はじめに
私は2021年に新卒でインフラエンジニアとして働いています。
その中で、個人的な学習としてESXiのサーバを構築しました。
自分専用のESXiがあると、何かと勉強の幅が広がるので、初級インフラエンジニアの方は持っておくことをおすすめします!
話がそれましたが、ファイヤーウォールであるFortigateを、自由に壊れることを気にせず、いじりまくれるVM環境の作成手順をまとめました。
環境に違いはありますが、virtual boxなどでもできるようなので、FortigateのVMを作成する際は参考にしてみてください。
VM作成手順は下記サイトへ移動しました。
初期コンフィグ
SSHの設定まで終わった後に、バックアップを取得しました。
公式サイトFortiOS CLI referenceからも初期設定値がわかりますが、初期コンフィグがあると何かと便利なため張り付けています。
非常に長いので、見たい方は開いてみてください。
FortiOS7.0.8 バックアップファイル
#config-version=FGVM64-7.0.8-FW-build0418-221012:opmode=0:vdom=0:user=admin
#conf_file_ver=282729107226568
#buildno=0418
#global_vdom=1
config system global
set alias "FortiGate-VM64"
set hostname "FortiGate-VM64"
set language japanese
set timezone 04
end
config system accprofile
edit "prof_admin"
set secfabgrp read-write
set ftviewgrp read-write
set authgrp read-write
set sysgrp read-write
set netgrp read-write
set loggrp read-write
set fwgrp read-write
set vpngrp read-write
set utmgrp read-write
set wanoptgrp read-write
set wifi read-write
next
end
config system interface
edit "port1"
set vdom "root"
set ip 192.168.1.100 255.255.255.0
set allowaccess ping https ssh http fgfm
set type physical
set snmp-index 1
next
edit "port2"
set vdom "root"
set type physical
set snmp-index 2
next
edit "port3"
set vdom "root"
set type physical
set snmp-index 3
next
edit "port4"
set vdom "root"
set type physical
set snmp-index 4
next
edit "port5"
set vdom "root"
set type physical
set snmp-index 5
next
edit "port6"
set vdom "root"
set type physical
set snmp-index 6
next
edit "port7"
set vdom "root"
set type physical
set snmp-index 7
next
edit "port8"
set vdom "root"
set type physical
set snmp-index 8
next
edit "port9"
set vdom "root"
set type physical
set snmp-index 9
next
edit "port10"
set vdom "root"
set type physical
set snmp-index 10
next
edit "naf.root"
set vdom "root"
set type tunnel
set src-check disable
set snmp-index 11
next
edit "l2t.root"
set vdom "root"
set type tunnel
set snmp-index 12
next
edit "ssl.root"
set vdom "root"
set type tunnel
set alias "SSL VPN interface"
set snmp-index 13
next
edit "fortilink"
set vdom "root"
set fortilink enable
set ip 10.255.1.1 255.255.255.0
set allowaccess ping fabric
set type aggregate
set lldp-reception enable
set lldp-transmission enable
set snmp-index 14
next
end
config system custom-language
edit "en"
set filename "en"
next
edit "fr"
set filename "fr"
next
edit "sp"
set filename "sp"
next
edit "pg"
set filename "pg"
next
edit "x-sjis"
set filename "x-sjis"
next
edit "big5"
set filename "big5"
next
edit "GB2312"
set filename "GB2312"
next
edit "euc-kr"
set filename "euc-kr"
next
end
config system admin
edit "admin"
set accprofile "super_admin"
set vdom "root"
config gui-dashboard
edit 1
set name "Status"
set vdom "root"
set permanent enable
config widget
edit 1
set width 1
set height 1
next
edit 2
set type licinfo
set x-pos 1
set width 1
set height 1
next
edit 3
set type vminfo
set x-pos 2
set width 1
set height 1
next
edit 4
set type forticloud
set x-pos 3
set width 1
set height 1
next
edit 5
set type security-fabric
set x-pos 4
set width 1
set height 1
next
edit 6
set type admins
set x-pos 5
set width 1
set height 1
next
edit 7
set type cpu-usage
set x-pos 6
set width 2
set height 1
next
edit 8
set type memory-usage
set x-pos 7
set width 2
set height 1
next
edit 9
set type sessions
set x-pos 8
set width 2
set height 1
next
end
next
edit 2
set name "Security"
set vdom "root"
config widget
edit 1
set type fortiview
set width 2
set height 1
set fortiview-type "compromisedHosts"
set fortiview-sort-by "verdict"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
edit 2
set type fortiview
set x-pos 1
set width 2
set height 1
set fortiview-type "threats"
set fortiview-sort-by "threatLevel"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
edit 3
set type vulnerability-summary
set x-pos 2
set width 2
set height 1
next
edit 4
set type host-scan-summary
set x-pos 3
set width 1
set height 1
next
edit 5
set type fortiview
set x-pos 4
set width 2
set height 1
set fortiview-type "endpointDevices"
set fortiview-sort-by "vulnerabilities"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 3
set name "Network"
set vdom "root"
config widget
edit 1
set type routing
set width 2
set height 1
set router-view-type "staticdynamic"
next
edit 2
set type dhcp
set x-pos 1
set width 2
set height 1
next
edit 3
set type virtual-wan
set x-pos 2
set width 2
set height 1
next
edit 4
set type ipsec-vpn
set x-pos 3
set width 2
set height 1
next
edit 5
set type ssl-vpn
set x-pos 4
set width 2
set height 1
next
end
next
edit 4
set name "Users & Devices"
set vdom "root"
config widget
edit 1
set type device-inventory
set width 2
set height 1
set table-visualization "charts"
set device-list-view-type "hardware_vendor"
next
edit 2
set type forticlient
set x-pos 1
set width 2
set height 1
set table-visualization "charts"
set device-list-online "online"
set device-list-telemetry "sending"
set device-list-view-type "interface"
next
edit 3
set type firewall-user
set x-pos 2
set width 2
set height 1
next
edit 4
set type quarantine
set x-pos 3
set width 2
set height 1
next
edit 5
set type nac-vlans
set x-pos 4
set width 2
set height 1
next
end
next
edit 5
set name "FortiView Sources"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "source"
set fortiview-sort-by "bytes"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 6
set name "FortiView Destinations"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "destination"
set fortiview-sort-by "bytes"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 7
set name "FortiView Applications"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "application"
set fortiview-sort-by "bytes"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 8
set name "FortiView Web Sites"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "website"
set fortiview-sort-by "sessions"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 9
set name "FortiView Policies"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "policy"
set fortiview-sort-by "bytes"
set fortiview-timeframe "hour"
set fortiview-visualization "table"
next
end
next
edit 10
set name "FortiView Sessions"
set vdom "root"
set layout-type standalone
set csf disable
config widget
edit 1
set type fortiview
set width 6
set height 3
set fortiview-type "realtimeSessions"
set fortiview-sort-by "bytes"
set fortiview-timeframe "realtime"
set fortiview-visualization "table"
next
end
next
end
set gui-ignore-release-overview-version "7.0.0"
set password ENC SH2zX4VjuoXHLUYNx8fb9tRQAikOFWpZeuRbEkh1MZg8NVzgh5+xZp5MJ5Fxm0=
next
end
config system sso-admin
end
config system ha
set override disable
end
config system storage
edit "Virtual-Disk"
set status enable
set media-status enable
set order 1
set partition "LOGUSEDXF1556C06"
set device "/dev/sdb1"
set size 30235
set usage log
next
end
config system dns
set primary 96.45.45.45
set secondary 96.45.46.46
end
config system replacemsg-image
edit "logo_fnet"
set image-type gif
next
edit "logo_fguard_wf"
set image-type gif
next
edit "logo_v3_fguard_app"
next
end
config system replacemsg mail "partial"
end
config system replacemsg http "url-block"
end
config system replacemsg http "urlfilter-err"
end
config system replacemsg http "infcache-block"
end
config system replacemsg http "http-contenttypeblock"
end
config system replacemsg http "https-invalid-cert-block"
end
config system replacemsg http "https-untrusted-cert-block"
end
config system replacemsg http "https-blocklisted-cert-block"
end
config system replacemsg http "switching-protocols-block"
end
config system replacemsg http "http-antiphish-block"
end
config system replacemsg http "videofilter-block"
end
config system replacemsg webproxy "deny"
end
config system replacemsg webproxy "user-limit"
end
config system replacemsg webproxy "auth-challenge"
end
config system replacemsg webproxy "auth-login-fail"
end
config system replacemsg webproxy "auth-group-info-fail"
end
config system replacemsg webproxy "http-err"
end
config system replacemsg webproxy "auth-ip-blackout"
end
config system replacemsg webproxy "ztna-block"
end
config system replacemsg ftp "ftp-explicit-banner"
end
config system replacemsg fortiguard-wf "ftgd-block"
end
config system replacemsg fortiguard-wf "ftgd-ovrd"
end
config system replacemsg fortiguard-wf "ftgd-quota"
end
config system replacemsg fortiguard-wf "ftgd-warning"
end
config system replacemsg spam "ipblocklist"
end
config system replacemsg spam "smtp-spam-dnsbl"
end
config system replacemsg spam "smtp-spam-feip"
end
config system replacemsg spam "smtp-spam-helo"
end
config system replacemsg spam "smtp-spam-emailblock"
end
config system replacemsg spam "smtp-spam-mimeheader"
end
config system replacemsg spam "reversedns"
end
config system replacemsg spam "smtp-spam-ase"
end
config system replacemsg spam "submit"
end
config system replacemsg alertmail "alertmail-virus"
end
config system replacemsg alertmail "alertmail-block"
end
config system replacemsg alertmail "alertmail-nids-event"
end
config system replacemsg alertmail "alertmail-crit-event"
end
config system replacemsg alertmail "alertmail-disk-full"
end
config system replacemsg admin "pre_admin-disclaimer-text"
end
config system replacemsg admin "post_admin-disclaimer-text"
end
config system replacemsg auth "auth-disclaimer-page-1"
end
config system replacemsg auth "auth-disclaimer-page-2"
end
config system replacemsg auth "auth-disclaimer-page-3"
end
config system replacemsg auth "auth-proxy-reject-page"
end
config system replacemsg auth "auth-reject-page"
end
config system replacemsg auth "auth-login-page"
end
config system replacemsg auth "auth-login-failed-page"
end
config system replacemsg auth "auth-token-login-page"
end
config system replacemsg auth "auth-token-login-failed-page"
end
config system replacemsg auth "auth-success-msg"
end
config system replacemsg auth "auth-challenge-page"
end
config system replacemsg auth "auth-keepalive-page"
end
config system replacemsg auth "auth-portal-page"
end
config system replacemsg auth "auth-password-page"
end
config system replacemsg auth "auth-fortitoken-page"
end
config system replacemsg auth "auth-next-fortitoken-page"
end
config system replacemsg auth "auth-email-token-page"
end
config system replacemsg auth "auth-sms-token-page"
end
config system replacemsg auth "auth-email-harvesting-page"
end
config system replacemsg auth "auth-email-failed-page"
end
config system replacemsg auth "auth-cert-passwd-page"
end
config system replacemsg auth "auth-guest-print-page"
end
config system replacemsg auth "auth-guest-email-page"
end
config system replacemsg auth "auth-success-page"
end
config system replacemsg auth "auth-block-notification-page"
end
config system replacemsg auth "auth-quarantine-page"
end
config system replacemsg auth "auth-qtn-reject-page"
end
config system replacemsg auth "auth-saml-page"
end
config system replacemsg sslvpn "sslvpn-login"
end
config system replacemsg sslvpn "sslvpn-header"
end
config system replacemsg sslvpn "sslvpn-limit"
end
config system replacemsg sslvpn "hostcheck-error"
end
config system replacemsg sslvpn "sslvpn-provision-user"
end
config system replacemsg sslvpn "sslvpn-provision-user-sms"
end
config system replacemsg nac-quar "nac-quar-virus"
end
config system replacemsg nac-quar "nac-quar-dos"
end
config system replacemsg nac-quar "nac-quar-ips"
end
config system replacemsg nac-quar "nac-quar-dlp"
end
config system replacemsg nac-quar "nac-quar-admin"
end
config system replacemsg nac-quar "nac-quar-app"
end
config system replacemsg traffic-quota "per-ip-shaper-block"
end
config system replacemsg utm "virus-html"
end
config system replacemsg utm "client-virus-html"
end
config system replacemsg utm "virus-text"
end
config system replacemsg utm "dlp-html"
end
config system replacemsg utm "dlp-text"
end
config system replacemsg utm "appblk-html"
end
config system replacemsg utm "ipsblk-html"
end
config system replacemsg utm "ipsfail-html"
end
config system replacemsg utm "exe-text"
end
config system replacemsg utm "waf-html"
end
config system replacemsg utm "outbreak-prevention-html"
end
config system replacemsg utm "outbreak-prevention-text"
end
config system replacemsg utm "external-blocklist-html"
end
config system replacemsg utm "external-blocklist-text"
end
config system replacemsg utm "ems-threat-feed-html"
end
config system replacemsg utm "ems-threat-feed-text"
end
config system replacemsg utm "file-filter-html"
end
config system replacemsg utm "file-filter-text"
end
config system replacemsg utm "file-size-text"
end
config system replacemsg utm "transfer-size-text"
end
config system replacemsg utm "internal-error-text"
end
config system replacemsg utm "archive-block-html"
end
config system replacemsg utm "archive-block-text"
end
config system replacemsg utm "file-av-fail-text"
end
config system replacemsg utm "transfer-av-fail-text"
end
config system replacemsg utm "banned-word-html"
end
config system replacemsg utm "banned-word-text"
end
config system replacemsg utm "block-html"
end
config system replacemsg utm "block-text"
end
config system replacemsg utm "decompress-limit-text"
end
config system replacemsg utm "dlp-subject-text"
end
config system replacemsg utm "file-size-html"
end
config system replacemsg utm "client-file-size-html"
end
config system replacemsg icap "icap-req-resp"
end
config system replacemsg automation "automation-email"
end
config system snmp sysinfo
end
config firewall internet-service-name
edit "Google-Other"
set internet-service-id 65536
next
edit "Google-Web"
set internet-service-id 65537
next
edit "Google-ICMP"
set internet-service-id 65538
next
edit "Google-DNS"
set internet-service-id 65539
next
edit "Google-Outbound_Email"
set internet-service-id 65540
next
edit "Google-SSH"
set internet-service-id 65542
next
edit "Google-FTP"
set internet-service-id 65543
next
edit "Google-NTP"
set internet-service-id 65544
next
edit "Google-Inbound_Email"
set internet-service-id 65545
next
edit "Google-LDAP"
set internet-service-id 65550
next
edit "Google-NetBIOS.Session.Service"
set internet-service-id 65551
next
edit "Google-RTMP"
set internet-service-id 65552
next
edit "Google-NetBIOS.Name.Service"
set internet-service-id 65560
next
edit "Google-Google.Cloud"
set internet-service-id 65641
next
edit "Google-Google.Bot"
set internet-service-id 65643
next
edit "Google-Gmail"
set internet-service-id 65646
next
edit "Facebook-Other"
set internet-service-id 131072
next
edit "Facebook-Web"
set internet-service-id 131073
next
edit "Facebook-ICMP"
set internet-service-id 131074
next
edit "Facebook-DNS"
set internet-service-id 131075
next
edit "Facebook-Outbound_Email"
set internet-service-id 131076
next
edit "Facebook-SSH"
set internet-service-id 131078
next
edit "Facebook-FTP"
set internet-service-id 131079
next
edit "Facebook-NTP"
set internet-service-id 131080
next
edit "Facebook-Inbound_Email"
set internet-service-id 131081
next
edit "Facebook-LDAP"
set internet-service-id 131086
next
edit "Facebook-NetBIOS.Session.Service"
set internet-service-id 131087
next
edit "Facebook-RTMP"
set internet-service-id 131088
next
edit "Facebook-NetBIOS.Name.Service"
set internet-service-id 131096
next
edit "Facebook-Whatsapp"
set internet-service-id 131184
next
edit "Facebook-Instagram"
set internet-service-id 131189
next
edit "Apple-Other"
set internet-service-id 196608
next
edit "Apple-Web"
set internet-service-id 196609
next
edit "Apple-ICMP"
set internet-service-id 196610
next
edit "Apple-DNS"
set internet-service-id 196611
next
edit "Apple-Outbound_Email"
set internet-service-id 196612
next
edit "Apple-SSH"
set internet-service-id 196614
next
edit "Apple-FTP"
set internet-service-id 196615
next
edit "Apple-NTP"
set internet-service-id 196616
next
edit "Apple-Inbound_Email"
set internet-service-id 196617
next
edit "Apple-LDAP"
set internet-service-id 196622
next
edit "Apple-NetBIOS.Session.Service"
set internet-service-id 196623
next
edit "Apple-RTMP"
set internet-service-id 196624
next
edit "Apple-NetBIOS.Name.Service"
set internet-service-id 196632
next
edit "Apple-App.Store"
set internet-service-id 196723
next
edit "Apple-APNs"
set internet-service-id 196747
next
edit "Yahoo-Other"
set internet-service-id 262144
next
edit "Yahoo-Web"
set internet-service-id 262145
next
edit "Yahoo-ICMP"
set internet-service-id 262146
next
edit "Yahoo-DNS"
set internet-service-id 262147
next
edit "Yahoo-Outbound_Email"
set internet-service-id 262148
next
edit "Yahoo-SSH"
set internet-service-id 262150
next
edit "Yahoo-FTP"
set internet-service-id 262151
next
edit "Yahoo-NTP"
set internet-service-id 262152
next
edit "Yahoo-Inbound_Email"
set internet-service-id 262153
next
edit "Yahoo-LDAP"
set internet-service-id 262158
next
edit "Yahoo-NetBIOS.Session.Service"
set internet-service-id 262159
next
edit "Yahoo-RTMP"
set internet-service-id 262160
next
edit "Yahoo-NetBIOS.Name.Service"
set internet-service-id 262168
next
edit "Microsoft-Other"
set internet-service-id 327680
next
edit "Microsoft-Web"
set internet-service-id 327681
next
edit "Microsoft-ICMP"
set internet-service-id 327682
next
edit "Microsoft-DNS"
set internet-service-id 327683
next
edit "Microsoft-Outbound_Email"
set internet-service-id 327684
next
edit "Microsoft-SSH"
set internet-service-id 327686
next
edit "Microsoft-FTP"
set internet-service-id 327687
next
edit "Microsoft-NTP"
set internet-service-id 327688
next
edit "Microsoft-Inbound_Email"
set internet-service-id 327689
next
edit "Microsoft-LDAP"
set internet-service-id 327694
next
edit "Microsoft-NetBIOS.Session.Service"
set internet-service-id 327695
next
edit "Microsoft-RTMP"
set internet-service-id 327696
next
edit "Microsoft-NetBIOS.Name.Service"
set internet-service-id 327704
next
edit "Microsoft-Skype_Teams"
set internet-service-id 327781
next
edit "Microsoft-Office365"
set internet-service-id 327782
next
edit "Microsoft-Azure"
set internet-service-id 327786
next
edit "Microsoft-Bing.Bot"
set internet-service-id 327788
next
edit "Microsoft-Outlook"
set internet-service-id 327791
next
edit "Microsoft-Microsoft.Update"
set internet-service-id 327793
next
edit "Microsoft-Dynamics"
set internet-service-id 327837
next
edit "Microsoft-WNS"
set internet-service-id 327839
next
edit "Microsoft-Office365.Published"
set internet-service-id 327880
next
edit "Amazon-Other"
set internet-service-id 393216
next
edit "Amazon-Web"
set internet-service-id 393217
next
edit "Amazon-ICMP"
set internet-service-id 393218
next
edit "Amazon-DNS"
set internet-service-id 393219
next
edit "Amazon-Outbound_Email"
set internet-service-id 393220
next
edit "Amazon-SSH"
set internet-service-id 393222
next
edit "Amazon-FTP"
set internet-service-id 393223
next
edit "Amazon-NTP"
set internet-service-id 393224
next
edit "Amazon-Inbound_Email"
set internet-service-id 393225
next
edit "Amazon-LDAP"
set internet-service-id 393230
next
edit "Amazon-NetBIOS.Session.Service"
set internet-service-id 393231
next
edit "Amazon-RTMP"
set internet-service-id 393232
next
edit "Amazon-NetBIOS.Name.Service"
set internet-service-id 393240
next
edit "Amazon-AWS"
set internet-service-id 393320
next
edit "Amazon-AWS.WorkSpaces.Gateway"
set internet-service-id 393403
next
edit "eBay-Other"
set internet-service-id 458752
next
edit "eBay-Web"
set internet-service-id 458753
next
edit "eBay-ICMP"
set internet-service-id 458754
next
edit "eBay-DNS"
set internet-service-id 458755
next
edit "eBay-Outbound_Email"
set internet-service-id 458756
next
edit "eBay-SSH"
set internet-service-id 458758
next
edit "eBay-FTP"
set internet-service-id 458759
next
edit "eBay-NTP"
set internet-service-id 458760
next
edit "eBay-Inbound_Email"
set internet-service-id 458761
next
edit "eBay-LDAP"
set internet-service-id 458766
next
edit "eBay-NetBIOS.Session.Service"
set internet-service-id 458767
next
edit "eBay-RTMP"
set internet-service-id 458768
next
edit "eBay-NetBIOS.Name.Service"
set internet-service-id 458776
next
edit "PayPal-Other"
set internet-service-id 524288
next
edit "PayPal-Web"
set internet-service-id 524289
next
edit "PayPal-ICMP"
set internet-service-id 524290
next
edit "PayPal-DNS"
set internet-service-id 524291
next
edit "PayPal-Outbound_Email"
set internet-service-id 524292
next
edit "PayPal-SSH"
set internet-service-id 524294
next
edit "PayPal-FTP"
set internet-service-id 524295
next
edit "PayPal-NTP"
set internet-service-id 524296
next
edit "PayPal-Inbound_Email"
set internet-service-id 524297
next
edit "PayPal-LDAP"
set internet-service-id 524302
next
edit "PayPal-NetBIOS.Session.Service"
set internet-service-id 524303
next
edit "PayPal-RTMP"
set internet-service-id 524304
next
edit "PayPal-NetBIOS.Name.Service"
set internet-service-id 524312
next
edit "Box-Other"
set internet-service-id 589824
next
edit "Box-Web"
set internet-service-id 589825
next
edit "Box-ICMP"
set internet-service-id 589826
next
edit "Box-DNS"
set internet-service-id 589827
next
edit "Box-Outbound_Email"
set internet-service-id 589828
next
edit "Box-SSH"
set internet-service-id 589830
next
edit "Box-FTP"
set internet-service-id 589831
next
edit "Box-NTP"
set internet-service-id 589832
next
edit "Box-Inbound_Email"
set internet-service-id 589833
next
edit "Box-LDAP"
set internet-service-id 589838
next
edit "Box-NetBIOS.Session.Service"
set internet-service-id 589839
next
edit "Box-RTMP"
set internet-service-id 589840
next
edit "Box-NetBIOS.Name.Service"
set internet-service-id 589848
next
edit "Salesforce-Other"
set internet-service-id 655360
next
edit "Salesforce-Web"
set internet-service-id 655361
next
edit "Salesforce-ICMP"
set internet-service-id 655362
next
edit "Salesforce-DNS"
set internet-service-id 655363
next
edit "Salesforce-Outbound_Email"
set internet-service-id 655364
next
edit "Salesforce-SSH"
set internet-service-id 655366
next
edit "Salesforce-FTP"
set internet-service-id 655367
next
edit "Salesforce-NTP"
set internet-service-id 655368
next
edit "Salesforce-Inbound_Email"
set internet-service-id 655369
next
edit "Salesforce-LDAP"
set internet-service-id 655374
next
edit "Salesforce-NetBIOS.Session.Service"
set internet-service-id 655375
next
edit "Salesforce-RTMP"
set internet-service-id 655376
next
edit "Salesforce-NetBIOS.Name.Service"
set internet-service-id 655384
next
edit "Salesforce-Email.Relay"
set internet-service-id 655530
next
edit "Dropbox-Other"
set internet-service-id 720896
next
edit "Dropbox-Web"
set internet-service-id 720897
next
edit "Dropbox-ICMP"
set internet-service-id 720898
next
edit "Dropbox-DNS"
set internet-service-id 720899
next
edit "Dropbox-Outbound_Email"
set internet-service-id 720900
next
edit "Dropbox-SSH"
set internet-service-id 720902
next
edit "Dropbox-FTP"
set internet-service-id 720903
next
edit "Dropbox-NTP"
set internet-service-id 720904
next
edit "Dropbox-Inbound_Email"
set internet-service-id 720905
next
edit "Dropbox-LDAP"
set internet-service-id 720910
next
edit "Dropbox-NetBIOS.Session.Service"
set internet-service-id 720911
next
edit "Dropbox-RTMP"
set internet-service-id 720912
next
edit "Dropbox-NetBIOS.Name.Service"
set internet-service-id 720920
next
edit "Netflix-Other"
set internet-service-id 786432
next
edit "Netflix-Web"
set internet-service-id 786433
next
edit "Netflix-ICMP"
set internet-service-id 786434
next
edit "Netflix-DNS"
set internet-service-id 786435
next
edit "Netflix-Outbound_Email"
set internet-service-id 786436
next
edit "Netflix-SSH"
set internet-service-id 786438
next
edit "Netflix-FTP"
set internet-service-id 786439
next
edit "Netflix-NTP"
set internet-service-id 786440
next
edit "Netflix-Inbound_Email"
set internet-service-id 786441
next
edit "Netflix-LDAP"
set internet-service-id 786446
next
edit "Netflix-NetBIOS.Session.Service"
set internet-service-id 786447
next
edit "Netflix-RTMP"
set internet-service-id 786448
next
edit "Netflix-NetBIOS.Name.Service"
set internet-service-id 786456
next
edit "LinkedIn-Other"
set internet-service-id 851968
next
edit "LinkedIn-Web"
set internet-service-id 851969
next
edit "LinkedIn-ICMP"
set internet-service-id 851970
next
edit "LinkedIn-DNS"
set internet-service-id 851971
next
edit "LinkedIn-Outbound_Email"
set internet-service-id 851972
next
edit "LinkedIn-SSH"
set internet-service-id 851974
next
edit "LinkedIn-FTP"
set internet-service-id 851975
next
edit "LinkedIn-NTP"
set internet-service-id 851976
next
edit "LinkedIn-Inbound_Email"
set internet-service-id 851977
next
edit "LinkedIn-LDAP"
set internet-service-id 851982
next
edit "LinkedIn-NetBIOS.Session.Service"
set internet-service-id 851983
next
edit "LinkedIn-RTMP"
set internet-service-id 851984
next
edit "LinkedIn-NetBIOS.Name.Service"
set internet-service-id 851992
next
edit "Adobe-Other"
set internet-service-id 917504
next
edit "Adobe-Web"
set internet-service-id 917505
next
edit "Adobe-ICMP"
set internet-service-id 917506
next
edit "Adobe-DNS"
set internet-service-id 917507
next
edit "Adobe-Outbound_Email"
set internet-service-id 917508
next
edit "Adobe-SSH"
set internet-service-id 917510
next
edit "Adobe-FTP"
set internet-service-id 917511
next
edit "Adobe-NTP"
set internet-service-id 917512
next
edit "Adobe-Inbound_Email"
set internet-service-id 917513
next
edit "Adobe-LDAP"
set internet-service-id 917518
next
edit "Adobe-NetBIOS.Session.Service"
set internet-service-id 917519
next
edit "Adobe-RTMP"
set internet-service-id 917520
next
edit "Adobe-NetBIOS.Name.Service"
set internet-service-id 917528
next
edit "Adobe-Adobe.Cloud"
set internet-service-id 917640
next
edit "Oracle-Other"
set internet-service-id 983040
next
edit "Oracle-Web"
set internet-service-id 983041
next
edit "Oracle-ICMP"
set internet-service-id 983042
next
edit "Oracle-DNS"
set internet-service-id 983043
next
edit "Oracle-Outbound_Email"
set internet-service-id 983044
next
edit "Oracle-SSH"
set internet-service-id 983046
next
edit "Oracle-FTP"
set internet-service-id 983047
next
edit "Oracle-NTP"
set internet-service-id 983048
next
edit "Oracle-Inbound_Email"
set internet-service-id 983049
next
edit "Oracle-LDAP"
set internet-service-id 983054
next
edit "Oracle-NetBIOS.Session.Service"
set internet-service-id 983055
next
edit "Oracle-RTMP"
set internet-service-id 983056
next
edit "Oracle-NetBIOS.Name.Service"
set internet-service-id 983064
next
edit "Oracle-Oracle.Cloud"
set internet-service-id 983171
next
edit "Hulu-Other"
set internet-service-id 1048576
next
edit "Hulu-Web"
set internet-service-id 1048577
next
edit "Hulu-ICMP"
set internet-service-id 1048578
next
edit "Hulu-DNS"
set internet-service-id 1048579
next
edit "Hulu-Outbound_Email"
set internet-service-id 1048580
next
edit "Hulu-SSH"
set internet-service-id 1048582
next
edit "Hulu-FTP"
set internet-service-id 1048583
next
edit "Hulu-NTP"
set internet-service-id 1048584
next
edit "Hulu-Inbound_Email"
set internet-service-id 1048585
next
edit "Hulu-LDAP"
set internet-service-id 1048590
next
edit "Hulu-NetBIOS.Session.Service"
set internet-service-id 1048591
next
edit "Hulu-RTMP"
set internet-service-id 1048592
next
edit "Hulu-NetBIOS.Name.Service"
set internet-service-id 1048600
next
edit "Pinterest-Other"
set internet-service-id 1114112
next
edit "Pinterest-Web"
set internet-service-id 1114113
next
edit "Pinterest-ICMP"
set internet-service-id 1114114
next
edit "Pinterest-DNS"
set internet-service-id 1114115
next
edit "Pinterest-Outbound_Email"
set internet-service-id 1114116
next
edit "Pinterest-SSH"
set internet-service-id 1114118
next
edit "Pinterest-FTP"
set internet-service-id 1114119
next
edit "Pinterest-NTP"
set internet-service-id 1114120
next
edit "Pinterest-Inbound_Email"
set internet-service-id 1114121
next
edit "Pinterest-LDAP"
set internet-service-id 1114126
next
edit "Pinterest-NetBIOS.Session.Service"
set internet-service-id 1114127
next
edit "Pinterest-RTMP"
set internet-service-id 1114128
next
edit "Pinterest-NetBIOS.Name.Service"
set internet-service-id 1114136
next
edit "LogMeIn-Other"
set internet-service-id 1179648
next
edit "LogMeIn-Web"
set internet-service-id 1179649
next
edit "LogMeIn-ICMP"
set internet-service-id 1179650
next
edit "LogMeIn-DNS"
set internet-service-id 1179651
next
edit "LogMeIn-Outbound_Email"
set internet-service-id 1179652
next
edit "LogMeIn-SSH"
set internet-service-id 1179654
next
edit "LogMeIn-FTP"
set internet-service-id 1179655
next
edit "LogMeIn-NTP"
set internet-service-id 1179656
next
edit "LogMeIn-Inbound_Email"
set internet-service-id 1179657
next
edit "LogMeIn-LDAP"
set internet-service-id 1179662
next
edit "LogMeIn-NetBIOS.Session.Service"
set internet-service-id 1179663
next
edit "LogMeIn-RTMP"
set internet-service-id 1179664
next
edit "LogMeIn-NetBIOS.Name.Service"
set internet-service-id 1179672
next
edit "LogMeIn-GoTo.Suite"
set internet-service-id 1179767
next
edit "Fortinet-Other"
set internet-service-id 1245184
next
edit "Fortinet-Web"
set internet-service-id 1245185
next
edit "Fortinet-ICMP"
set internet-service-id 1245186
next
edit "Fortinet-DNS"
set internet-service-id 1245187
next
edit "Fortinet-Outbound_Email"
set internet-service-id 1245188
next
edit "Fortinet-SSH"
set internet-service-id 1245190
next
edit "Fortinet-FTP"
set internet-service-id 1245191
next
edit "Fortinet-NTP"
set internet-service-id 1245192
next
edit "Fortinet-Inbound_Email"
set internet-service-id 1245193
next
edit "Fortinet-LDAP"
set internet-service-id 1245198
next
edit "Fortinet-NetBIOS.Session.Service"
set internet-service-id 1245199
next
edit "Fortinet-RTMP"
set internet-service-id 1245200
next
edit "Fortinet-NetBIOS.Name.Service"
set internet-service-id 1245208
next
edit "Fortinet-FortiGuard"
set internet-service-id 1245324
next
edit "Fortinet-FortiMail.Cloud"
set internet-service-id 1245325
next
edit "Fortinet-FortiCloud"
set internet-service-id 1245326
next
edit "Kaspersky-Other"
set internet-service-id 1310720
next
edit "Kaspersky-Web"
set internet-service-id 1310721
next
edit "Kaspersky-ICMP"
set internet-service-id 1310722
next
edit "Kaspersky-DNS"
set internet-service-id 1310723
next
edit "Kaspersky-Outbound_Email"
set internet-service-id 1310724
next
edit "Kaspersky-SSH"
set internet-service-id 1310726
next
edit "Kaspersky-FTP"
set internet-service-id 1310727
next
edit "Kaspersky-NTP"
set internet-service-id 1310728
next
edit "Kaspersky-Inbound_Email"
set internet-service-id 1310729
next
edit "Kaspersky-LDAP"
set internet-service-id 1310734
next
edit "Kaspersky-NetBIOS.Session.Service"
set internet-service-id 1310735
next
edit "Kaspersky-RTMP"
set internet-service-id 1310736
next
edit "Kaspersky-NetBIOS.Name.Service"
set internet-service-id 1310744
next
edit "McAfee-Other"
set internet-service-id 1376256
next
edit "McAfee-Web"
set internet-service-id 1376257
next
edit "McAfee-ICMP"
set internet-service-id 1376258
next
edit "McAfee-DNS"
set internet-service-id 1376259
next
edit "McAfee-Outbound_Email"
set internet-service-id 1376260
next
edit "McAfee-SSH"
set internet-service-id 1376262
next
edit "McAfee-FTP"
set internet-service-id 1376263
next
edit "McAfee-NTP"
set internet-service-id 1376264
next
edit "McAfee-Inbound_Email"
set internet-service-id 1376265
next
edit "McAfee-LDAP"
set internet-service-id 1376270
next
edit "McAfee-NetBIOS.Session.Service"
set internet-service-id 1376271
next
edit "McAfee-RTMP"
set internet-service-id 1376272
next
edit "McAfee-NetBIOS.Name.Service"
set internet-service-id 1376280
next
edit "Symantec-Other"
set internet-service-id 1441792
next
edit "Symantec-Web"
set internet-service-id 1441793
next
edit "Symantec-ICMP"
set internet-service-id 1441794
next
edit "Symantec-DNS"
set internet-service-id 1441795
next
edit "Symantec-Outbound_Email"
set internet-service-id 1441796
next
edit "Symantec-SSH"
set internet-service-id 1441798
next
edit "Symantec-FTP"
set internet-service-id 1441799
next
edit "Symantec-NTP"
set internet-service-id 1441800
next
edit "Symantec-Inbound_Email"
set internet-service-id 1441801
next
edit "Symantec-LDAP"
set internet-service-id 1441806
next
edit "Symantec-NetBIOS.Session.Service"
set internet-service-id 1441807
next
edit "Symantec-RTMP"
set internet-service-id 1441808
next
edit "Symantec-NetBIOS.Name.Service"
set internet-service-id 1441816
next
edit "Symantec-Symantec.Cloud"
set internet-service-id 1441922
next
edit "VMware-Other"
set internet-service-id 1507328
next
edit "VMware-Web"
set internet-service-id 1507329
next
edit "VMware-ICMP"
set internet-service-id 1507330
next
edit "VMware-DNS"
set internet-service-id 1507331
next
edit "VMware-Outbound_Email"
set internet-service-id 1507332
next
edit "VMware-SSH"
set internet-service-id 1507334
next
edit "VMware-FTP"
set internet-service-id 1507335
next
edit "VMware-NTP"
set internet-service-id 1507336
next
edit "VMware-Inbound_Email"
set internet-service-id 1507337
next
edit "VMware-LDAP"
set internet-service-id 1507342
next
edit "VMware-NetBIOS.Session.Service"
set internet-service-id 1507343
next
edit "VMware-RTMP"
set internet-service-id 1507344
next
edit "VMware-NetBIOS.Name.Service"
set internet-service-id 1507352
next
edit "VMware-Airwatch"
set internet-service-id 1507461
next
edit "AOL-Other"
set internet-service-id 1572864
next
edit "AOL-Web"
set internet-service-id 1572865
next
edit "AOL-ICMP"
set internet-service-id 1572866
next
edit "AOL-DNS"
set internet-service-id 1572867
next
edit "AOL-Outbound_Email"
set internet-service-id 1572868
next
edit "AOL-SSH"
set internet-service-id 1572870
next
edit "AOL-FTP"
set internet-service-id 1572871
next
edit "AOL-NTP"
set internet-service-id 1572872
next
edit "AOL-Inbound_Email"
set internet-service-id 1572873
next
edit "AOL-LDAP"
set internet-service-id 1572878
next
edit "AOL-NetBIOS.Session.Service"
set internet-service-id 1572879
next
edit "AOL-RTMP"
set internet-service-id 1572880
next
edit "AOL-NetBIOS.Name.Service"
set internet-service-id 1572888
next
edit "RealNetworks-Other"
set internet-service-id 1638400
next
edit "RealNetworks-Web"
set internet-service-id 1638401
next
edit "RealNetworks-ICMP"
set internet-service-id 1638402
next
edit "RealNetworks-DNS"
set internet-service-id 1638403
next
edit "RealNetworks-Outbound_Email"
set internet-service-id 1638404
next
edit "RealNetworks-SSH"
set internet-service-id 1638406
next
edit "RealNetworks-FTP"
set internet-service-id 1638407
next
edit "RealNetworks-NTP"
set internet-service-id 1638408
next
edit "RealNetworks-Inbound_Email"
set internet-service-id 1638409
next
edit "RealNetworks-LDAP"
set internet-service-id 1638414
next
edit "RealNetworks-NetBIOS.Session.Service"
set internet-service-id 1638415
next
edit "RealNetworks-RTMP"
set internet-service-id 1638416
next
edit "RealNetworks-NetBIOS.Name.Service"
set internet-service-id 1638424
next
edit "Zoho-Other"
set internet-service-id 1703936
next
edit "Zoho-Web"
set internet-service-id 1703937
next
edit "Zoho-ICMP"
set internet-service-id 1703938
next
edit "Zoho-DNS"
set internet-service-id 1703939
next
edit "Zoho-Outbound_Email"
set internet-service-id 1703940
next
edit "Zoho-SSH"
set internet-service-id 1703942
next
edit "Zoho-FTP"
set internet-service-id 1703943
next
edit "Zoho-NTP"
set internet-service-id 1703944
next
edit "Zoho-Inbound_Email"
set internet-service-id 1703945
next
edit "Zoho-LDAP"
set internet-service-id 1703950
next
edit "Zoho-NetBIOS.Session.Service"
set internet-service-id 1703951
next
edit "Zoho-RTMP"
set internet-service-id 1703952
next
edit "Zoho-NetBIOS.Name.Service"
set internet-service-id 1703960
next
edit "Mozilla-Other"
set internet-service-id 1769472
next
edit "Mozilla-Web"
set internet-service-id 1769473
next
edit "Mozilla-ICMP"
set internet-service-id 1769474
next
edit "Mozilla-DNS"
set internet-service-id 1769475
next
edit "Mozilla-Outbound_Email"
set internet-service-id 1769476
next
edit "Mozilla-SSH"
set internet-service-id 1769478
next
edit "Mozilla-FTP"
set internet-service-id 1769479
next
edit "Mozilla-NTP"
set internet-service-id 1769480
next
edit "Mozilla-Inbound_Email"
set internet-service-id 1769481
next
edit "Mozilla-LDAP"
set internet-service-id 1769486
next
edit "Mozilla-NetBIOS.Session.Service"
set internet-service-id 1769487
next
edit "Mozilla-RTMP"
set internet-service-id 1769488
next
edit "Mozilla-NetBIOS.Name.Service"
set internet-service-id 1769496
next
edit "TeamViewer-Other"
set internet-service-id 1835008
next
edit "TeamViewer-Web"
set internet-service-id 1835009
next
edit "TeamViewer-ICMP"
set internet-service-id 1835010
next
edit "TeamViewer-DNS"
set internet-service-id 1835011
next
edit "TeamViewer-Outbound_Email"
set internet-service-id 1835012
next
edit "TeamViewer-SSH"
set internet-service-id 1835014
next
edit "TeamViewer-FTP"
set internet-service-id 1835015
next
edit "TeamViewer-NTP"
set internet-service-id 1835016
next
edit "TeamViewer-Inbound_Email"
set internet-service-id 1835017
next
edit "TeamViewer-LDAP"
set internet-service-id 1835022
next
edit "TeamViewer-NetBIOS.Session.Service"
set internet-service-id 1835023
next
edit "TeamViewer-RTMP"
set internet-service-id 1835024
next
edit "TeamViewer-NetBIOS.Name.Service"
set internet-service-id 1835032
next
edit "TeamViewer-TeamViewer"
set internet-service-id 1835117
next
edit "HP-Other"
set internet-service-id 1900544
next
edit "HP-Web"
set internet-service-id 1900545
next
edit "HP-ICMP"
set internet-service-id 1900546
next
edit "HP-DNS"
set internet-service-id 1900547
next
edit "HP-Outbound_Email"
set internet-service-id 1900548
next
edit "HP-SSH"
set internet-service-id 1900550
next
edit "HP-FTP"
set internet-service-id 1900551
next
edit "HP-NTP"
set internet-service-id 1900552
next
edit "HP-Inbound_Email"
set internet-service-id 1900553
next
edit "HP-LDAP"
set internet-service-id 1900558
next
edit "HP-NetBIOS.Session.Service"
set internet-service-id 1900559
next
edit "HP-RTMP"
set internet-service-id 1900560
next
edit "HP-NetBIOS.Name.Service"
set internet-service-id 1900568
next
edit "HP-Aruba"
set internet-service-id 1900726
next
edit "Cisco-Other"
set internet-service-id 1966080
next
edit "Cisco-Web"
set internet-service-id 1966081
next
edit "Cisco-ICMP"
set internet-service-id 1966082
next
edit "Cisco-DNS"
set internet-service-id 1966083
next
edit "Cisco-Outbound_Email"
set internet-service-id 1966084
next
edit "Cisco-SSH"
set internet-service-id 1966086
next
edit "Cisco-FTP"
set internet-service-id 1966087
next
edit "Cisco-NTP"
set internet-service-id 1966088
next
edit "Cisco-Inbound_Email"
set internet-service-id 1966089
next
edit "Cisco-LDAP"
set internet-service-id 1966094
next
edit "Cisco-NetBIOS.Session.Service"
set internet-service-id 1966095
next
edit "Cisco-RTMP"
set internet-service-id 1966096
next
edit "Cisco-NetBIOS.Name.Service"
set internet-service-id 1966104
next
edit "Cisco-Webex"
set internet-service-id 1966183
next
edit "Cisco-Meraki.Cloud"
set internet-service-id 1966218
next
edit "Cisco-Duo.Security"
set internet-service-id 1966225
next
edit "Cisco-AppDynamic"
set internet-service-id 1966260
next
edit "IBM-Other"
set internet-service-id 2031616
next
edit "IBM-Web"
set internet-service-id 2031617
next
edit "IBM-ICMP"
set internet-service-id 2031618
next
edit "IBM-DNS"
set internet-service-id 2031619
next
edit "IBM-Outbound_Email"
set internet-service-id 2031620
next
edit "IBM-SSH"
set internet-service-id 2031622
next
edit "IBM-FTP"
set internet-service-id 2031623
next
edit "IBM-NTP"
set internet-service-id 2031624
next
edit "IBM-Inbound_Email"
set internet-service-id 2031625
next
edit "IBM-LDAP"
set internet-service-id 2031630
next
edit "IBM-NetBIOS.Session.Service"
set internet-service-id 2031631
next
edit "IBM-RTMP"
set internet-service-id 2031632
next
edit "IBM-NetBIOS.Name.Service"
set internet-service-id 2031640
next
edit "IBM-IBM.Cloud"
set internet-service-id 2031748
next
edit "Citrix-Other"
set internet-service-id 2097152
next
edit "Citrix-Web"
set internet-service-id 2097153
next
edit "Citrix-ICMP"
set internet-service-id 2097154
next
edit "Citrix-DNS"
set internet-service-id 2097155
next
edit "Citrix-Outbound_Email"
set internet-service-id 2097156
next
edit "Citrix-SSH"
set internet-service-id 2097158
next
edit "Citrix-FTP"
set internet-service-id 2097159
next
edit "Citrix-NTP"
set internet-service-id 2097160
next
edit "Citrix-Inbound_Email"
set internet-service-id 2097161
next
edit "Citrix-LDAP"
set internet-service-id 2097166
next
edit "Citrix-NetBIOS.Session.Service"
set internet-service-id 2097167
next
edit "Citrix-RTMP"
set internet-service-id 2097168
next
edit "Citrix-NetBIOS.Name.Service"
set internet-service-id 2097176
next
edit "Twitter-Other"
set internet-service-id 2162688
next
edit "Twitter-Web"
set internet-service-id 2162689
next
edit "Twitter-ICMP"
set internet-service-id 2162690
next
edit "Twitter-DNS"
set internet-service-id 2162691
next
edit "Twitter-Outbound_Email"
set internet-service-id 2162692
next
edit "Twitter-SSH"
set internet-service-id 2162694
next
edit "Twitter-FTP"
set internet-service-id 2162695
next
edit "Twitter-NTP"
set internet-service-id 2162696
next
edit "Twitter-Inbound_Email"
set internet-service-id 2162697
next
edit "Twitter-LDAP"
set internet-service-id 2162702
next
edit "Twitter-NetBIOS.Session.Service"
set internet-service-id 2162703
next
edit "Twitter-RTMP"
set internet-service-id 2162704
next
edit "Twitter-NetBIOS.Name.Service"
set internet-service-id 2162712
next
edit "Dell-Other"
set internet-service-id 2228224
next
edit "Dell-Web"
set internet-service-id 2228225
next
edit "Dell-ICMP"
set internet-service-id 2228226
next
edit "Dell-DNS"
set internet-service-id 2228227
next
edit "Dell-Outbound_Email"
set internet-service-id 2228228
next
edit "Dell-SSH"
set internet-service-id 2228230
next
edit "Dell-FTP"
set internet-service-id 2228231
next
edit "Dell-NTP"
set internet-service-id 2228232
next
edit "Dell-Inbound_Email"
set internet-service-id 2228233
next
edit "Dell-LDAP"
set internet-service-id 2228238
next
edit "Dell-NetBIOS.Session.Service"
set internet-service-id 2228239
next
edit "Dell-RTMP"
set internet-service-id 2228240
next
edit "Dell-NetBIOS.Name.Service"
set internet-service-id 2228248
next
edit "Vimeo-Other"
set internet-service-id 2293760
next
edit "Vimeo-Web"
set internet-service-id 2293761
next
edit "Vimeo-ICMP"
set internet-service-id 2293762
next
edit "Vimeo-DNS"
set internet-service-id 2293763
next
edit "Vimeo-Outbound_Email"
set internet-service-id 2293764
next
edit "Vimeo-SSH"
set internet-service-id 2293766
next
edit "Vimeo-FTP"
set internet-service-id 2293767
next
edit "Vimeo-NTP"
set internet-service-id 2293768
next
edit "Vimeo-Inbound_Email"
set internet-service-id 2293769
next
edit "Vimeo-LDAP"
set internet-service-id 2293774
next
edit "Vimeo-NetBIOS.Session.Service"
set internet-service-id 2293775
next
edit "Vimeo-RTMP"
set internet-service-id 2293776
next
edit "Vimeo-NetBIOS.Name.Service"
set internet-service-id 2293784
next
edit "Redhat-Other"
set internet-service-id 2359296
next
edit "Redhat-Web"
set internet-service-id 2359297
next
edit "Redhat-ICMP"
set internet-service-id 2359298
next
edit "Redhat-DNS"
set internet-service-id 2359299
next
edit "Redhat-Outbound_Email"
set internet-service-id 2359300
next
edit "Redhat-SSH"
set internet-service-id 2359302
next
edit "Redhat-FTP"
set internet-service-id 2359303
next
edit "Redhat-NTP"
set internet-service-id 2359304
next
edit "Redhat-Inbound_Email"
set internet-service-id 2359305
next
edit "Redhat-LDAP"
set internet-service-id 2359310
next
edit "Redhat-NetBIOS.Session.Service"
set internet-service-id 2359311
next
edit "Redhat-RTMP"
set internet-service-id 2359312
next
edit "Redhat-NetBIOS.Name.Service"
set internet-service-id 2359320
next
edit "VK-Other"
set internet-service-id 2424832
next
edit "VK-Web"
set internet-service-id 2424833
next
edit "VK-ICMP"
set internet-service-id 2424834
next
edit "VK-DNS"
set internet-service-id 2424835
next
edit "VK-Outbound_Email"
set internet-service-id 2424836
next
edit "VK-SSH"
set internet-service-id 2424838
next
edit "VK-FTP"
set internet-service-id 2424839
next
edit "VK-NTP"
set internet-service-id 2424840
next
edit "VK-Inbound_Email"
set internet-service-id 2424841
next
edit "VK-LDAP"
set internet-service-id 2424846
next
edit "VK-NetBIOS.Session.Service"
set internet-service-id 2424847
next
edit "VK-RTMP"
set internet-service-id 2424848
next
edit "VK-NetBIOS.Name.Service"
set internet-service-id 2424856
next
edit "TrendMicro-Other"
set internet-service-id 2490368
next
edit "TrendMicro-Web"
set internet-service-id 2490369
next
edit "TrendMicro-ICMP"
set internet-service-id 2490370
next
edit "TrendMicro-DNS"
set internet-service-id 2490371
next
edit "TrendMicro-Outbound_Email"
set internet-service-id 2490372
next
edit "TrendMicro-SSH"
set internet-service-id 2490374
next
edit "TrendMicro-FTP"
set internet-service-id 2490375
next
edit "TrendMicro-NTP"
set internet-service-id 2490376
next
edit "TrendMicro-Inbound_Email"
set internet-service-id 2490377
next
edit "TrendMicro-LDAP"
set internet-service-id 2490382
next
edit "TrendMicro-NetBIOS.Session.Service"
set internet-service-id 2490383
next
edit "TrendMicro-RTMP"
set internet-service-id 2490384
next
edit "TrendMicro-NetBIOS.Name.Service"
set internet-service-id 2490392
next
edit "Tencent-Other"
set internet-service-id 2555904
next
edit "Tencent-Web"
set internet-service-id 2555905
next
edit "Tencent-ICMP"
set internet-service-id 2555906
next
edit "Tencent-DNS"
set internet-service-id 2555907
next
edit "Tencent-Outbound_Email"
set internet-service-id 2555908
next
edit "Tencent-SSH"
set internet-service-id 2555910
next
edit "Tencent-FTP"
set internet-service-id 2555911
next
edit "Tencent-NTP"
set internet-service-id 2555912
next
edit "Tencent-Inbound_Email"
set internet-service-id 2555913
next
edit "Tencent-LDAP"
set internet-service-id 2555918
next
edit "Tencent-NetBIOS.Session.Service"
set internet-service-id 2555919
next
edit "Tencent-RTMP"
set internet-service-id 2555920
next
edit "Tencent-NetBIOS.Name.Service"
set internet-service-id 2555928
next
edit "Ask-Other"
set internet-service-id 2621440
next
edit "Ask-Web"
set internet-service-id 2621441
next
edit "Ask-ICMP"
set internet-service-id 2621442
next
edit "Ask-DNS"
set internet-service-id 2621443
next
edit "Ask-Outbound_Email"
set internet-service-id 2621444
next
edit "Ask-SSH"
set internet-service-id 2621446
next
edit "Ask-FTP"
set internet-service-id 2621447
next
edit "Ask-NTP"
set internet-service-id 2621448
next
edit "Ask-Inbound_Email"
set internet-service-id 2621449
next
edit "Ask-LDAP"
set internet-service-id 2621454
next
edit "Ask-NetBIOS.Session.Service"
set internet-service-id 2621455
next
edit "Ask-RTMP"
set internet-service-id 2621456
next
edit "Ask-NetBIOS.Name.Service"
set internet-service-id 2621464
next
edit "CNN-Other"
set internet-service-id 2686976
next
edit "CNN-Web"
set internet-service-id 2686977
next
edit "CNN-ICMP"
set internet-service-id 2686978
next
edit "CNN-DNS"
set internet-service-id 2686979
next
edit "CNN-Outbound_Email"
set internet-service-id 2686980
next
edit "CNN-SSH"
set internet-service-id 2686982
next
edit "CNN-FTP"
set internet-service-id 2686983
next
edit "CNN-NTP"
set internet-service-id 2686984
next
edit "CNN-Inbound_Email"
set internet-service-id 2686985
next
edit "CNN-LDAP"
set internet-service-id 2686990
next
edit "CNN-NetBIOS.Session.Service"
set internet-service-id 2686991
next
edit "CNN-RTMP"
set internet-service-id 2686992
next
edit "CNN-NetBIOS.Name.Service"
set internet-service-id 2687000
next
edit "Myspace-Other"
set internet-service-id 2752512
next
edit "Myspace-Web"
set internet-service-id 2752513
next
edit "Myspace-ICMP"
set internet-service-id 2752514
next
edit "Myspace-DNS"
set internet-service-id 2752515
next
edit "Myspace-Outbound_Email"
set internet-service-id 2752516
next
edit "Myspace-SSH"
set internet-service-id 2752518
next
edit "Myspace-FTP"
set internet-service-id 2752519
next
edit "Myspace-NTP"
set internet-service-id 2752520
next
edit "Myspace-Inbound_Email"
set internet-service-id 2752521
next
edit "Myspace-LDAP"
set internet-service-id 2752526
next
edit "Myspace-NetBIOS.Session.Service"
set internet-service-id 2752527
next
edit "Myspace-RTMP"
set internet-service-id 2752528
next
edit "Myspace-NetBIOS.Name.Service"
set internet-service-id 2752536
next
edit "Tor-Relay.Node"
set internet-service-id 2818238
next
edit "Tor-Exit.Node"
set internet-service-id 2818243
next
edit "Baidu-Other"
set internet-service-id 2883584
next
edit "Baidu-Web"
set internet-service-id 2883585
next
edit "Baidu-ICMP"
set internet-service-id 2883586
next
edit "Baidu-DNS"
set internet-service-id 2883587
next
edit "Baidu-Outbound_Email"
set internet-service-id 2883588
next
edit "Baidu-SSH"
set internet-service-id 2883590
next
edit "Baidu-FTP"
set internet-service-id 2883591
next
edit "Baidu-NTP"
set internet-service-id 2883592
next
edit "Baidu-Inbound_Email"
set internet-service-id 2883593
next
edit "Baidu-LDAP"
set internet-service-id 2883598
next
edit "Baidu-NetBIOS.Session.Service"
set internet-service-id 2883599
next
edit "Baidu-RTMP"
set internet-service-id 2883600
next
edit "Baidu-NetBIOS.Name.Service"
set internet-service-id 2883608
next
edit "ntp.org-Other"
set internet-service-id 2949120
next
edit "ntp.org-Web"
set internet-service-id 2949121
next
edit "ntp.org-ICMP"
set internet-service-id 2949122
next
edit "ntp.org-DNS"
set internet-service-id 2949123
next
edit "ntp.org-Outbound_Email"
set internet-service-id 2949124
next
edit "ntp.org-SSH"
set internet-service-id 2949126
next
edit "ntp.org-FTP"
set internet-service-id 2949127
next
edit "ntp.org-NTP"
set internet-service-id 2949128
next
edit "ntp.org-Inbound_Email"
set internet-service-id 2949129
next
edit "ntp.org-LDAP"
set internet-service-id 2949134
next
edit "ntp.org-NetBIOS.Session.Service"
set internet-service-id 2949135
next
edit "ntp.org-RTMP"
set internet-service-id 2949136
next
edit "ntp.org-NetBIOS.Name.Service"
set internet-service-id 2949144
next
edit "Proxy-Proxy.Server"
set internet-service-id 3014850
next
edit "Botnet-C&C.Server"
set internet-service-id 3080383
next
edit "Spam-Spamming.Server"
set internet-service-id 3145920
next
edit "Phishing-Phishing.Server"
set internet-service-id 3211457
next
edit "Zendesk-Other"
set internet-service-id 3407872
next
edit "Zendesk-Web"
set internet-service-id 3407873
next
edit "Zendesk-ICMP"
set internet-service-id 3407874
next
edit "Zendesk-DNS"
set internet-service-id 3407875
next
edit "Zendesk-Outbound_Email"
set internet-service-id 3407876
next
edit "Zendesk-SSH"
set internet-service-id 3407878
next
edit "Zendesk-FTP"
set internet-service-id 3407879
next
edit "Zendesk-NTP"
set internet-service-id 3407880
next
edit "Zendesk-Inbound_Email"
set internet-service-id 3407881
next
edit "Zendesk-LDAP"
set internet-service-id 3407886
next
edit "Zendesk-NetBIOS.Session.Service"
set internet-service-id 3407887
next
edit "Zendesk-RTMP"
set internet-service-id 3407888
next
edit "Zendesk-NetBIOS.Name.Service"
set internet-service-id 3407896
next
edit "Zendesk-Zendesk.Suite"
set internet-service-id 3408047
next
edit "DocuSign-Other"
set internet-service-id 3473408
next
edit "DocuSign-Web"
set internet-service-id 3473409
next
edit "DocuSign-ICMP"
set internet-service-id 3473410
next
edit "DocuSign-DNS"
set internet-service-id 3473411
next
edit "DocuSign-Outbound_Email"
set internet-service-id 3473412
next
edit "DocuSign-SSH"
set internet-service-id 3473414
next
edit "DocuSign-FTP"
set internet-service-id 3473415
next
edit "DocuSign-NTP"
set internet-service-id 3473416
next
edit "DocuSign-Inbound_Email"
set internet-service-id 3473417
next
edit "DocuSign-LDAP"
set internet-service-id 3473422
next
edit "DocuSign-NetBIOS.Session.Service"
set internet-service-id 3473423
next
edit "DocuSign-RTMP"
set internet-service-id 3473424
next
edit "DocuSign-NetBIOS.Name.Service"
set internet-service-id 3473432
next
edit "ServiceNow-Other"
set internet-service-id 3538944
next
edit "ServiceNow-Web"
set internet-service-id 3538945
next
edit "ServiceNow-ICMP"
set internet-service-id 3538946
next
edit "ServiceNow-DNS"
set internet-service-id 3538947
next
edit "ServiceNow-Outbound_Email"
set internet-service-id 3538948
next
edit "ServiceNow-SSH"
set internet-service-id 3538950
next
edit "ServiceNow-FTP"
set internet-service-id 3538951
next
edit "ServiceNow-NTP"
set internet-service-id 3538952
next
edit "ServiceNow-Inbound_Email"
set internet-service-id 3538953
next
edit "ServiceNow-LDAP"
set internet-service-id 3538958
next
edit "ServiceNow-NetBIOS.Session.Service"
set internet-service-id 3538959
next
edit "ServiceNow-RTMP"
set internet-service-id 3538960
next
edit "ServiceNow-NetBIOS.Name.Service"
set internet-service-id 3538968
next
edit "GitHub-GitHub"
set internet-service-id 3604638
next
edit "Workday-Other"
set internet-service-id 3670016
next
edit "Workday-Web"
set internet-service-id 3670017
next
edit "Workday-ICMP"
set internet-service-id 3670018
next
edit "Workday-DNS"
set internet-service-id 3670019
next
edit "Workday-Outbound_Email"
set internet-service-id 3670020
next
edit "Workday-SSH"
set internet-service-id 3670022
next
edit "Workday-FTP"
set internet-service-id 3670023
next
edit "Workday-NTP"
set internet-service-id 3670024
next
edit "Workday-Inbound_Email"
set internet-service-id 3670025
next
edit "Workday-LDAP"
set internet-service-id 3670030
next
edit "Workday-NetBIOS.Session.Service"
set internet-service-id 3670031
next
edit "Workday-RTMP"
set internet-service-id 3670032
next
edit "Workday-NetBIOS.Name.Service"
set internet-service-id 3670040
next
edit "HubSpot-Other"
set internet-service-id 3735552
next
edit "HubSpot-Web"
set internet-service-id 3735553
next
edit "HubSpot-ICMP"
set internet-service-id 3735554
next
edit "HubSpot-DNS"
set internet-service-id 3735555
next
edit "HubSpot-Outbound_Email"
set internet-service-id 3735556
next
edit "HubSpot-SSH"
set internet-service-id 3735558
next
edit "HubSpot-FTP"
set internet-service-id 3735559
next
edit "HubSpot-NTP"
set internet-service-id 3735560
next
edit "HubSpot-Inbound_Email"
set internet-service-id 3735561
next
edit "HubSpot-LDAP"
set internet-service-id 3735566
next
edit "HubSpot-NetBIOS.Session.Service"
set internet-service-id 3735567
next
edit "HubSpot-RTMP"
set internet-service-id 3735568
next
edit "HubSpot-NetBIOS.Name.Service"
set internet-service-id 3735576
next
edit "Twilio-Other"
set internet-service-id 3801088
next
edit "Twilio-Web"
set internet-service-id 3801089
next
edit "Twilio-ICMP"
set internet-service-id 3801090
next
edit "Twilio-DNS"
set internet-service-id 3801091
next
edit "Twilio-Outbound_Email"
set internet-service-id 3801092
next
edit "Twilio-SSH"
set internet-service-id 3801094
next
edit "Twilio-FTP"
set internet-service-id 3801095
next
edit "Twilio-NTP"
set internet-service-id 3801096
next
edit "Twilio-Inbound_Email"
set internet-service-id 3801097
next
edit "Twilio-LDAP"
set internet-service-id 3801102
next
edit "Twilio-NetBIOS.Session.Service"
set internet-service-id 3801103
next
edit "Twilio-RTMP"
set internet-service-id 3801104
next
edit "Twilio-NetBIOS.Name.Service"
set internet-service-id 3801112
next
edit "Twilio-Elastic.SIP.Trunking"
set internet-service-id 3801277
next
edit "Coupa-Other"
set internet-service-id 3866624
next
edit "Coupa-Web"
set internet-service-id 3866625
next
edit "Coupa-ICMP"
set internet-service-id 3866626
next
edit "Coupa-DNS"
set internet-service-id 3866627
next
edit "Coupa-Outbound_Email"
set internet-service-id 3866628
next
edit "Coupa-SSH"
set internet-service-id 3866630
next
edit "Coupa-FTP"
set internet-service-id 3866631
next
edit "Coupa-NTP"
set internet-service-id 3866632
next
edit "Coupa-Inbound_Email"
set internet-service-id 3866633
next
edit "Coupa-LDAP"
set internet-service-id 3866638
next
edit "Coupa-NetBIOS.Session.Service"
set internet-service-id 3866639
next
edit "Coupa-RTMP"
set internet-service-id 3866640
next
edit "Coupa-NetBIOS.Name.Service"
set internet-service-id 3866648
next
edit "Atlassian-Other"
set internet-service-id 3932160
next
edit "Atlassian-Web"
set internet-service-id 3932161
next
edit "Atlassian-ICMP"
set internet-service-id 3932162
next
edit "Atlassian-DNS"
set internet-service-id 3932163
next
edit "Atlassian-Outbound_Email"
set internet-service-id 3932164
next
edit "Atlassian-SSH"
set internet-service-id 3932166
next
edit "Atlassian-FTP"
set internet-service-id 3932167
next
edit "Atlassian-NTP"
set internet-service-id 3932168
next
edit "Atlassian-Inbound_Email"
set internet-service-id 3932169
next
edit "Atlassian-LDAP"
set internet-service-id 3932174
next
edit "Atlassian-NetBIOS.Session.Service"
set internet-service-id 3932175
next
edit "Atlassian-RTMP"
set internet-service-id 3932176
next
edit "Atlassian-NetBIOS.Name.Service"
set internet-service-id 3932184
next
edit "Xero-Other"
set internet-service-id 3997696
next
edit "Xero-Web"
set internet-service-id 3997697
next
edit "Xero-ICMP"
set internet-service-id 3997698
next
edit "Xero-DNS"
set internet-service-id 3997699
next
edit "Xero-Outbound_Email"
set internet-service-id 3997700
next
edit "Xero-SSH"
set internet-service-id 3997702
next
edit "Xero-FTP"
set internet-service-id 3997703
next
edit "Xero-NTP"
set internet-service-id 3997704
next
edit "Xero-Inbound_Email"
set internet-service-id 3997705
next
edit "Xero-LDAP"
set internet-service-id 3997710
next
edit "Xero-NetBIOS.Session.Service"
set internet-service-id 3997711
next
edit "Xero-RTMP"
set internet-service-id 3997712
next
edit "Xero-NetBIOS.Name.Service"
set internet-service-id 3997720
next
edit "Zuora-Other"
set internet-service-id 4063232
next
edit "Zuora-Web"
set internet-service-id 4063233
next
edit "Zuora-ICMP"
set internet-service-id 4063234
next
edit "Zuora-DNS"
set internet-service-id 4063235
next
edit "Zuora-Outbound_Email"
set internet-service-id 4063236
next
edit "Zuora-SSH"
set internet-service-id 4063238
next
edit "Zuora-FTP"
set internet-service-id 4063239
next
edit "Zuora-NTP"
set internet-service-id 4063240
next
edit "Zuora-Inbound_Email"
set internet-service-id 4063241
next
edit "Zuora-LDAP"
set internet-service-id 4063246
next
edit "Zuora-NetBIOS.Session.Service"
set internet-service-id 4063247
next
edit "Zuora-RTMP"
set internet-service-id 4063248
next
edit "Zuora-NetBIOS.Name.Service"
set internet-service-id 4063256
next
edit "AdRoll-Other"
set internet-service-id 4128768
next
edit "AdRoll-Web"
set internet-service-id 4128769
next
edit "AdRoll-ICMP"
set internet-service-id 4128770
next
edit "AdRoll-DNS"
set internet-service-id 4128771
next
edit "AdRoll-Outbound_Email"
set internet-service-id 4128772
next
edit "AdRoll-SSH"
set internet-service-id 4128774
next
edit "AdRoll-FTP"
set internet-service-id 4128775
next
edit "AdRoll-NTP"
set internet-service-id 4128776
next
edit "AdRoll-Inbound_Email"
set internet-service-id 4128777
next
edit "AdRoll-LDAP"
set internet-service-id 4128782
next
edit "AdRoll-NetBIOS.Session.Service"
set internet-service-id 4128783
next
edit "AdRoll-RTMP"
set internet-service-id 4128784
next
edit "AdRoll-NetBIOS.Name.Service"
set internet-service-id 4128792
next
edit "Xactly-Other"
set internet-service-id 4194304
next
edit "Xactly-Web"
set internet-service-id 4194305
next
edit "Xactly-ICMP"
set internet-service-id 4194306
next
edit "Xactly-DNS"
set internet-service-id 4194307
next
edit "Xactly-Outbound_Email"
set internet-service-id 4194308
next
edit "Xactly-SSH"
set internet-service-id 4194310
next
edit "Xactly-FTP"
set internet-service-id 4194311
next
edit "Xactly-NTP"
set internet-service-id 4194312
next
edit "Xactly-Inbound_Email"
set internet-service-id 4194313
next
edit "Xactly-LDAP"
set internet-service-id 4194318
next
edit "Xactly-NetBIOS.Session.Service"
set internet-service-id 4194319
next
edit "Xactly-RTMP"
set internet-service-id 4194320
next
edit "Xactly-NetBIOS.Name.Service"
set internet-service-id 4194328
next
edit "Intuit-Other"
set internet-service-id 4259840
next
edit "Intuit-Web"
set internet-service-id 4259841
next
edit "Intuit-ICMP"
set internet-service-id 4259842
next
edit "Intuit-DNS"
set internet-service-id 4259843
next
edit "Intuit-Outbound_Email"
set internet-service-id 4259844
next
edit "Intuit-SSH"
set internet-service-id 4259846
next
edit "Intuit-FTP"
set internet-service-id 4259847
next
edit "Intuit-NTP"
set internet-service-id 4259848
next
edit "Intuit-Inbound_Email"
set internet-service-id 4259849
next
edit "Intuit-LDAP"
set internet-service-id 4259854
next
edit "Intuit-NetBIOS.Session.Service"
set internet-service-id 4259855
next
edit "Intuit-RTMP"
set internet-service-id 4259856
next
edit "Intuit-NetBIOS.Name.Service"
set internet-service-id 4259864
next
edit "Marketo-Other"
set internet-service-id 4325376
next
edit "Marketo-Web"
set internet-service-id 4325377
next
edit "Marketo-ICMP"
set internet-service-id 4325378
next
edit "Marketo-DNS"
set internet-service-id 4325379
next
edit "Marketo-Outbound_Email"
set internet-service-id 4325380
next
edit "Marketo-SSH"
set internet-service-id 4325382
next
edit "Marketo-FTP"
set internet-service-id 4325383
next
edit "Marketo-NTP"
set internet-service-id 4325384
next
edit "Marketo-Inbound_Email"
set internet-service-id 4325385
next
edit "Marketo-LDAP"
set internet-service-id 4325390
next
edit "Marketo-NetBIOS.Session.Service"
set internet-service-id 4325391
next
edit "Marketo-RTMP"
set internet-service-id 4325392
next
edit "Marketo-NetBIOS.Name.Service"
set internet-service-id 4325400
next
edit "Bill-Other"
set internet-service-id 4456448
next
edit "Bill-Web"
set internet-service-id 4456449
next
edit "Bill-ICMP"
set internet-service-id 4456450
next
edit "Bill-DNS"
set internet-service-id 4456451
next
edit "Bill-Outbound_Email"
set internet-service-id 4456452
next
edit "Bill-SSH"
set internet-service-id 4456454
next
edit "Bill-FTP"
set internet-service-id 4456455
next
edit "Bill-NTP"
set internet-service-id 4456456
next
edit "Bill-Inbound_Email"
set internet-service-id 4456457
next
edit "Bill-LDAP"
set internet-service-id 4456462
next
edit "Bill-NetBIOS.Session.Service"
set internet-service-id 4456463
next
edit "Bill-RTMP"
set internet-service-id 4456464
next
edit "Bill-NetBIOS.Name.Service"
set internet-service-id 4456472
next
edit "Shopify-Other"
set internet-service-id 4521984
next
edit "Shopify-Web"
set internet-service-id 4521985
next
edit "Shopify-ICMP"
set internet-service-id 4521986
next
edit "Shopify-DNS"
set internet-service-id 4521987
next
edit "Shopify-Outbound_Email"
set internet-service-id 4521988
next
edit "Shopify-SSH"
set internet-service-id 4521990
next
edit "Shopify-FTP"
set internet-service-id 4521991
next
edit "Shopify-NTP"
set internet-service-id 4521992
next
edit "Shopify-Inbound_Email"
set internet-service-id 4521993
next
edit "Shopify-LDAP"
set internet-service-id 4521998
next
edit "Shopify-NetBIOS.Session.Service"
set internet-service-id 4521999
next
edit "Shopify-RTMP"
set internet-service-id 4522000
next
edit "Shopify-NetBIOS.Name.Service"
set internet-service-id 4522008
next
edit "Shopify-Shopify"
set internet-service-id 4522162
next
edit "MuleSoft-Other"
set internet-service-id 4587520
next
edit "MuleSoft-Web"
set internet-service-id 4587521
next
edit "MuleSoft-ICMP"
set internet-service-id 4587522
next
edit "MuleSoft-DNS"
set internet-service-id 4587523
next
edit "MuleSoft-Outbound_Email"
set internet-service-id 4587524
next
edit "MuleSoft-SSH"
set internet-service-id 4587526
next
edit "MuleSoft-FTP"
set internet-service-id 4587527
next
edit "MuleSoft-NTP"
set internet-service-id 4587528
next
edit "MuleSoft-Inbound_Email"
set internet-service-id 4587529
next
edit "MuleSoft-LDAP"
set internet-service-id 4587534
next
edit "MuleSoft-NetBIOS.Session.Service"
set internet-service-id 4587535
next
edit "MuleSoft-RTMP"
set internet-service-id 4587536
next
edit "MuleSoft-NetBIOS.Name.Service"
set internet-service-id 4587544
next
edit "Cornerstone-Other"
set internet-service-id 4653056
next
edit "Cornerstone-Web"
set internet-service-id 4653057
next
edit "Cornerstone-ICMP"
set internet-service-id 4653058
next
edit "Cornerstone-DNS"
set internet-service-id 4653059
next
edit "Cornerstone-Outbound_Email"
set internet-service-id 4653060
next
edit "Cornerstone-SSH"
set internet-service-id 4653062
next
edit "Cornerstone-FTP"
set internet-service-id 4653063
next
edit "Cornerstone-NTP"
set internet-service-id 4653064
next
edit "Cornerstone-Inbound_Email"
set internet-service-id 4653065
next
edit "Cornerstone-LDAP"
set internet-service-id 4653070
next
edit "Cornerstone-NetBIOS.Session.Service"
set internet-service-id 4653071
next
edit "Cornerstone-RTMP"
set internet-service-id 4653072
next
edit "Cornerstone-NetBIOS.Name.Service"
set internet-service-id 4653080
next
edit "Eventbrite-Other"
set internet-service-id 4718592
next
edit "Eventbrite-Web"
set internet-service-id 4718593
next
edit "Eventbrite-ICMP"
set internet-service-id 4718594
next
edit "Eventbrite-DNS"
set internet-service-id 4718595
next
edit "Eventbrite-Outbound_Email"
set internet-service-id 4718596
next
edit "Eventbrite-SSH"
set internet-service-id 4718598
next
edit "Eventbrite-FTP"
set internet-service-id 4718599
next
edit "Eventbrite-NTP"
set internet-service-id 4718600
next
edit "Eventbrite-Inbound_Email"
set internet-service-id 4718601
next
edit "Eventbrite-LDAP"
set internet-service-id 4718606
next
edit "Eventbrite-NetBIOS.Session.Service"
set internet-service-id 4718607
next
edit "Eventbrite-RTMP"
set internet-service-id 4718608
next
edit "Eventbrite-NetBIOS.Name.Service"
set internet-service-id 4718616
next
edit "Paychex-Other"
set internet-service-id 4784128
next
edit "Paychex-Web"
set internet-service-id 4784129
next
edit "Paychex-ICMP"
set internet-service-id 4784130
next
edit "Paychex-DNS"
set internet-service-id 4784131
next
edit "Paychex-Outbound_Email"
set internet-service-id 4784132
next
edit "Paychex-SSH"
set internet-service-id 4784134
next
edit "Paychex-FTP"
set internet-service-id 4784135
next
edit "Paychex-NTP"
set internet-service-id 4784136
next
edit "Paychex-Inbound_Email"
set internet-service-id 4784137
next
edit "Paychex-LDAP"
set internet-service-id 4784142
next
edit "Paychex-NetBIOS.Session.Service"
set internet-service-id 4784143
next
edit "Paychex-RTMP"
set internet-service-id 4784144
next
edit "Paychex-NetBIOS.Name.Service"
set internet-service-id 4784152
next
edit "NewRelic-Other"
set internet-service-id 4849664
next
edit "NewRelic-Web"
set internet-service-id 4849665
next
edit "NewRelic-ICMP"
set internet-service-id 4849666
next
edit "NewRelic-DNS"
set internet-service-id 4849667
next
edit "NewRelic-Outbound_Email"
set internet-service-id 4849668
next
edit "NewRelic-SSH"
set internet-service-id 4849670
next
edit "NewRelic-FTP"
set internet-service-id 4849671
next
edit "NewRelic-NTP"
set internet-service-id 4849672
next
edit "NewRelic-Inbound_Email"
set internet-service-id 4849673
next
edit "NewRelic-LDAP"
set internet-service-id 4849678
next
edit "NewRelic-NetBIOS.Session.Service"
set internet-service-id 4849679
next
edit "NewRelic-RTMP"
set internet-service-id 4849680
next
edit "NewRelic-NetBIOS.Name.Service"
set internet-service-id 4849688
next
edit "Splunk-Other"
set internet-service-id 4915200
next
edit "Splunk-Web"
set internet-service-id 4915201
next
edit "Splunk-ICMP"
set internet-service-id 4915202
next
edit "Splunk-DNS"
set internet-service-id 4915203
next
edit "Splunk-Outbound_Email"
set internet-service-id 4915204
next
edit "Splunk-SSH"
set internet-service-id 4915206
next
edit "Splunk-FTP"
set internet-service-id 4915207
next
edit "Splunk-NTP"
set internet-service-id 4915208
next
edit "Splunk-Inbound_Email"
set internet-service-id 4915209
next
edit "Splunk-LDAP"
set internet-service-id 4915214
next
edit "Splunk-NetBIOS.Session.Service"
set internet-service-id 4915215
next
edit "Splunk-RTMP"
set internet-service-id 4915216
next
edit "Splunk-NetBIOS.Name.Service"
set internet-service-id 4915224
next
edit "Domo-Other"
set internet-service-id 4980736
next
edit "Domo-Web"
set internet-service-id 4980737
next
edit "Domo-ICMP"
set internet-service-id 4980738
next
edit "Domo-DNS"
set internet-service-id 4980739
next
edit "Domo-Outbound_Email"
set internet-service-id 4980740
next
edit "Domo-SSH"
set internet-service-id 4980742
next
edit "Domo-FTP"
set internet-service-id 4980743
next
edit "Domo-NTP"
set internet-service-id 4980744
next
edit "Domo-Inbound_Email"
set internet-service-id 4980745
next
edit "Domo-LDAP"
set internet-service-id 4980750
next
edit "Domo-NetBIOS.Session.Service"
set internet-service-id 4980751
next
edit "Domo-RTMP"
set internet-service-id 4980752
next
edit "Domo-NetBIOS.Name.Service"
set internet-service-id 4980760
next
edit "FreshBooks-Other"
set internet-service-id 5046272
next
edit "FreshBooks-Web"
set internet-service-id 5046273
next
edit "FreshBooks-ICMP"
set internet-service-id 5046274
next
edit "FreshBooks-DNS"
set internet-service-id 5046275
next
edit "FreshBooks-Outbound_Email"
set internet-service-id 5046276
next
edit "FreshBooks-SSH"
set internet-service-id 5046278
next
edit "FreshBooks-FTP"
set internet-service-id 5046279
next
edit "FreshBooks-NTP"
set internet-service-id 5046280
next
edit "FreshBooks-Inbound_Email"
set internet-service-id 5046281
next
edit "FreshBooks-LDAP"
set internet-service-id 5046286
next
edit "FreshBooks-NetBIOS.Session.Service"
set internet-service-id 5046287
next
edit "FreshBooks-RTMP"
set internet-service-id 5046288
next
edit "FreshBooks-NetBIOS.Name.Service"
set internet-service-id 5046296
next
edit "Tableau-Other"
set internet-service-id 5111808
next
edit "Tableau-Web"
set internet-service-id 5111809
next
edit "Tableau-ICMP"
set internet-service-id 5111810
next
edit "Tableau-DNS"
set internet-service-id 5111811
next
edit "Tableau-Outbound_Email"
set internet-service-id 5111812
next
edit "Tableau-SSH"
set internet-service-id 5111814
next
edit "Tableau-FTP"
set internet-service-id 5111815
next
edit "Tableau-NTP"
set internet-service-id 5111816
next
edit "Tableau-Inbound_Email"
set internet-service-id 5111817
next
edit "Tableau-LDAP"
set internet-service-id 5111822
next
edit "Tableau-NetBIOS.Session.Service"
set internet-service-id 5111823
next
edit "Tableau-RTMP"
set internet-service-id 5111824
next
edit "Tableau-NetBIOS.Name.Service"
set internet-service-id 5111832
next
edit "Druva-Other"
set internet-service-id 5177344
next
edit "Druva-Web"
set internet-service-id 5177345
next
edit "Druva-ICMP"
set internet-service-id 5177346
next
edit "Druva-DNS"
set internet-service-id 5177347
next
edit "Druva-Outbound_Email"
set internet-service-id 5177348
next
edit "Druva-SSH"
set internet-service-id 5177350
next
edit "Druva-FTP"
set internet-service-id 5177351
next
edit "Druva-NTP"
set internet-service-id 5177352
next
edit "Druva-Inbound_Email"
set internet-service-id 5177353
next
edit "Druva-LDAP"
set internet-service-id 5177358
next
edit "Druva-NetBIOS.Session.Service"
set internet-service-id 5177359
next
edit "Druva-RTMP"
set internet-service-id 5177360
next
edit "Druva-NetBIOS.Name.Service"
set internet-service-id 5177368
next
edit "Act-on-Other"
set internet-service-id 5242880
next
edit "Act-on-Web"
set internet-service-id 5242881
next
edit "Act-on-ICMP"
set internet-service-id 5242882
next
edit "Act-on-DNS"
set internet-service-id 5242883
next
edit "Act-on-Outbound_Email"
set internet-service-id 5242884
next
edit "Act-on-SSH"
set internet-service-id 5242886
next
edit "Act-on-FTP"
set internet-service-id 5242887
next
edit "Act-on-NTP"
set internet-service-id 5242888
next
edit "Act-on-Inbound_Email"
set internet-service-id 5242889
next
edit "Act-on-LDAP"
set internet-service-id 5242894
next
edit "Act-on-NetBIOS.Session.Service"
set internet-service-id 5242895
next
edit "Act-on-RTMP"
set internet-service-id 5242896
next
edit "Act-on-NetBIOS.Name.Service"
set internet-service-id 5242904
next
edit "GoodData-Other"
set internet-service-id 5308416
next
edit "GoodData-Web"
set internet-service-id 5308417
next
edit "GoodData-ICMP"
set internet-service-id 5308418
next
edit "GoodData-DNS"
set internet-service-id 5308419
next
edit "GoodData-Outbound_Email"
set internet-service-id 5308420
next
edit "GoodData-SSH"
set internet-service-id 5308422
next
edit "GoodData-FTP"
set internet-service-id 5308423
next
edit "GoodData-NTP"
set internet-service-id 5308424
next
edit "GoodData-Inbound_Email"
set internet-service-id 5308425
next
edit "GoodData-LDAP"
set internet-service-id 5308430
next
edit "GoodData-NetBIOS.Session.Service"
set internet-service-id 5308431
next
edit "GoodData-RTMP"
set internet-service-id 5308432
next
edit "GoodData-NetBIOS.Name.Service"
set internet-service-id 5308440
next
edit "SurveyMonkey-Other"
set internet-service-id 5373952
next
edit "SurveyMonkey-Web"
set internet-service-id 5373953
next
edit "SurveyMonkey-ICMP"
set internet-service-id 5373954
next
edit "SurveyMonkey-DNS"
set internet-service-id 5373955
next
edit "SurveyMonkey-Outbound_Email"
set internet-service-id 5373956
next
edit "SurveyMonkey-SSH"
set internet-service-id 5373958
next
edit "SurveyMonkey-FTP"
set internet-service-id 5373959
next
edit "SurveyMonkey-NTP"
set internet-service-id 5373960
next
edit "SurveyMonkey-Inbound_Email"
set internet-service-id 5373961
next
edit "SurveyMonkey-LDAP"
set internet-service-id 5373966
next
edit "SurveyMonkey-NetBIOS.Session.Service"
set internet-service-id 5373967
next
edit "SurveyMonkey-RTMP"
set internet-service-id 5373968
next
edit "SurveyMonkey-NetBIOS.Name.Service"
set internet-service-id 5373976
next
edit "Cvent-Other"
set internet-service-id 5439488
next
edit "Cvent-Web"
set internet-service-id 5439489
next
edit "Cvent-ICMP"
set internet-service-id 5439490
next
edit "Cvent-DNS"
set internet-service-id 5439491
next
edit "Cvent-Outbound_Email"
set internet-service-id 5439492
next
edit "Cvent-SSH"
set internet-service-id 5439494
next
edit "Cvent-FTP"
set internet-service-id 5439495
next
edit "Cvent-NTP"
set internet-service-id 5439496
next
edit "Cvent-Inbound_Email"
set internet-service-id 5439497
next
edit "Cvent-LDAP"
set internet-service-id 5439502
next
edit "Cvent-NetBIOS.Session.Service"
set internet-service-id 5439503
next
edit "Cvent-RTMP"
set internet-service-id 5439504
next
edit "Cvent-NetBIOS.Name.Service"
set internet-service-id 5439512
next
edit "Blackbaud-Other"
set internet-service-id 5505024
next
edit "Blackbaud-Web"
set internet-service-id 5505025
next
edit "Blackbaud-ICMP"
set internet-service-id 5505026
next
edit "Blackbaud-DNS"
set internet-service-id 5505027
next
edit "Blackbaud-Outbound_Email"
set internet-service-id 5505028
next
edit "Blackbaud-SSH"
set internet-service-id 5505030
next
edit "Blackbaud-FTP"
set internet-service-id 5505031
next
edit "Blackbaud-NTP"
set internet-service-id 5505032
next
edit "Blackbaud-Inbound_Email"
set internet-service-id 5505033
next
edit "Blackbaud-LDAP"
set internet-service-id 5505038
next
edit "Blackbaud-NetBIOS.Session.Service"
set internet-service-id 5505039
next
edit "Blackbaud-RTMP"
set internet-service-id 5505040
next
edit "Blackbaud-NetBIOS.Name.Service"
set internet-service-id 5505048
next
edit "InsideSales-Other"
set internet-service-id 5570560
next
edit "InsideSales-Web"
set internet-service-id 5570561
next
edit "InsideSales-ICMP"
set internet-service-id 5570562
next
edit "InsideSales-DNS"
set internet-service-id 5570563
next
edit "InsideSales-Outbound_Email"
set internet-service-id 5570564
next
edit "InsideSales-SSH"
set internet-service-id 5570566
next
edit "InsideSales-FTP"
set internet-service-id 5570567
next
edit "InsideSales-NTP"
set internet-service-id 5570568
next
edit "InsideSales-Inbound_Email"
set internet-service-id 5570569
next
edit "InsideSales-LDAP"
set internet-service-id 5570574
next
edit "InsideSales-NetBIOS.Session.Service"
set internet-service-id 5570575
next
edit "InsideSales-RTMP"
set internet-service-id 5570576
next
edit "InsideSales-NetBIOS.Name.Service"
set internet-service-id 5570584
next
edit "ServiceMax-Other"
set internet-service-id 5636096
next
edit "ServiceMax-Web"
set internet-service-id 5636097
next
edit "ServiceMax-ICMP"
set internet-service-id 5636098
next
edit "ServiceMax-DNS"
set internet-service-id 5636099
next
edit "ServiceMax-Outbound_Email"
set internet-service-id 5636100
next
edit "ServiceMax-SSH"
set internet-service-id 5636102
next
edit "ServiceMax-FTP"
set internet-service-id 5636103
next
edit "ServiceMax-NTP"
set internet-service-id 5636104
next
edit "ServiceMax-Inbound_Email"
set internet-service-id 5636105
next
edit "ServiceMax-LDAP"
set internet-service-id 5636110
next
edit "ServiceMax-NetBIOS.Session.Service"
set internet-service-id 5636111
next
edit "ServiceMax-RTMP"
set internet-service-id 5636112
next
edit "ServiceMax-NetBIOS.Name.Service"
set internet-service-id 5636120
next
edit "Apptio-Other"
set internet-service-id 5701632
next
edit "Apptio-Web"
set internet-service-id 5701633
next
edit "Apptio-ICMP"
set internet-service-id 5701634
next
edit "Apptio-DNS"
set internet-service-id 5701635
next
edit "Apptio-Outbound_Email"
set internet-service-id 5701636
next
edit "Apptio-SSH"
set internet-service-id 5701638
next
edit "Apptio-FTP"
set internet-service-id 5701639
next
edit "Apptio-NTP"
set internet-service-id 5701640
next
edit "Apptio-Inbound_Email"
set internet-service-id 5701641
next
edit "Apptio-LDAP"
set internet-service-id 5701646
next
edit "Apptio-NetBIOS.Session.Service"
set internet-service-id 5701647
next
edit "Apptio-RTMP"
set internet-service-id 5701648
next
edit "Apptio-NetBIOS.Name.Service"
set internet-service-id 5701656
next
edit "Veracode-Other"
set internet-service-id 5767168
next
edit "Veracode-Web"
set internet-service-id 5767169
next
edit "Veracode-ICMP"
set internet-service-id 5767170
next
edit "Veracode-DNS"
set internet-service-id 5767171
next
edit "Veracode-Outbound_Email"
set internet-service-id 5767172
next
edit "Veracode-SSH"
set internet-service-id 5767174
next
edit "Veracode-FTP"
set internet-service-id 5767175
next
edit "Veracode-NTP"
set internet-service-id 5767176
next
edit "Veracode-Inbound_Email"
set internet-service-id 5767177
next
edit "Veracode-LDAP"
set internet-service-id 5767182
next
edit "Veracode-NetBIOS.Session.Service"
set internet-service-id 5767183
next
edit "Veracode-RTMP"
set internet-service-id 5767184
next
edit "Veracode-NetBIOS.Name.Service"
set internet-service-id 5767192
next
edit "Anaplan-Other"
set internet-service-id 5832704
next
edit "Anaplan-Web"
set internet-service-id 5832705
next
edit "Anaplan-ICMP"
set internet-service-id 5832706
next
edit "Anaplan-DNS"
set internet-service-id 5832707
next
edit "Anaplan-Outbound_Email"
set internet-service-id 5832708
next
edit "Anaplan-SSH"
set internet-service-id 5832710
next
edit "Anaplan-FTP"
set internet-service-id 5832711
next
edit "Anaplan-NTP"
set internet-service-id 5832712
next
edit "Anaplan-Inbound_Email"
set internet-service-id 5832713
next
edit "Anaplan-LDAP"
set internet-service-id 5832718
next
edit "Anaplan-NetBIOS.Session.Service"
set internet-service-id 5832719
next
edit "Anaplan-RTMP"
set internet-service-id 5832720
next
edit "Anaplan-NetBIOS.Name.Service"
set internet-service-id 5832728
next
edit "Rapid7-Other"
set internet-service-id 5898240
next
edit "Rapid7-Web"
set internet-service-id 5898241
next
edit "Rapid7-ICMP"
set internet-service-id 5898242
next
edit "Rapid7-DNS"
set internet-service-id 5898243
next
edit "Rapid7-Outbound_Email"
set internet-service-id 5898244
next
edit "Rapid7-SSH"
set internet-service-id 5898246
next
edit "Rapid7-FTP"
set internet-service-id 5898247
next
edit "Rapid7-NTP"
set internet-service-id 5898248
next
edit "Rapid7-Inbound_Email"
set internet-service-id 5898249
next
edit "Rapid7-LDAP"
set internet-service-id 5898254
next
edit "Rapid7-NetBIOS.Session.Service"
set internet-service-id 5898255
next
edit "Rapid7-RTMP"
set internet-service-id 5898256
next
edit "Rapid7-NetBIOS.Name.Service"
set internet-service-id 5898264
next
edit "Anydesk-Anydesk"
set internet-service-id 5963927
next
edit "ESET-Eset.Service"
set internet-service-id 6029426
next
edit "Slack-Other"
set internet-service-id 6094848
next
edit "Slack-Web"
set internet-service-id 6094849
next
edit "Slack-ICMP"
set internet-service-id 6094850
next
edit "Slack-DNS"
set internet-service-id 6094851
next
edit "Slack-Outbound_Email"
set internet-service-id 6094852
next
edit "Slack-SSH"
set internet-service-id 6094854
next
edit "Slack-FTP"
set internet-service-id 6094855
next
edit "Slack-NTP"
set internet-service-id 6094856
next
edit "Slack-Inbound_Email"
set internet-service-id 6094857
next
edit "Slack-LDAP"
set internet-service-id 6094862
next
edit "Slack-NetBIOS.Session.Service"
set internet-service-id 6094863
next
edit "Slack-RTMP"
set internet-service-id 6094864
next
edit "Slack-NetBIOS.Name.Service"
set internet-service-id 6094872
next
edit "Slack-Slack"
set internet-service-id 6095024
next
edit "ADP-Other"
set internet-service-id 6160384
next
edit "ADP-Web"
set internet-service-id 6160385
next
edit "ADP-ICMP"
set internet-service-id 6160386
next
edit "ADP-DNS"
set internet-service-id 6160387
next
edit "ADP-Outbound_Email"
set internet-service-id 6160388
next
edit "ADP-SSH"
set internet-service-id 6160390
next
edit "ADP-FTP"
set internet-service-id 6160391
next
edit "ADP-NTP"
set internet-service-id 6160392
next
edit "ADP-Inbound_Email"
set internet-service-id 6160393
next
edit "ADP-LDAP"
set internet-service-id 6160398
next
edit "ADP-NetBIOS.Session.Service"
set internet-service-id 6160399
next
edit "ADP-RTMP"
set internet-service-id 6160400
next
edit "ADP-NetBIOS.Name.Service"
set internet-service-id 6160408
next
edit "Blackboard-Other"
set internet-service-id 6225920
next
edit "Blackboard-Web"
set internet-service-id 6225921
next
edit "Blackboard-ICMP"
set internet-service-id 6225922
next
edit "Blackboard-DNS"
set internet-service-id 6225923
next
edit "Blackboard-Outbound_Email"
set internet-service-id 6225924
next
edit "Blackboard-SSH"
set internet-service-id 6225926
next
edit "Blackboard-FTP"
set internet-service-id 6225927
next
edit "Blackboard-NTP"
set internet-service-id 6225928
next
edit "Blackboard-Inbound_Email"
set internet-service-id 6225929
next
edit "Blackboard-LDAP"
set internet-service-id 6225934
next
edit "Blackboard-NetBIOS.Session.Service"
set internet-service-id 6225935
next
edit "Blackboard-RTMP"
set internet-service-id 6225936
next
edit "Blackboard-NetBIOS.Name.Service"
set internet-service-id 6225944
next
edit "SAP-Other"
set internet-service-id 6291456
next
edit "SAP-Web"
set internet-service-id 6291457
next
edit "SAP-ICMP"
set internet-service-id 6291458
next
edit "SAP-DNS"
set internet-service-id 6291459
next
edit "SAP-Outbound_Email"
set internet-service-id 6291460
next
edit "SAP-SSH"
set internet-service-id 6291462
next
edit "SAP-FTP"
set internet-service-id 6291463
next
edit "SAP-NTP"
set internet-service-id 6291464
next
edit "SAP-Inbound_Email"
set internet-service-id 6291465
next
edit "SAP-LDAP"
set internet-service-id 6291470
next
edit "SAP-NetBIOS.Session.Service"
set internet-service-id 6291471
next
edit "SAP-RTMP"
set internet-service-id 6291472
next
edit "SAP-NetBIOS.Name.Service"
set internet-service-id 6291480
next
edit "SAP-HANA"
set internet-service-id 6291612
next
edit "SAP-SuccessFactors"
set internet-service-id 6291618
next
edit "Snap-Snapchat"
set internet-service-id 6357108
next
edit "Zoom.us-Zoom.Meeting"
set internet-service-id 6422646
next
edit "Sophos-Other"
set internet-service-id 6488064
next
edit "Sophos-Web"
set internet-service-id 6488065
next
edit "Sophos-ICMP"
set internet-service-id 6488066
next
edit "Sophos-DNS"
set internet-service-id 6488067
next
edit "Sophos-Outbound_Email"
set internet-service-id 6488068
next
edit "Sophos-SSH"
set internet-service-id 6488070
next
edit "Sophos-FTP"
set internet-service-id 6488071
next
edit "Sophos-NTP"
set internet-service-id 6488072
next
edit "Sophos-Inbound_Email"
set internet-service-id 6488073
next
edit "Sophos-LDAP"
set internet-service-id 6488078
next
edit "Sophos-NetBIOS.Session.Service"
set internet-service-id 6488079
next
edit "Sophos-RTMP"
set internet-service-id 6488080
next
edit "Sophos-NetBIOS.Name.Service"
set internet-service-id 6488088
next
edit "Cloudflare-Other"
set internet-service-id 6553600
next
edit "Cloudflare-Web"
set internet-service-id 6553601
next
edit "Cloudflare-ICMP"
set internet-service-id 6553602
next
edit "Cloudflare-DNS"
set internet-service-id 6553603
next
edit "Cloudflare-Outbound_Email"
set internet-service-id 6553604
next
edit "Cloudflare-SSH"
set internet-service-id 6553606
next
edit "Cloudflare-FTP"
set internet-service-id 6553607
next
edit "Cloudflare-NTP"
set internet-service-id 6553608
next
edit "Cloudflare-Inbound_Email"
set internet-service-id 6553609
next
edit "Cloudflare-LDAP"
set internet-service-id 6553614
next
edit "Cloudflare-NetBIOS.Session.Service"
set internet-service-id 6553615
next
edit "Cloudflare-RTMP"
set internet-service-id 6553616
next
edit "Cloudflare-NetBIOS.Name.Service"
set internet-service-id 6553624
next
edit "Cloudflare-CDN"
set internet-service-id 6553737
next
edit "Pexip-Pexip.Meeting"
set internet-service-id 6619256
next
edit "Zscaler-Other"
set internet-service-id 6684672
next
edit "Zscaler-Web"
set internet-service-id 6684673
next
edit "Zscaler-ICMP"
set internet-service-id 6684674
next
edit "Zscaler-DNS"
set internet-service-id 6684675
next
edit "Zscaler-Outbound_Email"
set internet-service-id 6684676
next
edit "Zscaler-SSH"
set internet-service-id 6684678
next
edit "Zscaler-FTP"
set internet-service-id 6684679
next
edit "Zscaler-NTP"
set internet-service-id 6684680
next
edit "Zscaler-Inbound_Email"
set internet-service-id 6684681
next
edit "Zscaler-LDAP"
set internet-service-id 6684686
next
edit "Zscaler-NetBIOS.Session.Service"
set internet-service-id 6684687
next
edit "Zscaler-RTMP"
set internet-service-id 6684688
next
edit "Zscaler-NetBIOS.Name.Service"
set internet-service-id 6684696
next
edit "Zscaler-Zscaler.Cloud"
set internet-service-id 6684793
next
edit "Yandex-Other"
set internet-service-id 6750208
next
edit "Yandex-Web"
set internet-service-id 6750209
next
edit "Yandex-ICMP"
set internet-service-id 6750210
next
edit "Yandex-DNS"
set internet-service-id 6750211
next
edit "Yandex-Outbound_Email"
set internet-service-id 6750212
next
edit "Yandex-SSH"
set internet-service-id 6750214
next
edit "Yandex-FTP"
set internet-service-id 6750215
next
edit "Yandex-NTP"
set internet-service-id 6750216
next
edit "Yandex-Inbound_Email"
set internet-service-id 6750217
next
edit "Yandex-LDAP"
set internet-service-id 6750222
next
edit "Yandex-NetBIOS.Session.Service"
set internet-service-id 6750223
next
edit "Yandex-RTMP"
set internet-service-id 6750224
next
edit "Yandex-NetBIOS.Name.Service"
set internet-service-id 6750232
next
edit "mail.ru-Other"
set internet-service-id 6815744
next
edit "mail.ru-Web"
set internet-service-id 6815745
next
edit "mail.ru-ICMP"
set internet-service-id 6815746
next
edit "mail.ru-DNS"
set internet-service-id 6815747
next
edit "mail.ru-Outbound_Email"
set internet-service-id 6815748
next
edit "mail.ru-SSH"
set internet-service-id 6815750
next
edit "mail.ru-FTP"
set internet-service-id 6815751
next
edit "mail.ru-NTP"
set internet-service-id 6815752
next
edit "mail.ru-Inbound_Email"
set internet-service-id 6815753
next
edit "mail.ru-LDAP"
set internet-service-id 6815758
next
edit "mail.ru-NetBIOS.Session.Service"
set internet-service-id 6815759
next
edit "mail.ru-RTMP"
set internet-service-id 6815760
next
edit "mail.ru-NetBIOS.Name.Service"
set internet-service-id 6815768
next
edit "Alibaba-Other"
set internet-service-id 6881280
next
edit "Alibaba-Web"
set internet-service-id 6881281
next
edit "Alibaba-ICMP"
set internet-service-id 6881282
next
edit "Alibaba-DNS"
set internet-service-id 6881283
next
edit "Alibaba-Outbound_Email"
set internet-service-id 6881284
next
edit "Alibaba-SSH"
set internet-service-id 6881286
next
edit "Alibaba-FTP"
set internet-service-id 6881287
next
edit "Alibaba-NTP"
set internet-service-id 6881288
next
edit "Alibaba-Inbound_Email"
set internet-service-id 6881289
next
edit "Alibaba-LDAP"
set internet-service-id 6881294
next
edit "Alibaba-NetBIOS.Session.Service"
set internet-service-id 6881295
next
edit "Alibaba-RTMP"
set internet-service-id 6881296
next
edit "Alibaba-NetBIOS.Name.Service"
set internet-service-id 6881304
next
edit "Alibaba-Alibaba.Cloud"
set internet-service-id 6881402
next
edit "GoDaddy-Other"
set internet-service-id 6946816
next
edit "GoDaddy-Web"
set internet-service-id 6946817
next
edit "GoDaddy-ICMP"
set internet-service-id 6946818
next
edit "GoDaddy-DNS"
set internet-service-id 6946819
next
edit "GoDaddy-Outbound_Email"
set internet-service-id 6946820
next
edit "GoDaddy-SSH"
set internet-service-id 6946822
next
edit "GoDaddy-FTP"
set internet-service-id 6946823
next
edit "GoDaddy-NTP"
set internet-service-id 6946824
next
edit "GoDaddy-Inbound_Email"
set internet-service-id 6946825
next
edit "GoDaddy-LDAP"
set internet-service-id 6946830
next
edit "GoDaddy-NetBIOS.Session.Service"
set internet-service-id 6946831
next
edit "GoDaddy-RTMP"
set internet-service-id 6946832
next
edit "GoDaddy-NetBIOS.Name.Service"
set internet-service-id 6946840
next
edit "GoDaddy-GoDaddy.Email"
set internet-service-id 6946939
next
edit "Bluejeans-Other"
set internet-service-id 7012352
next
edit "Bluejeans-Web"
set internet-service-id 7012353
next
edit "Bluejeans-ICMP"
set internet-service-id 7012354
next
edit "Bluejeans-DNS"
set internet-service-id 7012355
next
edit "Bluejeans-Outbound_Email"
set internet-service-id 7012356
next
edit "Bluejeans-SSH"
set internet-service-id 7012358
next
edit "Bluejeans-FTP"
set internet-service-id 7012359
next
edit "Bluejeans-NTP"
set internet-service-id 7012360
next
edit "Bluejeans-Inbound_Email"
set internet-service-id 7012361
next
edit "Bluejeans-LDAP"
set internet-service-id 7012366
next
edit "Bluejeans-NetBIOS.Session.Service"
set internet-service-id 7012367
next
edit "Bluejeans-RTMP"
set internet-service-id 7012368
next
edit "Bluejeans-NetBIOS.Name.Service"
set internet-service-id 7012376
next
edit "Bluejeans-Bluejeans.Meeting"
set internet-service-id 7012476
next
edit "Webroot-Webroot.SecureAnywhere"
set internet-service-id 7078013
next
edit "Avast-Other"
set internet-service-id 7143424
next
edit "Avast-Web"
set internet-service-id 7143425
next
edit "Avast-ICMP"
set internet-service-id 7143426
next
edit "Avast-DNS"
set internet-service-id 7143427
next
edit "Avast-Outbound_Email"
set internet-service-id 7143428
next
edit "Avast-SSH"
set internet-service-id 7143430
next
edit "Avast-FTP"
set internet-service-id 7143431
next
edit "Avast-NTP"
set internet-service-id 7143432
next
edit "Avast-Inbound_Email"
set internet-service-id 7143433
next
edit "Avast-LDAP"
set internet-service-id 7143438
next
edit "Avast-NetBIOS.Session.Service"
set internet-service-id 7143439
next
edit "Avast-RTMP"
set internet-service-id 7143440
next
edit "Avast-NetBIOS.Name.Service"
set internet-service-id 7143448
next
edit "Avast-Avast.Security"
set internet-service-id 7143550
next
edit "Wetransfer-Other"
set internet-service-id 7208960
next
edit "Wetransfer-Web"
set internet-service-id 7208961
next
edit "Wetransfer-ICMP"
set internet-service-id 7208962
next
edit "Wetransfer-DNS"
set internet-service-id 7208963
next
edit "Wetransfer-Outbound_Email"
set internet-service-id 7208964
next
edit "Wetransfer-SSH"
set internet-service-id 7208966
next
edit "Wetransfer-FTP"
set internet-service-id 7208967
next
edit "Wetransfer-NTP"
set internet-service-id 7208968
next
edit "Wetransfer-Inbound_Email"
set internet-service-id 7208969
next
edit "Wetransfer-LDAP"
set internet-service-id 7208974
next
edit "Wetransfer-NetBIOS.Session.Service"
set internet-service-id 7208975
next
edit "Wetransfer-RTMP"
set internet-service-id 7208976
next
edit "Wetransfer-NetBIOS.Name.Service"
set internet-service-id 7208984
next
edit "Sendgrid-Sendgrid.Email"
set internet-service-id 7274623
next
edit "Ubiquiti-UniFi"
set internet-service-id 7340160
next
edit "Lifesize-Lifesize.Cloud"
set internet-service-id 7405697
next
edit "Okta-Other"
set internet-service-id 7471104
next
edit "Okta-Web"
set internet-service-id 7471105
next
edit "Okta-ICMP"
set internet-service-id 7471106
next
edit "Okta-DNS"
set internet-service-id 7471107
next
edit "Okta-Outbound_Email"
set internet-service-id 7471108
next
edit "Okta-SSH"
set internet-service-id 7471110
next
edit "Okta-FTP"
set internet-service-id 7471111
next
edit "Okta-NTP"
set internet-service-id 7471112
next
edit "Okta-Inbound_Email"
set internet-service-id 7471113
next
edit "Okta-LDAP"
set internet-service-id 7471118
next
edit "Okta-NetBIOS.Session.Service"
set internet-service-id 7471119
next
edit "Okta-RTMP"
set internet-service-id 7471120
next
edit "Okta-NetBIOS.Name.Service"
set internet-service-id 7471128
next
edit "Okta-Okta"
set internet-service-id 7471307
next
edit "Cybozu-Other"
set internet-service-id 7536640
next
edit "Cybozu-Web"
set internet-service-id 7536641
next
edit "Cybozu-ICMP"
set internet-service-id 7536642
next
edit "Cybozu-DNS"
set internet-service-id 7536643
next
edit "Cybozu-Outbound_Email"
set internet-service-id 7536644
next
edit "Cybozu-SSH"
set internet-service-id 7536646
next
edit "Cybozu-FTP"
set internet-service-id 7536647
next
edit "Cybozu-NTP"
set internet-service-id 7536648
next
edit "Cybozu-Inbound_Email"
set internet-service-id 7536649
next
edit "Cybozu-LDAP"
set internet-service-id 7536654
next
edit "Cybozu-NetBIOS.Session.Service"
set internet-service-id 7536655
next
edit "Cybozu-RTMP"
set internet-service-id 7536656
next
edit "Cybozu-NetBIOS.Name.Service"
set internet-service-id 7536664
next
edit "VNC-Other"
set internet-service-id 7602176
next
edit "VNC-Web"
set internet-service-id 7602177
next
edit "VNC-ICMP"
set internet-service-id 7602178
next
edit "VNC-DNS"
set internet-service-id 7602179
next
edit "VNC-Outbound_Email"
set internet-service-id 7602180
next
edit "VNC-SSH"
set internet-service-id 7602182
next
edit "VNC-FTP"
set internet-service-id 7602183
next
edit "VNC-NTP"
set internet-service-id 7602184
next
edit "VNC-Inbound_Email"
set internet-service-id 7602185
next
edit "VNC-LDAP"
set internet-service-id 7602190
next
edit "VNC-NetBIOS.Session.Service"
set internet-service-id 7602191
next
edit "VNC-RTMP"
set internet-service-id 7602192
next
edit "VNC-NetBIOS.Name.Service"
set internet-service-id 7602200
next
edit "Egnyte-Egnyte"
set internet-service-id 7667846
next
edit "CrowdStrike-CrowdStrike.Cloud"
set internet-service-id 7733383
next
edit "Aruba.it-Other"
set internet-service-id 7798784
next
edit "Aruba.it-Web"
set internet-service-id 7798785
next
edit "Aruba.it-ICMP"
set internet-service-id 7798786
next
edit "Aruba.it-DNS"
set internet-service-id 7798787
next
edit "Aruba.it-Outbound_Email"
set internet-service-id 7798788
next
edit "Aruba.it-SSH"
set internet-service-id 7798790
next
edit "Aruba.it-FTP"
set internet-service-id 7798791
next
edit "Aruba.it-NTP"
set internet-service-id 7798792
next
edit "Aruba.it-Inbound_Email"
set internet-service-id 7798793
next
edit "Aruba.it-LDAP"
set internet-service-id 7798798
next
edit "Aruba.it-NetBIOS.Session.Service"
set internet-service-id 7798799
next
edit "Aruba.it-RTMP"
set internet-service-id 7798800
next
edit "Aruba.it-NetBIOS.Name.Service"
set internet-service-id 7798808
next
edit "ISLOnline-Other"
set internet-service-id 7864320
next
edit "ISLOnline-Web"
set internet-service-id 7864321
next
edit "ISLOnline-ICMP"
set internet-service-id 7864322
next
edit "ISLOnline-DNS"
set internet-service-id 7864323
next
edit "ISLOnline-Outbound_Email"
set internet-service-id 7864324
next
edit "ISLOnline-SSH"
set internet-service-id 7864326
next
edit "ISLOnline-FTP"
set internet-service-id 7864327
next
edit "ISLOnline-NTP"
set internet-service-id 7864328
next
edit "ISLOnline-Inbound_Email"
set internet-service-id 7864329
next
edit "ISLOnline-LDAP"
set internet-service-id 7864334
next
edit "ISLOnline-NetBIOS.Session.Service"
set internet-service-id 7864335
next
edit "ISLOnline-RTMP"
set internet-service-id 7864336
next
edit "ISLOnline-NetBIOS.Name.Service"
set internet-service-id 7864344
next
edit "Akamai-CDN"
set internet-service-id 7929993
next
edit "Rackspace-CDN"
set internet-service-id 7995529
next
edit "Instart-CDN"
set internet-service-id 8061065
next
edit "Bitdefender-Other"
set internet-service-id 8126464
next
edit "Bitdefender-Web"
set internet-service-id 8126465
next
edit "Bitdefender-ICMP"
set internet-service-id 8126466
next
edit "Bitdefender-DNS"
set internet-service-id 8126467
next
edit "Bitdefender-Outbound_Email"
set internet-service-id 8126468
next
edit "Bitdefender-SSH"
set internet-service-id 8126470
next
edit "Bitdefender-FTP"
set internet-service-id 8126471
next
edit "Bitdefender-NTP"
set internet-service-id 8126472
next
edit "Bitdefender-Inbound_Email"
set internet-service-id 8126473
next
edit "Bitdefender-LDAP"
set internet-service-id 8126478
next
edit "Bitdefender-NetBIOS.Session.Service"
set internet-service-id 8126479
next
edit "Bitdefender-RTMP"
set internet-service-id 8126480
next
edit "Bitdefender-NetBIOS.Name.Service"
set internet-service-id 8126488
next
edit "Pingdom-Other"
set internet-service-id 8192000
next
edit "Pingdom-Web"
set internet-service-id 8192001
next
edit "Pingdom-ICMP"
set internet-service-id 8192002
next
edit "Pingdom-DNS"
set internet-service-id 8192003
next
edit "Pingdom-Outbound_Email"
set internet-service-id 8192004
next
edit "Pingdom-SSH"
set internet-service-id 8192006
next
edit "Pingdom-FTP"
set internet-service-id 8192007
next
edit "Pingdom-NTP"
set internet-service-id 8192008
next
edit "Pingdom-Inbound_Email"
set internet-service-id 8192009
next
edit "Pingdom-LDAP"
set internet-service-id 8192014
next
edit "Pingdom-NetBIOS.Session.Service"
set internet-service-id 8192015
next
edit "Pingdom-RTMP"
set internet-service-id 8192016
next
edit "Pingdom-NetBIOS.Name.Service"
set internet-service-id 8192024
next
edit "UptimeRobot-Other"
set internet-service-id 8257536
next
edit "UptimeRobot-Web"
set internet-service-id 8257537
next
edit "UptimeRobot-ICMP"
set internet-service-id 8257538
next
edit "UptimeRobot-DNS"
set internet-service-id 8257539
next
edit "UptimeRobot-Outbound_Email"
set internet-service-id 8257540
next
edit "UptimeRobot-SSH"
set internet-service-id 8257542
next
edit "UptimeRobot-FTP"
set internet-service-id 8257543
next
edit "UptimeRobot-NTP"
set internet-service-id 8257544
next
edit "UptimeRobot-Inbound_Email"
set internet-service-id 8257545
next
edit "UptimeRobot-LDAP"
set internet-service-id 8257550
next
edit "UptimeRobot-NetBIOS.Session.Service"
set internet-service-id 8257551
next
edit "UptimeRobot-RTMP"
set internet-service-id 8257552
next
edit "UptimeRobot-NetBIOS.Name.Service"
set internet-service-id 8257560
next
edit "UptimeRobot-UptimeRobot.Monitor"
set internet-service-id 8257709
next
edit "Quovadisglobal-Other"
set internet-service-id 8323072
next
edit "Quovadisglobal-Web"
set internet-service-id 8323073
next
edit "Quovadisglobal-ICMP"
set internet-service-id 8323074
next
edit "Quovadisglobal-DNS"
set internet-service-id 8323075
next
edit "Quovadisglobal-Outbound_Email"
set internet-service-id 8323076
next
edit "Quovadisglobal-SSH"
set internet-service-id 8323078
next
edit "Quovadisglobal-FTP"
set internet-service-id 8323079
next
edit "Quovadisglobal-NTP"
set internet-service-id 8323080
next
edit "Quovadisglobal-Inbound_Email"
set internet-service-id 8323081
next
edit "Quovadisglobal-LDAP"
set internet-service-id 8323086
next
edit "Quovadisglobal-NetBIOS.Session.Service"
set internet-service-id 8323087
next
edit "Quovadisglobal-RTMP"
set internet-service-id 8323088
next
edit "Quovadisglobal-NetBIOS.Name.Service"
set internet-service-id 8323096
next
edit "Splashtop-Splashtop"
set internet-service-id 8388751
next
edit "Zoox-Other"
set internet-service-id 8454144
next
edit "Zoox-Web"
set internet-service-id 8454145
next
edit "Zoox-ICMP"
set internet-service-id 8454146
next
edit "Zoox-DNS"
set internet-service-id 8454147
next
edit "Zoox-Outbound_Email"
set internet-service-id 8454148
next
edit "Zoox-SSH"
set internet-service-id 8454150
next
edit "Zoox-FTP"
set internet-service-id 8454151
next
edit "Zoox-NTP"
set internet-service-id 8454152
next
edit "Zoox-Inbound_Email"
set internet-service-id 8454153
next
edit "Zoox-LDAP"
set internet-service-id 8454158
next
edit "Zoox-NetBIOS.Session.Service"
set internet-service-id 8454159
next
edit "Zoox-RTMP"
set internet-service-id 8454160
next
edit "Zoox-NetBIOS.Name.Service"
set internet-service-id 8454168
next
edit "Skyfii-Other"
set internet-service-id 8519680
next
edit "Skyfii-Web"
set internet-service-id 8519681
next
edit "Skyfii-ICMP"
set internet-service-id 8519682
next
edit "Skyfii-DNS"
set internet-service-id 8519683
next
edit "Skyfii-Outbound_Email"
set internet-service-id 8519684
next
edit "Skyfii-SSH"
set internet-service-id 8519686
next
edit "Skyfii-FTP"
set internet-service-id 8519687
next
edit "Skyfii-NTP"
set internet-service-id 8519688
next
edit "Skyfii-Inbound_Email"
set internet-service-id 8519689
next
edit "Skyfii-LDAP"
set internet-service-id 8519694
next
edit "Skyfii-NetBIOS.Session.Service"
set internet-service-id 8519695
next
edit "Skyfii-RTMP"
set internet-service-id 8519696
next
edit "Skyfii-NetBIOS.Name.Service"
set internet-service-id 8519704
next
edit "CoffeeBean-Other"
set internet-service-id 8585216
next
edit "CoffeeBean-Web"
set internet-service-id 8585217
next
edit "CoffeeBean-ICMP"
set internet-service-id 8585218
next
edit "CoffeeBean-DNS"
set internet-service-id 8585219
next
edit "CoffeeBean-Outbound_Email"
set internet-service-id 8585220
next
edit "CoffeeBean-SSH"
set internet-service-id 8585222
next
edit "CoffeeBean-FTP"
set internet-service-id 8585223
next
edit "CoffeeBean-NTP"
set internet-service-id 8585224
next
edit "CoffeeBean-Inbound_Email"
set internet-service-id 8585225
next
edit "CoffeeBean-LDAP"
set internet-service-id 8585230
next
edit "CoffeeBean-NetBIOS.Session.Service"
set internet-service-id 8585231
next
edit "CoffeeBean-RTMP"
set internet-service-id 8585232
next
edit "CoffeeBean-NetBIOS.Name.Service"
set internet-service-id 8585240
next
edit "Cloud4Wi-Other"
set internet-service-id 8650752
next
edit "Cloud4Wi-Web"
set internet-service-id 8650753
next
edit "Cloud4Wi-ICMP"
set internet-service-id 8650754
next
edit "Cloud4Wi-DNS"
set internet-service-id 8650755
next
edit "Cloud4Wi-Outbound_Email"
set internet-service-id 8650756
next
edit "Cloud4Wi-SSH"
set internet-service-id 8650758
next
edit "Cloud4Wi-FTP"
set internet-service-id 8650759
next
edit "Cloud4Wi-NTP"
set internet-service-id 8650760
next
edit "Cloud4Wi-Inbound_Email"
set internet-service-id 8650761
next
edit "Cloud4Wi-LDAP"
set internet-service-id 8650766
next
edit "Cloud4Wi-NetBIOS.Session.Service"
set internet-service-id 8650767
next
edit "Cloud4Wi-RTMP"
set internet-service-id 8650768
next
edit "Cloud4Wi-NetBIOS.Name.Service"
set internet-service-id 8650776
next
edit "Panda-Panda.Security"
set internet-service-id 8716432
next
edit "Ewon-Talk2M"
set internet-service-id 8781970
next
edit "Nutanix-Nutanix.Cloud"
set internet-service-id 8847507
next
edit "Backblaze-Other"
set internet-service-id 8912896
next
edit "Backblaze-Web"
set internet-service-id 8912897
next
edit "Backblaze-ICMP"
set internet-service-id 8912898
next
edit "Backblaze-DNS"
set internet-service-id 8912899
next
edit "Backblaze-Outbound_Email"
set internet-service-id 8912900
next
edit "Backblaze-SSH"
set internet-service-id 8912902
next
edit "Backblaze-FTP"
set internet-service-id 8912903
next
edit "Backblaze-NTP"
set internet-service-id 8912904
next
edit "Backblaze-Inbound_Email"
set internet-service-id 8912905
next
edit "Backblaze-LDAP"
set internet-service-id 8912910
next
edit "Backblaze-NetBIOS.Session.Service"
set internet-service-id 8912911
next
edit "Backblaze-RTMP"
set internet-service-id 8912912
next
edit "Backblaze-NetBIOS.Name.Service"
set internet-service-id 8912920
next
edit "Aerohive-Aerohive.Cloud"
set internet-service-id 8978580
next
edit "XING-Other"
set internet-service-id 9043968
next
edit "XING-Web"
set internet-service-id 9043969
next
edit "XING-ICMP"
set internet-service-id 9043970
next
edit "XING-DNS"
set internet-service-id 9043971
next
edit "XING-Outbound_Email"
set internet-service-id 9043972
next
edit "XING-SSH"
set internet-service-id 9043974
next
edit "XING-FTP"
set internet-service-id 9043975
next
edit "XING-NTP"
set internet-service-id 9043976
next
edit "XING-Inbound_Email"
set internet-service-id 9043977
next
edit "XING-LDAP"
set internet-service-id 9043982
next
edit "XING-NetBIOS.Session.Service"
set internet-service-id 9043983
next
edit "XING-RTMP"
set internet-service-id 9043984
next
edit "XING-NetBIOS.Name.Service"
set internet-service-id 9043992
next
edit "Genesys-PureCloud"
set internet-service-id 9109653
next
edit "BlackBerry-Cylance"
set internet-service-id 9175190
next
edit "DigiCert-OCSP"
set internet-service-id 9240728
next
edit "Infomaniak-SwissTransfer"
set internet-service-id 9306265
next
edit "Fuze-Fuze"
set internet-service-id 9371802
next
edit "Truecaller-Truecaller"
set internet-service-id 9437339
next
edit "GlobalSign-OCSP"
set internet-service-id 9502872
next
edit "VeriSign-OCSP"
set internet-service-id 9568408
next
edit "Sony-PlayStation.Network"
set internet-service-id 9633952
next
edit "Acronis-Cyber.Cloud"
set internet-service-id 9699489
next
edit "RingCentral-RingCentral"
set internet-service-id 9765027
next
edit "FSecure-FSecure"
set internet-service-id 9830564
next
edit "Kaseya-Kaseya.Cloud"
set internet-service-id 9896101
next
edit "Shodan-Scanner"
set internet-service-id 9961638
next
edit "Censys-Scanner"
set internet-service-id 10027174
next
edit "Valve-Steam"
set internet-service-id 10092711
next
edit "YouSeeU-Bongo"
set internet-service-id 10158248
next
edit "Cato-Cato.Cloud"
set internet-service-id 10223785
next
edit "Solarwinds-SpamExperts"
set internet-service-id 10289323
next
edit "Solarwinds-Pingdom.Probe"
set internet-service-id 10289326
next
edit "8X8-8X8.Cloud"
set internet-service-id 10354860
next
edit "Zattoo-Zattoo.TV"
set internet-service-id 10420401
next
edit "Datto-Datto.RMM"
set internet-service-id 10485939
next
edit "Barracuda-Barracuda.Cloud"
set internet-service-id 10551477
next
edit "Naver-Line"
set internet-service-id 10617015
next
edit "Disney-Disney+"
set internet-service-id 10682552
next
edit "DNS-DoH_DoT"
set internet-service-id 10748089
next
edit "Quad9-Quad9.Standard.DNS"
set internet-service-id 10813626
next
edit "Stretchoid-Scanner"
set internet-service-id 10879142
next
edit "Poly-RealConnect.Service"
set internet-service-id 10944700
next
edit "Telegram-Telegram"
set internet-service-id 11010249
next
edit "Spotify-Spotify"
set internet-service-id 11075786
next
edit "NextDNS-NextDNS"
set internet-service-id 11141324
next
edit "Fastly-CDN"
set internet-service-id 11206793
next
edit "Neustar-UltraDNS.Probes"
set internet-service-id 11272397
next
end
config firewall internet-service-definition
end
config wanopt content-delivery-network-rule
edit "vcache://"
set comment "Static entries are not allowed to change except disable."
set response-expires enable
set text-response-vcache disable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/*.m3u8"
next
end
config content-id
set target hls-manifest
set start-str "/"
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/*.mpd"
next
end
config content-id
set target dash-manifest
set start-str "/"
end
next
edit "rule3"
config match-entries
edit 1
set pattern "/*.ts"
next
end
config content-id
set target hls-fragment
set start-str "/"
end
next
edit "rule4"
config match-entries
edit 1
set pattern "/*.*"
next
end
config content-id
set target dash-fragment
set start-str "/"
end
next
end
next
edit "vcache://youtube/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "youtube.com"
set category youtube
set text-response-vcache disable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set end-str "&"
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
end
next
edit "rule3"
set match-mode any
config match-entries
edit 1
set pattern "/stream_204"
next
edit 2
set pattern "/ptracking"
next
edit 3
set pattern "/get_video_info"
next
end
config content-id
set target youtube-map
set start-str "/"
end
next
end
next
edit "vcache://googlevideo/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "googlevideo.com"
set category youtube
set text-response-vcache disable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set end-str "&"
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
end
next
edit "rule3"
set match-mode any
config match-entries
edit 1
set pattern "/stream_204"
next
edit 2
set pattern "/ptracking"
next
edit 3
set pattern "/get_video_info"
next
end
config content-id
set target youtube-map
set start-str "/"
end
next
end
next
edit "vcache://metacafe/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "mccont.com" "akvideos.metacafe.com" "cdn.metacafe.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://facebook/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "fbcdn.net" "facebook.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://dailymotion/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "dailymotion.com" "dmcdn.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/video/*.mp4"
next
edit 2
set pattern "/video/*.flv"
next
edit 3
set pattern "/video/*.ts"
next
edit 4
set pattern "/video/*.on2"
next
edit 5
set pattern "/video/*.aac"
next
edit 6
set pattern "/video/*.h264"
next
edit 7
set pattern "/video/*.h263"
next
edit 8
set pattern "/sec*.mp4"
next
edit 9
set pattern "/sec*.flv"
next
edit 10
set pattern "/sec*.on2"
next
edit 11
set pattern "/sec*.aac"
next
edit 12
set pattern "/sec*.h264"
next
edit 13
set pattern "/sec*.h263"
next
edit 14
set pattern "*.ts"
next
end
config skip-entries
edit 1
set target parameter
set pattern "start=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://break/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "break.com" "0ebe.edgecastcdn.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/dnet/media/*.flv"
next
edit 2
set pattern "/dnet/media/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "ec_seek=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/*.mp4*"
next
edit 2
set pattern "*Seg*"
next
edit 3
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://msn/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "video.msn.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://llnwd/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "llnwd.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.fll"
next
end
config skip-entries
edit 1
set target parameter
set pattern "fs=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://yahoo/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "yimg.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.m4s"
next
end
config content-id
set target parameter
set start-str "vid="
end
next
end
next
edit "vcache://myspace/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "myspacecdn.com"
set request-cache-control enable
set response-cache-control enable
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://vimeo/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "vimeo.com" "vimeocdn.com" "56skyfiregce-a.akamaihd.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.m4s"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://blip.tv/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "blip.tv"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.m4v"
next
edit 2
set pattern "/*.flv"
next
edit 3
set pattern "/*.mp4"
next
edit 4
set pattern "/*.wmv"
next
edit 5
set pattern "/*.rm"
next
edit 6
set pattern "/*.ram"
next
edit 7
set pattern "/*.mov"
next
edit 8
set pattern "/*.avi"
next
end
config skip-entries
edit 1
set target parameter
set pattern "ms=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://maker.tv/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "videos-f.jwpsrv.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://aol/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "stream.aol.com" "5min.com" "vidiblevod-vh.akamaihd.net" "stg-ec-ore-u.uplynk.com" "vidible.tv"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*timeoffset=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://clipfish/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "clipfish.de" "universal-music.de"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.f4v"
next
edit 3
set pattern "/*.mp4"
next
edit 4
set pattern "/*.m4v"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://cnn/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "cnn-vh.akamaihd.net"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/*.flv*"
next
edit 2
set pattern "*Seg*"
next
edit 3
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/*.mp4*"
next
edit 2
set pattern "*Seg*"
next
edit 3
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule3"
config match-entries
edit 1
set pattern "/*.ts*"
next
edit 2
set pattern "*Seg*"
next
edit 3
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://foxnews/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "foxnews.com" "foxnews-f.akamaihd.net"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/*.mp4*"
next
edit 2
set target parameter
set pattern "*Seg*"
next
edit 3
set target parameter
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://discovery/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "discovery.com" "discidevflash-f.akamaihd.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://liveleak/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "edge.liveleak.com" "cdn.liveleak.com"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/*.mp4"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule3"
config match-entries
edit 1
set pattern "/*.wmv"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://sevenload/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "sevenload.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "aktimeoffset=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://stupidvideos/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "stupidvideos.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://howcast/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "media.howcast.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "start=*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://vevo/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "vevo.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://ooyala/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "ooyala.com"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "*Seg*"
next
edit 2
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://ms-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "msads.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://yumenetworks-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "yumenetworks.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://2mdn-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "2mdn.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://eyewonder-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "eyewonder.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://eyereturn-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "eyereturn.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://serving-sys-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "serving-sys.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://amazonaws-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "amazonaws.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://edgesuite-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "edgesuite.net"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://gorillanation-ads/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "video.gorillanation.com"
set response-expires enable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set pattern "/*.flv"
next
edit 2
set pattern "/*.mp4"
next
edit 3
set pattern "/*.ts"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://youku/"
set comment "Static entries are not allowed to change except disable."
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/youku/*.mp4"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
edit "rule2"
config match-entries
edit 1
set pattern "/youku/*.flv"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
edit "rule3"
config match-entries
edit 1
set pattern "/youku/*.kux"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
edit "rule4"
config match-entries
edit 1
set pattern "/youku/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
edit "rule5"
config match-entries
edit 1
set pattern "/youku/*.flv"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
edit "rule6"
config match-entries
edit 1
set pattern "/youku/*.kux"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
end
next
edit "vcache://tudou/"
set comment "Static entries are not allowed to change except disable."
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/f4v/*"
next
edit 2
set target parameter
set pattern "*id=tudou*"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*begin=*"
next
end
config content-id
set start-str "/"
set start-skip 1
set start-direction backward
end
next
end
next
edit "vcache://cbc/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "cbc.ca" "mobilehls-vh.akamaihd.net"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "*.mp4*"
next
edit 2
set pattern "*Seg*"
next
edit 3
set pattern "*Frag*"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
edit "rule2"
set match-mode any
config match-entries
edit 1
set pattern "*.ts"
next
edit 2
set pattern "*.mp4"
next
end
config content-id
set start-str "/"
set start-skip 1
end
next
end
next
edit "vcache://megaupload/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "megaupload.com"
set response-expires enable
config rules
edit "rule1"
config match-entries
edit 1
set pattern "/files/*"
next
end
config content-id
set target referrer
set start-str "d="
set start-skip 2
end
next
end
next
edit "update://windowsupdate/"
set comment "Static entries are not allowed to change except disable."
set host-domain-name-suffix "download.windowsupdate.com"
set request-cache-control enable
set response-cache-control enable
set response-expires enable
set updateserver enable
next
end
config log tap-device
edit "default-tap-gui"
set status enable
set port 12121
set format json
config filter
set forward-traffic disable
set local-traffic disable
set multicast-traffic disable
set sniffer-traffic disable
set ztna-traffic disable
set anomaly disable
set voip disable
set gtp disable
config free-style
edit 1
set category event
set filter "subtype router or VPN"
set filter-type exclude
next
end
end
next
end
config system cluster-sync
end
config system fortiguard
set update-server-location usa
set sdns-server-ip "208.91.112.220"
end
config endpoint-control fctems
edit 1
next
edit 2
next
edit 3
next
edit 4
next
edit 5
next
end
config system email-server
set server "notification.fortinet.net"
set port 465
set security smtps
end
config system session-helper
edit 1
set name pptp
set protocol 6
set port 1723
next
edit 2
set name h323
set protocol 6
set port 1720
next
edit 3
set name ras
set protocol 17
set port 1719
next
edit 4
set name tns
set protocol 6
set port 1521
next
edit 5
set name tftp
set protocol 17
set port 69
next
edit 6
set name rtsp
set protocol 6
set port 554
next
edit 7
set name rtsp
set protocol 6
set port 7070
next
edit 8
set name rtsp
set protocol 6
set port 8554
next
edit 9
set name ftp
set protocol 6
set port 21
next
edit 10
set name mms
set protocol 6
set port 1863
next
edit 11
set name pmap
set protocol 6
set port 111
next
edit 12
set name pmap
set protocol 17
set port 111
next
edit 13
set name sip
set protocol 17
set port 5060
next
edit 14
set name dns-udp
set protocol 17
set port 53
next
edit 15
set name rsh
set protocol 6
set port 514
next
edit 16
set name rsh
set protocol 6
set port 512
next
edit 17
set name dcerpc
set protocol 6
set port 135
next
edit 18
set name dcerpc
set protocol 17
set port 135
next
edit 19
set name mgcp
set protocol 17
set port 2427
next
edit 20
set name mgcp
set protocol 17
set port 2727
next
end
config system auto-install
set auto-install-config enable
set auto-install-image enable
end
config system ntp
set ntpsync enable
set server-mode enable
set interface "fortilink"
end
config system ftm-push
set server-cert "Fortinet_Factory"
end
config system automation-trigger
edit "Network Down"
set description "Default automation trigger configuration for when a network connection goes down."
set event-type event-log
set logid 20099
config fields
edit 1
set name "status"
set value "DOWN"
next
end
next
edit "HA Failover"
set description "Default automation trigger configuration for when an HA failover occurs."
set event-type ha-failover
next
edit "Reboot"
set description "Default automation trigger configuration for when a FortiGate is rebooted."
set event-type reboot
next
edit "FortiAnalyzer Connection Down"
set description "Default automation trigger configuration for when the FortiAnalyzer connection is lost."
set event-type event-log
set logid 22902
next
edit "License Expired Notification"
set description "Default automation trigger configuration for when a license is near expiration."
set event-type license-near-expiry
set license-type any
next
edit "Compromised Host - High"
set description "Default automation trigger configuration for when a high severity compromised host is detected."
next
edit "Incoming Webhook Call"
set description "Default automation trigger configuration for an incoming webhook."
set event-type incoming-webhook
next
edit "Security Rating Notification"
set description "Default automation trigger configuration for when a new Security Rating report is available."
set event-type security-rating-summary
set report-type any
next
end
config system automation-action
edit "Default Email"
set description "Default automation action configuration for sending an email with basic information on the log event."
set action-type email
set email-subject "%%log.logdesc%%"
next
edit "FortiExplorer Notification"
set description "Default automation action configuration for sending a notification to any FortiExplorer mobile application."
set action-type fortiexplorer-notification
next
edit "Quarantine on FortiSwitch + FortiAP"
set description "Default automation action configuration for quarantining a MAC address on FortiSwitches and FortiAPs."
set action-type quarantine
next
edit "Quarantine FortiClient EMS Endpoint"
set description "Default automation action configuration for quarantining a FortiClient EMS endpoing device."
set action-type quarantine-forticlient
next
end
config system automation-stitch
edit "Network Down"
set description "Default automation stitch to send an email when a network goes down."
set status disable
set trigger "Network Down"
config actions
edit 1
set action "Default Email"
next
end
next
edit "HA Failover"
set description "Default automation stitch to send an email when a HA failover is detected."
set status disable
set trigger "HA Failover"
config actions
edit 1
set action "Default Email"
next
end
next
edit "Reboot"
set description "Default automation stitch to send an email when a FortiGate is rebooted."
set status disable
set trigger "Reboot"
config actions
edit 1
set action "Default Email"
next
end
next
edit "FortiAnalyzer Connection Down"
set description "Default automation stitch to send a FortiExplorer notification when the connection to FortiAnalyzer is lost."
set trigger "FortiAnalyzer Connection Down"
config actions
edit 1
set action "FortiExplorer Notification"
next
end
next
edit "License Expired Notification"
set description "Default automation stitch to send a FortiExplorer notification when a license is near expiration."
set trigger "License Expired Notification"
config actions
edit 1
set action "FortiExplorer Notification"
next
end
next
edit "Compromised Host Quarantine"
set description "Default automation stitch to quarantine a high severity compromised host on FortiAPs, FortiSwitches, and FortiClient EMS."
set status disable
set trigger "Compromised Host - High"
config actions
edit 1
set action "Quarantine on FortiSwitch + FortiAP"
next
edit 2
set action "Quarantine FortiClient EMS Endpoint"
next
end
next
edit "Incoming Webhook Quarantine"
set description "Default automation stitch to quarantine a provided MAC address on FortiAPs, FortiSwitches, and FortiClient EMS using an Incoming Webhook."
set status disable
set trigger "Incoming Webhook Call"
config actions
edit 1
set action "Quarantine on FortiSwitch + FortiAP"
next
edit 2
set action "Quarantine FortiClient EMS Endpoint"
next
end
next
edit "Security Rating Notification"
set description "Default automation stitch to send a FortiExplorer notification when a new Security Rating report is available."
set trigger "Security Rating Notification"
config actions
edit 1
set action "FortiExplorer Notification"
next
end
next
end
config system federated-upgrade
set status disabled
end
config dpdk global
set multiqueue disable
set sleep-on-idle disable
set elasticbuffer disable
set per-session-accounting traffic-log-only
set ipsec-offload disable
set hugepage-percentage 30
set mbufpool-percentage 25
end
config dpdk cpus
set rx-cpus "all"
set vnp-cpus "all"
set ips-cpus "all"
set tx-cpus "all"
end
config system ike
end
config system object-tagging
edit "default"
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
set id 1
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
set id 2
next
end
config system settings
end
config system dhcp server
edit 1
set ntp-service local
set default-gateway 10.255.1.1
set netmask 255.255.255.0
set interface "fortilink"
config ip-range
edit 1
set start-ip 10.255.1.2
set end-ip 10.255.1.254
next
end
set vci-match enable
set vci-string "FortiSwitch" "FortiExtender"
next
end
config firewall address
edit "none"
set uuid 91bf89fe-877d-51ed-7144-1d4d8df7ff67
set subnet 0.0.0.0 255.255.255.255
next
edit "login.microsoftonline.com"
set uuid 91bfd17a-877d-51ed-43ca-c3a21074d0c7
set type fqdn
set fqdn "login.microsoftonline.com"
next
edit "login.microsoft.com"
set uuid 91c02c2e-877d-51ed-d1e3-f58187eb640c
set type fqdn
set fqdn "login.microsoft.com"
next
edit "login.windows.net"
set uuid 91c07418-877d-51ed-1b5e-b582a5b1212b
set type fqdn
set fqdn "login.windows.net"
next
edit "gmail.com"
set uuid 91c0b428-877d-51ed-c847-759a6f882950
set type fqdn
set fqdn "gmail.com"
next
edit "wildcard.google.com"
set uuid 91c0f87a-877d-51ed-94ef-28e762b06b14
set type fqdn
set fqdn "*.google.com"
next
edit "wildcard.dropbox.com"
set uuid 91c13ccc-877d-51ed-84b4-7888a78736ec
set type fqdn
set fqdn "*.dropbox.com"
next
edit "all"
set uuid 9cd6cfdc-877d-51ed-e542-1752f61677fe
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid 9cd6e1a2-877d-51ed-12e0-c54f6cb36bf8
next
edit "FABRIC_DEVICE"
set uuid 9cd6f1b0-877d-51ed-4fc1-1dd268087767
set comment "IPv4 addresses of Fabric Devices."
next
edit "SSLVPN_TUNNEL_ADDR1"
set uuid 9cdc7536-877d-51ed-30ae-badc2d985caf
set type iprange
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid 2d85220e-877e-51ed-cd3d-4a0a94c7270d
set type dynamic
set sub-type ems-tag
set dirty clean
next
end
config firewall multicast-address
edit "all"
set start-ip 224.0.0.0
set end-ip 239.255.255.255
next
edit "all_hosts"
set start-ip 224.0.0.1
set end-ip 224.0.0.1
next
edit "all_routers"
set start-ip 224.0.0.2
set end-ip 224.0.0.2
next
edit "Bonjour"
set start-ip 224.0.0.251
set end-ip 224.0.0.251
next
edit "EIGRP"
set start-ip 224.0.0.10
set end-ip 224.0.0.10
next
edit "OSPF"
set start-ip 224.0.0.5
set end-ip 224.0.0.6
next
end
config firewall address6
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid 9cdc86d4-877d-51ed-dfcb-16ba5e1a85b9
set ip6 fdff:ffff::/120
next
edit "all"
set uuid 91c239f6-877d-51ed-68f1-2ac6e3554da3
next
edit "none"
set uuid 91c2702e-877d-51ed-2384-f7d69163b13e
set ip6 ::/128
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
next
end
config firewall addrgrp
edit "G Suite"
set uuid 91c17b9c-877d-51ed-8e0c-68cc93cff48f
set member "gmail.com" "wildcard.google.com"
next
edit "Microsoft Office 365"
set uuid 91c1dbc8-877d-51ed-cb7c-d43b9d71f915
set member "login.microsoftonline.com" "login.microsoft.com" "login.windows.net"
next
end
config firewall wildcard-fqdn custom
edit "adobe"
set uuid 91e5882a-877d-51ed-d31a-fc7604b7f83e
set wildcard-fqdn "*.adobe.com"
next
edit "Adobe Login"
set uuid 91e59216-877d-51ed-78be-95eb71e71e6e
set wildcard-fqdn "*.adobelogin.com"
next
edit "android"
set uuid 91e59b12-877d-51ed-1b02-82768aa79e8f
set wildcard-fqdn "*.android.com"
next
edit "apple"
set uuid 91e5a404-877d-51ed-b9f8-df728ea4f91f
set wildcard-fqdn "*.apple.com"
next
edit "appstore"
set uuid 91e5adf0-877d-51ed-ee78-d26412230276
set wildcard-fqdn "*.appstore.com"
next
edit "auth.gfx.ms"
set uuid 91e5b6c4-877d-51ed-8075-4d976f692c1e
set wildcard-fqdn "*.auth.gfx.ms"
next
edit "citrix"
set uuid 91e5bfb6-877d-51ed-81e8-3fee609e66bc
set wildcard-fqdn "*.citrixonline.com"
next
edit "dropbox.com"
set uuid 91e5cc90-877d-51ed-450f-05b424c4e9ea
set wildcard-fqdn "*.dropbox.com"
next
edit "eease"
set uuid 91e5d8de-877d-51ed-197d-98b8298d4680
set wildcard-fqdn "*.eease.com"
next
edit "firefox update server"
set uuid 91e5e8d8-877d-51ed-5b68-fe8a88865dd1
set wildcard-fqdn "aus*.mozilla.org"
next
edit "fortinet"
set uuid 91e5f1f2-877d-51ed-d1c9-3aa9670074b6
set wildcard-fqdn "*.fortinet.com"
next
edit "googleapis.com"
set uuid 91e5fad0-877d-51ed-08c2-6e62eb609cd3
set wildcard-fqdn "*.googleapis.com"
next
edit "google-drive"
set uuid 91e603fe-877d-51ed-1d6c-3012ca6aee87
set wildcard-fqdn "*drive.google.com"
next
edit "google-play2"
set uuid 91e60d9a-877d-51ed-b751-ba75d82313b9
set wildcard-fqdn "*.ggpht.com"
next
edit "google-play3"
set uuid 91e6168c-877d-51ed-7997-6c77130ad6ba
set wildcard-fqdn "*.books.google.com"
next
edit "Gotomeeting"
set uuid 91e61fba-877d-51ed-d0eb-643d83af6f4a
set wildcard-fqdn "*.gotomeeting.com"
next
edit "icloud"
set uuid 91e64350-877d-51ed-d537-85f2221fcf90
set wildcard-fqdn "*.icloud.com"
next
edit "itunes"
set uuid 91e65232-877d-51ed-638c-f1d4ea5bd588
set wildcard-fqdn "*itunes.apple.com"
next
edit "microsoft"
set uuid 91e65c0a-877d-51ed-1df9-3425664c2e36
set wildcard-fqdn "*.microsoft.com"
next
edit "skype"
set uuid 91e66538-877d-51ed-c387-0fe7054d5ae8
set wildcard-fqdn "*.messenger.live.com"
next
edit "softwareupdate.vmware.com"
set uuid 91e66e52-877d-51ed-c175-b604bd638bb0
set wildcard-fqdn "*.softwareupdate.vmware.com"
next
edit "verisign"
set uuid 91e6787a-877d-51ed-a4ae-2f47a51a2186
set wildcard-fqdn "*.verisign.com"
next
edit "Windows update 2"
set uuid 91e681a8-877d-51ed-2c5f-425b06b54999
set wildcard-fqdn "*.windowsupdate.com"
next
edit "live.com"
set uuid 91e68cac-877d-51ed-725d-2385ca63e9d7
set wildcard-fqdn "*.live.com"
next
edit "google-play"
set uuid 91e69990-877d-51ed-34a9-d7ef6b6cdb0c
set wildcard-fqdn "*play.google.com"
next
edit "update.microsoft.com"
set uuid 91e6a714-877d-51ed-73a6-d92125f7de5a
set wildcard-fqdn "*update.microsoft.com"
next
edit "swscan.apple.com"
set uuid 91e6b43e-877d-51ed-878d-6748062f9dec
set wildcard-fqdn "*swscan.apple.com"
next
edit "autoupdate.opera.com"
set uuid 91e6c082-877d-51ed-0c9a-6e9fefd5d35c
set wildcard-fqdn "*autoupdate.opera.com"
next
edit "cdn-apple"
set uuid 91e6ccda-877d-51ed-21de-a6a105c48365
set wildcard-fqdn "*.cdn-apple.com"
next
edit "mzstatic-apple"
set uuid 91e6d9fa-877d-51ed-0391-e75f2301cc32
set wildcard-fqdn "*.mzstatic.com"
next
end
config firewall service category
edit "General"
set comment "General services."
next
edit "Web Access"
set comment "Web access."
next
edit "File Access"
set comment "File access."
next
edit "Email"
set comment "Email services."
next
edit "Network Services"
set comment "Network services."
next
edit "Authentication"
set comment "Authentication service."
next
edit "Remote Access"
set comment "Remote access."
next
edit "Tunneling"
set comment "Tunneling service."
next
edit "VoIP, Messaging & Other Applications"
set comment "VoIP, messaging, and other applications."
next
edit "Web Proxy"
set comment "Explicit web proxy."
next
end
config firewall service custom
edit "DNS"
set category "Network Services"
set tcp-portrange 53
set udp-portrange 53
next
edit "HTTP"
set category "Web Access"
set tcp-portrange 80
next
edit "HTTPS"
set category "Web Access"
set tcp-portrange 443
next
edit "IMAP"
set category "Email"
set tcp-portrange 143
next
edit "IMAPS"
set category "Email"
set tcp-portrange 993
next
edit "LDAP"
set category "Authentication"
set tcp-portrange 389
next
edit "DCE-RPC"
set category "Remote Access"
set tcp-portrange 135
set udp-portrange 135
next
edit "POP3"
set category "Email"
set tcp-portrange 110
next
edit "POP3S"
set category "Email"
set tcp-portrange 995
next
edit "SAMBA"
set category "File Access"
set tcp-portrange 139
next
edit "SMTP"
set category "Email"
set tcp-portrange 25
next
edit "SMTPS"
set category "Email"
set tcp-portrange 465
next
edit "KERBEROS"
set category "Authentication"
set tcp-portrange 88 464
set udp-portrange 88 464
next
edit "LDAP_UDP"
set category "Authentication"
set udp-portrange 389
next
edit "SMB"
set category "File Access"
set tcp-portrange 445
next
edit "FTP"
set category "File Access"
set tcp-portrange 21
next
edit "FTP_GET"
set category "File Access"
set tcp-portrange 21
next
edit "FTP_PUT"
set category "File Access"
set tcp-portrange 21
next
edit "ALL"
set category "General"
set protocol IP
next
edit "ALL_TCP"
set category "General"
set tcp-portrange 1-65535
next
edit "ALL_UDP"
set category "General"
set udp-portrange 1-65535
next
edit "ALL_ICMP"
set category "General"
set protocol ICMP
unset icmptype
next
edit "ALL_ICMP6"
set category "General"
set protocol ICMP6
unset icmptype
next
edit "GRE"
set category "Tunneling"
set protocol IP
set protocol-number 47
next
edit "AH"
set category "Tunneling"
set protocol IP
set protocol-number 51
next
edit "ESP"
set category "Tunneling"
set protocol IP
set protocol-number 50
next
edit "AOL"
set visibility disable
set tcp-portrange 5190-5194
next
edit "BGP"
set category "Network Services"
set tcp-portrange 179
next
edit "DHCP"
set category "Network Services"
set udp-portrange 67-68
next
edit "FINGER"
set visibility disable
set tcp-portrange 79
next
edit "GOPHER"
set visibility disable
set tcp-portrange 70
next
edit "H323"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 1720 1503
set udp-portrange 1719
next
edit "IKE"
set category "Tunneling"
set udp-portrange 500 4500
next
edit "Internet-Locator-Service"
set visibility disable
set tcp-portrange 389
next
edit "IRC"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 6660-6669
next
edit "L2TP"
set category "Tunneling"
set tcp-portrange 1701
set udp-portrange 1701
next
edit "NetMeeting"
set visibility disable
set tcp-portrange 1720
next
edit "NFS"
set category "File Access"
set tcp-portrange 111 2049
set udp-portrange 111 2049
next
edit "NNTP"
set visibility disable
set tcp-portrange 119
next
edit "NTP"
set category "Network Services"
set tcp-portrange 123
set udp-portrange 123
next
edit "OSPF"
set category "Network Services"
set protocol IP
set protocol-number 89
next
edit "PC-Anywhere"
set category "Remote Access"
set tcp-portrange 5631
set udp-portrange 5632
next
edit "PING"
set category "Network Services"
set protocol ICMP
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set protocol ICMP
set visibility disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set protocol ICMP
set visibility disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set protocol ICMP
set visibility disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set category "Remote Access"
set tcp-portrange 111
set udp-portrange 111
next
edit "PPTP"
set category "Tunneling"
set tcp-portrange 1723
next
edit "QUAKE"
set visibility disable
set udp-portrange 26000 27000 27910 27960
next
edit "RAUDIO"
set visibility disable
set udp-portrange 7070
next
edit "REXEC"
set visibility disable
set tcp-portrange 512
next
edit "RIP"
set category "Network Services"
set udp-portrange 520
next
edit "RLOGIN"
set visibility disable
set tcp-portrange 513:512-1023
next
edit "RSH"
set visibility disable
set tcp-portrange 514:512-1023
next
edit "SCCP"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 2000
next
edit "SIP"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 5060
set udp-portrange 5060
next
edit "SIP-MSNmessenger"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 1863
next
edit "SNMP"
set category "Network Services"
set tcp-portrange 161-162
set udp-portrange 161-162
next
edit "SSH"
set category "Remote Access"
set tcp-portrange 22
next
edit "SYSLOG"
set category "Network Services"
set udp-portrange 514
next
edit "TALK"
set visibility disable
set udp-portrange 517-518
next
edit "TELNET"
set category "Remote Access"
set tcp-portrange 23
next
edit "TFTP"
set category "File Access"
set udp-portrange 69
next
edit "MGCP"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 2428
set udp-portrange 2427 2727
next
edit "UUCP"
set visibility disable
set tcp-portrange 540
next
edit "VDOLIVE"
set visibility disable
set tcp-portrange 7000-7010
next
edit "WAIS"
set visibility disable
set tcp-portrange 210
next
edit "WINFRAME"
set visibility disable
set tcp-portrange 1494 2598
next
edit "X-WINDOWS"
set category "Remote Access"
set tcp-portrange 6000-6063
next
edit "PING6"
set protocol ICMP6
set visibility disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 1433 1434
next
edit "MYSQL"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 3306
next
edit "RDP"
set category "Remote Access"
set tcp-portrange 3389
next
edit "VNC"
set category "Remote Access"
set tcp-portrange 5900
next
edit "DHCP6"
set category "Network Services"
set udp-portrange 546 547
next
edit "SQUID"
set category "Tunneling"
set tcp-portrange 3128
next
edit "SOCKS"
set category "Tunneling"
set tcp-portrange 1080
set udp-portrange 1080
next
edit "WINS"
set category "Remote Access"
set tcp-portrange 1512
set udp-portrange 1512
next
edit "RADIUS"
set category "Authentication"
set udp-portrange 1812 1813
next
edit "RADIUS-OLD"
set visibility disable
set udp-portrange 1645 1646
next
edit "CVSPSERVER"
set visibility disable
set tcp-portrange 2401
set udp-portrange 2401
next
edit "AFS3"
set category "File Access"
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
next
edit "TRACEROUTE"
set category "Network Services"
set udp-portrange 33434-33535
next
edit "RTSP"
set category "VoIP, Messaging & Other Applications"
set tcp-portrange 554 7070 8554
set udp-portrange 554
next
edit "MMS"
set visibility disable
set tcp-portrange 1755
set udp-portrange 1024-5000
next
edit "NONE"
set visibility disable
set tcp-portrange 0
next
edit "webproxy"
set proxy enable
set category "Web Proxy"
set protocol ALL
set tcp-portrange 0-65535:0-65535
next
end
config firewall service group
edit "Email Access"
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
next
edit "Web Access"
set member "DNS" "HTTP" "HTTPS"
next
edit "Windows AD"
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
next
edit "Exchange Server"
set member "DCE-RPC" "DNS" "HTTPS"
next
end
config vpn certificate ca
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set password ENC ZGxRuLbtoKg45rD0QaVGH4jElwy3OwUmD6DVuptOEbTMHxhjrvH2D1wmkE/s6fcKRpqaTf8tlf1xuRxWh86dHVG0nh4Pi3r+r9UDTnYFJ1R8zt7UCm3NBnD3mqr62NxmQccxHX5ej3VRYYMxTnZp2jfOP8B9nk0MEd9pVxk+ZlHKcpV4bLetzYz0/fkZcLEBebyyvA==
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBrDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIMlrs1IoDCS8CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBivGdvpRiYyBIIBWEc8xUvdrvq5
r8ehCUSiqcrXH8LhON4wpHJprE6JYDRugDDUyWrK2EQlkq08+lHTchmjrJyecHGp
Dqre/M4vyvWF+kRI3m3zGcluGUSpVr7JZHWKcwSWDK9s9tLzpaCAM5He0xG6xL5I
kpUm1Lx1qdktzA5XRkVHNMUg3SW6Wz7VoOtAaPCH+Imsn0ZREHFViH9g7Ix3NmRg
qSScr/uLSl/Ra1iIh/Ycte5puGOvo829jyJsbW5wO8OMjq+fb1OOyGf0+GxIaWFU
0iqzHImHQhnd76WMaCe7qCMh8tiC1Kexu8BCQi9q1g1nVOkRtUuvhmVCyQe0st1L
UZkSiWbofc5alecT1J7zwcD0CBZ8ScTojewfCLn5SwhMZQ/mB9KNT7xvuyWx7qm7
PkzvErrwUGDuiAagWr50Iphbg4nBR8FkiZSLtLD8X3yojgrqP18idKjCWjGovPjC
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICaTCCAhOgAwIBAgIINDNMWkeG4iAwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTIyMTIyOTEzMzg0NFoXDTMyMTIyOTEzMzg0
NFowgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH
DAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEZHVk1FVkRQOTkySjMzQzQxIzAhBgkq
hkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tMFwwDQYJKoZIhvcNAQEBBQAD
SwAwSAJBANYaPoStcl876Su9UgQmiXwBJ68iGukZYE+ulz0Mzzc+hBmhL4GtoP8p
12DWKm9TPVVGQeJ/JiJpRJSLGcAwzs0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zAL
BgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQELBQADQQASfS/Jb8oHpSagnTHWQze9ylhM
0sZCnwyIkA0S/SuTDCAG9nKk0rHPYFa0GvAe9yQgKqSUVPW9DIaUk55yOy/w
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_CA_Untrusted"
set password ENC 7QmlybREKnkmvrCkaQva3JUwgHgloHAebZvkQn1GV0TtHnwmejRY0Dq1K0FRDofuLpSlFwA61XMNGSvqPffIz03mz4Hb2+lqvz5SShITOtXqlPBKtjaIGvO3dFyYR9VU48Cg2XSebeIm51xiJf5sSPJXsNWeFdBIc8GBbOQ+3JaEcik5lZZnLEmP6gD+KkmN6pu+pA==
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI5RQA+ZxhgkECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECL4QRgXfULjhBIIBYKf0By3Ycovj
0OscB3LvNkkE824mOYyKrd1EuXXZnGrTliZhi/FY2/Tz+JZBZyO9e/HHoHqqGcn8
6ft55YzID4XVeK8XDo7tUHeM7zEYcMr5jUI/dckodPscvwCwQtyDo050FWfaeYxO
OcKglbxhAnMdHI31KtxS1MbDqqg3kPaLZ4vMIIhtVs1CHltbbu8rf8eBLZENX/iU
XU+tpAKUZi0O0JEBXzZOQ+7kkyc1n6KnB9s0kZ65aJL8KGwXcZPJqj/oeq9Bxq9q
P7leKPjvtb1vjS3B6+FR8Z6t1OVliMnjt+2kbblLDwdJ9jDM8UGKAmRo9OltaXki
45mMwhTKfjCyCd1xmHLJ48YbHNqib8gcIgsfE13jlHeTEsOM+w9kQOdGa+WZcV7N
fuGXi/Gad5vyMDwXk1LC6YMaC02T5iZQ3pq+vtNbvow82dpIrXWkptaTgV/iisRZ
2Z7CFF4paJ0=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICczCCAh2gAwIBAgIICxuRCFrjHskwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxHjAcBgNVBAMMFUZvcnRpbmV0IFVudHJ1c3RlZCBDQTEjMCEGCSqGSIb3DQEJ
ARYUc3VwcG9ydEBmb3J0aW5ldC5jb20wHhcNMjIxMjI5MTMzNDQ0WhcNMzIxMjI5
MTMzNDQ0WjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQ
BgNVBAcMCVN1bm55dmFsZTERMA8GA1UECgwIRm9ydGluZXQxHjAcBgNVBAsMFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAwwVRm9ydGluZXQgVW50cnVzdGVk
IENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBcMA0GCSqG
SIb3DQEBAQUAA0sAMEgCQQDGxtbRzYOaQQTojbqeABstWfIMvqqCQu6wKYQiJUpZ
J70NSxXpQ/ps+kgieoWCfNBKVI/TeP9LbnPGSAI9PVovAgMBAAGjHTAbMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBCwUAA0EAA0nKTHP4NQoi
raVmFCbj+mYaUvrd28Eovp/Ji1MUdipgF7jD58oy1VKvRNQ4w8gTx2sJ+DLwlCd0
49FZdITo2A==
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL"
set password ENC DMDAZc0ZbSD3GJkgI/fDDN0ZcmWDMDBDdsfz+oxlI0cx4C86mSSNW/QEvnHUkEuOiILJcS3fucD0iNyx9+ygtbYowXMjpxT03yuGNdDAGJmGh3FXUr7Dl5edM5lIIYBK/soUwzTslNZoh5ruVPWdynwa3sX7+Hv3fJucykVoK3QdSUaouT7dbF9JcQjGn1w8pk0mGw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI2fVyWVWNAm0CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPnComM3571xBIIBYL/pGExNMVaS
DfMyVCBVMrlGvTyt0PtDcqx31LAnv/NtcfmpP3imLF2wlAzKxA8blRuTPoBSEcHc
zpDIp/66h98w0wmkVV8QEbpPd/o5hFNsIYi701wwioJY9F81n9ZZ/1oqT9sVFEsM
Vz1PoyEkz9TizV9Hxs9HOkRVNc9zIN/H7WOrWL8xFPvSXDoZj4/7Rtx8wxOsNVCM
vQ0Z5XFzz4X2bCJ4R7pt2qxpnAA75MJx8FElvdCjuZIG3kjqMw0dsj9oRuKP1az/
TCfVWp0CkEOwYZpAz5ehY3kC6anBOevaUW4WfxCKO8PFTkA95wsAf4hBU3kTY8Oc
A75r/YwccXwVeu7SpLTJQGQP+kuspOPBzRpY5IqtOdpiS70DzWD+O0WE+AtTMuvA
61slYLLLFEGaY5HiskpWBTaFhdnoV4CoAKs42cGJLcu+LRIYZ0d2cbe7dKiXvVNg
GLVEwpw1MPM=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIAiwASpV7MicwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzg0NFoXDTI1MDQwMjEzMzg0NFowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKRd4FL/V//I6ZU75cQ8Kka+
e/L1Pa/OlFfapiPW4lNv5bmrn2PaXi9xdEM3TwagbZG5OIuzROWAXvFUyjb1GOEC
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAHtREkU2B3QI+GIE3Mb0a7p1h4XZfOj105Z70UiXnUwF6tDt9o8V
STtKJq2q9iMm2GGTPcTuSmzNKtYYqREuFsc=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_RSA1024"
set password ENC 7eKFbjcHCQRO5wBGqw7fab1OB3JGYCtoc3ZoJMxrnnM5scv/8ULqjuV3K1WjAhAYy2AnCpOKvgWyIuW3GZR3MNJZQzVpPHY0YWvzMAmcyO4HpJ6zo9ugYbJ4qny3PiN+bLJWB94e7sVTHT9MFUtq/PYOhoACv3e9ssvlzwuvHShMGjeNQMeUfIh/VGs+re8bA3Y8Mw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIsepn8PyJCKACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFaJRRVOLNUKBIIBYHg/ctUhfanc
ahu3Pqe7Gl2FEzXVaglr53Ax0OYNt6Y6BG7CtJyiHhZzdm0vztOPYs2ZpDrJOxIs
q/a0DRCRkXmY2mUTc9GvEwwkgU6tN+YkIGq73mIOHyM7Hbf2iAPfrM8jxKWeV9C0
RJhsFYqpeER8J/kmtiZDxCCxh/VOxWE6vNYwbyJm0+Lz5NfxIkyZ+VwWNFHHXdDe
7Ezd3ezPVmY/SSrDjDEI6eXMa4COPAa8fJowybI7T4+PT4GYEFNp+hCaEOOhW1EL
hox7ujYqcqk8ActFa17glg4UseuWknfgquKyY5+vgFiSGTFrMidwzJQOkUne3qoi
JUjK+WctJTk3GwgygSzmBb/k+tMiFGqLteYLom44Klt4loGK9TIaOn331ftvwG7+
a2nnj2K49M0+KLqRQHVqlyrbAf8dxkmbYdRfYCszVMVnz04bpKAZzveADKC5Ogod
aXIn981phUQ=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIQSmcW6n3WN8wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALbRyB27ramvQ3T4jNjuPwT6
h7/FkfCxOmDdd4mLuWGO75jSECFE6RJ1QfxYZbZPwQGqyozrWCkyWmHgxUKdCT8C
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAAYDcN4jQfUnKAbjH3UfGtu1mXOCjNsWbbBFzhf3nTFVIpZjTzhN
LtD0bQ2QhRpSiGcJzCdYMzMaYPFo3Y/BAK8=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_RSA2048"
set password ENC arAVW3IFACQZI7RtuGLzOleLm415EuA7GgGDsFvA9mEi1vn9Dk5C/9MSAmE3cm8NL2hEK9ACfn34kOl02Y3a8vBxk0ukBMzbYBjikWuNRDemRZ6SMEfddfdYcnTl5OiXFtcXI/wwoTq9IF86h2tT52aP1vh24xejX4ZI1N2ySUxWoud07XNfx5UzrWECJik/BlChDQ==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBrDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIbJ2bNLQmwGUCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECGj9TKEJbFhGBIIBWMTBQuh7Gm/c
5OhhwGKXnV1mPbK3f1/6LUUZuNh4nCJrhy6WZLFmq6iT9ZwZiWCmvHfIhfmMO7ZH
qenGv3hbYxmi3diQpQ3tUf+OB+vV1u0t9dE3z+mqPRUgY2IpPnlMhehEg873BL0x
QMf+zDEe+jLPNfHuqLYzG6A4jQT4KasJajbk0O2llyYRpHtW9jxvKMG35EVZYhxH
dS2e4jBUXnJDpP1LN1MsBCvX9rdQ6kC3krkIi1OM6ZnYFPWm7LMST/0zknnM+1Zv
VKdac3hlovqYYreysplaQl3LQC2OosQ3WTVO8Sj7+MYt+dP2r3c6OnAMhzuKE6Ep
V4wDlEp+IOK/RBCu6d3D6S6rPuGspJbvrRaCkJTSp8nKAND/ChcmbwmNRFjPQdoG
7FqGLjNUFEGN42fEL49+fwiQxiXZ7ZDrDSgiaO2VI9wSKRgKrwxj8Xqal23xHZoE
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIcJhFCHMq+o8wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANAxcqiPAfEZ1gOlqd8ccBLf
2Ld0xDbKRExb4CT11yJEVfgCuG0Ght29mXnQtyKnZ6EzfoJkMdoRCHRBe2hRYJ0C
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAHOjmK28EdEFUbZOogoVE2pcnUDTTs+ZTXgJOmFDu3Lbjk/paH6L
YEVqJJasf7zVXOjLzD2m3wRhR3VfMDN61jM=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_RSA4096"
set password ENC VyK+QP8RaQUuTXW3f0zHRSI3PUoGi5gNYoxEqWosljzT6i2t0RDK1GF92jgYQTtHjVTk63bCxaMzexD1Ym+Jf1R/Jq7BIP/YYRP1bPc/ITZWosS1D64m2kF4CPRtA5+kE82xQ20Ul9Ti+rfCBlk+bQ0w+xH0pFCP71gkvB/L4hqw2+w6pJY0GrpMo4m0gQ2Z7LclfQ==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIE0jfV13MZqkCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBu+BCiRt7z3BIIBYDNRlOur4yQE
oU//TP4+8ZbzdhdqXl8wEenFvc0qeI2U9wOJRukbXLnu2kOqKeRZjxI1mh2cUhSX
wF3bapABQWsulKMNe7BtJVxgilufCvTe/mzS2CirVAmifrxI7rtEvL6d1XiYrDBc
/M9ASkcq3NHWuEEnpyiuHXZP2pytBdw8IQvkzpLvt6c6bGAlyTFfUHGJ2K6U2fnj
a5rEWlHjjN5R4FnqL8xdd48O0KzNT7yKyZuOqx+6n0tVGMHsW9G2cq5ShkErqhSk
FyStH1RMM0AfdmJNfvhoZFiCD7jKMjyhoaBAKMcBqDDI7FeTlSYrghyQPrsYPQyw
Y/L8e/jcqU8vP+qcfgidAxI97/5dhJBk3oT9HyEaFoYEWYUc6M4KKbN67bXr41ZF
ncvDl+q78v7sMIf/sKwVWwULsxklElr4ExyUAhWFUdgPLmRoeFZFhkDnvOj9Vs3i
hY3P0nlbJPk=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIId0lg/XODsjIwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMdz6pWVy6uVakvNdCObn7jV
K6XZG97Psp6btXEq7dQk0jOA4RNp81DfKTTipZC7qoRf2BcNNxaqkXkFRT5XRZsC
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBADEe40c/+OhqC60wYy1Bn3lBPFPr0tCIcSVpFVnlR6Nmd726KxFG
UEKcYv9MUJWWvvRVuHYZYt/SS66HcRx7Tx0=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_DSA1024"
set password ENC LwIPBMHZNntS1ZdLFDMzwjPBw6d8527a52ldbd32T7YFzrFribsITpyW6AqRvKswymn3Yihatv4iOUj/oEEkgZgcWyz7eaBHBEzt+5ky6y//fKxOO7nUuU8GUhZ/iuFI3T3F7mNtBdKNvBbgN/c/h1LGf/niddwHy0SIef1SbAv6yoIfjmDc/APf0voqVGT5F+s4Nw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBIzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI26aKo/XLfYICAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFD0hhifoIMQBIHQFSIC39UyzwO9
kd1hBv5YrfP8yxuDl3o6DGYJsI/hQ9PZSrPDznkH6Fdcso6HsTZ1cQaBsLtDIJ9h
QlW3hBgwgxXETUFt1VrxAa4KHoK7i+ADblSKqT/jFEkY4VVVGb2PHIuCb8o2h9JY
U8kgz/hkc1EZOVb5jVErjvI0JgURx+guCYCBgr72TU466Yoh+8SWo4k+vj2lC5pH
er4xs+hujhVh/vnFQVcdmXkZokvvhXwknRuWgjF1OGrpYqmMa4GwrnX6appjrNzn
rxQxWhIRVw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC1jCCApSgAwIBAgIIePZRuQoJgFAwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCB8TCBqAYHKoZIzjgEATCBnAJBAMF5QEbLGgBRxjPO9Jmr2c2f8q0f+d1s
MFfk2Atzo4zKPxlG2lm9tEBvvGg/fFFV0k5tmPPYJ6YTSnpvQbHyI5kCFQCJdwLi
qLIGP755jrGqkajOSsO6SQJADq0YRYKOjn5ZJBZeiaza6CQZN8Aq4OG+RbXp6twC
hFDClXKBrjjNP9J0WkndzZ1Gxg2arg015Lc7EgaGn12kiQNEAAJBALjxtwrvMx6U
3crobVvs84nwf9T+o5m6s7WQSwXT30IKOBQ7pGzTWZ/w+mFqf1oU4IjTDfsaNfJT
bBKNi6Owj+CjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYJ
YIZIAWUDBAMCAy8AMCwCFEbosjUM2Uwe4RTzyTYDguecqZ1hAhR7qPTgEwelqKWE
AE6ImBMNhB3Gyg==
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_DSA2048"
set password ENC TKY/mnu2aF2ajjaztBX30H6yuDSrq7pOUoxVfevyKzovRZeSlgc1y8drhtf9yFDRYL7fu3XApAYUStLXOBF8ytWHSNNLfyJJzU2FIftml8golDYxeDYmby4kzr+zoXSIjomd7hNYZQMC0uRRGxEWqaeVHw+5Se+7KuS4mw+0PbV2lPPply2x57k6ax3kzQVFlsFuEQ==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBIzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIzdcl9E6CVpACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIsb+d7LBUSpBIHQWbWoS2GaiysP
B+Dwt+GkyAuKld88o732Z7DCPPp54vMkZPPUeSD6AJdNoXt2nDyjxHZDSBg+B4pj
tqtQi9jrrbmRBlG1wQqDwaB3ZUhJ7wgR4CYWTAhGh1gAjeVFiTptIBFNCxwuTmgU
Gebd2t4nz7B+Y2BHQLV36xZ4JSjuAjkYdoeoiQ5HKI9znRA5uNsX8dolkDqZLfAk
xiAOkYkDsYRJe9Oyh7kprEaEkJBCKf6NBV6pKdn1HjBwTMdMaYvgx0vnKKVpsKyN
z4kO+Qtacg==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC1jCCApSgAwIBAgIIGZlZx9P2rP8wCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCB8TCBqQYHKoZIzjgEATCBnQJBANvoEEptDn5xFm7rgrbca7UGNRZ10Bq8
YC5dg90vKrrviXNoRkeIY9p2PK/Ss7i6R9rMglbVoQFv03Z/K6Qx3BUCFQCcqNen
RvMbL5BwJMDh4dKpqARVXwJBAKhgmCJmPTYA5iodwCAb9H6GYag4eG7YGpc8J+kU
0hUzzm8qJKeBE6pdvPK866lmn8RrxvteJN8kLJ4uPlDe6j0DQwACQA4y0ve3AQNx
f2zNHk57ulz7GbUr4H/rX9TsVzXdF8wbxrKIWGSLIOAN65arZPSsTZwPMZe0H1n2
Lp0MZ71bgtWjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYJ
YIZIAWUDBAMCAy8AMCwCFFzoYbW9M0ZP9x4548NIHqjv0EbCAhRLf/0tId0QuGjG
2RFEeg6l+JgE2w==
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_ECDSA256"
set password ENC v8rYSdKBw8qt2aKxoONpesf00IBr/7qkAzCuRrbxJnETuVFAkqWOZFVJwyeqIc06OUpsSUE+VRaxQ2mfL+NG/weevn+DjJjPDHD7ZbVU3bPVpxc2f2ZQe91+C28ayCUyPYQOUfsxeikHgp479mKbpPl5GFSQrDTdB1jxtOFecqSZREv6ju/1Uvk/b5IYkM/1t5EZVw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIHjME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjbFKvb7mAJ/AICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQInbeqzpXctq8EgZCAjfSHhQEvUt2D
7n4dZPQQhUf1B8dPKvsskiTo+Y24t5zQ4KEAcQp3qBTSIoPsTIZDBPrGXbMbMZwK
OzHeSeeAa/Tc0IpL855xCg/S9W/SQMxPv51q8ceRjeGDXmFqZwpBuMz+ZixTITJH
Xb3+Eai+V4EB/M0ViVKQ2LMs8D2x12XMpGRK9M4CZa2TDOBFMk0=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVDCCAfqgAwIBAgIIH2mFUnV/iuAwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEx1/SElXvimtm5cNAz1a0tAWV
3m5kof5yInREerOLisvh1phBbiLbjsGfdVf09FwPj1v3KvdyDM5GAeXF27NgZqMi
MCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNI
ADBFAiEAg+KcASV7EImjCvbsOHeHhBJ6KxZq7SEkyx2mHpeSlGoCICpnzh/wvJAN
nyL6YEsOduBzBqIECGcUpqKhCyKbaxSz
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_ECDSA384"
set password ENC wVpOlLKc3uHw9USmCQuB5nJGoRNfLF5TXis2BOBWnGou2TANHSTg8VEkFGXmTePNM6F/eH5uNfzY5zsWRf1m+hS/nUZg46Kk6nYdOBn/vLhrgSYAU0A5okQTye10VFsl03ESSsqbNVIHrQIaNu0UUG9n2qgKAoOL7Jbnh3TCs9rXtdIuAqDRKUDFv8SUze23zAePwg==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBEzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIB0LWga72ZXECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPCPRgqEPxFDBIHAA01vb3ntx6a2
NKlpurwlBsM8xU0By6jTy1kpAilSQylwd0Uyw6Yr2vK5ycuggY0yNVra+w4kBjXa
GoRLm23hNZMLfW4IClqEUg6aebgu3sak1m0ZuzkZDOGNu78oz8WHbxEwCeHAxPKw
4g7va2fb5yCZkq5Kt0vHjtUfuIeXJh4W/KiFunFgG+H7o29z0ZrWqUH8sHQdOcVs
WPw1R4cRYjieWz7POmnLczaPK3zuEOTtmHbet7MyoxLIAQ7igeHp
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICkTCCAhegAwIBAgIIIKQ/mvMtjgswCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEL6QzxGHkbCQPPGT/hP9qRQjc3/Er
RBxyCWHgTBLj4jqO9q2e7HK3ktzsmcSwOsHONXpTnj2xs6fL4FAY/74BDQAfjn9C
AmRUq7T069Pm9cvgWdQfmjyFckbmTlzPgZb2oyIwIDAJBgNVHRMEAjAAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2gAMGUCMQDn9HnR/4LLZVP+t7GS
hjsQjmsRo7cwm2vCFm0jnTOhL20ms9S29ZTzhVvuR/83QbACMG3egAoTA2JnrHBf
eY9zSXpsvkAsBSCPDkmKS+t0/mL28NwKqvhb/y3XEdyw8iCIkg==
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_ECDSA521"
set password ENC z7Ujvt1CwiRHp6zeqbgCYZXzKoQQuR0CPkDpMolOQOqRwbqRlLxOTf5lQOTdAUZYRoV5hOpvz/d8exBF2W9XTcs0A+FR06W8539+AJe8z0AkyVpMFNjqhz1U0aNJ/WmRDqbhfh9j9LvYgvYIdfnBHxi2iraI4X+mLOJmxo8Q/XF0BKScRhOZD5L3GQU3l7EojA3a+A==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBSzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIN42+wGm21lICAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCky4vZc5UDyBIH4DvXMeecT0XTb
kDnkz+LFOSBnJTqTAofx3eeZVkQw/CewBtaIFNcaI72ugOoQcYA4LtUZ4Rli6toc
VuQYZSIB6+GKBQsh+GnO/CxirjfQkTlNXVbegSS9+keTr7J/82NAy0e8hcvHrKK8
JK0srAZtvdq8ofMEtEn/Sb09GeZLuFne2mTYon0Mdwbzp3BUUtQkTForgSmJEssn
JdtbI8gr/5xjL981S+v/XGnkJrBftLnEyXetmHczJ633XbBtfjmzIz4nnkpyYCpW
5btv4xtGmWAp4aRwCfx/sTAEbGfCI5TEzFn05rX+QuMEcT5gmXNgbniQwI3DSAA=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAj2gAwIBAgIIcMaHh7iUTFgwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQArFGJNkFZNR+DhbMdU5dYc42y
y4KFufmB45J5nglkxg0FSPOU0dw8dHxzSIkaWEmAp1eti5RFKwvYWu3kh0xuZPIA
a8V0cu2wFy9z43pj7azR4ELeJzO8yE4f6pEpbD0YCc4ty6ObG5y3dZ45mHSkm0x/
13UksYw6d8pI/pAhyE8e8gyjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwCgYIKoZIzj0EAwIDgYsAMIGHAkFlAmmoBxlX0B5ye7ffv3zmqMRFi7Y/
CYUcwKYiOdDDFrj6EBqDx4DgMqlapKqWEnc8N+x7ah+kFNEZp+Zl1qZifAJCAW4V
kEhnK4mhN2d6MeCr9lMs7NiXOoPU1hPTWU54v65/MBRJ8OSute489/yJcZgGv9Ed
v05HH4oTDXOpPZiRWOgY
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_ED25519"
set password ENC wFtFNiIdy65XlWar/SrpC8K0MDycMdMICdPx6BcT1oOdbZNR5MDRbVCHKGW0FyrDfcdCUPybntc3eHKLc2RZ2h2CFWnQRUTStEA/f9T+fnXWygUgrsYxSSvLOFFSagNZHk/jcB41krWVyxC9P17lJtzw5vpRsRaql7pcfqGECgVN7D+TuIImge0TvslsD6x3OnT4FA==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGKME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjvWcbqPCI4JAICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI3Bu2zsCgHqIEODwoLeNSA+OiCU64
Mg7jP4eyFxP1LKHLTMT8anFDdbPBxQAxABM2+1cPSAQ2tVhA15TpqaNyn88c
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICFDCCAcagAwIBAgIIQXIrZmmGmWIwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAq
MAUGAytlcAMhAMSSczBS5w0Ek6XgKxfACGYBhr/R9MaOMNcWseS4YahYoyIwIDAJ
BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAUGAytlcANBACrveo+uLvqb
vXVyxfCNzNr7K5IrhFfS+GiCB/CaBn7F2asJ4WlejgOWJZlJJofJ0+bIElqQqVjC
sHvb340t8Qc=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
edit "Fortinet_SSL_ED448"
set password ENC 58TwpxMu5BGewpULltbJ7pg68jYm+x6vzSP3i7XqmGqr3ZDpvAMze/t5EsZXIALZgZHIOXU0zo4MUXG3IgNk8ORfnQlv10uSBjkvsj10hnhXZ8GgWpVsyQIWtazhpNxTsySMObJVVCztqtCbEy4ESpBKc4fFmz4Q0d0ia/VZ7wwz/ENJ+LXAeCJxNbumZQorILUPaw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGiME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAi3IaH1XXH7oAICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIVf2LnlhXK/sEUFnhNyjeZ6KxB9VB
DJOWSZPjHETRvixLC5rEgzcFcFg29X6EYMeTf5oCOnCyrP6vZE04vDwM6wd9O4Tk
N7eniBCYOSWQAyHDCL/0Re+o2RgX
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICXzCCAd+gAwIBAgIIYriTeGcEtFowBQYDK2VxMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBD
MAUGAytlcQM6AMD3IgLdpbOE0Hhmi1fBrCxt7udfGYkZH00ygVYVG01dK4pWAAHW
NtTrdC+L8VI7Hcqnth2i+ZnngKMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggr
BgEFBQcDATAFBgMrZXEDcwDQXarhXJ9882ulHpoX0l5DEDF1QZi7wA5eAHf4sTTr
cLjqA8OqbJH9DZi+c+TLk1HTHvWBWuAJIgAuR/ieVUEEVcweEoYVDAYWNQ2luGE6
VZroEhM7lXg04vqC4cFNCJ/l269phE7P0pk28BY9svdQLgA=
-----END CERTIFICATE-----"
set range global
set source factory
set last-updated 1672320890
next
end
config webfilter ftgd-local-cat
edit "custom1"
set id 140
next
edit "custom2"
set id 141
next
end
config ips sensor
edit "default"
set comment "Prevent critical attacks."
config entries
edit 1
set severity medium high critical
next
end
next
edit "sniffer-profile"
set comment "Monitor IPS attacks."
config entries
edit 1
set severity medium high critical
next
end
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
config entries
edit 1
set severity medium high critical
next
end
next
edit "all_default"
set comment "All predefined signatures with default setting."
config entries
edit 1
next
end
next
edit "all_default_pass"
set comment "All predefined signatures with PASS action."
config entries
edit 1
set action pass
next
end
next
edit "protect_http_server"
set comment "Protect against HTTP server-side vulnerabilities."
config entries
edit 1
set location server
set protocol HTTP
next
end
next
edit "protect_email_server"
set comment "Protect against email server-side vulnerabilities."
config entries
edit 1
set location server
set protocol SMTP POP3 IMAP
next
end
next
edit "protect_client"
set comment "Protect against client-side vulnerabilities."
config entries
edit 1
set location client
next
end
next
edit "high_security"
set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities"
set block-malicious-url enable
config entries
edit 1
set severity medium high critical
set status enable
set action block
next
edit 2
set severity low
next
end
next
end
config firewall shaper traffic-shaper
edit "high-priority"
set maximum-bandwidth 1048576
set per-policy enable
next
edit "medium-priority"
set maximum-bandwidth 1048576
set priority medium
set per-policy enable
next
edit "low-priority"
set maximum-bandwidth 1048576
set priority low
set per-policy enable
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set per-policy enable
next
edit "shared-1M-pipe"
set maximum-bandwidth 1024
next
end
config web-proxy global
set proxy-fqdn "default.fqdn"
end
config application list
edit "default"
set comment "Monitor all applications."
config entries
edit 1
set action pass
next
end
next
edit "sniffer-profile"
set comment "Monitor all applications."
unset options
config entries
edit 1
set action pass
next
end
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set deep-app-inspection disable
config entries
edit 1
set action pass
set log disable
next
end
next
edit "block-high-risk"
config entries
edit 1
set category 2 6
next
edit 2
set action pass
next
end
next
end
config dlp filepattern
edit 1
set name "builtin-patterns"
config entries
edit "*.bat"
next
edit "*.com"
next
edit "*.dll"
next
edit "*.doc"
next
edit "*.exe"
next
edit "*.gz"
next
edit "*.hta"
next
edit "*.ppt"
next
edit "*.rar"
next
edit "*.scr"
next
edit "*.tar"
next
edit "*.tgz"
next
edit "*.vb?"
next
edit "*.wps"
next
edit "*.xl?"
next
edit "*.zip"
next
edit "*.pif"
next
edit "*.cpl"
next
end
next
edit 2
set name "all_executables"
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp sensitivity
edit "Private"
next
edit "Critical"
next
edit "Warning"
next
end
config dlp sensor
edit "default"
set comment "Default sensor."
next
edit "sniffer-profile"
set comment "Log a summary of email and web traffic."
set summary-proto smtp pop3 imap http-get http-post
next
end
config webfilter ips-urlfilter-setting
end
config webfilter ips-urlfilter-setting6
end
config log threat-weight
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
next
edit 14
set category 14
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
next
edit 2
set category 6
set level medium
next
end
end
config icap profile
edit "default"
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$user"
next
edit 2
set name "X-Authenticated-Groups"
set content "$local_grp"
next
end
next
end
config user local
edit "guest"
set type password
set passwd ENC X4GYl/BPNoigZgb2003Sd7N33kMsuIKaq5GFeP/ULpcLbjQhpiXmzbOF3rark+DOYLMBGAgGmrK1d1TnvGOt8NTaX3CSashMkA9xps8E8RCUqj8t/5klZIePRz6XZCkg6AbASjJWcGcCor/RkRF/j6KNoHdHqAlogbofq4ygPW63+bjM+xgglSjsF0X8BuUcm2ON7g==
next
end
config user setting
set auth-cert "Fortinet_Factory"
end
config user group
edit "SSO_Guest_Users"
next
edit "Guest-group"
set member "guest"
next
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set type fw
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set type fw
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set type fw
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set type fw
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set type fw
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set type fw
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set type fw
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set type fw
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set type fw
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set type fw
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set type fw
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set type fw
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set type fw
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set type fw
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set type fw
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set type fw
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set type fw
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set type fw
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set type fw
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set type fw
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set type fw
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set type fw
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set type fw
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set type fw
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set type fw
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set type fw
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set type fw
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set type fw
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set type fw
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
next
end
config vpn ssl settings
set servercert ''
set port 443
end
config voip profile
edit "default"
set comment "Default VoIP profile."
next
edit "strict"
config sip
set malformed-request-line discard
set malformed-header-via discard
set malformed-header-from discard
set malformed-header-to discard
set malformed-header-call-id discard
set malformed-header-cseq discard
set malformed-header-rack discard
set malformed-header-rseq discard
set malformed-header-contact discard
set malformed-header-record-route discard
set malformed-header-route discard
set malformed-header-expires discard
set malformed-header-content-type discard
set malformed-header-content-length discard
set malformed-header-max-forwards discard
set malformed-header-allow discard
set malformed-header-p-asserted-identity discard
set malformed-header-sdp-v discard
set malformed-header-sdp-o discard
set malformed-header-sdp-s discard
set malformed-header-sdp-i discard
set malformed-header-sdp-c discard
set malformed-header-sdp-b discard
set malformed-header-sdp-z discard
set malformed-header-sdp-k discard
set malformed-header-sdp-a discard
set malformed-header-sdp-t discard
set malformed-header-sdp-r discard
set malformed-header-sdp-m discard
end
next
end
config system sdwan
config zone
edit "virtual-wan-link"
next
end
config health-check
edit "Default_DNS"
set system-dns enable
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Office_365"
set server "www.office.com"
set protocol http
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Gmail"
set server "gmail.com"
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
next
end
next
edit "Default_AWS"
set server "aws.amazon.com"
set protocol http
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Google Search"
set server "www.google.com"
set protocol http
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_FortiGuard"
set server "fortiguard.com"
set protocol http
set interval 1000
set probe-timeout 1000
set recoverytime 10
config sla
edit 1
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end
config vpn ocvpn
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config ftgd-dns
config filters
edit 1
set category 2
next
edit 2
set category 7
next
edit 3
set category 8
next
edit 4
set category 9
next
edit 5
set category 11
next
edit 6
set category 12
next
edit 7
set category 13
next
edit 8
set category 14
next
edit 9
set category 15
next
edit 10
set category 16
next
edit 11
next
edit 12
set category 57
next
edit 13
set category 63
next
edit 14
set category 64
next
edit 15
set category 65
next
edit 16
set category 66
next
edit 17
set category 67
next
edit 18
set category 26
set action block
next
edit 19
set category 61
set action block
next
edit 20
set category 86
set action block
next
edit 21
set category 88
set action block
next
edit 22
set category 90
set action block
next
edit 23
set category 91
set action block
next
edit 24
set category 96
set action block
next
edit 25
set category 98
set action block
next
edit 26
set category 99
set action block
next
end
end
set block-botnet enable
next
end
config antivirus settings
set machine-learning-detection enable
set grayware enable
end
config antivirus profile
edit "default"
set comment "Scan files and block viruses."
config http
set av-scan block
end
config ftp
set av-scan block
end
config imap
set av-scan block
set executables virus
end
config pop3
set av-scan block
set executables virus
end
config smtp
set av-scan block
set executables virus
end
next
edit "sniffer-profile"
set comment "Scan files and monitor viruses."
config http
set av-scan block
end
config ftp
set av-scan block
end
config imap
set av-scan block
set executables virus
end
config pop3
set av-scan block
set executables virus
end
config smtp
set av-scan block
set executables virus
end
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
config http
set av-scan block
end
config ftp
set av-scan block
end
config imap
set av-scan block
set executables virus
end
config pop3
set av-scan block
set executables virus
end
config smtp
set av-scan block
set executables virus
end
next
end
config file-filter profile
edit "default"
set comment "File type inspection."
next
edit "sniffer-profile"
set comment "File type inspection."
next
end
config webfilter profile
edit "default"
set comment "Default web filtering."
config ftgd-wf
unset options
config filters
edit 1
set action block
next
edit 2
set category 2
set action block
next
edit 3
set category 7
set action block
next
edit 4
set category 8
set action block
next
edit 5
set category 9
set action block
next
edit 6
set category 11
set action block
next
edit 7
set category 13
set action block
next
edit 8
set category 14
set action block
next
edit 9
set category 15
set action block
next
edit 10
set category 16
set action block
next
edit 11
set category 26
set action block
next
edit 12
set category 57
set action block
next
edit 13
set category 61
set action block
next
edit 14
set category 63
set action block
next
edit 15
set category 64
set action block
next
edit 16
set category 65
set action block
next
edit 17
set category 66
set action block
next
edit 18
set category 67
set action block
next
edit 19
set category 83
set action block
next
edit 20
set category 86
set action block
next
edit 21
set category 88
set action block
next
edit 22
set category 90
set action block
next
edit 23
set category 91
set action block
next
edit 24
set category 96
set action block
next
edit 25
set category 98
set action block
next
edit 26
set category 99
set action block
next
edit 27
set category 1
next
edit 28
set category 3
next
edit 29
set category 4
next
edit 30
set category 5
next
edit 31
set category 6
next
edit 32
set category 12
next
edit 33
set category 59
next
edit 34
set category 62
next
end
end
next
edit "sniffer-profile"
set comment "Monitor web traffic."
config ftgd-wf
config filters
edit 1
next
edit 2
set category 1
next
edit 3
set category 2
next
edit 4
set category 3
next
edit 5
set category 4
next
edit 6
set category 5
next
edit 7
set category 6
next
edit 8
set category 7
next
edit 9
set category 8
next
edit 10
set category 9
next
edit 11
set category 11
next
edit 12
set category 12
next
edit 13
set category 13
next
edit 14
set category 14
next
edit 15
set category 15
next
edit 16
set category 16
next
edit 17
set category 17
next
edit 18
set category 18
next
edit 19
set category 19
next
edit 20
set category 20
next
edit 21
set category 23
next
edit 22
set category 24
next
edit 23
set category 25
next
edit 24
set category 26
next
edit 25
set category 28
next
edit 26
set category 29
next
edit 27
set category 30
next
edit 28
set category 31
next
edit 29
set category 33
next
edit 30
set category 34
next
edit 31
set category 35
next
edit 32
set category 36
next
edit 33
set category 37
next
edit 34
set category 38
next
edit 35
set category 39
next
edit 36
set category 40
next
edit 37
set category 41
next
edit 38
set category 42
next
edit 39
set category 43
next
edit 40
set category 44
next
edit 41
set category 46
next
edit 42
set category 47
next
edit 43
set category 48
next
edit 44
set category 49
next
edit 45
set category 50
next
edit 46
set category 51
next
edit 47
set category 52
next
edit 48
set category 53
next
edit 49
set category 54
next
edit 50
set category 55
next
edit 51
set category 56
next
edit 52
set category 57
next
edit 53
set category 58
next
edit 54
set category 59
next
edit 55
set category 61
next
edit 56
set category 62
next
edit 57
set category 63
next
edit 58
set category 64
next
edit 59
set category 65
next
edit 60
set category 66
next
edit 61
set category 67
next
edit 62
set category 68
next
edit 63
set category 69
next
edit 64
set category 70
next
edit 65
set category 71
next
edit 66
set category 72
next
edit 67
set category 75
next
edit 68
set category 76
next
edit 69
set category 77
next
edit 70
set category 78
next
edit 71
set category 79
next
edit 72
set category 80
next
edit 73
set category 81
next
edit 74
set category 82
next
edit 75
set category 83
next
edit 76
set category 84
next
edit 77
set category 85
next
edit 78
set category 86
next
edit 79
set category 87
next
edit 80
set category 88
next
edit 81
set category 89
next
edit 82
set category 90
next
edit 83
set category 91
next
edit 84
set category 92
next
edit 85
set category 93
next
edit 86
set category 94
next
edit 87
set category 95
next
edit 88
set category 96
next
edit 89
set category 97
next
edit 90
set category 98
next
edit 91
set category 99
next
end
end
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set options block-invalid-url
config ftgd-wf
unset options
config filters
edit 1
set action block
next
edit 2
set category 2
set action block
next
edit 3
set category 7
set action block
next
edit 4
set category 8
set action block
next
edit 5
set category 9
set action block
next
edit 6
set category 11
set action block
next
edit 7
set category 13
set action block
next
edit 8
set category 14
set action block
next
edit 9
set category 15
set action block
next
edit 10
set category 16
set action block
next
edit 11
set category 26
set action block
next
edit 12
set category 57
set action block
next
edit 13
set category 61
set action block
next
edit 14
set category 63
set action block
next
edit 15
set category 64
set action block
next
edit 16
set category 65
set action block
next
edit 17
set category 66
set action block
next
edit 18
set category 67
set action block
next
edit 19
set category 83
set action block
next
edit 20
set category 86
set action block
next
edit 21
set category 88
set action block
next
edit 22
set category 90
set action block
next
edit 23
set category 91
set action block
next
edit 24
set category 96
set action block
next
edit 25
set category 98
set action block
next
edit 26
set category 99
set action block
next
edit 27
set category 1
next
edit 28
set category 3
next
edit 29
set category 4
next
edit 30
set category 5
next
edit 31
set category 6
next
edit 32
set category 12
next
edit 33
set category 59
next
edit 34
set category 62
next
end
end
next
edit "monitor-all"
set comment "Monitor and log all visited URLs, flow-based."
config ftgd-wf
unset options
config filters
edit 1
set category 1
next
edit 2
set category 3
next
edit 3
set category 4
next
edit 4
set category 5
next
edit 5
set category 6
next
edit 6
set category 12
next
edit 7
set category 59
next
edit 8
set category 62
next
edit 9
set category 83
next
edit 10
set category 2
next
edit 11
set category 7
next
edit 12
set category 8
next
edit 13
set category 9
next
edit 14
set category 11
next
edit 15
set category 13
next
edit 16
set category 14
next
edit 17
set category 15
next
edit 18
set category 16
next
edit 19
set category 57
next
edit 20
set category 63
next
edit 21
set category 64
next
edit 22
set category 65
next
edit 23
set category 66
next
edit 24
set category 67
next
edit 25
set category 19
next
edit 26
set category 24
next
edit 27
set category 25
next
edit 28
set category 72
next
edit 29
set category 75
next
edit 30
set category 76
next
edit 31
set category 26
next
edit 32
set category 61
next
edit 33
set category 86
next
edit 34
set category 17
next
edit 35
set category 18
next
edit 36
set category 20
next
edit 37
set category 23
next
edit 38
set category 28
next
edit 39
set category 29
next
edit 40
set category 30
next
edit 41
set category 33
next
edit 42
set category 34
next
edit 43
set category 35
next
edit 44
set category 36
next
edit 45
set category 37
next
edit 46
set category 38
next
edit 47
set category 39
next
edit 48
set category 40
next
edit 49
set category 42
next
edit 50
set category 44
next
edit 51
set category 46
next
edit 52
set category 47
next
edit 53
set category 48
next
edit 54
set category 54
next
edit 55
set category 55
next
edit 56
set category 58
next
edit 57
set category 68
next
edit 58
set category 69
next
edit 59
set category 70
next
edit 60
set category 71
next
edit 61
set category 77
next
edit 62
set category 78
next
edit 63
set category 79
next
edit 64
set category 80
next
edit 65
set category 82
next
edit 66
set category 85
next
edit 67
set category 87
next
edit 68
set category 31
next
edit 69
set category 41
next
edit 70
set category 43
next
edit 71
set category 49
next
edit 72
set category 50
next
edit 73
set category 51
next
edit 74
set category 52
next
edit 75
set category 53
next
edit 76
set category 56
next
edit 77
set category 81
next
edit 78
set category 84
next
edit 79
next
edit 80
set category 88
next
edit 81
set category 89
next
edit 82
set category 90
next
edit 83
set category 91
next
edit 84
set category 92
next
edit 85
set category 93
next
edit 86
set category 94
next
edit 87
set category 95
next
edit 88
set category 96
next
edit 89
set category 97
next
edit 90
set category 98
next
edit 91
set category 99
next
end
end
set log-all-url enable
set web-content-log disable
set web-filter-command-block-log disable
set web-filter-cookie-log disable
set web-url-log disable
set web-invalid-domain-log disable
set web-ftgd-err-log disable
next
end
config webfilter search-engine
edit "google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "youtube"
set hostname ".*youtube.*"
set safesearch header
next
edit "baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
next
edit "baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
next
edit "baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
next
edit "vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "yt-scan-1"
set url "www.youtube.com/user/"
set safesearch yt-scan
next
edit "yt-scan-2"
set url "www.youtube.com/youtubei/v1/browse"
set safesearch yt-scan
next
edit "yt-scan-3"
set url "www.youtube.com/youtubei/v1/player"
set safesearch yt-scan
next
edit "yt-scan-4"
set url "www.youtube.com/youtubei/v1/navigator"
set safesearch yt-scan
next
edit "yt-channel"
set url "www.youtube.com/channel"
set safesearch yt-channel
next
edit "yt-pattern"
set url "youtube.com/channel/"
set safesearch yt-pattern
next
edit "twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set safesearch translate
next
edit "translate"
set hostname "translate\\.google\\..*"
set url "^\\/translate\\?"
set query "u="
set safesearch translate
next
end
config emailfilter profile
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
config imap
end
config pop3
end
config smtp
end
next
edit "default"
set comment "Malware and phishing URL filtering."
config imap
end
config pop3
end
config smtp
end
next
end
config report layout
edit "default"
set title "FortiGate System Analysis Report"
set style-theme "default-report"
set options include-table-of-content view-chart-as-heading
config page
set paper letter
set page-break-before heading1
config header
config header-item
edit 1
set type image
set style "header-image"
set img-src "fortinet_logo_small.png"
next
end
end
config footer
config footer-item
edit 1
set style "footer-text"
set content "FortiGate ${schedule_type} Security Report - Host Name: ${hostname}"
next
edit 2
set style "footer-pageno"
next
end
end
end
config body-item
edit 101
set type image
set style "report-cover1"
set img-src "fortigate_log.png"
next
edit 103
set style "report-cover2"
set content "FortiGate ${schedule_type} Security Report"
next
edit 105
set style "report-cover3"
set content "Report Date: ${started_time}"
next
edit 107
set style "report-cover3"
set content "Data Range: ${report_data_range} (${hostname})"
next
edit 109
set style "report-cover3"
set content "${vdom}"
next
edit 111
set type image
set style "report-cover4"
set img-src "fortinet_logo_small.png"
next
edit 121
set type misc
set misc-component page-break
next
edit 301
set text-component heading1
set content "Bandwidth and Applications"
next
edit 311
set type chart
set chart "traffic.bandwidth.history_c"
next
edit 321
set type chart
set chart "traffic.sessions.history_c"
next
edit 331
set type chart
set chart "traffic.statistics"
next
edit 411
set type chart
set chart "traffic.bandwidth.apps_c"
next
edit 421
set type chart
set chart "traffic.bandwidth.cats_c"
next
edit 511
set type chart
set chart "traffic.bandwidth.users_c"
next
edit 521
set type chart
set chart "traffic.users.history.hour_c"
next
edit 611
set type chart
set chart "traffic.bandwidth.destinations_tab"
next
edit 1001
set text-component heading1
set content "Web Usage"
next
edit 1011
set type chart
set chart "web.allowed-request.sites_c"
next
edit 1021
set type chart
set chart "web.bandwidth.sites_c"
next
edit 1031
set type chart
set chart "web.blocked-request.sites_c"
next
edit 1041
set type chart
set chart "web.blocked-request.users_c"
next
edit 1051
set type chart
set chart "web.requests.users_c"
next
edit 1061
set type chart
set chart "web.bandwidth.users_c"
next
edit 1071
set type chart
set chart "web.bandwidth.stream-sites_c"
next
edit 1301
set text-component heading1
set content "Emails"
next
edit 1311
set type chart
set chart "email.request.senders_c"
next
edit 1321
set type chart
set chart "email.bandwidth.senders_c"
next
edit 1331
set type chart
set chart "email.request.recipients_c"
next
edit 1341
set type chart
set chart "email.bandwidth.recipients_c"
next
edit 1501
set text-component heading1
set content "Threats"
next
edit 1511
set type chart
set top-n 80
set chart "virus.count.viruses_c"
next
edit 1531
set type chart
set top-n 80
set chart "virus.count.users_c"
next
edit 1541
set type chart
set top-n 80
set chart "virus.count.sources_c"
next
edit 1551
set type chart
set chart "virus.count.history_c"
next
edit 1561
set type chart
set top-n 80
set chart "botnet.count_c"
next
edit 1571
set type chart
set top-n 80
set chart "botnet.count.users_c"
next
edit 1581
set type chart
set top-n 80
set chart "botnet.count.sources_c"
next
edit 1591
set type chart
set chart "botnet.count.history_c"
next
edit 1601
set type chart
set top-n 80
set chart "attack.count.attacks_c"
next
edit 1611
set type chart
set top-n 80
set chart "attack.count.victims_c"
next
edit 1621
set type chart
set top-n 80
set chart "attack.count.source_bar_c"
next
edit 1631
set type chart
set chart "attack.count.blocked_attacks_c"
next
edit 1641
set type chart
set chart "attack.count.severity_c"
next
edit 1651
set type chart
set chart "attack.count.history_c"
next
edit 1701
set text-component heading1
set content "VPN Usage"
next
edit 1711
set type chart
set top-n 80
set chart "vpn.bandwidth.static-tunnels_c"
next
edit 1721
set type chart
set top-n 80
set chart "vpn.bandwidth.dynamic-tunnels_c"
next
edit 1731
set type chart
set top-n 80
set chart "vpn.bandwidth.ssl-tunnel.users_c"
next
edit 1741
set type chart
set top-n 80
set chart "vpn.bandwidth.ssl-web.users_c"
next
edit 1901
set text-component heading1
set content "Admin Login and System Events"
next
edit 1911
set type chart
set top-n 80
set chart "event.login.summary_c"
next
edit 1931
set type chart
set top-n 80
set chart "event.failed.login_c"
next
edit 1961
set type chart
set top-n 80
set chart "event.system.group_events_c"
next
end
next
end
config wanopt settings
set host-id "default-id"
end
config wanopt profile
edit "default"
set comments "Default WANopt profile."
next
end
config log memory setting
set status enable
end
config log disk setting
set status enable
end
config log null-device setting
set status disable
end
config firewall schedule recurring
edit "always"
set day sunday monday tuesday wednesday thursday friday saturday
next
edit "none"
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
next
end
config firewall ssh local-key
edit "Fortinet_SSH_RSA2048"
set password ENC KEnTjVz2DsNX8GG32/ZZsgVttZOKaqHvlyeDxVAXAVduUetiyRrJ6AtXpYTsNvNUIDS6KYqEFAr5/wDK+AE/d4WLExSvc5d7k8op1qGPkxMfc0BAR/wJuDPNPIRphsTLYNnGw1InVkc7ett4V+dNRUk5bvhjelzPTR9WnyNBRqL6HOTo3xVBpqYyHSq6WjhNkcTeqw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB703T625
w6986ELi4WPjM8AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQCuLO2I/1tV
NBRF3ve9Jzu6is6RC744IxWqocajB2a6QULFi6+2+TqnPA5IbROgfZoPwhDanL2c/DLnqa
Dz4p9IhSvhngLy6BGqxvM/IC+WkTR4OBfEt9fgfkYN2qaVvafp+6rau/E0RPw16+J9w1jL
tmrMF5ZKV3Nk32VVmar4dxK0CM4vLBE1TzX7++6hDpVWwDtf0ROoGMO3wP9xXecfJ6IKIG
8wcQX5E3fY2TWZGh4UeHTIH+Op2kE+D4Punb3JLKNVAtSdTRFnTr8Gg+eCwuEkMSEEfYqa
1wxU0hFi3TPPMoWa4PGVJG8JI3iRkC53BgquiZ2UaWJizgb57TSHAAADwIXrVB9CB3lYZY
KzYEqDQt/G3zlZAwoMwIXtzeTf8UIxlNWcdRK3BqtHs5SuSL3GXxZJFbjOwqEOBZiPN5bC
WcO1biwBKqnn5w6LYYwWvTNPSwR6gbb2T7IBULS4ljBD2zgKHALgvTeILKXxLGYBYB97fu
jomQEfpgjcECa+BGWklOPoXO4uahif2Ozcr52sMjGNKKRdT55kaNOMcNvkVPgg/pgTFda4
KOuZ9TOhz+TwrmDUg24p+QxnMh5VWjxqqTcguej4JXhzwbSkDtthto67ME5J4pQje588Cc
LNaGaSObeMg9JDzoAla3VWakMvAvBGntRGr2dM+YBkWNXdGKowZ1kL0TbimnI4r+9DTdUJ
iTUmShN/v8NsW/+LVYq1+cePVJatE1nBjbKdfxQW7HqLiV78mgIjEgv4T8Vt8XVFAQHOM9
VZ435Q+U3HVJyYMrxNXrjBQWMwcCwrGp1AQu/OlUFaIsy4/S8zx5r23k9LToCrdrMOcDtH
exm2luLbULrCG8ZOnapcT+EvjG5c9HwFL0v4FzbqIOpuwCFeQVolsUT9LutWds2xtlsOzB
+eaeM1fmOO7v33NNq3AsK8m7c1a0Mbv98imj0j24B7wtYE2CQRGQhuZL2L+GUCvFX0GYaO
tv3/DQ11ibZLUNwJzKCdGPsykV3/MYBfCYzusXAewoFiMIZUG60xf5kyvaEgmJMYqaPxy6
qZSZjDZxKpohXc26MxEGFndCz9uK/Hga93t4xvh3gifXB85rkg0e5NsR6K/yqSMb3QAl6l
S97QWUUREAbnu2FS9AwdTluY+MOZTQc84dtE2M0N826F5EyXIbBRfQMK7fBJQGzOFTl3sN
ZUyWJg18dC0Cg+of2xU4Pp2Ej+YLRj3FGmZveg8uvwLKRWTT9UHoYofsyAELkLti5RtPMO
DJa/i2zP1bWR5tS6AdnzaRuY+64MROWSsNHKy4sp5eWy8DOFqCxnzvNXeJjhTRNpVpCpCR
CQYpH+4hH1omCdu7rOarKPl5gVp+Tnf3KCXHJruPdzN5OJB6aZlEzRsXVMlfyAqzOiGTo+
+luHcRrjqp3an+F66IsBRVtUWEBRXMhCe6q4m9CBW0eclA9QK3nFDDeEM2rZiQrmoADXJj
kZLw+7NHuce485V6tiAJooLMMeIRRqsZu28eBqTxexgo9iCZ+8NRwgIVpq31aOYFUvSjQ8
c1+S/jKoEJi94XZWNzYBDFTHueHlnxJ7U0i33VGCqDMY/7zCyp3wMZdl5H+fLwWbJsCRaY
bDLQVeXw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuLO2I/1tVNBRF3ve9Jzu6is6RC744IxWqocajB2a6QULFi6+2+TqnPA5IbROgfZoPwhDanL2c/DLnqaDz4p9IhSvhngLy6BGqxvM/IC+WkTR4OBfEt9fgfkYN2qaVvafp+6rau/E0RPw16+J9w1jLtmrMF5ZKV3Nk32VVmar4dxK0CM4vLBE1TzX7++6hDpVWwDtf0ROoGMO3wP9xXecfJ6IKIG8wcQX5E3fY2TWZGh4UeHTIH+Op2kE+D4Punb3JLKNVAtSdTRFnTr8Gg+eCwuEkMSEEfYqa1wxU0hFi3TPPMoWa4PGVJG8JI3iRkC53BgquiZ2UaWJizgb57TSH"
set source built-in
next
edit "Fortinet_SSH_DSA1024"
set password ENC Mj06L0vkpdgh0KpJm79j3YrZcJ4inCwLtQgAUPywlVpEGHokc1hy9FQ7AdMB7A8kRZwtlEwiolUbUYDMCLRZbxhepybNiB5P9aA8NRFUbJ1z1zxCY7QiXZQQmKCXS3pGiPxUQq+JU8uV5L8kVXqX3IuepDbv1gNMWgZPxbmBmz8ZENrfiKpgjRYIwqjFsK4R9tLenA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB6iG9T8a
a46ZGycVXGUl7/AAAAEAAAAAEAAAGxAAAAB3NzaC1kc3MAAACBAJBX0GgJmQfE2qASwOH+
Cod/PsPP1ALtl2Xn5CMwvZcbnluBHRZlQpHqnUI710FD9qu+10TCjgrrbdscG1yo0p5G0b
DK+fTpIipKVRtRgpkRGZhZmfRJlMzG946s7AkT+qZTBe6il6rfgPVZy8TAUP8FV6GMLAWy
siHueQCUNBiTAAAAFQC98rp6eqLTsdmxWFNVSyviQExw4wAAAIBqU6xn6tuTim1FvE7/Le
gwOmfC8t5rxMmM1s2bBiTdSrbFNf4/rJN20InXMDzyAiI6arYckV7hP/OVLhVGFrWAp2MG
MnJXl2hQ9J5aG1eOsF6ExZPnkV1PiDJ1aFgVMXarJ2RBLLwbtUp8yVbKo1OlKh9efOS8/5
MCbPR1vHXTsAAAAIAkRem+zI4n509wNj8tm034a99r5aH/OrdtzoedQ3u7J+5AKC9O7tTR
J7hWPMPevKbpU2Rp+Uc/LTss5bmpztrca7WoEE9OPeLEFhpUPpIb7WkSkJySamYmU7L3lz
BYbv/kNySbL89ituluAGTcqkXA21+blkAWXLBmJ+0k0JfAOAAAAeAVDgLs/hdIIJT8lqjS
D9I7bt5FyA+3MZRMwCvmgYnMYgV6t9Shtjfo8pBvLoO8jO9vRVjTUZQsy4G7fi1QX3GMKi
2udA4yCXGcb8ekUZagYphr+jvHsCVzVmswyACkP0E/Vaw2rLOMZeopXmV0x2iGfoR+w1ZS
nvmeKkRjv7SUkAOVNC5tswbdxUJHxCDNqBFIjTFMAxvCrHVbNHcYzuSKgj0LKzmzKR9Hxy
15DrCxIGbxjZDglD6uoKY6TtUUmtqWGvQZnA3BLEcppHH3yx43QWYpBaxrgWVaDo/3tH8F
uI5WuYZv8LVhTUsvQJyN3BzZ19MFjy88rzLmvHw/3oThw2syujtDsbWsj3NVDUcyzaVnR1
3/ezZ46jnk4Wo3Oouapnh9QU5O4uw32FdbDVIQS5UGF4qqXJqKhSHpB/JQJKxRZSmIHv0F
ub/2DaCOXuQDiOu/MqPx866kgTSXOtk0pwl0M8SDuGDoqOTyHFRiK8yuSSjz8TZvf9jcNT
zCUtuAypmW+gruXD1kk2KrqNMQgFXXzCqx91HiUbHuGCCf+YVLQj8QhYXu79SFPA3cATgm
26QgFUoLh6ONcPlnLkBVZ4vMi68Oik950Yv0cZfuLodQge6iKokV2a5vRgEHWIo=
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAJBX0GgJmQfE2qASwOH+Cod/PsPP1ALtl2Xn5CMwvZcbnluBHRZlQpHqnUI710FD9qu+10TCjgrrbdscG1yo0p5G0bDK+fTpIipKVRtRgpkRGZhZmfRJlMzG946s7AkT+qZTBe6il6rfgPVZy8TAUP8FV6GMLAWysiHueQCUNBiTAAAAFQC98rp6eqLTsdmxWFNVSyviQExw4wAAAIBqU6xn6tuTim1FvE7/LegwOmfC8t5rxMmM1s2bBiTdSrbFNf4/rJN20InXMDzyAiI6arYckV7hP/OVLhVGFrWAp2MGMnJXl2hQ9J5aG1eOsF6ExZPnkV1PiDJ1aFgVMXarJ2RBLLwbtUp8yVbKo1OlKh9efOS8/5MCbPR1vHXTsAAAAIAkRem+zI4n509wNj8tm034a99r5aH/OrdtzoedQ3u7J+5AKC9O7tTRJ7hWPMPevKbpU2Rp+Uc/LTss5bmpztrca7WoEE9OPeLEFhpUPpIb7WkSkJySamYmU7L3lzBYbv/kNySbL89ituluAGTcqkXA21+blkAWXLBmJ+0k0JfAOA=="
set source built-in
next
edit "Fortinet_SSH_ECDSA256"
set password ENC yhF0gLJbLUg0IkS8nFxCOa5z2rdkxz9jriTiikOS5uBOAxylHpskCVZOjw1fc1f4+GVKoQy58KwSSSS3CxtQcHPn1btrT7bSYmabXWgvZyI2xQxq0jGXww+J3cfk6aGgKcl80SpRe2qMKGwDRgurwb8WlKSyfVMcfr15Ta6NhpIIj4wPV0Bde25x5S3QfIxxOsVSJw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAeXPl+K2
R7vUiat93LR5D/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBEToKoNtXMVfw/y377VMPU+Q7uDdu9TISs0aSQCz64saY3i2zwC2k8fjo6
Tik1pZXOtQsdS4keNrlmEJY/ddqdkAAACgm+J2d33DGWQ8LyPnBl0FqTiw0S2VfpRBqNrD
nhVDkrle4JxfruD+P5Y1MeZyJSDrpJJN+NR36rOQED9IgEfo0QAc+KAdhErakVGMVe7Hix
P2rd4Jm8L1lxEnjvxRHdcFfjGqcJTGGCvBBN0tYxkF+pnqKBLR8mEHiVaPpfMACIla2Joa
WQFRjBywUIc1j8BEvL3+PJ4vDqRlc6O8YPeH8g==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEToKoNtXMVfw/y377VMPU+Q7uDdu9TISs0aSQCz64saY3i2zwC2k8fjo6Tik1pZXOtQsdS4keNrlmEJY/ddqdk="
set source built-in
next
edit "Fortinet_SSH_ECDSA384"
set password ENC 5DLkOCwuBKDVz0/idLUNYZXMw5AOsuiplgvvnOoC5jU+4OqBMK9xqWsGfZeWH7DIgOdyWKjVHTnjfmIGO2CCeGn/REjPxwti1nl6ApBIejySX773jc1kkV5CaMzWVmdDScJA/bv3Ml+1EWM/sRIcJXk8gp6vqvOQZskCjo/JKy6LhGI7KY84lrjWtmL5U7icYB9fEw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB6WyNDnK
3Qd3+71PskjdtfAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBMfKsrO9fbzVLYEYP9u9hbAXw7GhoSTbAliH//TRWMV+0b4C6SyGbpiO+M
w7N0FyaDvZz1+3dKniIVgipJ81lW8rUoKq8zcsxSEMB87S6v7zL5ySBNQtIJjNKDvLwYZA
RwAAANDa1wnu9CShCQgiVe/HcTnEnwnpbTlW8FSJLCrkzh2p5iFuIXTmZlxHkLA2GVwez1
dWIPkI583/nbdMn8nOKZs9AJTiUwpdIO7GwuthJ5cFwmPywEuauQWE/u9S8Q9IBXzy8jZG
lnqERLwPM8SwCb3ZKohxeAicb21K5yYGM7pkgB9wjl5Wdzko2MO+OLds55LuZa1o3eTn+u
nrBhEkBHh3LS7rcYJCRJLczvIZfXpcpOMz3Gd3VyeoMzJKTvKDY6QVp0p3X8SS0XGqys0E
qtci
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBMfKsrO9fbzVLYEYP9u9hbAXw7GhoSTbAliH//TRWMV+0b4C6SyGbpiO+Mw7N0FyaDvZz1+3dKniIVgipJ81lW8rUoKq8zcsxSEMB87S6v7zL5ySBNQtIJjNKDvLwYZARw=="
set source built-in
next
edit "Fortinet_SSH_ECDSA521"
set password ENC FdAXKeBab80FlYRi7X2mQrS6d+uq+c2CMgcI/vZwvFklTxfmuMda8EH/7ErHUcFmC3PUCpYUME3HF+RZojK3uyttR92vmtqwO4C5LhVXZgOFB0T3UVAu4lY6secJAUYVFt3NeEGwHyTaH9LWscgHoX3zeBccDmwjD4uXXYOxlvikntI1OFCMTnWyfVJBDrX5FyasPw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAiCukpRD
mxSM5HRmw3vtbxAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBAEalGPIktj21oJelUHppZUo+mEpazzpTKykWZDJD4vBbFri13+Qzq+zYc
0MCYXMmqD8rclNVTte+96wmu+VSIUkrABl1tDRdlUWqeePZyhRSVZRyoddXqLqHAT+eWgp
vs4241oaTE//Z4vVDxNFI5zq1jK1kSeZwCKbbEpLQZyntzZWjgAAAQCzU5GXxtxwIQxIJj
MX51TzdlyMTgjm+wY2xRVn8iIAYVc8txem6nBUoCvIy5ck4mP2CycdtJ8F3/+SyRirfdc1
Jt5uTLQbZDS/8tY/RNu9QFN2eCtEed9LWONTMRzKaW3J+++ub28rB2wzfuTv9tPAEI3g0s
8I+G0SzOLN2CsVwGB6lhLJQLi6+ksTumL6paSjOHvwKrsWtNnnqMbUbs4Zox2VgxGe9ntf
yI+u59PpTfo2Zh5S0Vc1CxeHN4xgnhSU8bG3LFgI769t/sWKsc9xe8UGdxI7xh0heVxU8x
TzYqjfD8VkVxKXgEdVB10ukXw4OWi5OdYdN6Je4eo2fMmN
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAEalGPIktj21oJelUHppZUo+mEpazzpTKykWZDJD4vBbFri13+Qzq+zYc0MCYXMmqD8rclNVTte+96wmu+VSIUkrABl1tDRdlUWqeePZyhRSVZRyoddXqLqHAT+eWgpvs4241oaTE//Z4vVDxNFI5zq1jK1kSeZwCKbbEpLQZyntzZWjg=="
set source built-in
next
edit "Fortinet_SSH_ED25519"
set password ENC TxS7oNxw0s6Vv3DbCEpzu+0sdLbWP1rVk+gTOzSzfp1hsSJWiSSshbYGT5hs6H+967sVTcpsURDX5m+pgPeyJ+fINg+cOxQCH18gISO99SqMH0DlRidlBlK7Lb/pp6tXa9zoLqC2luO1tfMWvXvbOFbfgW840MD51dVzSSmGAEULBdTIJo96KuEmZM1RLWkFqVunzA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCQtRpatO
5e73GCriBTvpBEAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIAl4FFs3Ly0gK1qy
brvfd9Lc4/PFv8TkL0iM8eDsOu71AAAAkBIsE4njc9hLM5uGuo56RFKuAgyxzahtQ16Tbo
mF4WhgATkLX5ZmfVeVjOp2+Op8MuXIbXP+dcHjSz50iI/7AhN4eYanuxrlj5kNBdjJwdCq
G/u6b+OONguExkmDE/73r932fLdiAs0U2C+lzW47n0ryioH+6A6YA5uNQ3t+RIYCeTdDsx
Knxzr3ePSzdLrPkw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAl4FFs3Ly0gK1qybrvfd9Lc4/PFv8TkL0iM8eDsOu71"
set source built-in
next
end
config firewall ssh local-ca
edit "Fortinet_SSH_CA"
set password ENC H1i1brhfINo4+wWOts4487DLwYDbDBmMNO8q5n+cg0yJ6WnQKYAyxK1rcmL0HwrAQPKyOkHV4y56Ni5kK5Cy1PminvN8VJH0zC/VEs6eQ3FbRVgKbaOjuA2nJjj7Bu+oPbdaiFyYq/tqnWabXS+c4TPsolDiU7jKbuGvoFnRyBrJsCGrGYKg2XqHRrzvVYAWI2ejkg==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBJ/lf7nf
vHT9kEIEQSxAUBAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDztuoYE39b
VLJUFOPRN5HA25Ph+JEVSWJ2GbTIZ15mhjHApGgIvr2/9SbMJ+4ADy8B+jjQSyRvdck15t
FmJwUhJLHYh16soJ0VZg2M9lN8tmC1Iz0jBrHlKUsWnzu2d3r8lXm4A6R/NQTkSRB6vMwZ
ztDSiQM/spgQs/ekmlZNjNTgmxDrmbyVnIM+ZxicizuM+t98nK85ytDC+kukAVZAS0CbWw
PZZeN+3kM/dT1I648xo5jGV5C3P3xUDBseTbjdgIVRpdppvwIQ+nrN68N/D57jnBtI4iTM
leTNtlqlEShIbf50bE1egScK+LqspFYaVzxzsxpRFKmed9HqKVjzAAADwI4/V6d7BG93xU
DaDBF/ry7Y+aU2dQb7IAaXCya9CaFy7FH4wA0fmvyVgs/FuPEh1uvo2wkQExLlIrXj7q0b
9Bme2Rz1Xdcu5zKcnE6+m4jNALCtfHh2T4bDXpevfaup9H3j8e/+37W1fYoFJPEMAjBCbO
dNqVh3jSdmZb9Q509aIT2/I5p7OLmpQqULPsl94y41HApsxZyPBwvEnzUhLyKaycP+hu3o
4csRbwbysSgtBRXSWdly9CmAgkYms/uiYSuQYAD/nx55Hz5JsD2HRByyBooBhqwuxbOgvG
4zE/Pinfwi91Ii0SxDDxbxDRu23KRLbIioWOQb2LhujxfWh9oeFqWfb3cLYVGP3/Vijqnf
1/c9QUNWqIIzSNDfawHv43pMbgoLZ1yc1tkAlAM3SiWeGBJI7Bvwt4FgFGyuCDKM+oF/XN
Xx+I9T3Ai14x6xEqFHNv0/OGyBv29W6iroKVdriyFct9Hi9gLCZpVBt1ebsseDXj2ALKML
5XKP/6I1jRuMisz8mJOzX3hRPEBDsnviyDC8qga2zhIAR2OeDCsKlHJOzgHvYpvwG/tZUA
L37j8+hjcx32urcplR4n5wwdQoWAmRwlAIk6yuGJiA0wwnn1kUe6mrbBQ7dV9b84xCZqGh
vMxONOJubhmWrLgxc6qwU32+Ob4TXyvLq1+Dykn92UKOd3YRy6P4I0y9hkCv1v05z5O7Ug
0FtQXMSfF8ceqboYfE38f4CSfSCwYKocJv1C8FLKUfs+gd2wtNPdF/5iKXkkfj+l4p7dmF
ovT36DZwA+LjbjxodFTrhOdVYooL1YQQGYYjpK97M1ohQVL5ywI/OpoNN0MdbZKOncR12O
GI5XJ2OmzVoXl8AzbwnfFypXezfwQLd8VJ9IfxTlUf8qu5LMWhLnqEYtQy7ebtMWXBB6CW
85UYm4IxhtxhmmM4h1GuR2wM6FPrG514f/1rz5YxL2ftaLNFuqEXQNCaf0iVa2bqoGtaKt
cjYyzHpzYaSnpz14TIKNR0A3E8wshQKFjKmsrwyF8dt3suZAnQ0S9s4ANIzdgWStqbS2pB
P1hcPI9y5SaDVlbmy0k+2/KLdK2jsvDCra6wSl5u28SiKoUxRkWjySc0Y2vkifieejq09S
3F91CrJKBtkHteIwfMhtDh2kBP15t/HnAQ7WudjE6xxXviIMsEvi/IWljRw8HY2hfCX1OO
5NdSOSXKPxv2IaZ5XYnE4DCmMIivJHvBYiXCME+wg9AfkWDzeXHTADfT8HaJtej6nfRV5D
lpuvlOfQ==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDztuoYE39bVLJUFOPRN5HA25Ph+JEVSWJ2GbTIZ15mhjHApGgIvr2/9SbMJ+4ADy8B+jjQSyRvdck15tFmJwUhJLHYh16soJ0VZg2M9lN8tmC1Iz0jBrHlKUsWnzu2d3r8lXm4A6R/NQTkSRB6vMwZztDSiQM/spgQs/ekmlZNjNTgmxDrmbyVnIM+ZxicizuM+t98nK85ytDC+kukAVZAS0CbWwPZZeN+3kM/dT1I648xo5jGV5C3P3xUDBseTbjdgIVRpdppvwIQ+nrN68N/D57jnBtI4iTMleTNtlqlEShIbf50bE1egScK+LqspFYaVzxzsxpRFKmed9HqKVjz"
set source built-in
next
edit "Fortinet_SSH_CA_Untrusted"
set password ENC k8nmDO1U5i8cNT2xwkA365/37ixoidNn7/oyHf2xTgAa9kwAmAliyE/Msd9iVD336TV15Rxlj/qknIUlCgHx3l6QrlXLa+10wksWVnDXD9taqHLg2PqOeKj3auiAgCYKlM0mOf78xqgDj/AVIkWhWyF78NWC/Bmdb+B2brt1lZQ8YW1zmYqSRq0RxDzAZPAfXskCDA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABC6xlxwcd
nRxQooRSH137VsAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC/6ujOl9Dx
UyvCjutsienSJ5/5d5x0rA7QXayrk9oV3s3Q6CTjdXgvTowX9cRCKpHqCGu7iGgXHPLqsr
YBNEgifWLoYyzyUk/e2VgfAaqfynj4b2QVbKmeDNWfFZjjOIqcWWuRm/LxS1JNCMhAE/cv
6jsqWromFCRmUwnWWqIjRbfj4xymplnsCIXbdNPRXdw06sYmYMujikZ5KR+xttZYcFLo8q
zVu2c+iu7HBQ+QXcxS+DVsNzgMgqoV4zC5V9Ny0q24jf/bgTP/OEPZ0fyRdMP9uNjWoQkH
u4SFRZiWZDnsiwbwTdqVtafyFzoXtjymNUFG7dW1hqxkHY8fyWHNAAADwDPC/jY8CpMWtB
Nx+vNvgE4qrgmjyceaRNivLeTWma1fZsmClURJOJ8iEDZg55gzjZlfWZvQA2u96RkIkpxT
UEZPBrvoA7po/w2XUFOSWF/VIGaRpc4Wv1VgZbOW0kwmFfHJKXey8Ukmsc3GQGfS6KloLl
6P5fxLpxCnLGyILP4Uh/l9ITp+czU3Ck/hN6F5iJvJhWm2bS8wZyIY29K/qCV2/83kvBXI
/9wuCGfPyP0C1QP/ib+SRWqdFIuq/aUQlcIneJmFS9uAThnuOG+z26IL0WdeZfpeZ1g8v3
MfXvkDdXcBkc3q9sq84vUrHbkaace/HYrXoOXPZNibpGLoOVTzPoENgTMV7GsGMvlIj/Go
vDyG4MWYn6BQFR+oQWZfmaR2ds1xziSl5c/17ZnHRqwvPbzX9wsUqqwLALXQor+/w0TZSy
9ePexPNG89675Z2VKa7BgzXCUz0Vis8RFkQiInOeG7oDUS/xCGEeqicojuby9RY+x5Je5M
/GMoYHuPBA11EtSALYiicyddaT3A2kx4L1OmdxXBVQtcwdh32XlVouEZPEfbVKOmp9xxge
7V5GSS5NFcpB0Aem01p0UYgCsB4/UUeWPRsb3HNg+0ie+3GtPpN9rkVzLy8vYyuI2nv5Cg
wro/40zwTCU0M0obYnIciP06q6K6+LcsGhKCbi3TR8ZAQCWtl5ElQBbq4yjBWmjl5zaBsz
HZhTWyACsR6UoeE5LGh5m6zDsX0jaPnGMKIhrHVX6eGXazDX4J5y9o7F2PxF46tKbvYsAZ
FuS8ZDKSTx4QGb0uEpOM+WOmQg9vT638UxTiOVjWGoAR4rzBAH0IR4EwHhbFo+h7liaBG1
kGLrOc1yKjtM9Hdu1uUP4Pty8BfFUhycKLu7evs6OE02dWW2xZG8HboXaM553wwFjOYXlw
Smh/FD9uBEnK5n+D5Q9nS4d92LgRacotoJXZTfDH6sfSrMLn7YwYrPWhc+GK/CxkbMgE/V
398tr7ND2v7dh8hiQhgSZNl/qDa1q+upmtooHszkZjSwnIS2CusvIhFGq29Ob87e3mp2BL
gV74/cOd8pq5imkkS6X1omNIuuGwWQE4uYr9ubLpoeTUxe8fApAKNnyAj8TeQtcFk1av0X
RrAvhCn3LZK+iGaQYahoazxEFJD9gm5H+sMw+XCLT8ewSWJ2/HcukKrD4rBuC0H69l6xg+
UpGFt5EQqnlTxtBZBC1srH8yAwyoClCdW+vk4J8ych30FkORXhiE1N1pUAizNCsqZYGMRd
WmR/f5hQ==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/6ujOl9DxUyvCjutsienSJ5/5d5x0rA7QXayrk9oV3s3Q6CTjdXgvTowX9cRCKpHqCGu7iGgXHPLqsrYBNEgifWLoYyzyUk/e2VgfAaqfynj4b2QVbKmeDNWfFZjjOIqcWWuRm/LxS1JNCMhAE/cv6jsqWromFCRmUwnWWqIjRbfj4xymplnsCIXbdNPRXdw06sYmYMujikZ5KR+xttZYcFLo8qzVu2c+iu7HBQ+QXcxS+DVsNzgMgqoV4zC5V9Ny0q24jf/bgTP/OEPZ0fyRdMP9uNjWoQkHu4SFRZiWZDnsiwbwTdqVtafyFzoXtjymNUFG7dW1hqxkHY8fyWHN"
set source built-in
next
end
config firewall ssh setting
set caname "Fortinet_SSH_CA"
set untrusted-caname "Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "Fortinet_SSH_ED25519"
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
config http
set ports 80
unset options
unset post-lang
end
config ftp
set ports 21
set options splice
end
config imap
set ports 143
set options fragmail
end
config mapi
set ports 135
set options fragmail
end
config pop3
set ports 110
set options fragmail
end
config smtp
set ports 25
set options fragmail splice
end
config nntp
set ports 119
set options splice
end
config ssh
unset options
end
config dns
set ports 53
end
config cifs
set ports 445
unset options
end
next
end
config firewall ssl-ssh-profile
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config https
set ports 443
set status deep-inspection
end
config ftps
set ports 990
set status deep-inspection
end
config imaps
set ports 993
set status deep-inspection
end
config pop3s
set ports 995
set status deep-inspection
end
config smtps
set ports 465
set status deep-inspection
end
config ssh
set ports 22
set status disable
end
config dot
set status disable
end
config ssl-exempt
edit 1
set fortiguard-category 31
next
edit 2
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "mzstatic-apple"
next
end
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config https
set ports 443
set status deep-inspection
end
config ftps
set ports 990
set status deep-inspection
end
config imaps
set ports 993
set status deep-inspection
end
config pop3s
set ports 995
set status deep-inspection
end
config smtps
set ports 465
set status deep-inspection
end
config ssh
set ports 22
set status disable
end
config dot
set status disable
end
config ssl-exempt
edit 1
set fortiguard-category 31
next
edit 2
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "mzstatic-apple"
next
end
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config https
set status disable
end
config ftps
set status disable
end
config imaps
set status disable
end
config pop3s
set status disable
end
config smtps
set status disable
end
config ssh
set ports 22
set status disable
end
config dot
set status disable
end
next
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config https
set ports 443
set status certificate-inspection
end
config ftps
set status disable
end
config imaps
set status disable
end
config pop3s
set status disable
end
config smtps
set status disable
end
config ssh
set ports 22
set status disable
end
config dot
set status disable
end
next
end
config waf profile
edit "default"
config signature
config main-class 100000000
set action block
set severity high
end
config main-class 20000000
end
config main-class 30000000
set status enable
set action block
set severity high
end
config main-class 40000000
end
config main-class 50000000
set status enable
set action block
set severity high
end
config main-class 60000000
end
config main-class 70000000
set status enable
set action block
set severity high
end
config main-class 80000000
set status enable
set severity low
end
config main-class 110000000
set status enable
set severity high
end
config main-class 90000000
set status enable
set action block
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
end
config constraint
config header-length
set status enable
set log enable
set severity low
end
config content-length
set status enable
set log enable
set severity low
end
config param-length
set status enable
set log enable
set severity low
end
config line-length
set status enable
set log enable
set severity low
end
config url-param-length
set status enable
set log enable
set severity low
end
config version
set log enable
end
config method
set action block
set log enable
end
config hostname
set action block
set log enable
end
config malformed
set log enable
end
config max-cookie
set status enable
set log enable
set severity low
end
config max-header-line
set status enable
set log enable
set severity low
end
config max-url-param
set status enable
set log enable
set severity low
end
config max-range-segment
set status enable
set log enable
set severity high
end
end
next
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set authserver-timeout-vlan disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
set auto-isl disable
config med-network-policy
edit "voice"
next
edit "voice-signaling"
next
edit "guest-voice"
next
edit "guest-voice-signaling"
next
edit "softphone-voice"
next
edit "video-conferencing"
next
edit "streaming-video"
next
edit "video-signaling"
next
end
config med-location-service
edit "coordinates"
next
edit "address-civic"
next
edit "elin-number"
next
end
next
edit "default-auto-isl"
next
edit "default-auto-mclag-icl"
set auto-mclag-icl enable
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
next
edit "queue-1"
next
edit "queue-2"
next
edit "queue-3"
next
edit "queue-4"
next
edit "queue-5"
next
edit "queue-6"
next
edit "queue-7"
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
next
edit "queue-1"
set weight 0
next
edit "queue-2"
set weight 6
next
edit "queue-3"
set weight 37
next
edit "queue-4"
set weight 12
next
edit "queue-5"
next
edit "queue-6"
next
edit "queue-7"
next
end
next
end
config switch-controller qos qos-policy
edit "default"
next
edit "voice-qos"
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "default"
next
edit "default-icl"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
next
edit "quarantine"
set vlanid 4093
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
set dhcp-server enable
next
edit "voice"
set vlanid 4091
next
edit "video"
set vlanid 4090
next
edit "onboarding"
set vlanid 4089
next
edit "nac_segment"
set vlanid 4088
set dhcp-server enable
next
end
config switch-controller switch-profile
edit "default"
next
end
config switch-controller ptp settings
set mode disable
end
config switch-controller ptp policy
edit "default"
set status enable
next
end
config switch-controller remote-log
edit "syslogd"
next
edit "syslogd2"
next
end
config wireless-controller setting
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller arrp-profile
edit "arrp-default"
next
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set ap-scan enable
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set assoc-frame-flood enable
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-logoff-flood enable
set eapol-succ-flood enable
set eapol-fail-flood enable
set eapol-pre-succ-flood enable
set eapol-pre-fail-flood enable
next
edit "default-wids-apscan-enabled"
set ap-scan enable
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
next
end
config router rip
config redistribute "connected"
end
config redistribute "static"
end
config redistribute "ospf"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end
config router ripng
config redistribute "connected"
end
config redistribute "static"
end
config redistribute "ospf"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end
config router ospf
config redistribute "connected"
end
config redistribute "static"
end
config redistribute "rip"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end
config router ospf6
config redistribute "connected"
end
config redistribute "static"
end
config redistribute "rip"
end
config redistribute "bgp"
end
config redistribute "isis"
end
end
config router bgp
config redistribute "connected"
end
config redistribute "rip"
end
config redistribute "ospf"
end
config redistribute "static"
end
config redistribute "isis"
end
config redistribute6 "connected"
end
config redistribute6 "rip"
end
config redistribute6 "ospf"
end
config redistribute6 "static"
end
config redistribute6 "isis"
end
end
config router isis
config redistribute "connected"
end
config redistribute "rip"
end
config redistribute "ospf"
end
config redistribute "bgp"
end
config redistribute "static"
end
config redistribute6 "connected"
end
config redistribute6 "rip"
end
config redistribute6 "ospf"
end
config redistribute6 "bgp"
end
config redistribute6 "static"
end
end
config router multicast
end
他設定
他の設定については、随時追加していこうと思います。
ter len 0
Ciscoのter len 0のように、showコマンド実行時にすべての結果を一度に出力をする設定です。
Ciscoでは設定したときの、ssh/telnet/consoleセッションでのみ有効になる。
Fortigateでは一度設定すると、コマンドで削除しない限り有効のままになってしまうので、注意しましょう。
設定コマンドは以下です。
config system console
set output standard
end
NTPサーバ設定
私の環境ではNTPサーバを別途用意しているので、NTPサーバから取得するように設定しようと思います。
しかし、NTPサーバの設定は初めはGUIから設定することができません。
そのため、CLIから設定をしていきます。
設定コマンドは以下です。
config system ntp
set type custom
config ntpserver
edit 1
set server 192.168.1.201 <--NTPサーバのIPアドレス
end
end
スタティックルーティング設定
デフォルトゲートウェイやスタティックルートの設定をするためのコマンドを記載します。
宛先はデフォルトで0.0.0.0/0.0.0.0のためデフォルトゲートウェイを設定する場合は省略しても問題ありません。
設定コマンドは以下です。
config router static
edit 0 <--0にすると未使用番号が自動採番される
set dst 0.0.0.0/0.0.0.0 <--宛先NWセグメント
set gateway 192.168.132.1 <--ネクストホップ
set device "port1" <--インターフェースを指定
end
end