC5Hm0Zc6IT
QCNG5KefSo3K8Mbm4t61A64QvAIyVG8qbbuvOMI+ZRGmXWQ0gqKNCKkfA95TfT5tUkbbRx
bNTpzmp53O3xdMtgfSQ5BZ4HOQIdHn79iySQvuFF1J9abO3sBU6Des/u0F8bvDO8bbr3y6
2qMxuZnHapqZWC3lIW9k7kIv1ACThHKz7bNbMYk+quNjnH5WwwASxdUVwumr7DK573tJ6C
+CQ98VG5EHABD19YwBa1PFXt+6c2sK39uNySQ5SBpVzpnl+SBHHivOvCfFtn/P3Wxu+lC3
8GcxtcW0DxmRZdf7fe/DOeJeh9PUfvOqPV8CxrlJ/rn00VIa6TCh/gdCGQEdJC8i2qEPVp
t0gUHsfF508MTv9JC7dB/26A6l+pVUY1UALHIma0nz1XFRpH5kRmmNc3Tikp0biQ/3OiNL
t4QIqNl8UlZZubxoawBJI7ADM46cEUrzZ417GCbHPSZgAVHsZ39kJCBu7qHS84HisM2tuO
CDMhxfyg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDEBZt5nrVzbVSFAItfVFMNDtR3yIbnQA8qE68qVm39kj2CN1OMVNg
xO9r/mHkb78E86AptN
9P5ndfRDObC3bZ1o8Fx/
AQ+uX94x5ieRKXxAyDoqwS3SXaPAyDPShg6IUJB2Ht44bFETtvDei8xkM7aMQYl7qSKbFw+mWSEC/
dIpOCZ9kzIPd8cOFhr4iTh2eR/+AFVH8+QFm
yJjOTVCT1omNaBK8gJy1j4CMZUFFQmHaSg9sLiAAhneUZpiqI6tlf7zaoc08YRi2Dyg/
1SDpVzNOk018cNyFLrNBJD5vpgNSsGJzTpj2t3A7a3vrjCaeu07XKHz+X2bHMtby9
IjVaH"
set source built-in
next
end
config firewall ssh setting
set caname "Fortinet_SSH_CA"
set untrusted-caname "Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set http-0.9 allow
set tunnel-non-http enable
set h2c disable
set unknown-content-encoding block
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set verify-dns-for-policy-matching enable
set block-page-status-code 403
set retry-count 0
set domain-fronting block
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status deep-inspection
set quic inspect
set udp-not-quic allow
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure allow
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set udp-not-quic allow
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status deep-inspection
set quic inspect
set udp-not-quic allow
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure allow
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set udp-not-quic allow
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set status disable
set quic bypass
set udp-not-quic allow
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic bypass
set udp-not-quic allow
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status certificate-inspection
set quic inspect
set udp-not-quic allow
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure allow
set encrypted-client-hello block
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set udp-not-quic allow
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log enable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log enable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log enable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log enable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log enable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log enable
set severity high
end
config main-class 90000000
set status enable
set action block
set log enable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003
90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall ssl-server
end
config casb saas-application
end
config casb user-activity
end
config casb attribute-match
end
config casb profile
edit "default"
set comment ''
next
end
config firewall profile-group
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
set proxy-auth disable
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set update-time 0000-00-00 00:00:00
set persistent-cookie enable
set ip-auth-cookie disable
set cookie-max-age 480
set cookie-refresh-div 2
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config ztna traffic-forward-proxy
end
config ztna reverse-connector
end
config ztna web-proxy
end
config ztna web-portal
end
config ztna web-portal-bookmark
end
config firewall policy
edit 8
set status enable
set name "WIFI-Camera"
set uuid 3ac058c8-dcfc-51ef-52cb-80c12040fabd
set srcintf "WIFI"
set dstintf "Camera-Vlan-2"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 68
set status enable
set name "88940"
set uuid 3ac20196-dcfc-51ef-3a4d-80175d1eb304
set srcintf "Local-Ufico"
set dstintf "MGMT-SW-40"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic all
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of Local-To-Mawared)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10
set status enable
set name "Local-To-Mawared"
set uuid 3ac435a6-dcfc-51ef-464e-5b81dfe9b401
set srcintf "Local-Ufico"
set dstintf "Mawared-DB-33"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 63
set status enable
set name "999 t0 20"
set uuid 3ac7b9a6-dcfc-51ef-0e59-c2bf3baa93d6
set srcintf "Areas_Trust-999"
set dstintf "BO_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 73
set status enable
set name "333"
set uuid 3ac9773c-dcfc-51ef-e710-23d7d72a4c7b
set srcintf "WIFI"
set dstintf "BO_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 61
set status enable
set name "889 to 216"
set uuid 3acafd64-dcfc-51ef-209f-1e722ba3c70c
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 889-To-999)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 72
set status enable
set name ''
set uuid 3acc7748-dcfc-51ef-5203-0be4e1803d62
set srcintf "BO_Zone"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 889-To-999) (Copy of 889 to 216) (Reverse of 889 to
216)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 11
set status enable
set name "889-To-999"
set uuid 3ace603a-dcfc-51ef-81cb-61e3ac1bdbcd
set srcintf "Local-Ufico"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 136
set status disable
set name "deny"
set uuid 9bb38a04-e2d0-51ef-b93a-4e4c718cf3db
set srcintf "WIFI"
set dstintf "Areas_Trust-999" "BackOfficeDell" "inside-99" "OMS_Zone"
set action deny
set ztna-status disable
set srcaddr "172.16.20.104/32" "172.16.20.108/32"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set logtraffic disable
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 12
set status enable
set name "Wifi-To-999"
set uuid 3acfc4ac-dcfc-51ef-5661-9af20010fdf4
set srcintf "WIFI"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 59
set status enable
set name "999-10"
set uuid 3ae86494-dcfc-51ef-5094-abdb91c86aca
set srcintf "Areas_Trust-999"
set dstintf "port5"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 91
set status enable
set name "WIFI-10"
set uuid 3ae9faf2-dcfc-51ef-ae50-df37b68b727a
set srcintf "WIFI"
set dstintf "port5"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "all_default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 60
set status disable
set name "10-999"
set uuid 3aed3906-dcfc-51ef-77b0-5eaad3768f08
set srcintf "port5"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10) (Copy of 999-10) (R
everse of 999-10)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 28
set status enable
set name "999-551"
set uuid 3af69a5a-dcfc-51ef-7ece-162da3276c63
set srcintf "Areas_Trust-999"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 46
set status enable
set name ''
set uuid 3af80098-dcfc-51ef-37ed-01dd04598fda
set srcintf "551"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic all
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 999-551) (Reverse of 999-551)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 29
set status enable
set name "999-889"
set uuid 3af97202-dcfc-51ef-a5f0-aa0cd768c233
set srcintf "Areas_Trust-999"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 30
set status enable
set name "999-111"
set uuid 3afadade-dcfc-51ef-65cd-8e12d6b2c35d
set srcintf "Areas_Trust-999"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 31
set status enable
set name "999-99"
set uuid 3afc4a68-dcfc-51ef-4a68-41b8449e24c1
set srcintf "Areas_Trust-999"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 999-111)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 32
set status enable
set name "999-33"
set uuid 3afec108-dcfc-51ef-6aca-3c10fe931e45
set srcintf "Areas_Trust-999"
set dstintf "Mawared-DB-33"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 77
set status enable
set name "nat"
set uuid 3b002a16-dcfc-51ef-a1d2-32c7b7fdd3d7
set srcintf "Areas_Trust-999"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 999-90)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 78
set status enable
set name "nata"
set uuid 3b04524e-dcfc-51ef-7fe5-6426e18d675e
set srcintf "Servers-90"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 999-90) (Reverse of 999-90)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 34
set status disable
set name "999-20"
set uuid 3b05da24-dcfc-51ef-ef33-fdf34a08e776
set srcintf "Areas_Trust-999"
set dstintf "WIFI"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 66
set status enable
set name "551 to 99"
set uuid 3b073522-dcfc-51ef-b101-ffe19187ba2d
set srcintf "inside-99"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 99-999) (Copy of 889 to 99)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 65
set status enable
set name "889 to 99"
set uuid 3b08b64a-dcfc-51ef-9a6f-7f73442cbdde
set srcintf "inside-99"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 99-999)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 35
set status enable
set name "99-999"
set uuid 3b0a365a-dcfc-51ef-440c-70a6c2c6f153
set srcintf "inside-99"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 47
set status enable
set name "551 T0 99"
set uuid 3b0c88e2-dcfc-51ef-f05f-1b6e1c5880f6
set srcintf "551"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 99-999) (Reverse of 99-999)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 36
set status enable
set name "99-111"
set uuid 3b0e0dfc-dcfc-51ef-164e-3b615e09c63d
set srcintf "inside-99"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 37
set status enable
set name "99-90"
set uuid 3b0f7106-dcfc-51ef-427a-e7737c26fdf3
set srcintf "inside-99"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 54
set status enable
set name "20 to 551"
set uuid 3b15c074-dcfc-51ef-60b3-8f2818818488
set srcintf "WIFI"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of Local-Inside) (Copy of 899 to 551)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 53
set status enable
set name "899 to 551"
set uuid 3b1943de-dcfc-51ef-3cec-c0d8dad0829c
set srcintf "Local-Ufico"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of Local-Inside)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 41
set status enable
set name "Local-Inside"
set uuid 3b1ace70-dcfc-51ef-0dbf-fc6b7dbb1dd6
set srcintf "Local-Ufico"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 45
set status enable
set name "33 to 999"
set uuid 3b206fb0-dcfc-51ef-1535-3f01f0f4f6f5
set srcintf "Mawared-DB-33"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 50
set status enable
set name "33 T0 99"
set uuid 3b21e82c-dcfc-51ef-10c1-07352ce59278
set srcintf "Mawared-DB-33"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 33 to 999)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 51
set status enable
set name "99 T0 33"
set uuid 3b237138-dcfc-51ef-c46b-c7cf7ff10d6e
set srcintf "inside-99"
set dstintf "Mawared-DB-33"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 33 to 999) (Copy of 33 T0 99) (Reverse of 33 T0
99)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 48
set status enable
set name "20to 99"
set uuid 3b2511c8-dcfc-51ef-431e-3ce5797b2db1
set srcintf "WIFI"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 49
set status disable
set name "99 to 20"
set uuid 3b27802a-dcfc-51ef-2478-a9dc561adca3
set srcintf "inside-99"
set dstintf "WIFI"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 20to 99) (Reverse of 20to 99)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 67
set status enable
set name "wifi to 40"
set uuid 3b2aaba6-dcfc-51ef-1e83-9dd78581bc17
set srcintf "WIFI"
set dstintf "MGMT-SW-40"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 70
set status enable
set name "95-214"
set uuid 3b2c1dc4-dcfc-51ef-155a-9d127b84353c
set srcintf "Web-95"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL" "TCP- 61616"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of etrad 95)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 71
set status disable
set name "889 to bozone"
set uuid 3b302df6-dcfc-51ef-578f-43269cd47774
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 75
set status enable
set name "33 to 216"
set uuid 3b319eb6-dcfc-51ef-4d63-a043636d8abd
set srcintf "Mawared-DB-33"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 76
set status enable
set name ''
set uuid 3b330ada-dcfc-51ef-690f-160e8c1ae645
set srcintf "BackOfficeDell"
set dstintf "Mawared-DB-33"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of 33 to 216) (Reverse of 33 to 216)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 85
set status enable
set name "local-GTN"
set uuid 3b3e3f9a-dcfc-51ef-b0e6-41d877ab498b
set srcintf "Local-Ufico"
set dstintf "GTN"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 86
set status enable
set name "GTN-LAN"
set uuid 3b3fa56a-dcfc-51ef-a508-39017329c2ff
set srcintf "GTN"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 87
set status disable
set name "GTN-WIFI"
set uuid 3b410d92-dcfc-51ef-b920-b8165676db6f
set srcintf "GTN"
set dstintf "WIFI"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 92
set status disable
set name "10-wifi"
set uuid 3b45c242-dcfc-51ef-dcb4-c49217e3f2f1
set srcintf "port5"
set dstintf "WIFI"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 93
set status enable
set name "server90-web95"
set uuid 3b48cb22-dcfc-51ef-6505-238445207d22
set srcintf "Servers-90"
set dstintf "Web-95"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 100
set status enable
set name "VTEL-10.12.16"
set uuid 3b51e338-dcfc-51ef-4fe5-ba6e4e0eae27
set srcintf "port1"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 101
set status enable
set name "vtel-192.168.10"
set uuid 3b534e30-dcfc-51ef-f9a3-0b0c6311bcb3
set srcintf "port1"
set dstintf "port5"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 104
set status enable
set name "VTEL DC"
set uuid 3b57f110-dcfc-51ef-2b92-1fca55225971
set srcintf "port1"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 105
set status enable
set name "VTEL-DC R"
set uuid 3b595668-dcfc-51ef-8ec1-4b6e4ae133ca
set srcintf "551"
set dstintf "port1"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 52
set status enable
set name "551-wan"
set uuid 8c4c3394-dd0e-51ef-5ebb-fca3c71a1b0e
set srcintf "551"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 55
set status enable
set name ''
set uuid cac8cb50-dd0e-51ef-f213-b6c57f19d327
set srcintf "re"
set dstintf "551"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 56
set status enable
set name ''
set uuid 4e32bbea-dd0f-51ef-631e-db4978f2ccdf
set srcintf "Areas_Trust-999"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 58
set status enable
set name "MEPS-999"
set uuid 1ad1fe72-dd10-51ef-3710-97e7dc59f2bb
set srcintf "MEPS"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 64
set status enable
set name "999-meps"
set uuid 61ed3312-dd10-51ef-ff2b-b2de978e6da6
set srcintf "Areas_Trust-999"
set dstintf "MEPS"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 69
set status enable
set name "Madfooatcom"
set uuid 93d900cc-dd10-51ef-9555-dbf5808d6831
set srcintf "MadfooatCom_VPN"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "Madfooatcom"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 74
set status enable
set name ''
set uuid cbf2b3b8-dd10-51ef-b2d0-385a360dd2f4
set srcintf "re"
set dstintf "Areas_Trust-999"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 79
set status enable
set name ''
set uuid 6449d5e2-dd11-51ef-7ded-67ad37044fbd
set srcintf "inside-99"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 80
set status enable
set name ''
set uuid a077e2a2-dd11-51ef-6961-d2cf46c40a7a
set srcintf "Local-Ufico"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 81
set status enable
set name ''
set uuid d59a4394-dd11-51ef-42ad-882ef79432e9
set srcintf "Mawared-DB-33"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile ''
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 82
set status enable
set name ''
set uuid 17e0f8f6-dd12-51ef-896d-7c46f9e2fc6d
set srcintf "port1"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 83
set status enable
set name ''
set uuid 4758f99e-dd12-51ef-4da8-4b6399b04799
set srcintf "re"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 84
set status enable
set name ''
set uuid 88d0fce6-dd12-51ef-810f-36fd676edb78
set srcintf "Web-95"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 88
set status enable
set name ''
set uuid bcf59c52-dd12-51ef-d78a-e2f4d5a193c2
set srcintf "WIFI"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 89
set status enable
set name ''
set uuid efc85272-dd13-51ef-2c04-882604673310
set srcintf "WIFI"
set dstintf "port16"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "185.193.177.239/32"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 90
set status enable
set name "printers-551"
set uuid 220c88fc-dd82-51ef-638d-c9e2d8db2810
set srcintf "port5"
set dstintf "551"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 94
set status enable
set name ''
set uuid c26fdcf4-dd82-51ef-2532-23b84f6b0760
set srcintf "551"
set dstintf "WIFI"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 95
set status enable
set name ''
set uuid 20e73c7c-dd84-51ef-2d3a-291dbd702582
set srcintf "Areas_Trust-999"
set dstintf "port16"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "185.193.177.239"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 96
set status enable
set name "printers-smtp"
set uuid dbccc0de-dd84-51ef-5102-677de8faaa27
set srcintf "port5"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set icap-profile ''
set videofilter-profile ''
set waf-profile "default"
set ssh-filter-profile ''
set casb-profile ''
set logtraffic utm
set logtraffic-start disable
set log-http-transaction disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set webproxy-forward-server ''
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 97
set status enable
set name ''
set uuid 6019b202-dd85-51ef-2f1b-2834a86a0212
set srcintf "re"
set dstintf "port5"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 98
set status enable
set name ''
set uuid c7eb7690-dd85-51ef-44b7-a78ccd4ff491
set srcintf "Amman-to-Dubai"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 112
set status enable
set name ''
set uuid a4c1b79a-dd8c-51ef-59d6-0d53fc724656
set srcintf "Local-Ufico"
set dstintf "Amman-to-Dubai"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Reverse of 98)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 99
set status enable
set name ''
set uuid 34393a9e-dd86-51ef-d649-be39d330f72e
set srcintf "BackOfficeDell"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 102
set status enable
set name "local-backoffice"
set uuid 6b48e160-dd86-51ef-9e2f-b6720de654f7
set srcintf "Local-Ufico"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 103
set status enable
set name ''
set uuid c1d07458-dd86-51ef-66a8-6542f6be43f0
set srcintf "re"
set dstintf "BackOfficeDell"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 106
set status enable
set name ''
set uuid 1ec3ce4e-dd87-51ef-7129-8a8b1eadce7e
set srcintf "Servers-90"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 107
set status enable
set name "web95-backoffice"
set uuid a0b162c6-dd88-51ef-b3d3-c36aebee4e01
set srcintf "Web-95"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL" "TCP- 61616"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 108
set status enable
set name "wifi-backoffice"
set uuid d9b31984-dd88-51ef-e693-0d4d78d505d7
set srcintf "WIFI"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL" "SMB" "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 109
set status enable
set name ''
set uuid 7152cad2-dd89-51ef-ff7b-6b8175f4679c
set srcintf "re"
set dstintf "inside-99"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 110
set status enable
set name ''
set uuid b810393a-dd8b-51ef-b061-7517dd67a9b3
set srcintf "port16"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "avaya"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 111
set status enable
set name "re-mawared"
set uuid 669262f8-dd8c-51ef-cc25-8242c3dff743
set srcintf "re"
set dstintf "Mawared-DB-33"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 113
set status enable
set name "local-shared"
set uuid ffa7a246-dd8c-51ef-6ede-a811219f6786
set srcintf "Local-Ufico"
set dstintf "port16"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "185.193.177.239"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 114
set status enable
set name "local-wifi"
set uuid 4a906e8c-dd8d-51ef-b08b-ab259949d379
set srcintf "Local-Ufico"
set dstintf "WIFI"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 115
set status disable
set name ''
set uuid 502e864e-dd8d-51ef-5790-d2b9b4e0e911
set srcintf "WIFI"
set dstintf "Local-Ufico"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Reverse of local-wifi)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 116
set status enable
set name "re-servers90"
set uuid e1c2f52c-dd8d-51ef-a5ab-9c55c2991839
set srcintf "re"
set dstintf "Servers-90"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 117
set status enable
set name "ssl-back"
set uuid e5425cf2-dd91-51ef-178a-1870ea6fe660
set srcintf "ssl.root"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL_ICMP" "MS-SQL" "MYSQL" "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set users "Ahmed.Salah"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "1"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 118
set status enable
set name "ssl-server90"
set uuid 3ad15dc6-dd92-51ef-f0d7-b81f7a19783b
set srcintf "ssl.root"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set users "Ahmed.Salah"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 119
set status enable
set name "ssl-95"
set uuid 8af82924-dd92-51ef-3965-308b3f5ace18
set srcintf "ssl.root"
set dstintf "Web-95"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set users "Ahmed.Salah"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 120
set status enable
set name "RE-BO"
set uuid 1d1a2fd2-dd93-51ef-2b2d-07aa0899edf2
set srcintf "re"
set dstintf "BO_Zone"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 121
set status enable
set name ''
set uuid 70d37796-dd93-51ef-ef7b-fb7d1bfdecd2
set srcintf "re"
set dstintf "Camera-Vlan-2"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile "default"
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 122
set status enable
set name "re-oms"
set uuid ab082362-dd93-51ef-2e88-429c6a29d141
set srcintf "re"
set dstintf "OMS_Zone"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 123
set status enable
set name "web-95-GTN"
set uuid 29ce329a-dd94-51ef-eb73-0420143c003f
set srcintf "Web-95"
set dstintf "GTN"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 124
set status enable
set name "web-95-GTN2"
set uuid 4c0397ce-dd94-51ef-1134-7b82cfe196be
set srcintf "Web-95"
set dstintf "GTN2"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 125
set status enable
set name "re-web95"
set uuid b0754d6a-dd94-51ef-782e-61fdb512930d
set srcintf "re"
set dstintf "Web-95"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 126
set status enable
set name "backoffice-wan"
set uuid 2e373fd2-de8b-51ef-93d6-af894d796701
set srcintf "BackOfficeDell"
set dstintf "port16"
set action accept
set ztna-status disable
set srcaddr "BackOfficeDell address"
set dstaddr "86.108.14.118/32"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL" "TCP-49302"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 127
set status enable
set name "AD-internet"
set uuid 9e44cea2-de8b-51ef-1f88-cb6964322887
set srcintf "BackOfficeDell"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "10.216.16.251/32" "10.216.16.252/32"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile "default"
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 128
set status enable
set name ''
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL_ICMP" "Windows AD"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 129
set status enable
set name ''
set uuid 07d0593a-de8d-51ef-46d9-e6563a7dc953
set srcintf "OMS_Zone"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 130
set status enable
set name ''
set uuid 3c5f1e7a-de8d-51ef-5296-6b5481e6fc6c
set srcintf "BackOfficeDell"
set dstintf "OMS_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 131
set status enable
set name ''
set uuid 992cc490-de92-51ef-3158-07f6e5648d06
set srcintf "port16"
set dstintf "Web-95"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "web-95"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 132
set status enable
set name ''
set uuid 3c760930-de94-51ef-988a-a8f99428917d
set srcintf "port15"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "86.108.14.118/32"
set dstaddr "back-sql" "back-mysql"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "TCP-49302" "MS-SQL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 134
set status enable
set name "AVAYA to VPN"
set uuid bd50ee5c-def4-51ef-75e8-5d77042d356b
set srcintf "inside-99"
set dstintf "ssl.root"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SIP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set ntlm-guest disable
set fsso-agent-for-ntlm ''
set groups "AVAYA"
set auth-path disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of VPN AVAYA) (Copy of )"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 133
set status enable
set name "VPN AVAYA"
set uuid 4fa71040-deed-51ef-06cb-dfad71c77548
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SIP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile "default"
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "AVAYA"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 135
set status enable
set name ''
set uuid 756a591a-e134-51ef-78bf-3e8e575e2cc3
set srcintf "ssl.root"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry enable
set policy-expiry-date 2025-03-04 10:08:09
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set users "Ahmed.Salah"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 137
set status enable
set name ''
set uuid d2bc4a04-e39d-51ef-52e7-4bd06252ba83
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone" "Servers-9
0" "Web-95"
set dstintf "BackOfficeDell"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "MS-SQL" "MYSQL" "TCP- 61616"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor ''
set application-list "default"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 138
set status enable
set name ''
set uuid 539badc4-e3a1-51ef-6bef-b0d3d7da17ad
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone"
set dstintf "Servers-90"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry enable
set policy-expiry-date 2025-03-07 12:12:30
set service "MS-SQL" "MYSQL" "TCP- 61616"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 139
set status enable
set name "Efawaterkom"
set uuid 6474d304-e613-51ef-6638-d664128e7fbc
set srcintf "any"
set dstintf "Areas_Trust-999"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "Efawaterkom"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry enable
set policy-expiry-date 2025-03-10 14:54:03
set service "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 140
set status enable
set name "avaya"
set uuid 5b728398-e6d4-51ef-4a89-fea51af59beb
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry enable
set policy-expiry-date 2025-03-11 13:55:21
set service "RDP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set users "avaya"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 141
set status enable
set name "wifi-GTN"
set uuid be9eee04-e781-51ef-cd95-d1ad648a6a45
set srcintf "WIFI"
set dstintf "GTN" "Amman-to-Dubai"
set action accept
set ztna-status disable
set srcaddr "172.16.20.176/32" "172.16.20.194/32"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve disable
set port-random disable
set ippool enable
set poolname "192.168.0.1"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 142
set status enable
set name "cam-internet"
set uuid 79ce08d4-e932-51ef-1f29-a6654dbea999
set srcintf "Camera-Vlan-2"
set dstintf "port15"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 143
set status enable
set name "back-99"
set uuid d01138ec-e946-51ef-bca3-61d65eb7b77b
set srcintf "BackOfficeDell"
set dstintf "inside-99"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "10.216.16.250/32"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set app-monitor disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set radius-ip-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall proxy-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
end
config firewall DoS-policy6
end
config firewall sniffer
end
config firewall on-demand-sniffer
edit "ha_root"
set interface "ha"
set max-packet-count 5000
set non-ip-packet enable
set advanced-filter ''
next
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
set mab-reauth disable
set mac-username-delimiter hyphen
set mac-password-delimiter hyphen
set mac-calling-station-delimiter hyphen
set mac-called-station-delimiter hyphen
set mac-case lowercase
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
set dacl disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
set auto-isl-auth legacy
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
set auto-isl-auth legacy
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "pse"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
set login enable
set revision-backup-on-logout disable
set revision-backup-on-upgrade disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp profile
edit "default"
set description ''
set mode transparent-e2e
next
end
config switch-controller ptp interface-policy
edit "default"
set description ''
set vlan ''
set vlan-pri 4
next
end
config switch-controller vlan-policy
end
config switch-controller acl ingress
end
config switch-controller acl group
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization configured
set vlan-identity name
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set dhcp-option82-format ascii
set dhcp-option82-circuit-id intfname vlan mode
set dhcp-option82-remote-id mac
set dhcp-snoop-client-req drop-untrusted
set dhcp-snoop-client-db-exp 86400
set dhcp-snoop-db-per-port-learn-limit 64
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
set switch-on-deauth no-op
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set level ip
set max-export-pkt-size 512
set template-export-period 5
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set rolling-wtp-upgrade disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
set wtp-fips-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 0
set weight-dfs-channel 0
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel enable
set include-dfs-channel enable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 3
set ap-bgscan-duration 30
set ap-bgscan-idle 20
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set reassoc-flood disable
set probe-flood disable
set bcn-flood disable
set rts-flood disable
set cts-flood disable
set client-flood disable
set block_ack-flood disable
set pspoll-flood disable
set netstumbler disable
set wellenreiter disable
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
set windows-bridge disable
set disassoc-broadcast disable
set ap-spoofing disable
set chan-based-mitm disable
set adhoc-valid-ssid disable
set adhoc-network disable
set eapol-key-overflow disable
set ap-impersonation disable
set invalid-addr-combination disable
set beacon-wrong-channel disable
set ht-greenfield disable
set overflow-ie disable
set malformed-ht-ie disable
set malformed-auth disable
set malformed-association disable
set ht-40mhz-intolerance disable
set valid-ssid-misuse disable
set valid-client-misassociation disable
set hotspotter-attack disable
set pwsave-dos-attack disable
set omerta-attack disable
set disconnect-station disable
set unencrypted-valid disable
set fata-jack disable
set risky-encryption disable
set fuzzed-beacon disable
set fuzzed-probe-request disable
set fuzzed-probe-response disable
set air-jack disable
set wpa-ft-attack disable
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 3
set ap-bgscan-duration 30
set ap-bgscan-idle 20
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set reassoc-flood disable
set probe-flood disable
set bcn-flood disable
set rts-flood disable
set cts-flood disable
set client-flood disable
set block_ack-flood disable
set pspoll-flood disable
set netstumbler disable
set wellenreiter disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
set windows-bridge disable
set disassoc-broadcast disable
set ap-spoofing disable
set chan-based-mitm disable
set adhoc-valid-ssid disable
set adhoc-network disable
set eapol-key-overflow disable
set ap-impersonation disable
set invalid-addr-combination disable
set beacon-wrong-channel disable
set ht-greenfield disable
set overflow-ie disable
set malformed-ht-ie disable
set malformed-auth disable
set malformed-association disable
set ht-40mhz-intolerance disable
set valid-ssid-misuse disable
set valid-client-misassociation disable
set hotspotter-attack disable
set pwsave-dos-attack disable
set omerta-attack disable
set disconnect-station disable
set unencrypted-valid disable
set fata-jack disable
set risky-encryption disable
set fuzzed-beacon disable
set fuzzed-probe-request disable
set fuzzed-probe-response disable
set air-jack disable
set wpa-ft-attack disable
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
set scan-type active
set scan-threshold "-90"
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extension-controller dataplan
end
config extension-controller extender-vap
end
config extension-controller extender-profile
end
config extension-controller extender
end
config extension-controller fortigate-profile
end
config extension-controller fortigate
end
config system ips
set signature-hold-time 0h
end
config endpoint-control settings
set override disable
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set packet-log-memory 256
set ips-packet-quota 0
set proxy-inline-ips disable
set ha-session-pickup connectivity
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set HA-logs disable
set IPsec-errors-logs disable
set FDS-update-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set FDS-license-expiring-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router extcommunity-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
edit 1
set status enable
set dst 172.18.81.9 255.255.255.255
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "Amman-to-Dubai"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 2
set status enable
set dst 172.18.41.70 255.255.255.255
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "Amman-to-Dubai"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 15
set status enable
set dst 172.125.65.7 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "MEPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 16
set status enable
set dst 172.125.65.6 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "MEPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 23
set status enable
set dst 10.0.0.0 255.0.0.0
set gateway 10.12.16.1
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "Areas_Trust-999"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 18
set status enable
set dst 172.19.51.52 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "GTN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 19
set status enable
set dst 172.19.51.54 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "GTN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 20
set status enable
set dst 172.22.1.98 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "GTN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 21
set status enable
set dst 172.23.122.9 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "GTN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 24
set status enable
set dst 172.19.51.52 255.255.255.255
set preferred-source 0.0.0.0
set distance 11
set weight 0
set priority 1
set device "GTN2"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 25
set status enable
set dst 172.19.51.54 255.255.255.255
set preferred-source 0.0.0.0
set distance 11
set weight 0
set priority 1
set device "GTN2"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 26
set status enable
set dst 172.22.1.98 255.255.255.255
set preferred-source 0.0.0.0
set distance 11
set weight 0
set priority 1
set device "GTN2"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 27
set status enable
set dst 172.23.122.9 255.255.255.255
set preferred-source 0.0.0.0
set distance 11
set weight 0
set priority 1
set device "GTN2"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 31
set status enable
set dst 172.23.123.9 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "GTN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 32
set status enable
set dst 172.23.123.9 255.255.255.255
set preferred-source 0.0.0.0
set distance 11
set weight 0
set priority 1
set device "GTN2"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 28
set status enable
set dst 10.211.211.240 255.255.255.248
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "MadfooatCom_VPN"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 17
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 178.20.188.65
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "port15"
set comment ''
set blackhole disable
set dynamic-gateway disable
set dstaddr ''
unset internet-service
set internet-service-custom ''
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 22
set status enable
set dst 0.0.0.0 0.0.0.0
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 2
set device "port16"
set comment ''
set dynamic-gateway enable
set dstaddr ''
unset internet-service
set internet-service-custom ''
set link-monitor-exempt disable
set tag 0
set bfd disable
next
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set lsa-refresh-interval 5
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set restart-mode none
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
unset as
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set recursive-inherit-priority disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
set cross-family-conditional-adv disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC
dFbxLcM0+iL9ryrstGq7im6HMIIYuIJiS0OotyQ55BVIHXIbUDZWPL5rgmd40Li0t4PM2B25rIvWp3+Grhq
+TGKloMxzgNmvrjnhU4Cq
jOJ/0XjGMMPepqozh9fkZKNd4pYTUQdckJsTIYNiXZGYyLIP86QzJuu5UimhMkJa7nMDSTYL/
yVDafcQ3GYDDTnUqAjjuVlmMjY3dkVA
set auth-password-l2 ENC
MHmPZOO4qfhQ9E6ge1AiERyuionmC6loxaWzQ5pF5AtqCF1HIit3noNpqHvX8ssriDuy6zN3okXKyRgOs/
JI1NxrYR5+IV+ElWw0WZeK
aOUCDTIKoCIeUuWlLkw633ePxhC+v6hkUJK8TFkci/
Pjuu8jwgULBvCJTVTbc70Cmm5QcD5K3bInCo1CbOlo5W4doMH5ZllmMjY3dkVA
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-crp-prefix disable
set cisco-register-checksum disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set pim-use-sdwan disable
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
set pim-use-sdwan disable
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
set kernel-route-distance 255
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-interface
end

UFICO-MAIN $ show firewall policy "128"


config firewall policy
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
end

UFICO-MAIN $ show firewall policy


config firewall policy
edit 8
set name "WIFI-Camera"
set uuid 3ac058c8-dcfc-51ef-52cb-80c12040fabd
set srcintf "WIFI"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
next
edit 68
set name "88940"
set uuid 3ac20196-dcfc-51ef-3a4d-80175d1eb304
set srcintf "Local-Ufico"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
set comments " (Copy of Local-To-Mawared)"
next
edit 10
set name "Local-To-Mawared"
set uuid 3ac435a6-dcfc-51ef-464e-5b81dfe9b401
set srcintf "Local-Ufico"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 63
set name "999 t0 20"
set uuid 3ac7b9a6-dcfc-51ef-0e59-c2bf3baa93d6
set srcintf "Areas_Trust-999"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 73
set name "333"
set uuid 3ac9773c-dcfc-51ef-e710-23d7d72a4c7b
set srcintf "WIFI"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 61
set name "889 to 216"
set uuid 3acafd64-dcfc-51ef-209f-1e722ba3c70c
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999)"
next
edit 72
set uuid 3acc7748-dcfc-51ef-5203-0be4e1803d62
set srcintf "BO_Zone"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216) (Reverse of 889 to
216)"
next
edit 11
set name "889-To-999"
set uuid 3ace603a-dcfc-51ef-81cb-61e3ac1bdbcd
set srcintf "Local-Ufico"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 136
set status disable
set name "deny"
set uuid 9bb38a04-e2d0-51ef-b93a-4e4c718cf3db
set srcintf "WIFI"
set dstintf "Areas_Trust-999" "BackOfficeDell" "inside-99" "OMS_Zone"
set srcaddr "172.16.20.104/32" "172.16.20.108/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set logtraffic disable
next
edit 12
set name "Wifi-To-999"
set uuid 3acfc4ac-dcfc-51ef-5661-9af20010fdf4
set srcintf "WIFI"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 59
set name "999-10"
set uuid 3ae86494-dcfc-51ef-5094-abdb91c86aca
set srcintf "Areas_Trust-999"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10)"
next
edit 91
set name "WIFI-10"
set uuid 3ae9faf2-dcfc-51ef-ae50-df37b68b727a
set srcintf "WIFI"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "all_default"
set application-list "default"
next
edit 60
set status disable
set name "10-999"
set uuid 3aed3906-dcfc-51ef-77b0-5eaad3768f08
set srcintf "port5"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10) (Copy of 999-10) (R
everse of 999-10)"
next
edit 28
set name "999-551"
set uuid 3af69a5a-dcfc-51ef-7ece-162da3276c63
set srcintf "Areas_Trust-999"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 46
set uuid 3af80098-dcfc-51ef-37ed-01dd04598fda
set srcintf "551"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set logtraffic all
set comments " (Copy of 999-551) (Reverse of 999-551)"
next
edit 29
set name "999-889"
set uuid 3af97202-dcfc-51ef-a5f0-aa0cd768c233
set srcintf "Areas_Trust-999"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 30
set name "999-111"
set uuid 3afadade-dcfc-51ef-65cd-8e12d6b2c35d
set srcintf "Areas_Trust-999"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 31
set name "999-99"
set uuid 3afc4a68-dcfc-51ef-4a68-41b8449e24c1
set srcintf "Areas_Trust-999"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-111)"
next
edit 32
set name "999-33"
set uuid 3afec108-dcfc-51ef-6aca-3c10fe931e45
set srcintf "Areas_Trust-999"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 77
set name "nat"
set uuid 3b002a16-dcfc-51ef-a1d2-32c7b7fdd3d7
set srcintf "Areas_Trust-999"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90)"
next
edit 78
set name "nata"
set uuid 3b04524e-dcfc-51ef-7fe5-6426e18d675e
set srcintf "Servers-90"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90) (Reverse of 999-90)"
next
edit 34
set status disable
set name "999-20"
set uuid 3b05da24-dcfc-51ef-ef33-fdf34a08e776
set srcintf "Areas_Trust-999"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 66
set name "551 to 99"
set uuid 3b073522-dcfc-51ef-b101-ffe19187ba2d
set srcintf "inside-99"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999) (Copy of 889 to 99)"
next
edit 65
set name "889 to 99"
set uuid 3b08b64a-dcfc-51ef-9a6f-7f73442cbdde
set srcintf "inside-99"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999)"
next
edit 35
set name "99-999"
set uuid 3b0a365a-dcfc-51ef-440c-70a6c2c6f153
set srcintf "inside-99"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 47
set name "551 T0 99"
set uuid 3b0c88e2-dcfc-51ef-f05f-1b6e1c5880f6
set srcintf "551"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set comments " (Copy of 99-999) (Reverse of 99-999)"
next
edit 36
set name "99-111"
set uuid 3b0e0dfc-dcfc-51ef-164e-3b615e09c63d
set srcintf "inside-99"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 37
set name "99-90"
set uuid 3b0f7106-dcfc-51ef-427a-e7737c26fdf3
set srcintf "inside-99"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 54
set name "20 to 551"
set uuid 3b15c074-dcfc-51ef-60b3-8f2818818488
set srcintf "WIFI"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside) (Copy of 899 to 551)"
next
edit 53
set name "899 to 551"
set uuid 3b1943de-dcfc-51ef-3cec-c0d8dad0829c
set srcintf "Local-Ufico"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside)"
next
edit 41
set name "Local-Inside"
set uuid 3b1ace70-dcfc-51ef-0dbf-fc6b7dbb1dd6
set srcintf "Local-Ufico"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 45
set name "33 to 999"
set uuid 3b206fb0-dcfc-51ef-1535-3f01f0f4f6f5
set srcintf "Mawared-DB-33"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 50
set name "33 T0 99"
set uuid 3b21e82c-dcfc-51ef-10c1-07352ce59278
set srcintf "Mawared-DB-33"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999)"
next
edit 51
set name "99 T0 33"
set uuid 3b237138-dcfc-51ef-c46b-c7cf7ff10d6e
set srcintf "inside-99"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999) (Copy of 33 T0 99) (Reverse of 33 T0
99)"
next
edit 48
set name "20to 99"
set uuid 3b2511c8-dcfc-51ef-431e-3ce5797b2db1
set srcintf "WIFI"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 49
set status disable
set name "99 to 20"
set uuid 3b27802a-dcfc-51ef-2478-a9dc561adca3
set srcintf "inside-99"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set comments " (Copy of 20to 99) (Reverse of 20to 99)"
next
edit 67
set name "wifi to 40"
set uuid 3b2aaba6-dcfc-51ef-1e83-9dd78581bc17
set srcintf "WIFI"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 70
set name "95-214"
set uuid 3b2c1dc4-dcfc-51ef-155a-9d127b84353c
set srcintf "Web-95"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of etrad 95)"
next
edit 71
set status disable
set name "889 to bozone"
set uuid 3b302df6-dcfc-51ef-578f-43269cd47774
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 75
set name "33 to 216"
set uuid 3b319eb6-dcfc-51ef-4d63-a043636d8abd
set srcintf "Mawared-DB-33"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 76
set uuid 3b330ada-dcfc-51ef-690f-160e8c1ae645
set srcintf "BackOfficeDell"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 216) (Reverse of 33 to 216)"
next
edit 85
set name "local-GTN"
set uuid 3b3e3f9a-dcfc-51ef-b0e6-41d877ab498b
set srcintf "Local-Ufico"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 86
set name "GTN-LAN"
set uuid 3b3fa56a-dcfc-51ef-a508-39017329c2ff
set srcintf "GTN"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 87
set status disable
set name "GTN-WIFI"
set uuid 3b410d92-dcfc-51ef-b920-b8165676db6f
set srcintf "GTN"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 92
set status disable
set name "10-wifi"
set uuid 3b45c242-dcfc-51ef-dcb4-c49217e3f2f1
set srcintf "port5"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 93
set name "server90-web95"
set uuid 3b48cb22-dcfc-51ef-6505-238445207d22
set srcintf "Servers-90"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 100
set name "VTEL-10.12.16"
set uuid 3b51e338-dcfc-51ef-4fe5-ba6e4e0eae27
set srcintf "port1"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 101
set name "vtel-192.168.10"
set uuid 3b534e30-dcfc-51ef-f9a3-0b0c6311bcb3
set srcintf "port1"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 104
set name "VTEL DC"
set uuid 3b57f110-dcfc-51ef-2b92-1fca55225971
set srcintf "port1"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 105
set name "VTEL-DC R"
set uuid 3b595668-dcfc-51ef-8ec1-4b6e4ae133ca
set srcintf "551"
set dstintf "port1"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 52
set name "551-wan"
set uuid 8c4c3394-dd0e-51ef-5ebb-fca3c71a1b0e
set srcintf "551"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 55
set uuid cac8cb50-dd0e-51ef-f213-b6c57f19d327
set srcintf "re"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 56
set uuid 4e32bbea-dd0f-51ef-631e-db4978f2ccdf
set srcintf "Areas_Trust-999"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 58
set name "MEPS-999"
set uuid 1ad1fe72-dd10-51ef-3710-97e7dc59f2bb
set srcintf "MEPS"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 64
set name "999-meps"
set uuid 61ed3312-dd10-51ef-ff2b-b2de978e6da6
set srcintf "Areas_Trust-999"
set dstintf "MEPS"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 69
set name "Madfooatcom"
set uuid 93d900cc-dd10-51ef-9555-dbf5808d6831
set srcintf "MadfooatCom_VPN"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Madfooatcom"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 74
set uuid cbf2b3b8-dd10-51ef-b2d0-385a360dd2f4
set srcintf "re"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 79
set uuid 6449d5e2-dd11-51ef-7ded-67ad37044fbd
set srcintf "inside-99"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 80
set uuid a077e2a2-dd11-51ef-6961-d2cf46c40a7a
set srcintf "Local-Ufico"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 81
set uuid d59a4394-dd11-51ef-42ad-882ef79432e9
set srcintf "Mawared-DB-33"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 82
set uuid 17e0f8f6-dd12-51ef-896d-7c46f9e2fc6d
set srcintf "port1"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 83
set uuid 4758f99e-dd12-51ef-4da8-4b6399b04799
set srcintf "re"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 84
set uuid 88d0fce6-dd12-51ef-810f-36fd676edb78
set srcintf "Web-95"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
next
edit 88
set uuid bcf59c52-dd12-51ef-d78a-e2f4d5a193c2
set srcintf "WIFI"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 89
set uuid efc85272-dd13-51ef-2c04-882604673310
set srcintf "WIFI"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239/32"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 90
set name "printers-551"
set uuid 220c88fc-dd82-51ef-638d-c9e2d8db2810
set srcintf "port5"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 94
set uuid c26fdcf4-dd82-51ef-2532-23b84f6b0760
set srcintf "551"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 95
set uuid 20e73c7c-dd84-51ef-2d3a-291dbd702582
set srcintf "Areas_Trust-999"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "HTTP" "HTTPS"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 96
set name "printers-smtp"
set uuid dbccc0de-dd84-51ef-5102-677de8faaa27
set srcintf "port5"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 97
set uuid 6019b202-dd85-51ef-2f1b-2834a86a0212
set srcintf "re"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 98
set uuid c7eb7690-dd85-51ef-44b7-a78ccd4ff491
set srcintf "Amman-to-Dubai"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 112
set uuid a4c1b79a-dd8c-51ef-59d6-0d53fc724656
set srcintf "Local-Ufico"
set dstintf "Amman-to-Dubai"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of 98)"
next
edit 99
set uuid 34393a9e-dd86-51ef-d649-be39d330f72e
set srcintf "BackOfficeDell"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 102
set name "local-backoffice"
set uuid 6b48e160-dd86-51ef-9e2f-b6720de654f7
set srcintf "Local-Ufico"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 103
set uuid c1d07458-dd86-51ef-66a8-6542f6be43f0
set srcintf "re"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 106
set uuid 1ec3ce4e-dd87-51ef-7129-8a8b1eadce7e
set srcintf "Servers-90"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 107
set name "web95-backoffice"
set uuid a0b162c6-dd88-51ef-b3d3-c36aebee4e01
set srcintf "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 108
set name "wifi-backoffice"
set uuid d9b31984-dd88-51ef-e693-0d4d78d505d7
set srcintf "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "SMB" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 109
set uuid 7152cad2-dd89-51ef-ff7b-6b8175f4679c
set srcintf "re"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 110
set uuid b810393a-dd8b-51ef-b061-7517dd67a9b3
set srcintf "port16"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "avaya"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 111
set name "re-mawared"
set uuid 669262f8-dd8c-51ef-cc25-8242c3dff743
set srcintf "re"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 113
set name "local-shared"
set uuid ffa7a246-dd8c-51ef-6ede-a811219f6786
set srcintf "Local-Ufico"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 114
set name "local-wifi"
set uuid 4a906e8c-dd8d-51ef-b08b-ab259949d379
set srcintf "Local-Ufico"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 115
set status disable
set uuid 502e864e-dd8d-51ef-5790-d2b9b4e0e911
set srcintf "WIFI"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of local-wifi)"
next
edit 116
set name "re-servers90"
set uuid e1c2f52c-dd8d-51ef-a5ab-9c55c2991839
set srcintf "re"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 117
set name "ssl-back"
set uuid e5425cf2-dd91-51ef-178a-1870ea6fe660
set srcintf "ssl.root"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL_ICMP" "MS-SQL" "MYSQL" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set users "Ahmed.Salah"
set comments "1"
next
edit 118
set name "ssl-server90"
set uuid 3ad15dc6-dd92-51ef-f0d7-b81f7a19783b
set srcintf "ssl.root"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 119
set name "ssl-95"
set uuid 8af82924-dd92-51ef-3965-308b3f5ace18
set srcintf "ssl.root"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 120
set name "RE-BO"
set uuid 1d1a2fd2-dd93-51ef-2b2d-07aa0899edf2
set srcintf "re"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 121
set uuid 70d37796-dd93-51ef-ef7b-fb7d1bfdecd2
set srcintf "re"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 122
set name "re-oms"
set uuid ab082362-dd93-51ef-2e88-429c6a29d141
set srcintf "re"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 123
set name "web-95-GTN"
set uuid 29ce329a-dd94-51ef-eb73-0420143c003f
set srcintf "Web-95"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 124
set name "web-95-GTN2"
set uuid 4c0397ce-dd94-51ef-1134-7b82cfe196be
set srcintf "Web-95"
set dstintf "GTN2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 125
set name "re-web95"
set uuid b0754d6a-dd94-51ef-782e-61fdb512930d
set srcintf "re"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 126
set name "backoffice-wan"
set uuid 2e373fd2-de8b-51ef-93d6-af894d796701
set srcintf "BackOfficeDell"
set dstintf "port16"
set action accept
set srcaddr "BackOfficeDell address"
set dstaddr "86.108.14.118/32"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP-49302"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 127
set name "AD-internet"
set uuid 9e44cea2-de8b-51ef-1f88-cb6964322887
set srcintf "BackOfficeDell"
set dstintf "port15"
set action accept
set srcaddr "10.216.16.251/32" "10.216.16.252/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
edit 129
set uuid 07d0593a-de8d-51ef-46d9-e6563a7dc953
set srcintf "OMS_Zone"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 130
set uuid 3c5f1e7a-de8d-51ef-5296-6b5481e6fc6c
set srcintf "BackOfficeDell"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 131
set uuid 992cc490-de92-51ef-3158-07f6e5648d06
set srcintf "port16"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "web-95"
set schedule "always"
set service "ALL"
next
edit 132
set uuid 3c760930-de94-51ef-988a-a8f99428917d
set srcintf "port15"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "86.108.14.118/32"
set dstaddr "back-sql" "back-mysql"
set schedule "always"
set service "TCP-49302" "MS-SQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 134
set name "AVAYA to VPN"
set uuid bd50ee5c-def4-51ef-75e8-5d77042d356b
set srcintf "inside-99"
set dstintf "ssl.root"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
set comments " (Copy of VPN AVAYA) (Copy of )"
next
edit 133
set name "VPN AVAYA"
set uuid 4fa71040-deed-51ef-06cb-dfad71c77548
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
next
edit 135
set uuid 756a591a-e134-51ef-78bf-3e8e575e2cc3
set srcintf "ssl.root"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-04 10:08:09
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
set users "Ahmed.Salah"
next
edit 137
set uuid d2bc4a04-e39d-51ef-52e7-4bd06252ba83
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone" "Servers-9
0" "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set application-list "default"
next
edit 138
set uuid 539badc4-e3a1-51ef-6bef-b0d3d7da17ad
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-07 12:12:30
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 139
set name "Efawaterkom"
set uuid 6474d304-e613-51ef-6638-d664128e7fbc
set srcintf "any"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Efawaterkom"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-10 14:54:03
set service "RDP"
next
edit 140
set name "avaya"
set uuid 5b728398-e6d4-51ef-4a89-fea51af59beb
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-11 13:55:21
set service "RDP"
set users "avaya"
next
edit 141
set name "wifi-GTN"
set uuid be9eee04-e781-51ef-cd95-d1ad648a6a45
set srcintf "WIFI"
set dstintf "GTN" "Amman-to-Dubai"
set action accept
set srcaddr "172.16.20.176/32" "172.16.20.194/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set port-preserve disable
set ippool enable
set poolname "192.168.0.1"
next
edit 142
set name "cam-internet"
set uuid 79ce08d4-e932-51ef-1f29-a6654dbea999
set srcintf "Camera-Vlan-2"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 143
set name "back-99"
set uuid d01138ec-e946-51ef-bca3-61d65eb7b77b
set srcintf "BackOfficeDell"
set dstintf "inside-99"
set action accept
set srcaddr "10.216.16.250/32"
set dstaddr "all"
set schedule "always"

set service "ALL"


next
end

UFICO-MAIN $ show firewall policy "128"


config firewall policy
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
end

UFICO-MAIN $ show firewall policy


config firewall policy
edit 8
set name "WIFI-Camera"
set uuid 3ac058c8-dcfc-51ef-52cb-80c12040fabd
set srcintf "WIFI"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
next
edit 68
set name "88940"
set uuid 3ac20196-dcfc-51ef-3a4d-80175d1eb304
set srcintf "Local-Ufico"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
set comments " (Copy of Local-To-Mawared)"
next
edit 10
set name "Local-To-Mawared"
set uuid 3ac435a6-dcfc-51ef-464e-5b81dfe9b401
set srcintf "Local-Ufico"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 63
set name "999 t0 20"
set uuid 3ac7b9a6-dcfc-51ef-0e59-c2bf3baa93d6
set srcintf "Areas_Trust-999"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 73
set name "333"
set uuid 3ac9773c-dcfc-51ef-e710-23d7d72a4c7b
set srcintf "WIFI"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 61
set name "889 to 216"
set uuid 3acafd64-dcfc-51ef-209f-1e722ba3c70c
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999)"
next
edit 72
set uuid 3acc7748-dcfc-51ef-5203-0be4e1803d62
set srcintf "BO_Zone"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216) (Reverse of 889 to
216)"
next
edit 11
set name "889-To-999"
set uuid 3ace603a-dcfc-51ef-81cb-61e3ac1bdbcd
set srcintf "Local-Ufico"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 136
set status disable
set name "deny"
set uuid 9bb38a04-e2d0-51ef-b93a-4e4c718cf3db
set srcintf "WIFI"
set dstintf "Areas_Trust-999" "BackOfficeDell" "inside-99" "OMS_Zone"
set srcaddr "172.16.20.104/32" "172.16.20.108/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set logtraffic disable
next
edit 12
set name "Wifi-To-999"
set uuid 3acfc4ac-dcfc-51ef-5661-9af20010fdf4
set srcintf "WIFI"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 59
set name "999-10"
set uuid 3ae86494-dcfc-51ef-5094-abdb91c86aca
set srcintf "Areas_Trust-999"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10)"
next
edit 91
set name "WIFI-10"
set uuid 3ae9faf2-dcfc-51ef-ae50-df37b68b727a
set srcintf "WIFI"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "all_default"
set application-list "default"
next
edit 60
set status disable
set name "10-999"
set uuid 3aed3906-dcfc-51ef-77b0-5eaad3768f08
set srcintf "port5"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10) (Copy of 999-10) (R
everse of 999-10)"
next
edit 28
set name "999-551"
set uuid 3af69a5a-dcfc-51ef-7ece-162da3276c63
set srcintf "Areas_Trust-999"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 46
set uuid 3af80098-dcfc-51ef-37ed-01dd04598fda
set srcintf "551"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set logtraffic all
set comments " (Copy of 999-551) (Reverse of 999-551)"
next
edit 29
set name "999-889"
set uuid 3af97202-dcfc-51ef-a5f0-aa0cd768c233
set srcintf "Areas_Trust-999"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 30
set name "999-111"
set uuid 3afadade-dcfc-51ef-65cd-8e12d6b2c35d
set srcintf "Areas_Trust-999"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 31
set name "999-99"
set uuid 3afc4a68-dcfc-51ef-4a68-41b8449e24c1
set srcintf "Areas_Trust-999"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-111)"
next
edit 32
set name "999-33"
set uuid 3afec108-dcfc-51ef-6aca-3c10fe931e45
set srcintf "Areas_Trust-999"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 77
set name "nat"
set uuid 3b002a16-dcfc-51ef-a1d2-32c7b7fdd3d7
set srcintf "Areas_Trust-999"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90)"
next
edit 78
set name "nata"
set uuid 3b04524e-dcfc-51ef-7fe5-6426e18d675e
set srcintf "Servers-90"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90) (Reverse of 999-90)"
next
edit 34
set status disable
set name "999-20"
set uuid 3b05da24-dcfc-51ef-ef33-fdf34a08e776
set srcintf "Areas_Trust-999"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 66
set name "551 to 99"
set uuid 3b073522-dcfc-51ef-b101-ffe19187ba2d
set srcintf "inside-99"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999) (Copy of 889 to 99)"
next
edit 65
set name "889 to 99"
set uuid 3b08b64a-dcfc-51ef-9a6f-7f73442cbdde
set srcintf "inside-99"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999)"
next
edit 35
set name "99-999"
set uuid 3b0a365a-dcfc-51ef-440c-70a6c2c6f153
set srcintf "inside-99"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 47
set name "551 T0 99"
set uuid 3b0c88e2-dcfc-51ef-f05f-1b6e1c5880f6
set srcintf "551"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set comments " (Copy of 99-999) (Reverse of 99-999)"
next
edit 36
set name "99-111"
set uuid 3b0e0dfc-dcfc-51ef-164e-3b615e09c63d
set srcintf "inside-99"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 37
set name "99-90"
set uuid 3b0f7106-dcfc-51ef-427a-e7737c26fdf3
set srcintf "inside-99"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 54
set name "20 to 551"
set uuid 3b15c074-dcfc-51ef-60b3-8f2818818488
set srcintf "WIFI"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside) (Copy of 899 to 551)"
next
edit 53
set name "899 to 551"
set uuid 3b1943de-dcfc-51ef-3cec-c0d8dad0829c
set srcintf "Local-Ufico"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside)"
next
edit 41
set name "Local-Inside"
set uuid 3b1ace70-dcfc-51ef-0dbf-fc6b7dbb1dd6
set srcintf "Local-Ufico"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 45
set name "33 to 999"
set uuid 3b206fb0-dcfc-51ef-1535-3f01f0f4f6f5
set srcintf "Mawared-DB-33"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 50
set name "33 T0 99"
set uuid 3b21e82c-dcfc-51ef-10c1-07352ce59278
set srcintf "Mawared-DB-33"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999)"
next
edit 51
set name "99 T0 33"
set uuid 3b237138-dcfc-51ef-c46b-c7cf7ff10d6e
set srcintf "inside-99"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999) (Copy of 33 T0 99) (Reverse of 33 T0
99)"
next
edit 48
set name "20to 99"
set uuid 3b2511c8-dcfc-51ef-431e-3ce5797b2db1
set srcintf "WIFI"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 49
set status disable
set name "99 to 20"
set uuid 3b27802a-dcfc-51ef-2478-a9dc561adca3
set srcintf "inside-99"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set comments " (Copy of 20to 99) (Reverse of 20to 99)"
next
edit 67
set name "wifi to 40"
set uuid 3b2aaba6-dcfc-51ef-1e83-9dd78581bc17
set srcintf "WIFI"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 70
set name "95-214"
set uuid 3b2c1dc4-dcfc-51ef-155a-9d127b84353c
set srcintf "Web-95"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of etrad 95)"
next
edit 71
set status disable
set name "889 to bozone"
set uuid 3b302df6-dcfc-51ef-578f-43269cd47774
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 75
set name "33 to 216"
set uuid 3b319eb6-dcfc-51ef-4d63-a043636d8abd
set srcintf "Mawared-DB-33"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 76
set uuid 3b330ada-dcfc-51ef-690f-160e8c1ae645
set srcintf "BackOfficeDell"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 216) (Reverse of 33 to 216)"
next
edit 85
set name "local-GTN"
set uuid 3b3e3f9a-dcfc-51ef-b0e6-41d877ab498b
set srcintf "Local-Ufico"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 86
set name "GTN-LAN"
set uuid 3b3fa56a-dcfc-51ef-a508-39017329c2ff
set srcintf "GTN"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 87
set status disable
set name "GTN-WIFI"
set uuid 3b410d92-dcfc-51ef-b920-b8165676db6f
set srcintf "GTN"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 92
set status disable
set name "10-wifi"
set uuid 3b45c242-dcfc-51ef-dcb4-c49217e3f2f1
set srcintf "port5"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 93
set name "server90-web95"
set uuid 3b48cb22-dcfc-51ef-6505-238445207d22
set srcintf "Servers-90"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 100
set name "VTEL-10.12.16"
set uuid 3b51e338-dcfc-51ef-4fe5-ba6e4e0eae27
set srcintf "port1"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 101
set name "vtel-192.168.10"
set uuid 3b534e30-dcfc-51ef-f9a3-0b0c6311bcb3
set srcintf "port1"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 104
set name "VTEL DC"
set uuid 3b57f110-dcfc-51ef-2b92-1fca55225971
set srcintf "port1"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 105
set name "VTEL-DC R"
set uuid 3b595668-dcfc-51ef-8ec1-4b6e4ae133ca
set srcintf "551"
set dstintf "port1"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 52
set name "551-wan"
set uuid 8c4c3394-dd0e-51ef-5ebb-fca3c71a1b0e
set srcintf "551"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 55
set uuid cac8cb50-dd0e-51ef-f213-b6c57f19d327
set srcintf "re"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 56
set uuid 4e32bbea-dd0f-51ef-631e-db4978f2ccdf
set srcintf "Areas_Trust-999"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 58
set name "MEPS-999"
set uuid 1ad1fe72-dd10-51ef-3710-97e7dc59f2bb
set srcintf "MEPS"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 64
set name "999-meps"
set uuid 61ed3312-dd10-51ef-ff2b-b2de978e6da6
set srcintf "Areas_Trust-999"
set dstintf "MEPS"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 69
set name "Madfooatcom"
set uuid 93d900cc-dd10-51ef-9555-dbf5808d6831
set srcintf "MadfooatCom_VPN"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Madfooatcom"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 74
set uuid cbf2b3b8-dd10-51ef-b2d0-385a360dd2f4
set srcintf "re"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 79
set uuid 6449d5e2-dd11-51ef-7ded-67ad37044fbd
set srcintf "inside-99"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 80
set uuid a077e2a2-dd11-51ef-6961-d2cf46c40a7a
set srcintf "Local-Ufico"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 81
set uuid d59a4394-dd11-51ef-42ad-882ef79432e9
set srcintf "Mawared-DB-33"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 82
set uuid 17e0f8f6-dd12-51ef-896d-7c46f9e2fc6d
set srcintf "port1"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 83
set uuid 4758f99e-dd12-51ef-4da8-4b6399b04799
set srcintf "re"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 84
set uuid 88d0fce6-dd12-51ef-810f-36fd676edb78
set srcintf "Web-95"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
next
edit 88
set uuid bcf59c52-dd12-51ef-d78a-e2f4d5a193c2
set srcintf "WIFI"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 89
set uuid efc85272-dd13-51ef-2c04-882604673310
set srcintf "WIFI"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239/32"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 90
set name "printers-551"
set uuid 220c88fc-dd82-51ef-638d-c9e2d8db2810
set srcintf "port5"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 94
set uuid c26fdcf4-dd82-51ef-2532-23b84f6b0760
set srcintf "551"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 95
set uuid 20e73c7c-dd84-51ef-2d3a-291dbd702582
set srcintf "Areas_Trust-999"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "HTTP" "HTTPS"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 96
set name "printers-smtp"
set uuid dbccc0de-dd84-51ef-5102-677de8faaa27
set srcintf "port5"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 97
set uuid 6019b202-dd85-51ef-2f1b-2834a86a0212
set srcintf "re"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 98
set uuid c7eb7690-dd85-51ef-44b7-a78ccd4ff491
set srcintf "Amman-to-Dubai"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 112
set uuid a4c1b79a-dd8c-51ef-59d6-0d53fc724656
set srcintf "Local-Ufico"
set dstintf "Amman-to-Dubai"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of 98)"
next
edit 99
set uuid 34393a9e-dd86-51ef-d649-be39d330f72e
set srcintf "BackOfficeDell"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 102
set name "local-backoffice"
set uuid 6b48e160-dd86-51ef-9e2f-b6720de654f7
set srcintf "Local-Ufico"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 103
set uuid c1d07458-dd86-51ef-66a8-6542f6be43f0
set srcintf "re"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 106
set uuid 1ec3ce4e-dd87-51ef-7129-8a8b1eadce7e
set srcintf "Servers-90"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 107
set name "web95-backoffice"
set uuid a0b162c6-dd88-51ef-b3d3-c36aebee4e01
set srcintf "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 108
set name "wifi-backoffice"
set uuid d9b31984-dd88-51ef-e693-0d4d78d505d7
set srcintf "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "SMB" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 109
set uuid 7152cad2-dd89-51ef-ff7b-6b8175f4679c
set srcintf "re"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 110
set uuid b810393a-dd8b-51ef-b061-7517dd67a9b3
set srcintf "port16"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "avaya"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 111
set name "re-mawared"
set uuid 669262f8-dd8c-51ef-cc25-8242c3dff743
set srcintf "re"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 113
set name "local-shared"
set uuid ffa7a246-dd8c-51ef-6ede-a811219f6786
set srcintf "Local-Ufico"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 114
set name "local-wifi"
set uuid 4a906e8c-dd8d-51ef-b08b-ab259949d379
set srcintf "Local-Ufico"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 115
set status disable
set uuid 502e864e-dd8d-51ef-5790-d2b9b4e0e911
set srcintf "WIFI"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of local-wifi)"
next
edit 116
set name "re-servers90"
set uuid e1c2f52c-dd8d-51ef-a5ab-9c55c2991839
set srcintf "re"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 117
set name "ssl-back"
set uuid e5425cf2-dd91-51ef-178a-1870ea6fe660
set srcintf "ssl.root"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL_ICMP" "MS-SQL" "MYSQL" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set users "Ahmed.Salah"
set comments "1"
next
edit 118
set name "ssl-server90"
set uuid 3ad15dc6-dd92-51ef-f0d7-b81f7a19783b
set srcintf "ssl.root"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 119
set name "ssl-95"
set uuid 8af82924-dd92-51ef-3965-308b3f5ace18
set srcintf "ssl.root"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 120
set name "RE-BO"
set uuid 1d1a2fd2-dd93-51ef-2b2d-07aa0899edf2
set srcintf "re"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 121
set uuid 70d37796-dd93-51ef-ef7b-fb7d1bfdecd2
set srcintf "re"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 122
set name "re-oms"
set uuid ab082362-dd93-51ef-2e88-429c6a29d141
set srcintf "re"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 123
set name "web-95-GTN"
set uuid 29ce329a-dd94-51ef-eb73-0420143c003f
set srcintf "Web-95"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 124
set name "web-95-GTN2"
set uuid 4c0397ce-dd94-51ef-1134-7b82cfe196be
set srcintf "Web-95"
set dstintf "GTN2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 125
set name "re-web95"
set uuid b0754d6a-dd94-51ef-782e-61fdb512930d
set srcintf "re"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 126
set name "backoffice-wan"
set uuid 2e373fd2-de8b-51ef-93d6-af894d796701
set srcintf "BackOfficeDell"
set dstintf "port16"
set action accept
set srcaddr "BackOfficeDell address"
set dstaddr "86.108.14.118/32"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP-49302"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 127
set name "AD-internet"
set uuid 9e44cea2-de8b-51ef-1f88-cb6964322887
set srcintf "BackOfficeDell"
set dstintf "port15"
set action accept
set srcaddr "10.216.16.251/32" "10.216.16.252/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
edit 129
set uuid 07d0593a-de8d-51ef-46d9-e6563a7dc953
set srcintf "OMS_Zone"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 130
set uuid 3c5f1e7a-de8d-51ef-5296-6b5481e6fc6c
set srcintf "BackOfficeDell"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 131
set uuid 992cc490-de92-51ef-3158-07f6e5648d06
set srcintf "port16"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "web-95"
set schedule "always"
set service "ALL"
next
edit 132
set uuid 3c760930-de94-51ef-988a-a8f99428917d
set srcintf "port15"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "86.108.14.118/32"
set dstaddr "back-sql" "back-mysql"
set schedule "always"
set service "TCP-49302" "MS-SQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 134
set name "AVAYA to VPN"
set uuid bd50ee5c-def4-51ef-75e8-5d77042d356b
set srcintf "inside-99"
set dstintf "ssl.root"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
set comments " (Copy of VPN AVAYA) (Copy of )"
next
edit 133
set name "VPN AVAYA"
set uuid 4fa71040-deed-51ef-06cb-dfad71c77548
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
next
edit 135
set uuid 756a591a-e134-51ef-78bf-3e8e575e2cc3
set srcintf "ssl.root"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-04 10:08:09
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
set users "Ahmed.Salah"
next
edit 137
set uuid d2bc4a04-e39d-51ef-52e7-4bd06252ba83
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone" "Servers-9
0" "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set application-list "default"
next
edit 138
set uuid 539badc4-e3a1-51ef-6bef-b0d3d7da17ad
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-07 12:12:30
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 139
set name "Efawaterkom"
set uuid 6474d304-e613-51ef-6638-d664128e7fbc
set srcintf "any"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Efawaterkom"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-10 14:54:03
set service "RDP"
next
edit 140
set name "avaya"
set uuid 5b728398-e6d4-51ef-4a89-fea51af59beb
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-11 13:55:21
set service "RDP"
set users "avaya"
next
edit 141
set name "wifi-GTN"
set uuid be9eee04-e781-51ef-cd95-d1ad648a6a45
set srcintf "WIFI"
set dstintf "GTN" "Amman-to-Dubai"
set action accept
set srcaddr "172.16.20.176/32" "172.16.20.194/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set port-preserve disable
set ippool enable
set poolname "192.168.0.1"
next
edit 142
set name "cam-internet"
set uuid 79ce08d4-e932-51ef-1f29-a6654dbea999
set srcintf "Camera-Vlan-2"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 143
set name "back-99"
set uuid d01138ec-e946-51ef-bca3-61d65eb7b77b
set srcintf "BackOfficeDell"
set dstintf "inside-99"
set action accept
set srcaddr "10.216.16.250/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
end

UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $

UFICO-MAIN $ show firewall policy "128"


config firewall policy
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
end

UFICO-MAIN $ show firewall policy


config firewall policy
edit 8
set name "WIFI-Camera"
set uuid 3ac058c8-dcfc-51ef-52cb-80c12040fabd
set srcintf "WIFI"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
next
edit 68
set name "88940"
set uuid 3ac20196-dcfc-51ef-3a4d-80175d1eb304
set srcintf "Local-Ufico"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set logtraffic all
set comments " (Copy of Local-To-Mawared)"
next
edit 10
set name "Local-To-Mawared"
set uuid 3ac435a6-dcfc-51ef-464e-5b81dfe9b401
set srcintf "Local-Ufico"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 63
set name "999 t0 20"
set uuid 3ac7b9a6-dcfc-51ef-0e59-c2bf3baa93d6
set srcintf "Areas_Trust-999"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 73
set name "333"
set uuid 3ac9773c-dcfc-51ef-e710-23d7d72a4c7b
set srcintf "WIFI"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216)"
next
edit 61
set name "889 to 216"
set uuid 3acafd64-dcfc-51ef-209f-1e722ba3c70c
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999)"
next
edit 72
set uuid 3acc7748-dcfc-51ef-5203-0be4e1803d62
set srcintf "BO_Zone"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 889-To-999) (Copy of 889 to 216) (Reverse of 889 to
216)"
next
edit 11
set name "889-To-999"
set uuid 3ace603a-dcfc-51ef-81cb-61e3ac1bdbcd
set srcintf "Local-Ufico"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 136
set status disable
set name "deny"
set uuid 9bb38a04-e2d0-51ef-b93a-4e4c718cf3db
set srcintf "WIFI"
set dstintf "Areas_Trust-999" "BackOfficeDell" "inside-99" "OMS_Zone"
set srcaddr "172.16.20.104/32" "172.16.20.108/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set logtraffic disable
next
edit 12
set name "Wifi-To-999"
set uuid 3acfc4ac-dcfc-51ef-5661-9af20010fdf4
set srcintf "WIFI"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 59
set name "999-10"
set uuid 3ae86494-dcfc-51ef-5094-abdb91c86aca
set srcintf "Areas_Trust-999"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10)"
next
edit 91
set name "WIFI-10"
set uuid 3ae9faf2-dcfc-51ef-ae50-df37b68b727a
set srcintf "WIFI"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "all_default"
set application-list "default"
next
edit 60
set status disable
set name "10-999"
set uuid 3aed3906-dcfc-51ef-77b0-5eaad3768f08
set srcintf "port5"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set comments "VPN: re (Created by VPN wizard) (Copy of vpn_re_remote_11)
(Copy of 10-re) (Copy of 551-10) (Copy of 999-10) (R
everse of 999-10)"
next
edit 28
set name "999-551"
set uuid 3af69a5a-dcfc-51ef-7ece-162da3276c63
set srcintf "Areas_Trust-999"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 46
set uuid 3af80098-dcfc-51ef-37ed-01dd04598fda
set srcintf "551"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set logtraffic all
set comments " (Copy of 999-551) (Reverse of 999-551)"
next
edit 29
set name "999-889"
set uuid 3af97202-dcfc-51ef-a5f0-aa0cd768c233
set srcintf "Areas_Trust-999"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 30
set name "999-111"
set uuid 3afadade-dcfc-51ef-65cd-8e12d6b2c35d
set srcintf "Areas_Trust-999"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 31
set name "999-99"
set uuid 3afc4a68-dcfc-51ef-4a68-41b8449e24c1
set srcintf "Areas_Trust-999"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-111)"
next
edit 32
set name "999-33"
set uuid 3afec108-dcfc-51ef-6aca-3c10fe931e45
set srcintf "Areas_Trust-999"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 77
set name "nat"
set uuid 3b002a16-dcfc-51ef-a1d2-32c7b7fdd3d7
set srcintf "Areas_Trust-999"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90)"
next
edit 78
set name "nata"
set uuid 3b04524e-dcfc-51ef-7fe5-6426e18d675e
set srcintf "Servers-90"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 999-90) (Reverse of 999-90)"
next
edit 34
set status disable
set name "999-20"
set uuid 3b05da24-dcfc-51ef-ef33-fdf34a08e776
set srcintf "Areas_Trust-999"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 66
set name "551 to 99"
set uuid 3b073522-dcfc-51ef-b101-ffe19187ba2d
set srcintf "inside-99"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999) (Copy of 889 to 99)"
next
edit 65
set name "889 to 99"
set uuid 3b08b64a-dcfc-51ef-9a6f-7f73442cbdde
set srcintf "inside-99"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 99-999)"
next
edit 35
set name "99-999"
set uuid 3b0a365a-dcfc-51ef-440c-70a6c2c6f153
set srcintf "inside-99"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 47
set name "551 T0 99"
set uuid 3b0c88e2-dcfc-51ef-f05f-1b6e1c5880f6
set srcintf "551"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set comments " (Copy of 99-999) (Reverse of 99-999)"
next
edit 36
set name "99-111"
set uuid 3b0e0dfc-dcfc-51ef-164e-3b615e09c63d
set srcintf "inside-99"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 37
set name "99-90"
set uuid 3b0f7106-dcfc-51ef-427a-e7737c26fdf3
set srcintf "inside-99"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 54
set name "20 to 551"
set uuid 3b15c074-dcfc-51ef-60b3-8f2818818488
set srcintf "WIFI"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside) (Copy of 899 to 551)"
next
edit 53
set name "899 to 551"
set uuid 3b1943de-dcfc-51ef-3cec-c0d8dad0829c
set srcintf "Local-Ufico"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of Local-Inside)"
next
edit 41
set name "Local-Inside"
set uuid 3b1ace70-dcfc-51ef-0dbf-fc6b7dbb1dd6
set srcintf "Local-Ufico"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 45
set name "33 to 999"
set uuid 3b206fb0-dcfc-51ef-1535-3f01f0f4f6f5
set srcintf "Mawared-DB-33"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 50
set name "33 T0 99"
set uuid 3b21e82c-dcfc-51ef-10c1-07352ce59278
set srcintf "Mawared-DB-33"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999)"
next
edit 51
set name "99 T0 33"
set uuid 3b237138-dcfc-51ef-c46b-c7cf7ff10d6e
set srcintf "inside-99"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 999) (Copy of 33 T0 99) (Reverse of 33 T0
99)"
next
edit 48
set name "20to 99"
set uuid 3b2511c8-dcfc-51ef-431e-3ce5797b2db1
set srcintf "WIFI"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 49
set status disable
set name "99 to 20"
set uuid 3b27802a-dcfc-51ef-2478-a9dc561adca3
set srcintf "inside-99"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set comments " (Copy of 20to 99) (Reverse of 20to 99)"
next
edit 67
set name "wifi to 40"
set uuid 3b2aaba6-dcfc-51ef-1e83-9dd78581bc17
set srcintf "WIFI"
set dstintf "MGMT-SW-40"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 70
set name "95-214"
set uuid 3b2c1dc4-dcfc-51ef-155a-9d127b84353c
set srcintf "Web-95"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of etrad 95)"
next
edit 71
set status disable
set name "889 to bozone"
set uuid 3b302df6-dcfc-51ef-578f-43269cd47774
set srcintf "Local-Ufico"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 75
set name "33 to 216"
set uuid 3b319eb6-dcfc-51ef-4d63-a043636d8abd
set srcintf "Mawared-DB-33"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 76
set uuid 3b330ada-dcfc-51ef-690f-160e8c1ae645
set srcintf "BackOfficeDell"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Copy of 33 to 216) (Reverse of 33 to 216)"
next
edit 85
set name "local-GTN"
set uuid 3b3e3f9a-dcfc-51ef-b0e6-41d877ab498b
set srcintf "Local-Ufico"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 86
set name "GTN-LAN"
set uuid 3b3fa56a-dcfc-51ef-a508-39017329c2ff
set srcintf "GTN"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 87
set status disable
set name "GTN-WIFI"
set uuid 3b410d92-dcfc-51ef-b920-b8165676db6f
set srcintf "GTN"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 92
set status disable
set name "10-wifi"
set uuid 3b45c242-dcfc-51ef-dcb4-c49217e3f2f1
set srcintf "port5"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 93
set name "server90-web95"
set uuid 3b48cb22-dcfc-51ef-6505-238445207d22
set srcintf "Servers-90"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 100
set name "VTEL-10.12.16"
set uuid 3b51e338-dcfc-51ef-4fe5-ba6e4e0eae27
set srcintf "port1"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 101
set name "vtel-192.168.10"
set uuid 3b534e30-dcfc-51ef-f9a3-0b0c6311bcb3
set srcintf "port1"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 104
set name "VTEL DC"
set uuid 3b57f110-dcfc-51ef-2b92-1fca55225971
set srcintf "port1"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 105
set name "VTEL-DC R"
set uuid 3b595668-dcfc-51ef-8ec1-4b6e4ae133ca
set srcintf "551"
set dstintf "port1"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 52
set name "551-wan"
set uuid 8c4c3394-dd0e-51ef-5ebb-fca3c71a1b0e
set srcintf "551"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 55
set uuid cac8cb50-dd0e-51ef-f213-b6c57f19d327
set srcintf "re"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 56
set uuid 4e32bbea-dd0f-51ef-631e-db4978f2ccdf
set srcintf "Areas_Trust-999"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 58
set name "MEPS-999"
set uuid 1ad1fe72-dd10-51ef-3710-97e7dc59f2bb
set srcintf "MEPS"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 64
set name "999-meps"
set uuid 61ed3312-dd10-51ef-ff2b-b2de978e6da6
set srcintf "Areas_Trust-999"
set dstintf "MEPS"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 69
set name "Madfooatcom"
set uuid 93d900cc-dd10-51ef-9555-dbf5808d6831
set srcintf "MadfooatCom_VPN"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Madfooatcom"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 74
set uuid cbf2b3b8-dd10-51ef-b2d0-385a360dd2f4
set srcintf "re"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 79
set uuid 6449d5e2-dd11-51ef-7ded-67ad37044fbd
set srcintf "inside-99"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 80
set uuid a077e2a2-dd11-51ef-6961-d2cf46c40a7a
set srcintf "Local-Ufico"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 81
set uuid d59a4394-dd11-51ef-42ad-882ef79432e9
set srcintf "Mawared-DB-33"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 82
set uuid 17e0f8f6-dd12-51ef-896d-7c46f9e2fc6d
set srcintf "port1"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 83
set uuid 4758f99e-dd12-51ef-4da8-4b6399b04799
set srcintf "re"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 84
set uuid 88d0fce6-dd12-51ef-810f-36fd676edb78
set srcintf "Web-95"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
next
edit 88
set uuid bcf59c52-dd12-51ef-d78a-e2f4d5a193c2
set srcintf "WIFI"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 89
set uuid efc85272-dd13-51ef-2c04-882604673310
set srcintf "WIFI"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239/32"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 90
set name "printers-551"
set uuid 220c88fc-dd82-51ef-638d-c9e2d8db2810
set srcintf "port5"
set dstintf "551"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 94
set uuid c26fdcf4-dd82-51ef-2532-23b84f6b0760
set srcintf "551"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 95
set uuid 20e73c7c-dd84-51ef-2d3a-291dbd702582
set srcintf "Areas_Trust-999"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "HTTP" "HTTPS"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 96
set name "printers-smtp"
set uuid dbccc0de-dd84-51ef-5102-677de8faaa27
set srcintf "port5"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set emailfilter-profile "default"
set dlp-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set waf-profile "default"
set nat enable
next
edit 97
set uuid 6019b202-dd85-51ef-2f1b-2834a86a0212
set srcintf "re"
set dstintf "port5"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 98
set uuid c7eb7690-dd85-51ef-44b7-a78ccd4ff491
set srcintf "Amman-to-Dubai"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 112
set uuid a4c1b79a-dd8c-51ef-59d6-0d53fc724656
set srcintf "Local-Ufico"
set dstintf "Amman-to-Dubai"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of 98)"
next
edit 99
set uuid 34393a9e-dd86-51ef-d649-be39d330f72e
set srcintf "BackOfficeDell"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 102
set name "local-backoffice"
set uuid 6b48e160-dd86-51ef-9e2f-b6720de654f7
set srcintf "Local-Ufico"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 103
set uuid c1d07458-dd86-51ef-66a8-6542f6be43f0
set srcintf "re"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 106
set uuid 1ec3ce4e-dd87-51ef-7129-8a8b1eadce7e
set srcintf "Servers-90"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 107
set name "web95-backoffice"
set uuid a0b162c6-dd88-51ef-b3d3-c36aebee4e01
set srcintf "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 108
set name "wifi-backoffice"
set uuid d9b31984-dd88-51ef-e693-0d4d78d505d7
set srcintf "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "SMB" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 109
set uuid 7152cad2-dd89-51ef-ff7b-6b8175f4679c
set srcintf "re"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 110
set uuid b810393a-dd8b-51ef-b061-7517dd67a9b3
set srcintf "port16"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "avaya"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 111
set name "re-mawared"
set uuid 669262f8-dd8c-51ef-cc25-8242c3dff743
set srcintf "re"
set dstintf "Mawared-DB-33"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 113
set name "local-shared"
set uuid ffa7a246-dd8c-51ef-6ede-a811219f6786
set srcintf "Local-Ufico"
set dstintf "port16"
set action accept
set srcaddr "all"
set dstaddr "185.193.177.239"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 114
set name "local-wifi"
set uuid 4a906e8c-dd8d-51ef-b08b-ab259949d379
set srcintf "Local-Ufico"
set dstintf "WIFI"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 115
set status disable
set uuid 502e864e-dd8d-51ef-5790-d2b9b4e0e911
set srcintf "WIFI"
set dstintf "Local-Ufico"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set comments " (Reverse of local-wifi)"
next
edit 116
set name "re-servers90"
set uuid e1c2f52c-dd8d-51ef-a5ab-9c55c2991839
set srcintf "re"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 117
set name "ssl-back"
set uuid e5425cf2-dd91-51ef-178a-1870ea6fe660
set srcintf "ssl.root"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL_ICMP" "MS-SQL" "MYSQL" "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set users "Ahmed.Salah"
set comments "1"
next
edit 118
set name "ssl-server90"
set uuid 3ad15dc6-dd92-51ef-f0d7-b81f7a19783b
set srcintf "ssl.root"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 119
set name "ssl-95"
set uuid 8af82924-dd92-51ef-3965-308b3f5ace18
set srcintf "ssl.root"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "RDP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set users "Ahmed.Salah"
next
edit 120
set name "RE-BO"
set uuid 1d1a2fd2-dd93-51ef-2b2d-07aa0899edf2
set srcintf "re"
set dstintf "BO_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 121
set uuid 70d37796-dd93-51ef-ef7b-fb7d1bfdecd2
set srcintf "re"
set dstintf "Camera-Vlan-2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set emailfilter-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 122
set name "re-oms"
set uuid ab082362-dd93-51ef-2e88-429c6a29d141
set srcintf "re"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 123
set name "web-95-GTN"
set uuid 29ce329a-dd94-51ef-eb73-0420143c003f
set srcintf "Web-95"
set dstintf "GTN"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 124
set name "web-95-GTN2"
set uuid 4c0397ce-dd94-51ef-1134-7b82cfe196be
set srcintf "Web-95"
set dstintf "GTN2"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
edit 125
set name "re-web95"
set uuid b0754d6a-dd94-51ef-782e-61fdb512930d
set srcintf "re"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set application-list "default"
set nat enable
next
edit 126
set name "backoffice-wan"
set uuid 2e373fd2-de8b-51ef-93d6-af894d796701
set srcintf "BackOfficeDell"
set dstintf "port16"
set action accept
set srcaddr "BackOfficeDell address"
set dstaddr "86.108.14.118/32"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP-49302"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 127
set name "AD-internet"
set uuid 9e44cea2-de8b-51ef-1f88-cb6964322887
set srcintf "BackOfficeDell"
set dstintf "port15"
set action accept
set srcaddr "10.216.16.251/32" "10.216.16.252/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set dnsfilter-profile "default"
set ips-sensor "default"
set nat enable
next
edit 128
set uuid f6d0a906-de8b-51ef-07ae-5872fa95383a
set srcintf "551" "Areas_Trust-999" "BackOfficeDell" "BO_Zone" "Camera-
Vlan-2" "inside-99" "Local-Ufico" "Mawared-DB-33" "OMS
_Zone" "Servers-90" "Web-95" "WIFI"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "10.216.16.252/32" "10.216.16.251/32"
set schedule "always"
set service "ALL_ICMP" "Windows AD"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
next
edit 129
set uuid 07d0593a-de8d-51ef-46d9-e6563a7dc953
set srcintf "OMS_Zone"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 130
set uuid 3c5f1e7a-de8d-51ef-5296-6b5481e6fc6c
set srcintf "BackOfficeDell"
set dstintf "OMS_Zone"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 131
set uuid 992cc490-de92-51ef-3158-07f6e5648d06
set srcintf "port16"
set dstintf "Web-95"
set action accept
set srcaddr "all"
set dstaddr "web-95"
set schedule "always"
set service "ALL"
next
edit 132
set uuid 3c760930-de94-51ef-988a-a8f99428917d
set srcintf "port15"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "86.108.14.118/32"
set dstaddr "back-sql" "back-mysql"
set schedule "always"
set service "TCP-49302" "MS-SQL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set application-list "default"
next
edit 134
set name "AVAYA to VPN"
set uuid bd50ee5c-def4-51ef-75e8-5d77042d356b
set srcintf "inside-99"
set dstintf "ssl.root"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
set comments " (Copy of VPN AVAYA) (Copy of )"
next
edit 133
set name "VPN AVAYA"
set uuid 4fa71040-deed-51ef-06cb-dfad71c77548
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "SIP"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set file-filter-profile "default"
set ips-sensor "default"
set groups "AVAYA"
next
edit 135
set uuid 756a591a-e134-51ef-78bf-3e8e575e2cc3
set srcintf "ssl.root"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-04 10:08:09
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set ips-sensor "default"
set nat enable
set users "Ahmed.Salah"
next
edit 137
set uuid d2bc4a04-e39d-51ef-52e7-4bd06252ba83
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone" "Servers-9
0" "Web-95"
set dstintf "BackOfficeDell"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set webfilter-profile "default"
set application-list "default"
next
edit 138
set uuid 539badc4-e3a1-51ef-6bef-b0d3d7da17ad
set srcintf "551" "Areas_Trust-999" "BO_Zone" "Camera-Vlan-2" "inside-99"
"Local-Ufico" "Mawared-DB-33" "OMS_Zone"
set dstintf "Servers-90"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-07 12:12:30
set service "MS-SQL" "MYSQL" "TCP- 61616"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
next
edit 139
set name "Efawaterkom"
set uuid 6474d304-e613-51ef-6638-d664128e7fbc
set srcintf "any"
set dstintf "Areas_Trust-999"
set action accept
set srcaddr "all"
set dstaddr "Efawaterkom"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-10 14:54:03
set service "RDP"
next
edit 140
set name "avaya"
set uuid 5b728398-e6d4-51ef-4a89-fea51af59beb
set srcintf "ssl.root"
set dstintf "inside-99"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2025-03-11 13:55:21
set service "RDP"
set users "avaya"
next
edit 141
set name "wifi-GTN"
set uuid be9eee04-e781-51ef-cd95-d1ad648a6a45
set srcintf "WIFI"
set dstintf "GTN" "Amman-to-Dubai"
set action accept
set srcaddr "172.16.20.176/32" "172.16.20.194/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
set nat enable
set port-preserve disable
set ippool enable
set poolname "192.168.0.1"
next
edit 142
set name "cam-internet"
set uuid 79ce08d4-e932-51ef-1f29-a6654dbea999
set srcintf "Camera-Vlan-2"
set dstintf "port15"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set av-profile "default"
set ips-sensor "default"
set nat enable
next
edit 143
set name "back-99"
set uuid d01138ec-e946-51ef-bca3-61d65eb7b77b
set srcintf "BackOfficeDell"
set dstintf "inside-99"
set action accept
set srcaddr "10.216.16.250/32"
set dstaddr "all"
set schedule "always"
set service "ALL"
next
end

UFICO-MAIN $

UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $ show system
3g-modem Configure 3G modem.
accprofile Configure access profiles for system
administrators.
acme Configure ACME client.
admin Configure admin users.
affinity-interrupt Configure interrupt affinity.
affinity-packet-redistribution Configure packet redistribution.
alias Configure alias command.
api-user Configure API users.
arp-table Configure ARP table.
auto-install Configure USB auto installation.
auto-script Configure auto script.
automation-action Action for automation stitches.
automation-condition Condition for automation stitches.
automation-destination Automation destinations.
automation-stitch Automation stitches.
automation-trigger Trigger for automation stitches.
autoupdate Configure automatic updates.
central-management Configure central management.
console Configure console.
csf Add this FortiGate to a Security Fabric or set up
a new Security Fabric on this FortiGate.
custom-language Configure custom languages.
ddns Configure DDNS.
dedicated-mgmt Configure dedicated management.
device-upgrade Independent upgrades for managed devices.
dhcp Configure DHCP.
dhcp6 Configure DHCPv6.
dns Configure DNS.
dns-database Configure DNS databases.
dns-server Configure DNS servers.
dns64 Configure DNS64.
dscp-based-priority Configure DSCP based priority table.
email-server Configure the email server used by the FortiGate
various things. For example, for sending email mes
sages to users to support user authentication features.
evpn Configure EVPN instance.
external-resource Configure external resource.
fabric-vpn Setup for self orchestrated fabric auto discovery
VPN.
federated-upgrade Coordinate federated upgrades within the Security
Fabric.
fips-cc Configure FIPS-CC mode.
fortiguard Configure FortiGuard services.
fortindr Configure FortiNDR.
fortisandbox Configure FortiSandbox.
fsso-polling Configure Fortinet Single Sign On (FSSO) server.
ftm-push Configure FortiToken Mobile push services.
geneve Configure GENEVE devices.
geoip-override Configure geographical location mapping for IP
address(es) to override mappings from FortiGuard.
global Configure global attributes.
gre-tunnel Configure GRE tunnel.
ha Configure HA.
ha-monitor Configure HA monitor.
health-check-fortiguard SD-WAN status checking or health checking.
Identify a server predefine by FortiGuard and determine
how SD-WAN verifies that FGT can communicate with it.
ike Configure IKE global attributes.
interface Configure interfaces.
ipam Configure IP address management services.
ipip-tunnel Configure IP in IP Tunneling.
ips Configure IPS system settings.
ips-urlfilter-dns Configure IPS URL filter DNS servers.
ips-urlfilter-dns6 Configure IPS URL filter IPv6 DNS servers.
ipsec-aggregate Configure an aggregate of IPsec tunnels.
ipv6-neighbor-cache Configure IPv6 neighbor cache table.
ipv6-tunnel Configure IPv6/IPv4 in IPv6 tunnel.
link-monitor Configure Link Health Monitor.
lldp Configure LLDP.
lte-modem Configure USB LTE/WIMAX devices.
mobile-tunnel Configure Mobile tunnels, an implementation of
Network Mobility (NEMO) extensions for Mobile IPv4 R
FC5177.
modem Configure MODEM.
nd-proxy Configure IPv6 neighbor discovery proxy
(RFC4389).
netflow Configure NetFlow.
network-visibility Configure network visibility settings.
np6xlite Configure NP6XLITE attributes.
npu Configure NPU attributes.
ntp Configure system NTP information.
object-tagging Configure object tagging.
password-policy Configure password policy for locally defined
administrator passwords and IPsec VPN pre-shared keys
.
password-policy-guest-admin Configure the password policy for guest
administrators.
pcp-server Configure PCP server information.
physical-switch Configure physical switches.
pppoe-interface Configure the PPPoE interfaces.
probe-response Configure system probe response.
proxy-arp Configure proxy-ARP.
replacemsg Configure replacement message.
replacemsg-group Configure replacement message groups.
replacemsg-image Configure replacement message images.
resource-limits Configure resource limits.
saml Global settings for SAML authentication.
sdn-connector Configure connection to SDN Connector.
sdn-proxy Configure SDN proxy.
sdn-vpn Configure public cloud VPN service.
sdwan Configure redundant Internet connections with
multiple outbound links and health-check profiles.
security-rating security-rating
session-helper Configure session helper.
session-ttl Configure global session TTL timers for this
FortiGate.
settings Configure VDOM settings.
sflow Configure sFlow.
sit-tunnel Configure IPv6 tunnel over IPv4.
sms-server Configure SMS server for sending SMS messages to
support user authentication.
snmp Configure SNMP.
speed-test-schedule Speed test schedule for each interface.
speed-test-server Configure speed test server list.
speed-test-setting Configure speed test setting.
ssh-config Configure SSH config.
sso-admin Configure SSO admin users.
sso-forticloud-admin Configure FortiCloud SSO admin users.
sso-fortigate-cloud-admin Configure FortiCloud SSO admin users.
standalone-cluster Configure FortiGate Session Life Support Protocol
(FGSP) cluster attributes.
storage Configure logical storage.
stp Configure Spanning Tree Protocol (STP).
switch-interface Configure software switch interfaces by grouping
physical and WiFi interfaces.
timezone Show timezone.
tos-based-priority Configure Type of Service (ToS) based priority
table to set network traffic priorities.
vdom-exception Global configuration objects that can be
configured independently across different ha peers for all
VDOMs or for the defined VDOM scope.
vdom-link Configure VDOM links.
virtual-switch Configure virtual hardware switch interfaces.
virtual-wire-pair Configure virtual wire pairs.
vne-interface Configure virtual network enabler tunnels.
vxlan Configure VXLAN devices.
wccp Configure WCCP.
zone Configure zones to group two or more interfaces.
When a zone is created you can configure policies
for the zone instead of individual interfaces in the zone.

UFICO-MAIN $ get system performance status


CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
03:40:51 PM up 14 days, 22 hours and 41 minutes
0U, 0N, 0S, 100I, 0WA, 0HI, 0SI, 0ST; 7994T, 2008F
fltund 282 S 2.1 0.3 6
wad 463 S 0.7 1.2 4
wad 464 S 0.7 1.1 7
wad 462 S 0.3 1.1 7
ipsengine 683 S 0.1 2.6 2
ipsengine 686 S 0.1 2.6 1
wad 466 S 0.1 1.1 3
hasync 258 S < 0.1 0.8 4
mvl.user 164 S < 0.1 0.8 6
miglogd 241 S 0.1 0.6 5
miglogd 441 S 0.1 0.4 2
miglogd 442 S 0.1 0.4 7
sslvpnd 398 S 0.1 0.4 3
sslvpnd 402 S 0.1 0.4 2
iked 448 S 0.1 0.3 2
wad 450 S 0.1 0.3 0
snmpd 254 S 0.1 0.2 1
ikecryptd 291 S 0.1 0.1 6
ipshelper 405 S 0.0 5.7 0
ipsengine 687 S 0.0 2.6 0

UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $
UFICO-MAIN $ get system performance
firewall firewall
status System performance status.
top Display information about the top CPU processes.

UFICO-MAIN $ get system performance status


CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU1 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU2 states: 0% user 1% system 0% nice 99% idle 0% iowait 0% irq 0% softirq
CPU3 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU4 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU5 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU6 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU7 states: 0% user 0% system 0% nice 99% idle 0% iowait 0% irq 1% softirq
Memory: 8186812k total, 5556216k used (67.9%), 2056884k free (25.1%), 573712k
freeable (7.0%)
Average network usage: 75948 / 19397 kbps in 1 minute, 73955 / 16946 kbps in 10
minutes, 76092 / 18572 kbps in 30 minutes
Maximal network usage: 109737 / 53308 kbps in 1 minute, 109737 / 53308 kbps in 10
minutes, 153118 / 96632 kbps in 30 minutes
Average sessions: 3408 sessions in 1 minute, 3686 sessions in 10 minutes, 4552
sessions in 30 minutes
Maximal sessions: 3624 sessions in 1 minute, 4633 sessions in 10 minutes, 6929
sessions in 30 minutes
Average session setup rate: 24 sessions per second in last 1 minute, 22 sessions
per second in last 10 minutes, 27 sessions per secon
d in last 30 minutes
Maximal session setup rate: 70 sessions per second in last 1 minute, 127 sessions
per second in last 10 minutes, 368 sessions per sec
ond in last 30 minutes
Average NPU sessions: 207 sessions in last 1 minute, 210 sessions in last 10
minutes, 236 sessions in last 30 minutes
Maximal NPU sessions: 216 sessions in last 1 minute, 233 sessions in last 10
minutes, 280 sessions in last 30 minutes
Average nTurbo sessions: 201 sessions in last 1 minute, 203 sessions in last 10
minutes, 230 sessions in last 30 minutes
Maximal nTurbo sessions: 209 sessions in last 1 minute, 225 sessions in last 10
minutes, 274 sessions in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 14 days, 22 hours, 41 minutes

UFICO-MAIN $ get
alertemail Alert email configuration.
antivirus AntiVirus configuration.
application Application control configuration.
authentication authentication
automation Automation configuration.
casb casb
diameter-filter Diameter filter configuration.
dlp DLP configuration.
dnsfilter DNS filter configuration.
emailfilter AntiSpam configuration.
endpoint-control endpoint-control
extender extender
extension-controller FortiGate controller configuration.
file-filter file-filter
firewall Firewall configuration.
ftp-proxy FTP proxy configuration.
hardware hardware
icap ICAP client configuration.
ips IPS configuration.
ipsec ipsec
l2vpn l2vpn
log Log configuration.
mgmt-data mgmt-data
monitoring System monitoring configuration.
oaas oaas
router Router configuration.
rule rule
sctp-filter SCTP filter configuration.
ssh-filter SSH filter configuration.
switch-controller External FortiSwitch configuration.
system System operation configuration.
user Authentication configuration.
videofilter videofilter
virtual-patch virtual-patch

UFICO-MAIN $ get system


3g-modem Configure 3G modem.
accprofile Configure access profiles for system
administrators.
acme Configure ACME client.
admin Configure admin users.
affinity-interrupt Configure interrupt affinity.
affinity-packet-redistribution Configure packet redistribution.
alias Configure alias command.
api-user Configure API users.
arp IPv4 ARP table.
arp-table Configure ARP table.
auto-install Configure USB auto installation.
auto-script Configure auto script.
auto-update auto-update
automation-action Action for automation stitches.
automation-condition Condition for automation stitches.
automation-destination Automation destinations.
automation-stitch Automation stitches.
automation-trigger Trigger for automation stitches.
autoupdate Configure automatic updates.
central-management Configure central management.
central-mgmt Configuration of Central Management Service.
checksum checksum
cmdb System CMDB information.
console Configure console.
csf Add this FortiGate to a Security Fabric or set up
a new Security Fabric on this FortiGate.
custom-language Configure custom languages.
ddns Configure DDNS.
dedicated-mgmt Configure dedicated management.
device-upgrade Independent upgrades for managed devices.
dhcp Configure DHCP.
dhcp6 Configure DHCPv6.
dns Configure DNS.
dns-database Configure DNS databases.
dns-server Configure DNS servers.
dns64 Configure DNS64.

UFICO-MAIN $ get system arp


Address Age(min) Hardware Addr Interface
172.16.20.64 4 da:20:61:89:fa:57 WIFI
10.214.16.150 10 00:50:56:84:9b:54 Servers-90
192.168.2.30 1 d4:e8:53:52:b5:88 Camera-Vlan-2
172.16.20.97 7 ca:b5:52:04:3a:cd WIFI
172.16.20.59 0 0e:f4:17:f5:64:b2 WIFI
172.16.20.21 2 d2:a5:f3:94:66:9f WIFI
172.16.20.130 0 c8:58:c0:49:ca:7d WIFI
10.216.16.150 0 00:50:56:84:d2:5f BackOfficeDell
172.16.20.92 12 44:db:d2:69:17:9f WIFI
172.16.20.54 0 b2:1e:4b:88:cd:d2 WIFI
172.16.20.16 0 54:16:51:f3:4d:24 WIFI
172.16.20.87 2 2a:3c:c5:a5:5d:54 WIFI
172.16.20.49 6 a2:9d:bd:65:b2:c3 WIFI
192.168.2.15 1 d4:e8:53:52:b3:d1 Camera-Vlan-2
172.16.20.11 68 e4:0e:ee:28:b9:ed WIFI
192.168.0.19 0 98:ee:cb:9b:96:5a Local-Ufico
172.16.20.44 0 de:5e:1a:eb:2c:ce WIFI
172.16.20.115 11 da:df:38:ef:df:e4 WIFI
192.168.10.2 0 54:07:7d:1a:df:5f port5
185.193.177.129 0 ec:94:d5:06:e0:2a port16
192.168.2.5 1 24:28:fd:f9:8b:20 Camera-Vlan-2
172.16.20.110 6 48:f1:7f:c8:a8:fc WIFI
172.16.20.34 0 08:9d:f4:0a:45:e7 WIFI
178.20.188.65 0 ee:94:d5:06:e8:b7 port15
172.16.20.105 7 b2:b2:4f:e2:04:11 WIFI
172.16.20.176 0 08:9d:f4:0a:3e:1c WIFI
172.16.20.100 0 2c:6d:c1:7b:fd:0e WIFI
172.16.20.62 1 ce:02:75:2a:49:f6 WIFI
192.168.2.28 1 d4:e8:53:52:b3:fe Camera-Vlan-2
172.16.20.24 15 66:c8:6c:a3:2d:6f WIFI
10.12.16.12 343 a0:48:1c:82:8b:af Areas_Trust-999
172.16.20.57 0 08:9d:f4:2f:58:3c WIFI
192.168.10.200 12 24:9a:d8:b4:87:78 port5
172.16.20.19 0 54:16:51:f3:4c:cc WIFI
192.168.2.18 1 d4:e8:53:66:52:83 Camera-Vlan-2
172.16.20.14 0 54:16:51:f3:4d:0c WIFI
172.16.20.123 0 ac:72:89:b6:ba:d9 WIFI
10.216.16.252 0 00:50:56:84:fd:10 BackOfficeDell
172.16.20.194 0 08:9d:f4:0a:22:dd WIFI
172.16.20.47 0 ac:67:5d:30:2d:e8 WIFI
172.16.20.118 0 22:b2:2e:d4:1d:fe WIFI
192.168.168.52 1 00:50:aa:41:5d:fe inside-99
192.168.2.8 1 24:28:fd:f9:8a:b8 Camera-Vlan-2
172.16.20.4 0 dc:d9:16:21:9f:87 WIFI
172.16.20.113 28 6a:77:25:10:65:9d WIFI
192.168.2.3 1 d4:e8:53:52:b2:c5 Camera-Vlan-2
10.12.16.243 0 00:20:6b:0a:6f:c5 Areas_Trust-999
172.16.20.108 0 c8:58:c0:4b:c6:5c WIFI
172.16.20.103 0 e6:d5:fc:71:d7:38 WIFI
172.16.20.65 0 08:9d:f4:0a:3e:49 WIFI
192.168.2.31 1 d4:e8:53:66:52:6d Camera-Vlan-2
10.12.16.162 0 00:50:56:84:85:5f Areas_Trust-999
172.16.20.60 0 c8:58:c0:4b:29:95 WIFI
192.168.2.26 1 d4:e8:53:66:4e:db Camera-Vlan-2
172.16.20.131 0 bc:38:98:81:ef:48 WIFI
192.168.2.21 1 d4:e8:53:66:4f:7d Camera-Vlan-2
10.12.16.152 0 00:50:56:84:e9:9a Areas_Trust-999
172.16.20.17 0 54:16:51:f3:4d:40 WIFI
172.16.20.88 0 f0:d4:15:aa:4e:bb WIFI
172.16.20.50 1 4a:5a:bc:9b:03:ef WIFI
192.168.168.93 2 00:e0:07:0e:62:5e inside-99
192.168.2.16 1 d4:e8:53:52:b3:d3 Camera-Vlan-2
172.16.20.12 1 6e:5a:1e:7a:97:10 WIFI
10.216.16.250 3 00:50:56:84:11:f5 BackOfficeDell
172.16.20.83 1 66:3c:32:45:7e:9a WIFI
172.16.20.45 14 6e:0c:80:9c:ba:15 WIFI
192.168.2.11 1 d4:e8:53:52:b2:f7 Camera-Vlan-2
172.16.20.7 0 ba:e9:c1:c6:31:bd WIFI
172.16.20.2 0 32:bb:56:57:8a:9d WIFI
172.16.20.111 0 1e:c9:80:70:2b:13 WIFI
172.16.20.35 0 26:66:c4:95:f3:96 WIFI
172.16.20.30 0 5e:0f:5f:ec:6c:8c WIFI
172.16.20.101 1 56:0a:e4:78:24:78 WIFI
172.16.20.134 0 7e:22:7d:79:a7:7a WIFI
172.16.20.96 0 f2:0a:46:5e:79:d6 WIFI
192.168.2.100 636 24:0f:9b:0e:56:cf Camera-Vlan-2
10.12.16.193 0 50:9a:4c:23:e0:5f Areas_Trust-999
172.16.20.58 0 22:af:1e:26:66:d3 WIFI
192.168.2.24 1 d4:e8:53:52:b2:cc Camera-Vlan-2
172.16.20.20 1 a2:e1:da:50:c8:f7 WIFI
172.16.20.15 0 54:16:51:c7:0e:ef WIFI
172.16.20.124 2 86:49:41:ab:3b:6a WIFI
172.16.20.48 27 e2:2e:5c:b3:19:35 WIFI
172.16.20.157 0 c8:58:c0:4b:29:e0 WIFI
172.16.20.10 0 a2:eb:79:7f:ca:7c WIFI
172.16.20.119 0 08:9d:f4:0a:3e:a8 WIFI
192.168.168.53 2 00:20:6b:0a:6f:7f inside-99
172.16.20.81 0 00:24:2c:49:15:0e WIFI
192.168.2.9 1 24:28:fd:f9:8a:83 Camera-Vlan-2
172.16.20.5 4 3a:d5:1a:7f:ef:95 WIFI
172.16.20.76 0 08:9d:f4:26:35:54 WIFI
10.12.16.64 0 3c:52:82:6d:13:0d Areas_Trust-999
172.16.20.109 0 a8:a2:37:77:8d:a4 WIFI
10.212.16.150 1 00:50:56:84:47:16 Web-95
172.16.20.104 0 da:87:a0:6a:3b:28 WIFI
172.16.20.99 0 0e:bd:a8:a9:0c:ab WIFI
172.16.20.23 0 54:16:51:f3:4d:44 WIFI
10.12.16.11 345 10:60:4b:72:b0:c6 Areas_Trust-999
172.16.20.132 0 16:ef:c1:aa:2e:26 WIFI
172.16.20.241 0 08:9d:f4:26:35:c2 WIFI
172.16.20.94 0 ca:3d:9a:a2:5e:50 WIFI
172.16.20.18 0 54:16:51:f3:4d:3c WIFI
192.168.168.208 0 00:50:56:84:98:39 inside-99
10.12.16.148 0 00:d8:61:25:90:4c Areas_Trust-999
172.16.20.13 0 54:16:51:f3:4d:20 WIFI
169.254.0.2 - 38:c0:ea:f0:18:ec ha
10.12.16.1 0 d4:ad:bd:50:cd:e0 Areas_Trust-999
10.12.16.110 0 00:d8:61:25:8f:03 Areas_Trust-999
172.16.20.84 0 08:9d:f4:2f:58:0f WIFI
10.216.16.251 0 00:50:56:84:50:04 BackOfficeDell
192.168.2.12 1 24:28:fd:f9:8a:a7 Camera-Vlan-2
172.16.20.8 3 5e:0c:be:1f:1b:87 WIFI
172.16.20.79 0 0a:70:c4:a5:73:de WIFI
192.168.0.54 0 f8:75:a4:59:32:a0 Local-Ufico
192.168.2.7 1 d4:e8:53:52:b2:d7 Camera-Vlan-2
172.16.20.3 0 e2:28:bf:19:7d:97 WIFI
172.16.20.112 0 7c:b2:7d:86:fa:1a WIFI
172.16.20.74 11 88:10:8f:df:de:d3 WIFI
172.16.20.36 0 a6:dc:e6:4e:06:3f WIFI
192.168.2.2 1 24:28:fd:f9:8a:86 Camera-Vlan-2
172.16.20.69 0 0a:c6:22:92:af:7a WIFI
192.168.25.54 388 f8:75:a4:59:32:a0 Local-Ufico

UFICO-MAIN $

You might also like