LoginSignup
1
1

More than 1 year has passed since last update.

【環境構築】ForigateのVMを使ってみる

Last updated at Posted at 2022-12-29

はじめに

私は2021年に新卒でインフラエンジニアとして働いています。
その中で、個人的な学習としてESXiのサーバを構築しました。
自分専用のESXiがあると、何かと勉強の幅が広がるので、初級インフラエンジニアの方は持っておくことをおすすめします!

話がそれましたが、ファイヤーウォールであるFortigateを、自由壊れることを気にせずいじりまくれるVM環境の作成手順をまとめました。

環境に違いはありますが、virtual boxなどでもできるようなので、FortigateのVMを作成する際は参考にしてみてください。

VM作成手順は下記サイトへ移動しました。

初期コンフィグ

SSHの設定まで終わった後に、バックアップを取得しました。
公式サイトFortiOS CLI referenceからも初期設定値がわかりますが、初期コンフィグがあると何かと便利なため張り付けています。
非常に長いので、見たい方は開いてみてください。

FortiOS7.0.8 バックアップファイル
#config-version=FGVM64-7.0.8-FW-build0418-221012:opmode=0:vdom=0:user=admin
#conf_file_ver=282729107226568
#buildno=0418
#global_vdom=1
config system global
    set alias "FortiGate-VM64"
    set hostname "FortiGate-VM64"
    set language japanese
    set timezone 04
end
config system accprofile
    edit "prof_admin"
        set secfabgrp read-write
        set ftviewgrp read-write
        set authgrp read-write
        set sysgrp read-write
        set netgrp read-write
        set loggrp read-write
        set fwgrp read-write
        set vpngrp read-write
        set utmgrp read-write
        set wanoptgrp read-write
        set wifi read-write
    next
end
config system interface
    edit "port1"
        set vdom "root"
        set ip 192.168.1.100 255.255.255.0
        set allowaccess ping https ssh http fgfm
        set type physical
        set snmp-index 1
    next
    edit "port2"
        set vdom "root"
        set type physical
        set snmp-index 2
    next
    edit "port3"
        set vdom "root"
        set type physical
        set snmp-index 3
    next
    edit "port4"
        set vdom "root"
        set type physical
        set snmp-index 4
    next
    edit "port5"
        set vdom "root"
        set type physical
        set snmp-index 5
    next
    edit "port6"
        set vdom "root"
        set type physical
        set snmp-index 6
    next
    edit "port7"
        set vdom "root"
        set type physical
        set snmp-index 7
    next
    edit "port8"
        set vdom "root"
        set type physical
        set snmp-index 8
    next
    edit "port9"
        set vdom "root"
        set type physical
        set snmp-index 9
    next
    edit "port10"
        set vdom "root"
        set type physical
        set snmp-index 10
    next
    edit "naf.root"
        set vdom "root"
        set type tunnel
        set src-check disable
        set snmp-index 11
    next
    edit "l2t.root"
        set vdom "root"
        set type tunnel
        set snmp-index 12
    next
    edit "ssl.root"
        set vdom "root"
        set type tunnel
        set alias "SSL VPN interface"
        set snmp-index 13
    next
    edit "fortilink"
        set vdom "root"
        set fortilink enable
        set ip 10.255.1.1 255.255.255.0
        set allowaccess ping fabric
        set type aggregate
        set lldp-reception enable
        set lldp-transmission enable
        set snmp-index 14
    next
end
config system custom-language
    edit "en"
        set filename "en"
    next
    edit "fr"
        set filename "fr"
    next
    edit "sp"
        set filename "sp"
    next
    edit "pg"
        set filename "pg"
    next
    edit "x-sjis"
        set filename "x-sjis"
    next
    edit "big5"
        set filename "big5"
    next
    edit "GB2312"
        set filename "GB2312"
    next
    edit "euc-kr"
        set filename "euc-kr"
    next
end
config system admin
    edit "admin"
        set accprofile "super_admin"
        set vdom "root"
        config gui-dashboard
            edit 1
                set name "Status"
                set vdom "root"
                set permanent enable
                config widget
                    edit 1
                        set width 1
                        set height 1
                    next
                    edit 2
                        set type licinfo
                        set x-pos 1
                        set width 1
                        set height 1
                    next
                    edit 3
                        set type vminfo
                        set x-pos 2
                        set width 1
                        set height 1
                    next
                    edit 4
                        set type forticloud
                        set x-pos 3
                        set width 1
                        set height 1
                    next
                    edit 5
                        set type security-fabric
                        set x-pos 4
                        set width 1
                        set height 1
                    next
                    edit 6
                        set type admins
                        set x-pos 5
                        set width 1
                        set height 1
                    next
                    edit 7
                        set type cpu-usage
                        set x-pos 6
                        set width 2
                        set height 1
                    next
                    edit 8
                        set type memory-usage
                        set x-pos 7
                        set width 2
                        set height 1
                    next
                    edit 9
                        set type sessions
                        set x-pos 8
                        set width 2
                        set height 1
                    next
                end
            next
            edit 2
                set name "Security"
                set vdom "root"
                config widget
                    edit 1
                        set type fortiview
                        set width 2
                        set height 1
                        set fortiview-type "compromisedHosts"
                        set fortiview-sort-by "verdict"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                    edit 2
                        set type fortiview
                        set x-pos 1
                        set width 2
                        set height 1
                        set fortiview-type "threats"
                        set fortiview-sort-by "threatLevel"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                    edit 3
                        set type vulnerability-summary
                        set x-pos 2
                        set width 2
                        set height 1
                    next
                    edit 4
                        set type host-scan-summary
                        set x-pos 3
                        set width 1
                        set height 1
                    next
                    edit 5
                        set type fortiview
                        set x-pos 4
                        set width 2
                        set height 1
                        set fortiview-type "endpointDevices"
                        set fortiview-sort-by "vulnerabilities"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 3
                set name "Network"
                set vdom "root"
                config widget
                    edit 1
                        set type routing
                        set width 2
                        set height 1
                        set router-view-type "staticdynamic"
                    next
                    edit 2
                        set type dhcp
                        set x-pos 1
                        set width 2
                        set height 1
                    next
                    edit 3
                        set type virtual-wan
                        set x-pos 2
                        set width 2
                        set height 1
                    next
                    edit 4
                        set type ipsec-vpn
                        set x-pos 3
                        set width 2
                        set height 1
                    next
                    edit 5
                        set type ssl-vpn
                        set x-pos 4
                        set width 2
                        set height 1
                    next
                end
            next
            edit 4
                set name "Users & Devices"
                set vdom "root"
                config widget
                    edit 1
                        set type device-inventory
                        set width 2
                        set height 1
                        set table-visualization "charts"
                        set device-list-view-type "hardware_vendor"
                    next
                    edit 2
                        set type forticlient
                        set x-pos 1
                        set width 2
                        set height 1
                        set table-visualization "charts"
                        set device-list-online "online"
                        set device-list-telemetry "sending"
                        set device-list-view-type "interface"
                    next
                    edit 3
                        set type firewall-user
                        set x-pos 2
                        set width 2
                        set height 1
                    next
                    edit 4
                        set type quarantine
                        set x-pos 3
                        set width 2
                        set height 1
                    next
                    edit 5
                        set type nac-vlans
                        set x-pos 4
                        set width 2
                        set height 1
                    next
                end
            next
            edit 5
                set name "FortiView Sources"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "source"
                        set fortiview-sort-by "bytes"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 6
                set name "FortiView Destinations"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "destination"
                        set fortiview-sort-by "bytes"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 7
                set name "FortiView Applications"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "application"
                        set fortiview-sort-by "bytes"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 8
                set name "FortiView Web Sites"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "website"
                        set fortiview-sort-by "sessions"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 9
                set name "FortiView Policies"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "policy"
                        set fortiview-sort-by "bytes"
                        set fortiview-timeframe "hour"
                        set fortiview-visualization "table"
                    next
                end
            next
            edit 10
                set name "FortiView Sessions"
                set vdom "root"
                set layout-type standalone
                set csf disable
                config widget
                    edit 1
                        set type fortiview
                        set width 6
                        set height 3
                        set fortiview-type "realtimeSessions"
                        set fortiview-sort-by "bytes"
                        set fortiview-timeframe "realtime"
                        set fortiview-visualization "table"
                    next
                end
            next
        end
        set gui-ignore-release-overview-version "7.0.0"
        set password ENC SH2zX4VjuoXHLUYNx8fb9tRQAikOFWpZeuRbEkh1MZg8NVzgh5+xZp5MJ5Fxm0=
    next
end
config system sso-admin
end
config system ha
    set override disable
end
config system storage
    edit "Virtual-Disk"
        set status enable
        set media-status enable
        set order 1
        set partition "LOGUSEDXF1556C06"
        set device "/dev/sdb1"
        set size 30235
        set usage log
    next
end
config system dns
    set primary 96.45.45.45
    set secondary 96.45.46.46
end
config system replacemsg-image
    edit "logo_fnet"
        set image-type gif
    next
    edit "logo_fguard_wf"
        set image-type gif
    next
    edit "logo_v3_fguard_app"
    next
end
config system replacemsg mail "partial"
end
config system replacemsg http "url-block"
end
config system replacemsg http "urlfilter-err"
end
config system replacemsg http "infcache-block"
end
config system replacemsg http "http-contenttypeblock"
end
config system replacemsg http "https-invalid-cert-block"
end
config system replacemsg http "https-untrusted-cert-block"
end
config system replacemsg http "https-blocklisted-cert-block"
end
config system replacemsg http "switching-protocols-block"
end
config system replacemsg http "http-antiphish-block"
end
config system replacemsg http "videofilter-block"
end
config system replacemsg webproxy "deny"
end
config system replacemsg webproxy "user-limit"
end
config system replacemsg webproxy "auth-challenge"
end
config system replacemsg webproxy "auth-login-fail"
end
config system replacemsg webproxy "auth-group-info-fail"
end
config system replacemsg webproxy "http-err"
end
config system replacemsg webproxy "auth-ip-blackout"
end
config system replacemsg webproxy "ztna-block"
end
config system replacemsg ftp "ftp-explicit-banner"
end
config system replacemsg fortiguard-wf "ftgd-block"
end
config system replacemsg fortiguard-wf "ftgd-ovrd"
end
config system replacemsg fortiguard-wf "ftgd-quota"
end
config system replacemsg fortiguard-wf "ftgd-warning"
end
config system replacemsg spam "ipblocklist"
end
config system replacemsg spam "smtp-spam-dnsbl"
end
config system replacemsg spam "smtp-spam-feip"
end
config system replacemsg spam "smtp-spam-helo"
end
config system replacemsg spam "smtp-spam-emailblock"
end
config system replacemsg spam "smtp-spam-mimeheader"
end
config system replacemsg spam "reversedns"
end
config system replacemsg spam "smtp-spam-ase"
end
config system replacemsg spam "submit"
end
config system replacemsg alertmail "alertmail-virus"
end
config system replacemsg alertmail "alertmail-block"
end
config system replacemsg alertmail "alertmail-nids-event"
end
config system replacemsg alertmail "alertmail-crit-event"
end
config system replacemsg alertmail "alertmail-disk-full"
end
config system replacemsg admin "pre_admin-disclaimer-text"
end
config system replacemsg admin "post_admin-disclaimer-text"
end
config system replacemsg auth "auth-disclaimer-page-1"
end
config system replacemsg auth "auth-disclaimer-page-2"
end
config system replacemsg auth "auth-disclaimer-page-3"
end
config system replacemsg auth "auth-proxy-reject-page"
end
config system replacemsg auth "auth-reject-page"
end
config system replacemsg auth "auth-login-page"
end
config system replacemsg auth "auth-login-failed-page"
end
config system replacemsg auth "auth-token-login-page"
end
config system replacemsg auth "auth-token-login-failed-page"
end
config system replacemsg auth "auth-success-msg"
end
config system replacemsg auth "auth-challenge-page"
end
config system replacemsg auth "auth-keepalive-page"
end
config system replacemsg auth "auth-portal-page"
end
config system replacemsg auth "auth-password-page"
end
config system replacemsg auth "auth-fortitoken-page"
end
config system replacemsg auth "auth-next-fortitoken-page"
end
config system replacemsg auth "auth-email-token-page"
end
config system replacemsg auth "auth-sms-token-page"
end
config system replacemsg auth "auth-email-harvesting-page"
end
config system replacemsg auth "auth-email-failed-page"
end
config system replacemsg auth "auth-cert-passwd-page"
end
config system replacemsg auth "auth-guest-print-page"
end
config system replacemsg auth "auth-guest-email-page"
end
config system replacemsg auth "auth-success-page"
end
config system replacemsg auth "auth-block-notification-page"
end
config system replacemsg auth "auth-quarantine-page"
end
config system replacemsg auth "auth-qtn-reject-page"
end
config system replacemsg auth "auth-saml-page"
end
config system replacemsg sslvpn "sslvpn-login"
end
config system replacemsg sslvpn "sslvpn-header"
end
config system replacemsg sslvpn "sslvpn-limit"
end
config system replacemsg sslvpn "hostcheck-error"
end
config system replacemsg sslvpn "sslvpn-provision-user"
end
config system replacemsg sslvpn "sslvpn-provision-user-sms"
end
config system replacemsg nac-quar "nac-quar-virus"
end
config system replacemsg nac-quar "nac-quar-dos"
end
config system replacemsg nac-quar "nac-quar-ips"
end
config system replacemsg nac-quar "nac-quar-dlp"
end
config system replacemsg nac-quar "nac-quar-admin"
end
config system replacemsg nac-quar "nac-quar-app"
end
config system replacemsg traffic-quota "per-ip-shaper-block"
end
config system replacemsg utm "virus-html"
end
config system replacemsg utm "client-virus-html"
end
config system replacemsg utm "virus-text"
end
config system replacemsg utm "dlp-html"
end
config system replacemsg utm "dlp-text"
end
config system replacemsg utm "appblk-html"
end
config system replacemsg utm "ipsblk-html"
end
config system replacemsg utm "ipsfail-html"
end
config system replacemsg utm "exe-text"
end
config system replacemsg utm "waf-html"
end
config system replacemsg utm "outbreak-prevention-html"
end
config system replacemsg utm "outbreak-prevention-text"
end
config system replacemsg utm "external-blocklist-html"
end
config system replacemsg utm "external-blocklist-text"
end
config system replacemsg utm "ems-threat-feed-html"
end
config system replacemsg utm "ems-threat-feed-text"
end
config system replacemsg utm "file-filter-html"
end
config system replacemsg utm "file-filter-text"
end
config system replacemsg utm "file-size-text"
end
config system replacemsg utm "transfer-size-text"
end
config system replacemsg utm "internal-error-text"
end
config system replacemsg utm "archive-block-html"
end
config system replacemsg utm "archive-block-text"
end
config system replacemsg utm "file-av-fail-text"
end
config system replacemsg utm "transfer-av-fail-text"
end
config system replacemsg utm "banned-word-html"
end
config system replacemsg utm "banned-word-text"
end
config system replacemsg utm "block-html"
end
config system replacemsg utm "block-text"
end
config system replacemsg utm "decompress-limit-text"
end
config system replacemsg utm "dlp-subject-text"
end
config system replacemsg utm "file-size-html"
end
config system replacemsg utm "client-file-size-html"
end
config system replacemsg icap "icap-req-resp"
end
config system replacemsg automation "automation-email"
end
config system snmp sysinfo
end
config firewall internet-service-name
    edit "Google-Other"
        set internet-service-id 65536
    next
    edit "Google-Web"
        set internet-service-id 65537
    next
    edit "Google-ICMP"
        set internet-service-id 65538
    next
    edit "Google-DNS"
        set internet-service-id 65539
    next
    edit "Google-Outbound_Email"
        set internet-service-id 65540
    next
    edit "Google-SSH"
        set internet-service-id 65542
    next
    edit "Google-FTP"
        set internet-service-id 65543
    next
    edit "Google-NTP"
        set internet-service-id 65544
    next
    edit "Google-Inbound_Email"
        set internet-service-id 65545
    next
    edit "Google-LDAP"
        set internet-service-id 65550
    next
    edit "Google-NetBIOS.Session.Service"
        set internet-service-id 65551
    next
    edit "Google-RTMP"
        set internet-service-id 65552
    next
    edit "Google-NetBIOS.Name.Service"
        set internet-service-id 65560
    next
    edit "Google-Google.Cloud"
        set internet-service-id 65641
    next
    edit "Google-Google.Bot"
        set internet-service-id 65643
    next
    edit "Google-Gmail"
        set internet-service-id 65646
    next
    edit "Facebook-Other"
        set internet-service-id 131072
    next
    edit "Facebook-Web"
        set internet-service-id 131073
    next
    edit "Facebook-ICMP"
        set internet-service-id 131074
    next
    edit "Facebook-DNS"
        set internet-service-id 131075
    next
    edit "Facebook-Outbound_Email"
        set internet-service-id 131076
    next
    edit "Facebook-SSH"
        set internet-service-id 131078
    next
    edit "Facebook-FTP"
        set internet-service-id 131079
    next
    edit "Facebook-NTP"
        set internet-service-id 131080
    next
    edit "Facebook-Inbound_Email"
        set internet-service-id 131081
    next
    edit "Facebook-LDAP"
        set internet-service-id 131086
    next
    edit "Facebook-NetBIOS.Session.Service"
        set internet-service-id 131087
    next
    edit "Facebook-RTMP"
        set internet-service-id 131088
    next
    edit "Facebook-NetBIOS.Name.Service"
        set internet-service-id 131096
    next
    edit "Facebook-Whatsapp"
        set internet-service-id 131184
    next
    edit "Facebook-Instagram"
        set internet-service-id 131189
    next
    edit "Apple-Other"
        set internet-service-id 196608
    next
    edit "Apple-Web"
        set internet-service-id 196609
    next
    edit "Apple-ICMP"
        set internet-service-id 196610
    next
    edit "Apple-DNS"
        set internet-service-id 196611
    next
    edit "Apple-Outbound_Email"
        set internet-service-id 196612
    next
    edit "Apple-SSH"
        set internet-service-id 196614
    next
    edit "Apple-FTP"
        set internet-service-id 196615
    next
    edit "Apple-NTP"
        set internet-service-id 196616
    next
    edit "Apple-Inbound_Email"
        set internet-service-id 196617
    next
    edit "Apple-LDAP"
        set internet-service-id 196622
    next
    edit "Apple-NetBIOS.Session.Service"
        set internet-service-id 196623
    next
    edit "Apple-RTMP"
        set internet-service-id 196624
    next
    edit "Apple-NetBIOS.Name.Service"
        set internet-service-id 196632
    next
    edit "Apple-App.Store"
        set internet-service-id 196723
    next
    edit "Apple-APNs"
        set internet-service-id 196747
    next
    edit "Yahoo-Other"
        set internet-service-id 262144
    next
    edit "Yahoo-Web"
        set internet-service-id 262145
    next
    edit "Yahoo-ICMP"
        set internet-service-id 262146
    next
    edit "Yahoo-DNS"
        set internet-service-id 262147
    next
    edit "Yahoo-Outbound_Email"
        set internet-service-id 262148
    next
    edit "Yahoo-SSH"
        set internet-service-id 262150
    next
    edit "Yahoo-FTP"
        set internet-service-id 262151
    next
    edit "Yahoo-NTP"
        set internet-service-id 262152
    next
    edit "Yahoo-Inbound_Email"
        set internet-service-id 262153
    next
    edit "Yahoo-LDAP"
        set internet-service-id 262158
    next
    edit "Yahoo-NetBIOS.Session.Service"
        set internet-service-id 262159
    next
    edit "Yahoo-RTMP"
        set internet-service-id 262160
    next
    edit "Yahoo-NetBIOS.Name.Service"
        set internet-service-id 262168
    next
    edit "Microsoft-Other"
        set internet-service-id 327680
    next
    edit "Microsoft-Web"
        set internet-service-id 327681
    next
    edit "Microsoft-ICMP"
        set internet-service-id 327682
    next
    edit "Microsoft-DNS"
        set internet-service-id 327683
    next
    edit "Microsoft-Outbound_Email"
        set internet-service-id 327684
    next
    edit "Microsoft-SSH"
        set internet-service-id 327686
    next
    edit "Microsoft-FTP"
        set internet-service-id 327687
    next
    edit "Microsoft-NTP"
        set internet-service-id 327688
    next
    edit "Microsoft-Inbound_Email"
        set internet-service-id 327689
    next
    edit "Microsoft-LDAP"
        set internet-service-id 327694
    next
    edit "Microsoft-NetBIOS.Session.Service"
        set internet-service-id 327695
    next
    edit "Microsoft-RTMP"
        set internet-service-id 327696
    next
    edit "Microsoft-NetBIOS.Name.Service"
        set internet-service-id 327704
    next
    edit "Microsoft-Skype_Teams"
        set internet-service-id 327781
    next
    edit "Microsoft-Office365"
        set internet-service-id 327782
    next
    edit "Microsoft-Azure"
        set internet-service-id 327786
    next
    edit "Microsoft-Bing.Bot"
        set internet-service-id 327788
    next
    edit "Microsoft-Outlook"
        set internet-service-id 327791
    next
    edit "Microsoft-Microsoft.Update"
        set internet-service-id 327793
    next
    edit "Microsoft-Dynamics"
        set internet-service-id 327837
    next
    edit "Microsoft-WNS"
        set internet-service-id 327839
    next
    edit "Microsoft-Office365.Published"
        set internet-service-id 327880
    next
    edit "Amazon-Other"
        set internet-service-id 393216
    next
    edit "Amazon-Web"
        set internet-service-id 393217
    next
    edit "Amazon-ICMP"
        set internet-service-id 393218
    next
    edit "Amazon-DNS"
        set internet-service-id 393219
    next
    edit "Amazon-Outbound_Email"
        set internet-service-id 393220
    next
    edit "Amazon-SSH"
        set internet-service-id 393222
    next
    edit "Amazon-FTP"
        set internet-service-id 393223
    next
    edit "Amazon-NTP"
        set internet-service-id 393224
    next
    edit "Amazon-Inbound_Email"
        set internet-service-id 393225
    next
    edit "Amazon-LDAP"
        set internet-service-id 393230
    next
    edit "Amazon-NetBIOS.Session.Service"
        set internet-service-id 393231
    next
    edit "Amazon-RTMP"
        set internet-service-id 393232
    next
    edit "Amazon-NetBIOS.Name.Service"
        set internet-service-id 393240
    next
    edit "Amazon-AWS"
        set internet-service-id 393320
    next
    edit "Amazon-AWS.WorkSpaces.Gateway"
        set internet-service-id 393403
    next
    edit "eBay-Other"
        set internet-service-id 458752
    next
    edit "eBay-Web"
        set internet-service-id 458753
    next
    edit "eBay-ICMP"
        set internet-service-id 458754
    next
    edit "eBay-DNS"
        set internet-service-id 458755
    next
    edit "eBay-Outbound_Email"
        set internet-service-id 458756
    next
    edit "eBay-SSH"
        set internet-service-id 458758
    next
    edit "eBay-FTP"
        set internet-service-id 458759
    next
    edit "eBay-NTP"
        set internet-service-id 458760
    next
    edit "eBay-Inbound_Email"
        set internet-service-id 458761
    next
    edit "eBay-LDAP"
        set internet-service-id 458766
    next
    edit "eBay-NetBIOS.Session.Service"
        set internet-service-id 458767
    next
    edit "eBay-RTMP"
        set internet-service-id 458768
    next
    edit "eBay-NetBIOS.Name.Service"
        set internet-service-id 458776
    next
    edit "PayPal-Other"
        set internet-service-id 524288
    next
    edit "PayPal-Web"
        set internet-service-id 524289
    next
    edit "PayPal-ICMP"
        set internet-service-id 524290
    next
    edit "PayPal-DNS"
        set internet-service-id 524291
    next
    edit "PayPal-Outbound_Email"
        set internet-service-id 524292
    next
    edit "PayPal-SSH"
        set internet-service-id 524294
    next
    edit "PayPal-FTP"
        set internet-service-id 524295
    next
    edit "PayPal-NTP"
        set internet-service-id 524296
    next
    edit "PayPal-Inbound_Email"
        set internet-service-id 524297
    next
    edit "PayPal-LDAP"
        set internet-service-id 524302
    next
    edit "PayPal-NetBIOS.Session.Service"
        set internet-service-id 524303
    next
    edit "PayPal-RTMP"
        set internet-service-id 524304
    next
    edit "PayPal-NetBIOS.Name.Service"
        set internet-service-id 524312
    next
    edit "Box-Other"
        set internet-service-id 589824
    next
    edit "Box-Web"
        set internet-service-id 589825
    next
    edit "Box-ICMP"
        set internet-service-id 589826
    next
    edit "Box-DNS"
        set internet-service-id 589827
    next
    edit "Box-Outbound_Email"
        set internet-service-id 589828
    next
    edit "Box-SSH"
        set internet-service-id 589830
    next
    edit "Box-FTP"
        set internet-service-id 589831
    next
    edit "Box-NTP"
        set internet-service-id 589832
    next
    edit "Box-Inbound_Email"
        set internet-service-id 589833
    next
    edit "Box-LDAP"
        set internet-service-id 589838
    next
    edit "Box-NetBIOS.Session.Service"
        set internet-service-id 589839
    next
    edit "Box-RTMP"
        set internet-service-id 589840
    next
    edit "Box-NetBIOS.Name.Service"
        set internet-service-id 589848
    next
    edit "Salesforce-Other"
        set internet-service-id 655360
    next
    edit "Salesforce-Web"
        set internet-service-id 655361
    next
    edit "Salesforce-ICMP"
        set internet-service-id 655362
    next
    edit "Salesforce-DNS"
        set internet-service-id 655363
    next
    edit "Salesforce-Outbound_Email"
        set internet-service-id 655364
    next
    edit "Salesforce-SSH"
        set internet-service-id 655366
    next
    edit "Salesforce-FTP"
        set internet-service-id 655367
    next
    edit "Salesforce-NTP"
        set internet-service-id 655368
    next
    edit "Salesforce-Inbound_Email"
        set internet-service-id 655369
    next
    edit "Salesforce-LDAP"
        set internet-service-id 655374
    next
    edit "Salesforce-NetBIOS.Session.Service"
        set internet-service-id 655375
    next
    edit "Salesforce-RTMP"
        set internet-service-id 655376
    next
    edit "Salesforce-NetBIOS.Name.Service"
        set internet-service-id 655384
    next
    edit "Salesforce-Email.Relay"
        set internet-service-id 655530
    next
    edit "Dropbox-Other"
        set internet-service-id 720896
    next
    edit "Dropbox-Web"
        set internet-service-id 720897
    next
    edit "Dropbox-ICMP"
        set internet-service-id 720898
    next
    edit "Dropbox-DNS"
        set internet-service-id 720899
    next
    edit "Dropbox-Outbound_Email"
        set internet-service-id 720900
    next
    edit "Dropbox-SSH"
        set internet-service-id 720902
    next
    edit "Dropbox-FTP"
        set internet-service-id 720903
    next
    edit "Dropbox-NTP"
        set internet-service-id 720904
    next
    edit "Dropbox-Inbound_Email"
        set internet-service-id 720905
    next
    edit "Dropbox-LDAP"
        set internet-service-id 720910
    next
    edit "Dropbox-NetBIOS.Session.Service"
        set internet-service-id 720911
    next
    edit "Dropbox-RTMP"
        set internet-service-id 720912
    next
    edit "Dropbox-NetBIOS.Name.Service"
        set internet-service-id 720920
    next
    edit "Netflix-Other"
        set internet-service-id 786432
    next
    edit "Netflix-Web"
        set internet-service-id 786433
    next
    edit "Netflix-ICMP"
        set internet-service-id 786434
    next
    edit "Netflix-DNS"
        set internet-service-id 786435
    next
    edit "Netflix-Outbound_Email"
        set internet-service-id 786436
    next
    edit "Netflix-SSH"
        set internet-service-id 786438
    next
    edit "Netflix-FTP"
        set internet-service-id 786439
    next
    edit "Netflix-NTP"
        set internet-service-id 786440
    next
    edit "Netflix-Inbound_Email"
        set internet-service-id 786441
    next
    edit "Netflix-LDAP"
        set internet-service-id 786446
    next
    edit "Netflix-NetBIOS.Session.Service"
        set internet-service-id 786447
    next
    edit "Netflix-RTMP"
        set internet-service-id 786448
    next
    edit "Netflix-NetBIOS.Name.Service"
        set internet-service-id 786456
    next
    edit "LinkedIn-Other"
        set internet-service-id 851968
    next
    edit "LinkedIn-Web"
        set internet-service-id 851969
    next
    edit "LinkedIn-ICMP"
        set internet-service-id 851970
    next
    edit "LinkedIn-DNS"
        set internet-service-id 851971
    next
    edit "LinkedIn-Outbound_Email"
        set internet-service-id 851972
    next
    edit "LinkedIn-SSH"
        set internet-service-id 851974
    next
    edit "LinkedIn-FTP"
        set internet-service-id 851975
    next
    edit "LinkedIn-NTP"
        set internet-service-id 851976
    next
    edit "LinkedIn-Inbound_Email"
        set internet-service-id 851977
    next
    edit "LinkedIn-LDAP"
        set internet-service-id 851982
    next
    edit "LinkedIn-NetBIOS.Session.Service"
        set internet-service-id 851983
    next
    edit "LinkedIn-RTMP"
        set internet-service-id 851984
    next
    edit "LinkedIn-NetBIOS.Name.Service"
        set internet-service-id 851992
    next
    edit "Adobe-Other"
        set internet-service-id 917504
    next
    edit "Adobe-Web"
        set internet-service-id 917505
    next
    edit "Adobe-ICMP"
        set internet-service-id 917506
    next
    edit "Adobe-DNS"
        set internet-service-id 917507
    next
    edit "Adobe-Outbound_Email"
        set internet-service-id 917508
    next
    edit "Adobe-SSH"
        set internet-service-id 917510
    next
    edit "Adobe-FTP"
        set internet-service-id 917511
    next
    edit "Adobe-NTP"
        set internet-service-id 917512
    next
    edit "Adobe-Inbound_Email"
        set internet-service-id 917513
    next
    edit "Adobe-LDAP"
        set internet-service-id 917518
    next
    edit "Adobe-NetBIOS.Session.Service"
        set internet-service-id 917519
    next
    edit "Adobe-RTMP"
        set internet-service-id 917520
    next
    edit "Adobe-NetBIOS.Name.Service"
        set internet-service-id 917528
    next
    edit "Adobe-Adobe.Cloud"
        set internet-service-id 917640
    next
    edit "Oracle-Other"
        set internet-service-id 983040
    next
    edit "Oracle-Web"
        set internet-service-id 983041
    next
    edit "Oracle-ICMP"
        set internet-service-id 983042
    next
    edit "Oracle-DNS"
        set internet-service-id 983043
    next
    edit "Oracle-Outbound_Email"
        set internet-service-id 983044
    next
    edit "Oracle-SSH"
        set internet-service-id 983046
    next
    edit "Oracle-FTP"
        set internet-service-id 983047
    next
    edit "Oracle-NTP"
        set internet-service-id 983048
    next
    edit "Oracle-Inbound_Email"
        set internet-service-id 983049
    next
    edit "Oracle-LDAP"
        set internet-service-id 983054
    next
    edit "Oracle-NetBIOS.Session.Service"
        set internet-service-id 983055
    next
    edit "Oracle-RTMP"
        set internet-service-id 983056
    next
    edit "Oracle-NetBIOS.Name.Service"
        set internet-service-id 983064
    next
    edit "Oracle-Oracle.Cloud"
        set internet-service-id 983171
    next
    edit "Hulu-Other"
        set internet-service-id 1048576
    next
    edit "Hulu-Web"
        set internet-service-id 1048577
    next
    edit "Hulu-ICMP"
        set internet-service-id 1048578
    next
    edit "Hulu-DNS"
        set internet-service-id 1048579
    next
    edit "Hulu-Outbound_Email"
        set internet-service-id 1048580
    next
    edit "Hulu-SSH"
        set internet-service-id 1048582
    next
    edit "Hulu-FTP"
        set internet-service-id 1048583
    next
    edit "Hulu-NTP"
        set internet-service-id 1048584
    next
    edit "Hulu-Inbound_Email"
        set internet-service-id 1048585
    next
    edit "Hulu-LDAP"
        set internet-service-id 1048590
    next
    edit "Hulu-NetBIOS.Session.Service"
        set internet-service-id 1048591
    next
    edit "Hulu-RTMP"
        set internet-service-id 1048592
    next
    edit "Hulu-NetBIOS.Name.Service"
        set internet-service-id 1048600
    next
    edit "Pinterest-Other"
        set internet-service-id 1114112
    next
    edit "Pinterest-Web"
        set internet-service-id 1114113
    next
    edit "Pinterest-ICMP"
        set internet-service-id 1114114
    next
    edit "Pinterest-DNS"
        set internet-service-id 1114115
    next
    edit "Pinterest-Outbound_Email"
        set internet-service-id 1114116
    next
    edit "Pinterest-SSH"
        set internet-service-id 1114118
    next
    edit "Pinterest-FTP"
        set internet-service-id 1114119
    next
    edit "Pinterest-NTP"
        set internet-service-id 1114120
    next
    edit "Pinterest-Inbound_Email"
        set internet-service-id 1114121
    next
    edit "Pinterest-LDAP"
        set internet-service-id 1114126
    next
    edit "Pinterest-NetBIOS.Session.Service"
        set internet-service-id 1114127
    next
    edit "Pinterest-RTMP"
        set internet-service-id 1114128
    next
    edit "Pinterest-NetBIOS.Name.Service"
        set internet-service-id 1114136
    next
    edit "LogMeIn-Other"
        set internet-service-id 1179648
    next
    edit "LogMeIn-Web"
        set internet-service-id 1179649
    next
    edit "LogMeIn-ICMP"
        set internet-service-id 1179650
    next
    edit "LogMeIn-DNS"
        set internet-service-id 1179651
    next
    edit "LogMeIn-Outbound_Email"
        set internet-service-id 1179652
    next
    edit "LogMeIn-SSH"
        set internet-service-id 1179654
    next
    edit "LogMeIn-FTP"
        set internet-service-id 1179655
    next
    edit "LogMeIn-NTP"
        set internet-service-id 1179656
    next
    edit "LogMeIn-Inbound_Email"
        set internet-service-id 1179657
    next
    edit "LogMeIn-LDAP"
        set internet-service-id 1179662
    next
    edit "LogMeIn-NetBIOS.Session.Service"
        set internet-service-id 1179663
    next
    edit "LogMeIn-RTMP"
        set internet-service-id 1179664
    next
    edit "LogMeIn-NetBIOS.Name.Service"
        set internet-service-id 1179672
    next
    edit "LogMeIn-GoTo.Suite"
        set internet-service-id 1179767
    next
    edit "Fortinet-Other"
        set internet-service-id 1245184
    next
    edit "Fortinet-Web"
        set internet-service-id 1245185
    next
    edit "Fortinet-ICMP"
        set internet-service-id 1245186
    next
    edit "Fortinet-DNS"
        set internet-service-id 1245187
    next
    edit "Fortinet-Outbound_Email"
        set internet-service-id 1245188
    next
    edit "Fortinet-SSH"
        set internet-service-id 1245190
    next
    edit "Fortinet-FTP"
        set internet-service-id 1245191
    next
    edit "Fortinet-NTP"
        set internet-service-id 1245192
    next
    edit "Fortinet-Inbound_Email"
        set internet-service-id 1245193
    next
    edit "Fortinet-LDAP"
        set internet-service-id 1245198
    next
    edit "Fortinet-NetBIOS.Session.Service"
        set internet-service-id 1245199
    next
    edit "Fortinet-RTMP"
        set internet-service-id 1245200
    next
    edit "Fortinet-NetBIOS.Name.Service"
        set internet-service-id 1245208
    next
    edit "Fortinet-FortiGuard"
        set internet-service-id 1245324
    next
    edit "Fortinet-FortiMail.Cloud"
        set internet-service-id 1245325
    next
    edit "Fortinet-FortiCloud"
        set internet-service-id 1245326
    next
    edit "Kaspersky-Other"
        set internet-service-id 1310720
    next
    edit "Kaspersky-Web"
        set internet-service-id 1310721
    next
    edit "Kaspersky-ICMP"
        set internet-service-id 1310722
    next
    edit "Kaspersky-DNS"
        set internet-service-id 1310723
    next
    edit "Kaspersky-Outbound_Email"
        set internet-service-id 1310724
    next
    edit "Kaspersky-SSH"
        set internet-service-id 1310726
    next
    edit "Kaspersky-FTP"
        set internet-service-id 1310727
    next
    edit "Kaspersky-NTP"
        set internet-service-id 1310728
    next
    edit "Kaspersky-Inbound_Email"
        set internet-service-id 1310729
    next
    edit "Kaspersky-LDAP"
        set internet-service-id 1310734
    next
    edit "Kaspersky-NetBIOS.Session.Service"
        set internet-service-id 1310735
    next
    edit "Kaspersky-RTMP"
        set internet-service-id 1310736
    next
    edit "Kaspersky-NetBIOS.Name.Service"
        set internet-service-id 1310744
    next
    edit "McAfee-Other"
        set internet-service-id 1376256
    next
    edit "McAfee-Web"
        set internet-service-id 1376257
    next
    edit "McAfee-ICMP"
        set internet-service-id 1376258
    next
    edit "McAfee-DNS"
        set internet-service-id 1376259
    next
    edit "McAfee-Outbound_Email"
        set internet-service-id 1376260
    next
    edit "McAfee-SSH"
        set internet-service-id 1376262
    next
    edit "McAfee-FTP"
        set internet-service-id 1376263
    next
    edit "McAfee-NTP"
        set internet-service-id 1376264
    next
    edit "McAfee-Inbound_Email"
        set internet-service-id 1376265
    next
    edit "McAfee-LDAP"
        set internet-service-id 1376270
    next
    edit "McAfee-NetBIOS.Session.Service"
        set internet-service-id 1376271
    next
    edit "McAfee-RTMP"
        set internet-service-id 1376272
    next
    edit "McAfee-NetBIOS.Name.Service"
        set internet-service-id 1376280
    next
    edit "Symantec-Other"
        set internet-service-id 1441792
    next
    edit "Symantec-Web"
        set internet-service-id 1441793
    next
    edit "Symantec-ICMP"
        set internet-service-id 1441794
    next
    edit "Symantec-DNS"
        set internet-service-id 1441795
    next
    edit "Symantec-Outbound_Email"
        set internet-service-id 1441796
    next
    edit "Symantec-SSH"
        set internet-service-id 1441798
    next
    edit "Symantec-FTP"
        set internet-service-id 1441799
    next
    edit "Symantec-NTP"
        set internet-service-id 1441800
    next
    edit "Symantec-Inbound_Email"
        set internet-service-id 1441801
    next
    edit "Symantec-LDAP"
        set internet-service-id 1441806
    next
    edit "Symantec-NetBIOS.Session.Service"
        set internet-service-id 1441807
    next
    edit "Symantec-RTMP"
        set internet-service-id 1441808
    next
    edit "Symantec-NetBIOS.Name.Service"
        set internet-service-id 1441816
    next
    edit "Symantec-Symantec.Cloud"
        set internet-service-id 1441922
    next
    edit "VMware-Other"
        set internet-service-id 1507328
    next
    edit "VMware-Web"
        set internet-service-id 1507329
    next
    edit "VMware-ICMP"
        set internet-service-id 1507330
    next
    edit "VMware-DNS"
        set internet-service-id 1507331
    next
    edit "VMware-Outbound_Email"
        set internet-service-id 1507332
    next
    edit "VMware-SSH"
        set internet-service-id 1507334
    next
    edit "VMware-FTP"
        set internet-service-id 1507335
    next
    edit "VMware-NTP"
        set internet-service-id 1507336
    next
    edit "VMware-Inbound_Email"
        set internet-service-id 1507337
    next
    edit "VMware-LDAP"
        set internet-service-id 1507342
    next
    edit "VMware-NetBIOS.Session.Service"
        set internet-service-id 1507343
    next
    edit "VMware-RTMP"
        set internet-service-id 1507344
    next
    edit "VMware-NetBIOS.Name.Service"
        set internet-service-id 1507352
    next
    edit "VMware-Airwatch"
        set internet-service-id 1507461
    next
    edit "AOL-Other"
        set internet-service-id 1572864
    next
    edit "AOL-Web"
        set internet-service-id 1572865
    next
    edit "AOL-ICMP"
        set internet-service-id 1572866
    next
    edit "AOL-DNS"
        set internet-service-id 1572867
    next
    edit "AOL-Outbound_Email"
        set internet-service-id 1572868
    next
    edit "AOL-SSH"
        set internet-service-id 1572870
    next
    edit "AOL-FTP"
        set internet-service-id 1572871
    next
    edit "AOL-NTP"
        set internet-service-id 1572872
    next
    edit "AOL-Inbound_Email"
        set internet-service-id 1572873
    next
    edit "AOL-LDAP"
        set internet-service-id 1572878
    next
    edit "AOL-NetBIOS.Session.Service"
        set internet-service-id 1572879
    next
    edit "AOL-RTMP"
        set internet-service-id 1572880
    next
    edit "AOL-NetBIOS.Name.Service"
        set internet-service-id 1572888
    next
    edit "RealNetworks-Other"
        set internet-service-id 1638400
    next
    edit "RealNetworks-Web"
        set internet-service-id 1638401
    next
    edit "RealNetworks-ICMP"
        set internet-service-id 1638402
    next
    edit "RealNetworks-DNS"
        set internet-service-id 1638403
    next
    edit "RealNetworks-Outbound_Email"
        set internet-service-id 1638404
    next
    edit "RealNetworks-SSH"
        set internet-service-id 1638406
    next
    edit "RealNetworks-FTP"
        set internet-service-id 1638407
    next
    edit "RealNetworks-NTP"
        set internet-service-id 1638408
    next
    edit "RealNetworks-Inbound_Email"
        set internet-service-id 1638409
    next
    edit "RealNetworks-LDAP"
        set internet-service-id 1638414
    next
    edit "RealNetworks-NetBIOS.Session.Service"
        set internet-service-id 1638415
    next
    edit "RealNetworks-RTMP"
        set internet-service-id 1638416
    next
    edit "RealNetworks-NetBIOS.Name.Service"
        set internet-service-id 1638424
    next
    edit "Zoho-Other"
        set internet-service-id 1703936
    next
    edit "Zoho-Web"
        set internet-service-id 1703937
    next
    edit "Zoho-ICMP"
        set internet-service-id 1703938
    next
    edit "Zoho-DNS"
        set internet-service-id 1703939
    next
    edit "Zoho-Outbound_Email"
        set internet-service-id 1703940
    next
    edit "Zoho-SSH"
        set internet-service-id 1703942
    next
    edit "Zoho-FTP"
        set internet-service-id 1703943
    next
    edit "Zoho-NTP"
        set internet-service-id 1703944
    next
    edit "Zoho-Inbound_Email"
        set internet-service-id 1703945
    next
    edit "Zoho-LDAP"
        set internet-service-id 1703950
    next
    edit "Zoho-NetBIOS.Session.Service"
        set internet-service-id 1703951
    next
    edit "Zoho-RTMP"
        set internet-service-id 1703952
    next
    edit "Zoho-NetBIOS.Name.Service"
        set internet-service-id 1703960
    next
    edit "Mozilla-Other"
        set internet-service-id 1769472
    next
    edit "Mozilla-Web"
        set internet-service-id 1769473
    next
    edit "Mozilla-ICMP"
        set internet-service-id 1769474
    next
    edit "Mozilla-DNS"
        set internet-service-id 1769475
    next
    edit "Mozilla-Outbound_Email"
        set internet-service-id 1769476
    next
    edit "Mozilla-SSH"
        set internet-service-id 1769478
    next
    edit "Mozilla-FTP"
        set internet-service-id 1769479
    next
    edit "Mozilla-NTP"
        set internet-service-id 1769480
    next
    edit "Mozilla-Inbound_Email"
        set internet-service-id 1769481
    next
    edit "Mozilla-LDAP"
        set internet-service-id 1769486
    next
    edit "Mozilla-NetBIOS.Session.Service"
        set internet-service-id 1769487
    next
    edit "Mozilla-RTMP"
        set internet-service-id 1769488
    next
    edit "Mozilla-NetBIOS.Name.Service"
        set internet-service-id 1769496
    next
    edit "TeamViewer-Other"
        set internet-service-id 1835008
    next
    edit "TeamViewer-Web"
        set internet-service-id 1835009
    next
    edit "TeamViewer-ICMP"
        set internet-service-id 1835010
    next
    edit "TeamViewer-DNS"
        set internet-service-id 1835011
    next
    edit "TeamViewer-Outbound_Email"
        set internet-service-id 1835012
    next
    edit "TeamViewer-SSH"
        set internet-service-id 1835014
    next
    edit "TeamViewer-FTP"
        set internet-service-id 1835015
    next
    edit "TeamViewer-NTP"
        set internet-service-id 1835016
    next
    edit "TeamViewer-Inbound_Email"
        set internet-service-id 1835017
    next
    edit "TeamViewer-LDAP"
        set internet-service-id 1835022
    next
    edit "TeamViewer-NetBIOS.Session.Service"
        set internet-service-id 1835023
    next
    edit "TeamViewer-RTMP"
        set internet-service-id 1835024
    next
    edit "TeamViewer-NetBIOS.Name.Service"
        set internet-service-id 1835032
    next
    edit "TeamViewer-TeamViewer"
        set internet-service-id 1835117
    next
    edit "HP-Other"
        set internet-service-id 1900544
    next
    edit "HP-Web"
        set internet-service-id 1900545
    next
    edit "HP-ICMP"
        set internet-service-id 1900546
    next
    edit "HP-DNS"
        set internet-service-id 1900547
    next
    edit "HP-Outbound_Email"
        set internet-service-id 1900548
    next
    edit "HP-SSH"
        set internet-service-id 1900550
    next
    edit "HP-FTP"
        set internet-service-id 1900551
    next
    edit "HP-NTP"
        set internet-service-id 1900552
    next
    edit "HP-Inbound_Email"
        set internet-service-id 1900553
    next
    edit "HP-LDAP"
        set internet-service-id 1900558
    next
    edit "HP-NetBIOS.Session.Service"
        set internet-service-id 1900559
    next
    edit "HP-RTMP"
        set internet-service-id 1900560
    next
    edit "HP-NetBIOS.Name.Service"
        set internet-service-id 1900568
    next
    edit "HP-Aruba"
        set internet-service-id 1900726
    next
    edit "Cisco-Other"
        set internet-service-id 1966080
    next
    edit "Cisco-Web"
        set internet-service-id 1966081
    next
    edit "Cisco-ICMP"
        set internet-service-id 1966082
    next
    edit "Cisco-DNS"
        set internet-service-id 1966083
    next
    edit "Cisco-Outbound_Email"
        set internet-service-id 1966084
    next
    edit "Cisco-SSH"
        set internet-service-id 1966086
    next
    edit "Cisco-FTP"
        set internet-service-id 1966087
    next
    edit "Cisco-NTP"
        set internet-service-id 1966088
    next
    edit "Cisco-Inbound_Email"
        set internet-service-id 1966089
    next
    edit "Cisco-LDAP"
        set internet-service-id 1966094
    next
    edit "Cisco-NetBIOS.Session.Service"
        set internet-service-id 1966095
    next
    edit "Cisco-RTMP"
        set internet-service-id 1966096
    next
    edit "Cisco-NetBIOS.Name.Service"
        set internet-service-id 1966104
    next
    edit "Cisco-Webex"
        set internet-service-id 1966183
    next
    edit "Cisco-Meraki.Cloud"
        set internet-service-id 1966218
    next
    edit "Cisco-Duo.Security"
        set internet-service-id 1966225
    next
    edit "Cisco-AppDynamic"
        set internet-service-id 1966260
    next
    edit "IBM-Other"
        set internet-service-id 2031616
    next
    edit "IBM-Web"
        set internet-service-id 2031617
    next
    edit "IBM-ICMP"
        set internet-service-id 2031618
    next
    edit "IBM-DNS"
        set internet-service-id 2031619
    next
    edit "IBM-Outbound_Email"
        set internet-service-id 2031620
    next
    edit "IBM-SSH"
        set internet-service-id 2031622
    next
    edit "IBM-FTP"
        set internet-service-id 2031623
    next
    edit "IBM-NTP"
        set internet-service-id 2031624
    next
    edit "IBM-Inbound_Email"
        set internet-service-id 2031625
    next
    edit "IBM-LDAP"
        set internet-service-id 2031630
    next
    edit "IBM-NetBIOS.Session.Service"
        set internet-service-id 2031631
    next
    edit "IBM-RTMP"
        set internet-service-id 2031632
    next
    edit "IBM-NetBIOS.Name.Service"
        set internet-service-id 2031640
    next
    edit "IBM-IBM.Cloud"
        set internet-service-id 2031748
    next
    edit "Citrix-Other"
        set internet-service-id 2097152
    next
    edit "Citrix-Web"
        set internet-service-id 2097153
    next
    edit "Citrix-ICMP"
        set internet-service-id 2097154
    next
    edit "Citrix-DNS"
        set internet-service-id 2097155
    next
    edit "Citrix-Outbound_Email"
        set internet-service-id 2097156
    next
    edit "Citrix-SSH"
        set internet-service-id 2097158
    next
    edit "Citrix-FTP"
        set internet-service-id 2097159
    next
    edit "Citrix-NTP"
        set internet-service-id 2097160
    next
    edit "Citrix-Inbound_Email"
        set internet-service-id 2097161
    next
    edit "Citrix-LDAP"
        set internet-service-id 2097166
    next
    edit "Citrix-NetBIOS.Session.Service"
        set internet-service-id 2097167
    next
    edit "Citrix-RTMP"
        set internet-service-id 2097168
    next
    edit "Citrix-NetBIOS.Name.Service"
        set internet-service-id 2097176
    next
    edit "Twitter-Other"
        set internet-service-id 2162688
    next
    edit "Twitter-Web"
        set internet-service-id 2162689
    next
    edit "Twitter-ICMP"
        set internet-service-id 2162690
    next
    edit "Twitter-DNS"
        set internet-service-id 2162691
    next
    edit "Twitter-Outbound_Email"
        set internet-service-id 2162692
    next
    edit "Twitter-SSH"
        set internet-service-id 2162694
    next
    edit "Twitter-FTP"
        set internet-service-id 2162695
    next
    edit "Twitter-NTP"
        set internet-service-id 2162696
    next
    edit "Twitter-Inbound_Email"
        set internet-service-id 2162697
    next
    edit "Twitter-LDAP"
        set internet-service-id 2162702
    next
    edit "Twitter-NetBIOS.Session.Service"
        set internet-service-id 2162703
    next
    edit "Twitter-RTMP"
        set internet-service-id 2162704
    next
    edit "Twitter-NetBIOS.Name.Service"
        set internet-service-id 2162712
    next
    edit "Dell-Other"
        set internet-service-id 2228224
    next
    edit "Dell-Web"
        set internet-service-id 2228225
    next
    edit "Dell-ICMP"
        set internet-service-id 2228226
    next
    edit "Dell-DNS"
        set internet-service-id 2228227
    next
    edit "Dell-Outbound_Email"
        set internet-service-id 2228228
    next
    edit "Dell-SSH"
        set internet-service-id 2228230
    next
    edit "Dell-FTP"
        set internet-service-id 2228231
    next
    edit "Dell-NTP"
        set internet-service-id 2228232
    next
    edit "Dell-Inbound_Email"
        set internet-service-id 2228233
    next
    edit "Dell-LDAP"
        set internet-service-id 2228238
    next
    edit "Dell-NetBIOS.Session.Service"
        set internet-service-id 2228239
    next
    edit "Dell-RTMP"
        set internet-service-id 2228240
    next
    edit "Dell-NetBIOS.Name.Service"
        set internet-service-id 2228248
    next
    edit "Vimeo-Other"
        set internet-service-id 2293760
    next
    edit "Vimeo-Web"
        set internet-service-id 2293761
    next
    edit "Vimeo-ICMP"
        set internet-service-id 2293762
    next
    edit "Vimeo-DNS"
        set internet-service-id 2293763
    next
    edit "Vimeo-Outbound_Email"
        set internet-service-id 2293764
    next
    edit "Vimeo-SSH"
        set internet-service-id 2293766
    next
    edit "Vimeo-FTP"
        set internet-service-id 2293767
    next
    edit "Vimeo-NTP"
        set internet-service-id 2293768
    next
    edit "Vimeo-Inbound_Email"
        set internet-service-id 2293769
    next
    edit "Vimeo-LDAP"
        set internet-service-id 2293774
    next
    edit "Vimeo-NetBIOS.Session.Service"
        set internet-service-id 2293775
    next
    edit "Vimeo-RTMP"
        set internet-service-id 2293776
    next
    edit "Vimeo-NetBIOS.Name.Service"
        set internet-service-id 2293784
    next
    edit "Redhat-Other"
        set internet-service-id 2359296
    next
    edit "Redhat-Web"
        set internet-service-id 2359297
    next
    edit "Redhat-ICMP"
        set internet-service-id 2359298
    next
    edit "Redhat-DNS"
        set internet-service-id 2359299
    next
    edit "Redhat-Outbound_Email"
        set internet-service-id 2359300
    next
    edit "Redhat-SSH"
        set internet-service-id 2359302
    next
    edit "Redhat-FTP"
        set internet-service-id 2359303
    next
    edit "Redhat-NTP"
        set internet-service-id 2359304
    next
    edit "Redhat-Inbound_Email"
        set internet-service-id 2359305
    next
    edit "Redhat-LDAP"
        set internet-service-id 2359310
    next
    edit "Redhat-NetBIOS.Session.Service"
        set internet-service-id 2359311
    next
    edit "Redhat-RTMP"
        set internet-service-id 2359312
    next
    edit "Redhat-NetBIOS.Name.Service"
        set internet-service-id 2359320
    next
    edit "VK-Other"
        set internet-service-id 2424832
    next
    edit "VK-Web"
        set internet-service-id 2424833
    next
    edit "VK-ICMP"
        set internet-service-id 2424834
    next
    edit "VK-DNS"
        set internet-service-id 2424835
    next
    edit "VK-Outbound_Email"
        set internet-service-id 2424836
    next
    edit "VK-SSH"
        set internet-service-id 2424838
    next
    edit "VK-FTP"
        set internet-service-id 2424839
    next
    edit "VK-NTP"
        set internet-service-id 2424840
    next
    edit "VK-Inbound_Email"
        set internet-service-id 2424841
    next
    edit "VK-LDAP"
        set internet-service-id 2424846
    next
    edit "VK-NetBIOS.Session.Service"
        set internet-service-id 2424847
    next
    edit "VK-RTMP"
        set internet-service-id 2424848
    next
    edit "VK-NetBIOS.Name.Service"
        set internet-service-id 2424856
    next
    edit "TrendMicro-Other"
        set internet-service-id 2490368
    next
    edit "TrendMicro-Web"
        set internet-service-id 2490369
    next
    edit "TrendMicro-ICMP"
        set internet-service-id 2490370
    next
    edit "TrendMicro-DNS"
        set internet-service-id 2490371
    next
    edit "TrendMicro-Outbound_Email"
        set internet-service-id 2490372
    next
    edit "TrendMicro-SSH"
        set internet-service-id 2490374
    next
    edit "TrendMicro-FTP"
        set internet-service-id 2490375
    next
    edit "TrendMicro-NTP"
        set internet-service-id 2490376
    next
    edit "TrendMicro-Inbound_Email"
        set internet-service-id 2490377
    next
    edit "TrendMicro-LDAP"
        set internet-service-id 2490382
    next
    edit "TrendMicro-NetBIOS.Session.Service"
        set internet-service-id 2490383
    next
    edit "TrendMicro-RTMP"
        set internet-service-id 2490384
    next
    edit "TrendMicro-NetBIOS.Name.Service"
        set internet-service-id 2490392
    next
    edit "Tencent-Other"
        set internet-service-id 2555904
    next
    edit "Tencent-Web"
        set internet-service-id 2555905
    next
    edit "Tencent-ICMP"
        set internet-service-id 2555906
    next
    edit "Tencent-DNS"
        set internet-service-id 2555907
    next
    edit "Tencent-Outbound_Email"
        set internet-service-id 2555908
    next
    edit "Tencent-SSH"
        set internet-service-id 2555910
    next
    edit "Tencent-FTP"
        set internet-service-id 2555911
    next
    edit "Tencent-NTP"
        set internet-service-id 2555912
    next
    edit "Tencent-Inbound_Email"
        set internet-service-id 2555913
    next
    edit "Tencent-LDAP"
        set internet-service-id 2555918
    next
    edit "Tencent-NetBIOS.Session.Service"
        set internet-service-id 2555919
    next
    edit "Tencent-RTMP"
        set internet-service-id 2555920
    next
    edit "Tencent-NetBIOS.Name.Service"
        set internet-service-id 2555928
    next
    edit "Ask-Other"
        set internet-service-id 2621440
    next
    edit "Ask-Web"
        set internet-service-id 2621441
    next
    edit "Ask-ICMP"
        set internet-service-id 2621442
    next
    edit "Ask-DNS"
        set internet-service-id 2621443
    next
    edit "Ask-Outbound_Email"
        set internet-service-id 2621444
    next
    edit "Ask-SSH"
        set internet-service-id 2621446
    next
    edit "Ask-FTP"
        set internet-service-id 2621447
    next
    edit "Ask-NTP"
        set internet-service-id 2621448
    next
    edit "Ask-Inbound_Email"
        set internet-service-id 2621449
    next
    edit "Ask-LDAP"
        set internet-service-id 2621454
    next
    edit "Ask-NetBIOS.Session.Service"
        set internet-service-id 2621455
    next
    edit "Ask-RTMP"
        set internet-service-id 2621456
    next
    edit "Ask-NetBIOS.Name.Service"
        set internet-service-id 2621464
    next
    edit "CNN-Other"
        set internet-service-id 2686976
    next
    edit "CNN-Web"
        set internet-service-id 2686977
    next
    edit "CNN-ICMP"
        set internet-service-id 2686978
    next
    edit "CNN-DNS"
        set internet-service-id 2686979
    next
    edit "CNN-Outbound_Email"
        set internet-service-id 2686980
    next
    edit "CNN-SSH"
        set internet-service-id 2686982
    next
    edit "CNN-FTP"
        set internet-service-id 2686983
    next
    edit "CNN-NTP"
        set internet-service-id 2686984
    next
    edit "CNN-Inbound_Email"
        set internet-service-id 2686985
    next
    edit "CNN-LDAP"
        set internet-service-id 2686990
    next
    edit "CNN-NetBIOS.Session.Service"
        set internet-service-id 2686991
    next
    edit "CNN-RTMP"
        set internet-service-id 2686992
    next
    edit "CNN-NetBIOS.Name.Service"
        set internet-service-id 2687000
    next
    edit "Myspace-Other"
        set internet-service-id 2752512
    next
    edit "Myspace-Web"
        set internet-service-id 2752513
    next
    edit "Myspace-ICMP"
        set internet-service-id 2752514
    next
    edit "Myspace-DNS"
        set internet-service-id 2752515
    next
    edit "Myspace-Outbound_Email"
        set internet-service-id 2752516
    next
    edit "Myspace-SSH"
        set internet-service-id 2752518
    next
    edit "Myspace-FTP"
        set internet-service-id 2752519
    next
    edit "Myspace-NTP"
        set internet-service-id 2752520
    next
    edit "Myspace-Inbound_Email"
        set internet-service-id 2752521
    next
    edit "Myspace-LDAP"
        set internet-service-id 2752526
    next
    edit "Myspace-NetBIOS.Session.Service"
        set internet-service-id 2752527
    next
    edit "Myspace-RTMP"
        set internet-service-id 2752528
    next
    edit "Myspace-NetBIOS.Name.Service"
        set internet-service-id 2752536
    next
    edit "Tor-Relay.Node"
        set internet-service-id 2818238
    next
    edit "Tor-Exit.Node"
        set internet-service-id 2818243
    next
    edit "Baidu-Other"
        set internet-service-id 2883584
    next
    edit "Baidu-Web"
        set internet-service-id 2883585
    next
    edit "Baidu-ICMP"
        set internet-service-id 2883586
    next
    edit "Baidu-DNS"
        set internet-service-id 2883587
    next
    edit "Baidu-Outbound_Email"
        set internet-service-id 2883588
    next
    edit "Baidu-SSH"
        set internet-service-id 2883590
    next
    edit "Baidu-FTP"
        set internet-service-id 2883591
    next
    edit "Baidu-NTP"
        set internet-service-id 2883592
    next
    edit "Baidu-Inbound_Email"
        set internet-service-id 2883593
    next
    edit "Baidu-LDAP"
        set internet-service-id 2883598
    next
    edit "Baidu-NetBIOS.Session.Service"
        set internet-service-id 2883599
    next
    edit "Baidu-RTMP"
        set internet-service-id 2883600
    next
    edit "Baidu-NetBIOS.Name.Service"
        set internet-service-id 2883608
    next
    edit "ntp.org-Other"
        set internet-service-id 2949120
    next
    edit "ntp.org-Web"
        set internet-service-id 2949121
    next
    edit "ntp.org-ICMP"
        set internet-service-id 2949122
    next
    edit "ntp.org-DNS"
        set internet-service-id 2949123
    next
    edit "ntp.org-Outbound_Email"
        set internet-service-id 2949124
    next
    edit "ntp.org-SSH"
        set internet-service-id 2949126
    next
    edit "ntp.org-FTP"
        set internet-service-id 2949127
    next
    edit "ntp.org-NTP"
        set internet-service-id 2949128
    next
    edit "ntp.org-Inbound_Email"
        set internet-service-id 2949129
    next
    edit "ntp.org-LDAP"
        set internet-service-id 2949134
    next
    edit "ntp.org-NetBIOS.Session.Service"
        set internet-service-id 2949135
    next
    edit "ntp.org-RTMP"
        set internet-service-id 2949136
    next
    edit "ntp.org-NetBIOS.Name.Service"
        set internet-service-id 2949144
    next
    edit "Proxy-Proxy.Server"
        set internet-service-id 3014850
    next
    edit "Botnet-C&C.Server"
        set internet-service-id 3080383
    next
    edit "Spam-Spamming.Server"
        set internet-service-id 3145920
    next
    edit "Phishing-Phishing.Server"
        set internet-service-id 3211457
    next
    edit "Zendesk-Other"
        set internet-service-id 3407872
    next
    edit "Zendesk-Web"
        set internet-service-id 3407873
    next
    edit "Zendesk-ICMP"
        set internet-service-id 3407874
    next
    edit "Zendesk-DNS"
        set internet-service-id 3407875
    next
    edit "Zendesk-Outbound_Email"
        set internet-service-id 3407876
    next
    edit "Zendesk-SSH"
        set internet-service-id 3407878
    next
    edit "Zendesk-FTP"
        set internet-service-id 3407879
    next
    edit "Zendesk-NTP"
        set internet-service-id 3407880
    next
    edit "Zendesk-Inbound_Email"
        set internet-service-id 3407881
    next
    edit "Zendesk-LDAP"
        set internet-service-id 3407886
    next
    edit "Zendesk-NetBIOS.Session.Service"
        set internet-service-id 3407887
    next
    edit "Zendesk-RTMP"
        set internet-service-id 3407888
    next
    edit "Zendesk-NetBIOS.Name.Service"
        set internet-service-id 3407896
    next
    edit "Zendesk-Zendesk.Suite"
        set internet-service-id 3408047
    next
    edit "DocuSign-Other"
        set internet-service-id 3473408
    next
    edit "DocuSign-Web"
        set internet-service-id 3473409
    next
    edit "DocuSign-ICMP"
        set internet-service-id 3473410
    next
    edit "DocuSign-DNS"
        set internet-service-id 3473411
    next
    edit "DocuSign-Outbound_Email"
        set internet-service-id 3473412
    next
    edit "DocuSign-SSH"
        set internet-service-id 3473414
    next
    edit "DocuSign-FTP"
        set internet-service-id 3473415
    next
    edit "DocuSign-NTP"
        set internet-service-id 3473416
    next
    edit "DocuSign-Inbound_Email"
        set internet-service-id 3473417
    next
    edit "DocuSign-LDAP"
        set internet-service-id 3473422
    next
    edit "DocuSign-NetBIOS.Session.Service"
        set internet-service-id 3473423
    next
    edit "DocuSign-RTMP"
        set internet-service-id 3473424
    next
    edit "DocuSign-NetBIOS.Name.Service"
        set internet-service-id 3473432
    next
    edit "ServiceNow-Other"
        set internet-service-id 3538944
    next
    edit "ServiceNow-Web"
        set internet-service-id 3538945
    next
    edit "ServiceNow-ICMP"
        set internet-service-id 3538946
    next
    edit "ServiceNow-DNS"
        set internet-service-id 3538947
    next
    edit "ServiceNow-Outbound_Email"
        set internet-service-id 3538948
    next
    edit "ServiceNow-SSH"
        set internet-service-id 3538950
    next
    edit "ServiceNow-FTP"
        set internet-service-id 3538951
    next
    edit "ServiceNow-NTP"
        set internet-service-id 3538952
    next
    edit "ServiceNow-Inbound_Email"
        set internet-service-id 3538953
    next
    edit "ServiceNow-LDAP"
        set internet-service-id 3538958
    next
    edit "ServiceNow-NetBIOS.Session.Service"
        set internet-service-id 3538959
    next
    edit "ServiceNow-RTMP"
        set internet-service-id 3538960
    next
    edit "ServiceNow-NetBIOS.Name.Service"
        set internet-service-id 3538968
    next
    edit "GitHub-GitHub"
        set internet-service-id 3604638
    next
    edit "Workday-Other"
        set internet-service-id 3670016
    next
    edit "Workday-Web"
        set internet-service-id 3670017
    next
    edit "Workday-ICMP"
        set internet-service-id 3670018
    next
    edit "Workday-DNS"
        set internet-service-id 3670019
    next
    edit "Workday-Outbound_Email"
        set internet-service-id 3670020
    next
    edit "Workday-SSH"
        set internet-service-id 3670022
    next
    edit "Workday-FTP"
        set internet-service-id 3670023
    next
    edit "Workday-NTP"
        set internet-service-id 3670024
    next
    edit "Workday-Inbound_Email"
        set internet-service-id 3670025
    next
    edit "Workday-LDAP"
        set internet-service-id 3670030
    next
    edit "Workday-NetBIOS.Session.Service"
        set internet-service-id 3670031
    next
    edit "Workday-RTMP"
        set internet-service-id 3670032
    next
    edit "Workday-NetBIOS.Name.Service"
        set internet-service-id 3670040
    next
    edit "HubSpot-Other"
        set internet-service-id 3735552
    next
    edit "HubSpot-Web"
        set internet-service-id 3735553
    next
    edit "HubSpot-ICMP"
        set internet-service-id 3735554
    next
    edit "HubSpot-DNS"
        set internet-service-id 3735555
    next
    edit "HubSpot-Outbound_Email"
        set internet-service-id 3735556
    next
    edit "HubSpot-SSH"
        set internet-service-id 3735558
    next
    edit "HubSpot-FTP"
        set internet-service-id 3735559
    next
    edit "HubSpot-NTP"
        set internet-service-id 3735560
    next
    edit "HubSpot-Inbound_Email"
        set internet-service-id 3735561
    next
    edit "HubSpot-LDAP"
        set internet-service-id 3735566
    next
    edit "HubSpot-NetBIOS.Session.Service"
        set internet-service-id 3735567
    next
    edit "HubSpot-RTMP"
        set internet-service-id 3735568
    next
    edit "HubSpot-NetBIOS.Name.Service"
        set internet-service-id 3735576
    next
    edit "Twilio-Other"
        set internet-service-id 3801088
    next
    edit "Twilio-Web"
        set internet-service-id 3801089
    next
    edit "Twilio-ICMP"
        set internet-service-id 3801090
    next
    edit "Twilio-DNS"
        set internet-service-id 3801091
    next
    edit "Twilio-Outbound_Email"
        set internet-service-id 3801092
    next
    edit "Twilio-SSH"
        set internet-service-id 3801094
    next
    edit "Twilio-FTP"
        set internet-service-id 3801095
    next
    edit "Twilio-NTP"
        set internet-service-id 3801096
    next
    edit "Twilio-Inbound_Email"
        set internet-service-id 3801097
    next
    edit "Twilio-LDAP"
        set internet-service-id 3801102
    next
    edit "Twilio-NetBIOS.Session.Service"
        set internet-service-id 3801103
    next
    edit "Twilio-RTMP"
        set internet-service-id 3801104
    next
    edit "Twilio-NetBIOS.Name.Service"
        set internet-service-id 3801112
    next
    edit "Twilio-Elastic.SIP.Trunking"
        set internet-service-id 3801277
    next
    edit "Coupa-Other"
        set internet-service-id 3866624
    next
    edit "Coupa-Web"
        set internet-service-id 3866625
    next
    edit "Coupa-ICMP"
        set internet-service-id 3866626
    next
    edit "Coupa-DNS"
        set internet-service-id 3866627
    next
    edit "Coupa-Outbound_Email"
        set internet-service-id 3866628
    next
    edit "Coupa-SSH"
        set internet-service-id 3866630
    next
    edit "Coupa-FTP"
        set internet-service-id 3866631
    next
    edit "Coupa-NTP"
        set internet-service-id 3866632
    next
    edit "Coupa-Inbound_Email"
        set internet-service-id 3866633
    next
    edit "Coupa-LDAP"
        set internet-service-id 3866638
    next
    edit "Coupa-NetBIOS.Session.Service"
        set internet-service-id 3866639
    next
    edit "Coupa-RTMP"
        set internet-service-id 3866640
    next
    edit "Coupa-NetBIOS.Name.Service"
        set internet-service-id 3866648
    next
    edit "Atlassian-Other"
        set internet-service-id 3932160
    next
    edit "Atlassian-Web"
        set internet-service-id 3932161
    next
    edit "Atlassian-ICMP"
        set internet-service-id 3932162
    next
    edit "Atlassian-DNS"
        set internet-service-id 3932163
    next
    edit "Atlassian-Outbound_Email"
        set internet-service-id 3932164
    next
    edit "Atlassian-SSH"
        set internet-service-id 3932166
    next
    edit "Atlassian-FTP"
        set internet-service-id 3932167
    next
    edit "Atlassian-NTP"
        set internet-service-id 3932168
    next
    edit "Atlassian-Inbound_Email"
        set internet-service-id 3932169
    next
    edit "Atlassian-LDAP"
        set internet-service-id 3932174
    next
    edit "Atlassian-NetBIOS.Session.Service"
        set internet-service-id 3932175
    next
    edit "Atlassian-RTMP"
        set internet-service-id 3932176
    next
    edit "Atlassian-NetBIOS.Name.Service"
        set internet-service-id 3932184
    next
    edit "Xero-Other"
        set internet-service-id 3997696
    next
    edit "Xero-Web"
        set internet-service-id 3997697
    next
    edit "Xero-ICMP"
        set internet-service-id 3997698
    next
    edit "Xero-DNS"
        set internet-service-id 3997699
    next
    edit "Xero-Outbound_Email"
        set internet-service-id 3997700
    next
    edit "Xero-SSH"
        set internet-service-id 3997702
    next
    edit "Xero-FTP"
        set internet-service-id 3997703
    next
    edit "Xero-NTP"
        set internet-service-id 3997704
    next
    edit "Xero-Inbound_Email"
        set internet-service-id 3997705
    next
    edit "Xero-LDAP"
        set internet-service-id 3997710
    next
    edit "Xero-NetBIOS.Session.Service"
        set internet-service-id 3997711
    next
    edit "Xero-RTMP"
        set internet-service-id 3997712
    next
    edit "Xero-NetBIOS.Name.Service"
        set internet-service-id 3997720
    next
    edit "Zuora-Other"
        set internet-service-id 4063232
    next
    edit "Zuora-Web"
        set internet-service-id 4063233
    next
    edit "Zuora-ICMP"
        set internet-service-id 4063234
    next
    edit "Zuora-DNS"
        set internet-service-id 4063235
    next
    edit "Zuora-Outbound_Email"
        set internet-service-id 4063236
    next
    edit "Zuora-SSH"
        set internet-service-id 4063238
    next
    edit "Zuora-FTP"
        set internet-service-id 4063239
    next
    edit "Zuora-NTP"
        set internet-service-id 4063240
    next
    edit "Zuora-Inbound_Email"
        set internet-service-id 4063241
    next
    edit "Zuora-LDAP"
        set internet-service-id 4063246
    next
    edit "Zuora-NetBIOS.Session.Service"
        set internet-service-id 4063247
    next
    edit "Zuora-RTMP"
        set internet-service-id 4063248
    next
    edit "Zuora-NetBIOS.Name.Service"
        set internet-service-id 4063256
    next
    edit "AdRoll-Other"
        set internet-service-id 4128768
    next
    edit "AdRoll-Web"
        set internet-service-id 4128769
    next
    edit "AdRoll-ICMP"
        set internet-service-id 4128770
    next
    edit "AdRoll-DNS"
        set internet-service-id 4128771
    next
    edit "AdRoll-Outbound_Email"
        set internet-service-id 4128772
    next
    edit "AdRoll-SSH"
        set internet-service-id 4128774
    next
    edit "AdRoll-FTP"
        set internet-service-id 4128775
    next
    edit "AdRoll-NTP"
        set internet-service-id 4128776
    next
    edit "AdRoll-Inbound_Email"
        set internet-service-id 4128777
    next
    edit "AdRoll-LDAP"
        set internet-service-id 4128782
    next
    edit "AdRoll-NetBIOS.Session.Service"
        set internet-service-id 4128783
    next
    edit "AdRoll-RTMP"
        set internet-service-id 4128784
    next
    edit "AdRoll-NetBIOS.Name.Service"
        set internet-service-id 4128792
    next
    edit "Xactly-Other"
        set internet-service-id 4194304
    next
    edit "Xactly-Web"
        set internet-service-id 4194305
    next
    edit "Xactly-ICMP"
        set internet-service-id 4194306
    next
    edit "Xactly-DNS"
        set internet-service-id 4194307
    next
    edit "Xactly-Outbound_Email"
        set internet-service-id 4194308
    next
    edit "Xactly-SSH"
        set internet-service-id 4194310
    next
    edit "Xactly-FTP"
        set internet-service-id 4194311
    next
    edit "Xactly-NTP"
        set internet-service-id 4194312
    next
    edit "Xactly-Inbound_Email"
        set internet-service-id 4194313
    next
    edit "Xactly-LDAP"
        set internet-service-id 4194318
    next
    edit "Xactly-NetBIOS.Session.Service"
        set internet-service-id 4194319
    next
    edit "Xactly-RTMP"
        set internet-service-id 4194320
    next
    edit "Xactly-NetBIOS.Name.Service"
        set internet-service-id 4194328
    next
    edit "Intuit-Other"
        set internet-service-id 4259840
    next
    edit "Intuit-Web"
        set internet-service-id 4259841
    next
    edit "Intuit-ICMP"
        set internet-service-id 4259842
    next
    edit "Intuit-DNS"
        set internet-service-id 4259843
    next
    edit "Intuit-Outbound_Email"
        set internet-service-id 4259844
    next
    edit "Intuit-SSH"
        set internet-service-id 4259846
    next
    edit "Intuit-FTP"
        set internet-service-id 4259847
    next
    edit "Intuit-NTP"
        set internet-service-id 4259848
    next
    edit "Intuit-Inbound_Email"
        set internet-service-id 4259849
    next
    edit "Intuit-LDAP"
        set internet-service-id 4259854
    next
    edit "Intuit-NetBIOS.Session.Service"
        set internet-service-id 4259855
    next
    edit "Intuit-RTMP"
        set internet-service-id 4259856
    next
    edit "Intuit-NetBIOS.Name.Service"
        set internet-service-id 4259864
    next
    edit "Marketo-Other"
        set internet-service-id 4325376
    next
    edit "Marketo-Web"
        set internet-service-id 4325377
    next
    edit "Marketo-ICMP"
        set internet-service-id 4325378
    next
    edit "Marketo-DNS"
        set internet-service-id 4325379
    next
    edit "Marketo-Outbound_Email"
        set internet-service-id 4325380
    next
    edit "Marketo-SSH"
        set internet-service-id 4325382
    next
    edit "Marketo-FTP"
        set internet-service-id 4325383
    next
    edit "Marketo-NTP"
        set internet-service-id 4325384
    next
    edit "Marketo-Inbound_Email"
        set internet-service-id 4325385
    next
    edit "Marketo-LDAP"
        set internet-service-id 4325390
    next
    edit "Marketo-NetBIOS.Session.Service"
        set internet-service-id 4325391
    next
    edit "Marketo-RTMP"
        set internet-service-id 4325392
    next
    edit "Marketo-NetBIOS.Name.Service"
        set internet-service-id 4325400
    next
    edit "Bill-Other"
        set internet-service-id 4456448
    next
    edit "Bill-Web"
        set internet-service-id 4456449
    next
    edit "Bill-ICMP"
        set internet-service-id 4456450
    next
    edit "Bill-DNS"
        set internet-service-id 4456451
    next
    edit "Bill-Outbound_Email"
        set internet-service-id 4456452
    next
    edit "Bill-SSH"
        set internet-service-id 4456454
    next
    edit "Bill-FTP"
        set internet-service-id 4456455
    next
    edit "Bill-NTP"
        set internet-service-id 4456456
    next
    edit "Bill-Inbound_Email"
        set internet-service-id 4456457
    next
    edit "Bill-LDAP"
        set internet-service-id 4456462
    next
    edit "Bill-NetBIOS.Session.Service"
        set internet-service-id 4456463
    next
    edit "Bill-RTMP"
        set internet-service-id 4456464
    next
    edit "Bill-NetBIOS.Name.Service"
        set internet-service-id 4456472
    next
    edit "Shopify-Other"
        set internet-service-id 4521984
    next
    edit "Shopify-Web"
        set internet-service-id 4521985
    next
    edit "Shopify-ICMP"
        set internet-service-id 4521986
    next
    edit "Shopify-DNS"
        set internet-service-id 4521987
    next
    edit "Shopify-Outbound_Email"
        set internet-service-id 4521988
    next
    edit "Shopify-SSH"
        set internet-service-id 4521990
    next
    edit "Shopify-FTP"
        set internet-service-id 4521991
    next
    edit "Shopify-NTP"
        set internet-service-id 4521992
    next
    edit "Shopify-Inbound_Email"
        set internet-service-id 4521993
    next
    edit "Shopify-LDAP"
        set internet-service-id 4521998
    next
    edit "Shopify-NetBIOS.Session.Service"
        set internet-service-id 4521999
    next
    edit "Shopify-RTMP"
        set internet-service-id 4522000
    next
    edit "Shopify-NetBIOS.Name.Service"
        set internet-service-id 4522008
    next
    edit "Shopify-Shopify"
        set internet-service-id 4522162
    next
    edit "MuleSoft-Other"
        set internet-service-id 4587520
    next
    edit "MuleSoft-Web"
        set internet-service-id 4587521
    next
    edit "MuleSoft-ICMP"
        set internet-service-id 4587522
    next
    edit "MuleSoft-DNS"
        set internet-service-id 4587523
    next
    edit "MuleSoft-Outbound_Email"
        set internet-service-id 4587524
    next
    edit "MuleSoft-SSH"
        set internet-service-id 4587526
    next
    edit "MuleSoft-FTP"
        set internet-service-id 4587527
    next
    edit "MuleSoft-NTP"
        set internet-service-id 4587528
    next
    edit "MuleSoft-Inbound_Email"
        set internet-service-id 4587529
    next
    edit "MuleSoft-LDAP"
        set internet-service-id 4587534
    next
    edit "MuleSoft-NetBIOS.Session.Service"
        set internet-service-id 4587535
    next
    edit "MuleSoft-RTMP"
        set internet-service-id 4587536
    next
    edit "MuleSoft-NetBIOS.Name.Service"
        set internet-service-id 4587544
    next
    edit "Cornerstone-Other"
        set internet-service-id 4653056
    next
    edit "Cornerstone-Web"
        set internet-service-id 4653057
    next
    edit "Cornerstone-ICMP"
        set internet-service-id 4653058
    next
    edit "Cornerstone-DNS"
        set internet-service-id 4653059
    next
    edit "Cornerstone-Outbound_Email"
        set internet-service-id 4653060
    next
    edit "Cornerstone-SSH"
        set internet-service-id 4653062
    next
    edit "Cornerstone-FTP"
        set internet-service-id 4653063
    next
    edit "Cornerstone-NTP"
        set internet-service-id 4653064
    next
    edit "Cornerstone-Inbound_Email"
        set internet-service-id 4653065
    next
    edit "Cornerstone-LDAP"
        set internet-service-id 4653070
    next
    edit "Cornerstone-NetBIOS.Session.Service"
        set internet-service-id 4653071
    next
    edit "Cornerstone-RTMP"
        set internet-service-id 4653072
    next
    edit "Cornerstone-NetBIOS.Name.Service"
        set internet-service-id 4653080
    next
    edit "Eventbrite-Other"
        set internet-service-id 4718592
    next
    edit "Eventbrite-Web"
        set internet-service-id 4718593
    next
    edit "Eventbrite-ICMP"
        set internet-service-id 4718594
    next
    edit "Eventbrite-DNS"
        set internet-service-id 4718595
    next
    edit "Eventbrite-Outbound_Email"
        set internet-service-id 4718596
    next
    edit "Eventbrite-SSH"
        set internet-service-id 4718598
    next
    edit "Eventbrite-FTP"
        set internet-service-id 4718599
    next
    edit "Eventbrite-NTP"
        set internet-service-id 4718600
    next
    edit "Eventbrite-Inbound_Email"
        set internet-service-id 4718601
    next
    edit "Eventbrite-LDAP"
        set internet-service-id 4718606
    next
    edit "Eventbrite-NetBIOS.Session.Service"
        set internet-service-id 4718607
    next
    edit "Eventbrite-RTMP"
        set internet-service-id 4718608
    next
    edit "Eventbrite-NetBIOS.Name.Service"
        set internet-service-id 4718616
    next
    edit "Paychex-Other"
        set internet-service-id 4784128
    next
    edit "Paychex-Web"
        set internet-service-id 4784129
    next
    edit "Paychex-ICMP"
        set internet-service-id 4784130
    next
    edit "Paychex-DNS"
        set internet-service-id 4784131
    next
    edit "Paychex-Outbound_Email"
        set internet-service-id 4784132
    next
    edit "Paychex-SSH"
        set internet-service-id 4784134
    next
    edit "Paychex-FTP"
        set internet-service-id 4784135
    next
    edit "Paychex-NTP"
        set internet-service-id 4784136
    next
    edit "Paychex-Inbound_Email"
        set internet-service-id 4784137
    next
    edit "Paychex-LDAP"
        set internet-service-id 4784142
    next
    edit "Paychex-NetBIOS.Session.Service"
        set internet-service-id 4784143
    next
    edit "Paychex-RTMP"
        set internet-service-id 4784144
    next
    edit "Paychex-NetBIOS.Name.Service"
        set internet-service-id 4784152
    next
    edit "NewRelic-Other"
        set internet-service-id 4849664
    next
    edit "NewRelic-Web"
        set internet-service-id 4849665
    next
    edit "NewRelic-ICMP"
        set internet-service-id 4849666
    next
    edit "NewRelic-DNS"
        set internet-service-id 4849667
    next
    edit "NewRelic-Outbound_Email"
        set internet-service-id 4849668
    next
    edit "NewRelic-SSH"
        set internet-service-id 4849670
    next
    edit "NewRelic-FTP"
        set internet-service-id 4849671
    next
    edit "NewRelic-NTP"
        set internet-service-id 4849672
    next
    edit "NewRelic-Inbound_Email"
        set internet-service-id 4849673
    next
    edit "NewRelic-LDAP"
        set internet-service-id 4849678
    next
    edit "NewRelic-NetBIOS.Session.Service"
        set internet-service-id 4849679
    next
    edit "NewRelic-RTMP"
        set internet-service-id 4849680
    next
    edit "NewRelic-NetBIOS.Name.Service"
        set internet-service-id 4849688
    next
    edit "Splunk-Other"
        set internet-service-id 4915200
    next
    edit "Splunk-Web"
        set internet-service-id 4915201
    next
    edit "Splunk-ICMP"
        set internet-service-id 4915202
    next
    edit "Splunk-DNS"
        set internet-service-id 4915203
    next
    edit "Splunk-Outbound_Email"
        set internet-service-id 4915204
    next
    edit "Splunk-SSH"
        set internet-service-id 4915206
    next
    edit "Splunk-FTP"
        set internet-service-id 4915207
    next
    edit "Splunk-NTP"
        set internet-service-id 4915208
    next
    edit "Splunk-Inbound_Email"
        set internet-service-id 4915209
    next
    edit "Splunk-LDAP"
        set internet-service-id 4915214
    next
    edit "Splunk-NetBIOS.Session.Service"
        set internet-service-id 4915215
    next
    edit "Splunk-RTMP"
        set internet-service-id 4915216
    next
    edit "Splunk-NetBIOS.Name.Service"
        set internet-service-id 4915224
    next
    edit "Domo-Other"
        set internet-service-id 4980736
    next
    edit "Domo-Web"
        set internet-service-id 4980737
    next
    edit "Domo-ICMP"
        set internet-service-id 4980738
    next
    edit "Domo-DNS"
        set internet-service-id 4980739
    next
    edit "Domo-Outbound_Email"
        set internet-service-id 4980740
    next
    edit "Domo-SSH"
        set internet-service-id 4980742
    next
    edit "Domo-FTP"
        set internet-service-id 4980743
    next
    edit "Domo-NTP"
        set internet-service-id 4980744
    next
    edit "Domo-Inbound_Email"
        set internet-service-id 4980745
    next
    edit "Domo-LDAP"
        set internet-service-id 4980750
    next
    edit "Domo-NetBIOS.Session.Service"
        set internet-service-id 4980751
    next
    edit "Domo-RTMP"
        set internet-service-id 4980752
    next
    edit "Domo-NetBIOS.Name.Service"
        set internet-service-id 4980760
    next
    edit "FreshBooks-Other"
        set internet-service-id 5046272
    next
    edit "FreshBooks-Web"
        set internet-service-id 5046273
    next
    edit "FreshBooks-ICMP"
        set internet-service-id 5046274
    next
    edit "FreshBooks-DNS"
        set internet-service-id 5046275
    next
    edit "FreshBooks-Outbound_Email"
        set internet-service-id 5046276
    next
    edit "FreshBooks-SSH"
        set internet-service-id 5046278
    next
    edit "FreshBooks-FTP"
        set internet-service-id 5046279
    next
    edit "FreshBooks-NTP"
        set internet-service-id 5046280
    next
    edit "FreshBooks-Inbound_Email"
        set internet-service-id 5046281
    next
    edit "FreshBooks-LDAP"
        set internet-service-id 5046286
    next
    edit "FreshBooks-NetBIOS.Session.Service"
        set internet-service-id 5046287
    next
    edit "FreshBooks-RTMP"
        set internet-service-id 5046288
    next
    edit "FreshBooks-NetBIOS.Name.Service"
        set internet-service-id 5046296
    next
    edit "Tableau-Other"
        set internet-service-id 5111808
    next
    edit "Tableau-Web"
        set internet-service-id 5111809
    next
    edit "Tableau-ICMP"
        set internet-service-id 5111810
    next
    edit "Tableau-DNS"
        set internet-service-id 5111811
    next
    edit "Tableau-Outbound_Email"
        set internet-service-id 5111812
    next
    edit "Tableau-SSH"
        set internet-service-id 5111814
    next
    edit "Tableau-FTP"
        set internet-service-id 5111815
    next
    edit "Tableau-NTP"
        set internet-service-id 5111816
    next
    edit "Tableau-Inbound_Email"
        set internet-service-id 5111817
    next
    edit "Tableau-LDAP"
        set internet-service-id 5111822
    next
    edit "Tableau-NetBIOS.Session.Service"
        set internet-service-id 5111823
    next
    edit "Tableau-RTMP"
        set internet-service-id 5111824
    next
    edit "Tableau-NetBIOS.Name.Service"
        set internet-service-id 5111832
    next
    edit "Druva-Other"
        set internet-service-id 5177344
    next
    edit "Druva-Web"
        set internet-service-id 5177345
    next
    edit "Druva-ICMP"
        set internet-service-id 5177346
    next
    edit "Druva-DNS"
        set internet-service-id 5177347
    next
    edit "Druva-Outbound_Email"
        set internet-service-id 5177348
    next
    edit "Druva-SSH"
        set internet-service-id 5177350
    next
    edit "Druva-FTP"
        set internet-service-id 5177351
    next
    edit "Druva-NTP"
        set internet-service-id 5177352
    next
    edit "Druva-Inbound_Email"
        set internet-service-id 5177353
    next
    edit "Druva-LDAP"
        set internet-service-id 5177358
    next
    edit "Druva-NetBIOS.Session.Service"
        set internet-service-id 5177359
    next
    edit "Druva-RTMP"
        set internet-service-id 5177360
    next
    edit "Druva-NetBIOS.Name.Service"
        set internet-service-id 5177368
    next
    edit "Act-on-Other"
        set internet-service-id 5242880
    next
    edit "Act-on-Web"
        set internet-service-id 5242881
    next
    edit "Act-on-ICMP"
        set internet-service-id 5242882
    next
    edit "Act-on-DNS"
        set internet-service-id 5242883
    next
    edit "Act-on-Outbound_Email"
        set internet-service-id 5242884
    next
    edit "Act-on-SSH"
        set internet-service-id 5242886
    next
    edit "Act-on-FTP"
        set internet-service-id 5242887
    next
    edit "Act-on-NTP"
        set internet-service-id 5242888
    next
    edit "Act-on-Inbound_Email"
        set internet-service-id 5242889
    next
    edit "Act-on-LDAP"
        set internet-service-id 5242894
    next
    edit "Act-on-NetBIOS.Session.Service"
        set internet-service-id 5242895
    next
    edit "Act-on-RTMP"
        set internet-service-id 5242896
    next
    edit "Act-on-NetBIOS.Name.Service"
        set internet-service-id 5242904
    next
    edit "GoodData-Other"
        set internet-service-id 5308416
    next
    edit "GoodData-Web"
        set internet-service-id 5308417
    next
    edit "GoodData-ICMP"
        set internet-service-id 5308418
    next
    edit "GoodData-DNS"
        set internet-service-id 5308419
    next
    edit "GoodData-Outbound_Email"
        set internet-service-id 5308420
    next
    edit "GoodData-SSH"
        set internet-service-id 5308422
    next
    edit "GoodData-FTP"
        set internet-service-id 5308423
    next
    edit "GoodData-NTP"
        set internet-service-id 5308424
    next
    edit "GoodData-Inbound_Email"
        set internet-service-id 5308425
    next
    edit "GoodData-LDAP"
        set internet-service-id 5308430
    next
    edit "GoodData-NetBIOS.Session.Service"
        set internet-service-id 5308431
    next
    edit "GoodData-RTMP"
        set internet-service-id 5308432
    next
    edit "GoodData-NetBIOS.Name.Service"
        set internet-service-id 5308440
    next
    edit "SurveyMonkey-Other"
        set internet-service-id 5373952
    next
    edit "SurveyMonkey-Web"
        set internet-service-id 5373953
    next
    edit "SurveyMonkey-ICMP"
        set internet-service-id 5373954
    next
    edit "SurveyMonkey-DNS"
        set internet-service-id 5373955
    next
    edit "SurveyMonkey-Outbound_Email"
        set internet-service-id 5373956
    next
    edit "SurveyMonkey-SSH"
        set internet-service-id 5373958
    next
    edit "SurveyMonkey-FTP"
        set internet-service-id 5373959
    next
    edit "SurveyMonkey-NTP"
        set internet-service-id 5373960
    next
    edit "SurveyMonkey-Inbound_Email"
        set internet-service-id 5373961
    next
    edit "SurveyMonkey-LDAP"
        set internet-service-id 5373966
    next
    edit "SurveyMonkey-NetBIOS.Session.Service"
        set internet-service-id 5373967
    next
    edit "SurveyMonkey-RTMP"
        set internet-service-id 5373968
    next
    edit "SurveyMonkey-NetBIOS.Name.Service"
        set internet-service-id 5373976
    next
    edit "Cvent-Other"
        set internet-service-id 5439488
    next
    edit "Cvent-Web"
        set internet-service-id 5439489
    next
    edit "Cvent-ICMP"
        set internet-service-id 5439490
    next
    edit "Cvent-DNS"
        set internet-service-id 5439491
    next
    edit "Cvent-Outbound_Email"
        set internet-service-id 5439492
    next
    edit "Cvent-SSH"
        set internet-service-id 5439494
    next
    edit "Cvent-FTP"
        set internet-service-id 5439495
    next
    edit "Cvent-NTP"
        set internet-service-id 5439496
    next
    edit "Cvent-Inbound_Email"
        set internet-service-id 5439497
    next
    edit "Cvent-LDAP"
        set internet-service-id 5439502
    next
    edit "Cvent-NetBIOS.Session.Service"
        set internet-service-id 5439503
    next
    edit "Cvent-RTMP"
        set internet-service-id 5439504
    next
    edit "Cvent-NetBIOS.Name.Service"
        set internet-service-id 5439512
    next
    edit "Blackbaud-Other"
        set internet-service-id 5505024
    next
    edit "Blackbaud-Web"
        set internet-service-id 5505025
    next
    edit "Blackbaud-ICMP"
        set internet-service-id 5505026
    next
    edit "Blackbaud-DNS"
        set internet-service-id 5505027
    next
    edit "Blackbaud-Outbound_Email"
        set internet-service-id 5505028
    next
    edit "Blackbaud-SSH"
        set internet-service-id 5505030
    next
    edit "Blackbaud-FTP"
        set internet-service-id 5505031
    next
    edit "Blackbaud-NTP"
        set internet-service-id 5505032
    next
    edit "Blackbaud-Inbound_Email"
        set internet-service-id 5505033
    next
    edit "Blackbaud-LDAP"
        set internet-service-id 5505038
    next
    edit "Blackbaud-NetBIOS.Session.Service"
        set internet-service-id 5505039
    next
    edit "Blackbaud-RTMP"
        set internet-service-id 5505040
    next
    edit "Blackbaud-NetBIOS.Name.Service"
        set internet-service-id 5505048
    next
    edit "InsideSales-Other"
        set internet-service-id 5570560
    next
    edit "InsideSales-Web"
        set internet-service-id 5570561
    next
    edit "InsideSales-ICMP"
        set internet-service-id 5570562
    next
    edit "InsideSales-DNS"
        set internet-service-id 5570563
    next
    edit "InsideSales-Outbound_Email"
        set internet-service-id 5570564
    next
    edit "InsideSales-SSH"
        set internet-service-id 5570566
    next
    edit "InsideSales-FTP"
        set internet-service-id 5570567
    next
    edit "InsideSales-NTP"
        set internet-service-id 5570568
    next
    edit "InsideSales-Inbound_Email"
        set internet-service-id 5570569
    next
    edit "InsideSales-LDAP"
        set internet-service-id 5570574
    next
    edit "InsideSales-NetBIOS.Session.Service"
        set internet-service-id 5570575
    next
    edit "InsideSales-RTMP"
        set internet-service-id 5570576
    next
    edit "InsideSales-NetBIOS.Name.Service"
        set internet-service-id 5570584
    next
    edit "ServiceMax-Other"
        set internet-service-id 5636096
    next
    edit "ServiceMax-Web"
        set internet-service-id 5636097
    next
    edit "ServiceMax-ICMP"
        set internet-service-id 5636098
    next
    edit "ServiceMax-DNS"
        set internet-service-id 5636099
    next
    edit "ServiceMax-Outbound_Email"
        set internet-service-id 5636100
    next
    edit "ServiceMax-SSH"
        set internet-service-id 5636102
    next
    edit "ServiceMax-FTP"
        set internet-service-id 5636103
    next
    edit "ServiceMax-NTP"
        set internet-service-id 5636104
    next
    edit "ServiceMax-Inbound_Email"
        set internet-service-id 5636105
    next
    edit "ServiceMax-LDAP"
        set internet-service-id 5636110
    next
    edit "ServiceMax-NetBIOS.Session.Service"
        set internet-service-id 5636111
    next
    edit "ServiceMax-RTMP"
        set internet-service-id 5636112
    next
    edit "ServiceMax-NetBIOS.Name.Service"
        set internet-service-id 5636120
    next
    edit "Apptio-Other"
        set internet-service-id 5701632
    next
    edit "Apptio-Web"
        set internet-service-id 5701633
    next
    edit "Apptio-ICMP"
        set internet-service-id 5701634
    next
    edit "Apptio-DNS"
        set internet-service-id 5701635
    next
    edit "Apptio-Outbound_Email"
        set internet-service-id 5701636
    next
    edit "Apptio-SSH"
        set internet-service-id 5701638
    next
    edit "Apptio-FTP"
        set internet-service-id 5701639
    next
    edit "Apptio-NTP"
        set internet-service-id 5701640
    next
    edit "Apptio-Inbound_Email"
        set internet-service-id 5701641
    next
    edit "Apptio-LDAP"
        set internet-service-id 5701646
    next
    edit "Apptio-NetBIOS.Session.Service"
        set internet-service-id 5701647
    next
    edit "Apptio-RTMP"
        set internet-service-id 5701648
    next
    edit "Apptio-NetBIOS.Name.Service"
        set internet-service-id 5701656
    next
    edit "Veracode-Other"
        set internet-service-id 5767168
    next
    edit "Veracode-Web"
        set internet-service-id 5767169
    next
    edit "Veracode-ICMP"
        set internet-service-id 5767170
    next
    edit "Veracode-DNS"
        set internet-service-id 5767171
    next
    edit "Veracode-Outbound_Email"
        set internet-service-id 5767172
    next
    edit "Veracode-SSH"
        set internet-service-id 5767174
    next
    edit "Veracode-FTP"
        set internet-service-id 5767175
    next
    edit "Veracode-NTP"
        set internet-service-id 5767176
    next
    edit "Veracode-Inbound_Email"
        set internet-service-id 5767177
    next
    edit "Veracode-LDAP"
        set internet-service-id 5767182
    next
    edit "Veracode-NetBIOS.Session.Service"
        set internet-service-id 5767183
    next
    edit "Veracode-RTMP"
        set internet-service-id 5767184
    next
    edit "Veracode-NetBIOS.Name.Service"
        set internet-service-id 5767192
    next
    edit "Anaplan-Other"
        set internet-service-id 5832704
    next
    edit "Anaplan-Web"
        set internet-service-id 5832705
    next
    edit "Anaplan-ICMP"
        set internet-service-id 5832706
    next
    edit "Anaplan-DNS"
        set internet-service-id 5832707
    next
    edit "Anaplan-Outbound_Email"
        set internet-service-id 5832708
    next
    edit "Anaplan-SSH"
        set internet-service-id 5832710
    next
    edit "Anaplan-FTP"
        set internet-service-id 5832711
    next
    edit "Anaplan-NTP"
        set internet-service-id 5832712
    next
    edit "Anaplan-Inbound_Email"
        set internet-service-id 5832713
    next
    edit "Anaplan-LDAP"
        set internet-service-id 5832718
    next
    edit "Anaplan-NetBIOS.Session.Service"
        set internet-service-id 5832719
    next
    edit "Anaplan-RTMP"
        set internet-service-id 5832720
    next
    edit "Anaplan-NetBIOS.Name.Service"
        set internet-service-id 5832728
    next
    edit "Rapid7-Other"
        set internet-service-id 5898240
    next
    edit "Rapid7-Web"
        set internet-service-id 5898241
    next
    edit "Rapid7-ICMP"
        set internet-service-id 5898242
    next
    edit "Rapid7-DNS"
        set internet-service-id 5898243
    next
    edit "Rapid7-Outbound_Email"
        set internet-service-id 5898244
    next
    edit "Rapid7-SSH"
        set internet-service-id 5898246
    next
    edit "Rapid7-FTP"
        set internet-service-id 5898247
    next
    edit "Rapid7-NTP"
        set internet-service-id 5898248
    next
    edit "Rapid7-Inbound_Email"
        set internet-service-id 5898249
    next
    edit "Rapid7-LDAP"
        set internet-service-id 5898254
    next
    edit "Rapid7-NetBIOS.Session.Service"
        set internet-service-id 5898255
    next
    edit "Rapid7-RTMP"
        set internet-service-id 5898256
    next
    edit "Rapid7-NetBIOS.Name.Service"
        set internet-service-id 5898264
    next
    edit "Anydesk-Anydesk"
        set internet-service-id 5963927
    next
    edit "ESET-Eset.Service"
        set internet-service-id 6029426
    next
    edit "Slack-Other"
        set internet-service-id 6094848
    next
    edit "Slack-Web"
        set internet-service-id 6094849
    next
    edit "Slack-ICMP"
        set internet-service-id 6094850
    next
    edit "Slack-DNS"
        set internet-service-id 6094851
    next
    edit "Slack-Outbound_Email"
        set internet-service-id 6094852
    next
    edit "Slack-SSH"
        set internet-service-id 6094854
    next
    edit "Slack-FTP"
        set internet-service-id 6094855
    next
    edit "Slack-NTP"
        set internet-service-id 6094856
    next
    edit "Slack-Inbound_Email"
        set internet-service-id 6094857
    next
    edit "Slack-LDAP"
        set internet-service-id 6094862
    next
    edit "Slack-NetBIOS.Session.Service"
        set internet-service-id 6094863
    next
    edit "Slack-RTMP"
        set internet-service-id 6094864
    next
    edit "Slack-NetBIOS.Name.Service"
        set internet-service-id 6094872
    next
    edit "Slack-Slack"
        set internet-service-id 6095024
    next
    edit "ADP-Other"
        set internet-service-id 6160384
    next
    edit "ADP-Web"
        set internet-service-id 6160385
    next
    edit "ADP-ICMP"
        set internet-service-id 6160386
    next
    edit "ADP-DNS"
        set internet-service-id 6160387
    next
    edit "ADP-Outbound_Email"
        set internet-service-id 6160388
    next
    edit "ADP-SSH"
        set internet-service-id 6160390
    next
    edit "ADP-FTP"
        set internet-service-id 6160391
    next
    edit "ADP-NTP"
        set internet-service-id 6160392
    next
    edit "ADP-Inbound_Email"
        set internet-service-id 6160393
    next
    edit "ADP-LDAP"
        set internet-service-id 6160398
    next
    edit "ADP-NetBIOS.Session.Service"
        set internet-service-id 6160399
    next
    edit "ADP-RTMP"
        set internet-service-id 6160400
    next
    edit "ADP-NetBIOS.Name.Service"
        set internet-service-id 6160408
    next
    edit "Blackboard-Other"
        set internet-service-id 6225920
    next
    edit "Blackboard-Web"
        set internet-service-id 6225921
    next
    edit "Blackboard-ICMP"
        set internet-service-id 6225922
    next
    edit "Blackboard-DNS"
        set internet-service-id 6225923
    next
    edit "Blackboard-Outbound_Email"
        set internet-service-id 6225924
    next
    edit "Blackboard-SSH"
        set internet-service-id 6225926
    next
    edit "Blackboard-FTP"
        set internet-service-id 6225927
    next
    edit "Blackboard-NTP"
        set internet-service-id 6225928
    next
    edit "Blackboard-Inbound_Email"
        set internet-service-id 6225929
    next
    edit "Blackboard-LDAP"
        set internet-service-id 6225934
    next
    edit "Blackboard-NetBIOS.Session.Service"
        set internet-service-id 6225935
    next
    edit "Blackboard-RTMP"
        set internet-service-id 6225936
    next
    edit "Blackboard-NetBIOS.Name.Service"
        set internet-service-id 6225944
    next
    edit "SAP-Other"
        set internet-service-id 6291456
    next
    edit "SAP-Web"
        set internet-service-id 6291457
    next
    edit "SAP-ICMP"
        set internet-service-id 6291458
    next
    edit "SAP-DNS"
        set internet-service-id 6291459
    next
    edit "SAP-Outbound_Email"
        set internet-service-id 6291460
    next
    edit "SAP-SSH"
        set internet-service-id 6291462
    next
    edit "SAP-FTP"
        set internet-service-id 6291463
    next
    edit "SAP-NTP"
        set internet-service-id 6291464
    next
    edit "SAP-Inbound_Email"
        set internet-service-id 6291465
    next
    edit "SAP-LDAP"
        set internet-service-id 6291470
    next
    edit "SAP-NetBIOS.Session.Service"
        set internet-service-id 6291471
    next
    edit "SAP-RTMP"
        set internet-service-id 6291472
    next
    edit "SAP-NetBIOS.Name.Service"
        set internet-service-id 6291480
    next
    edit "SAP-HANA"
        set internet-service-id 6291612
    next
    edit "SAP-SuccessFactors"
        set internet-service-id 6291618
    next
    edit "Snap-Snapchat"
        set internet-service-id 6357108
    next
    edit "Zoom.us-Zoom.Meeting"
        set internet-service-id 6422646
    next
    edit "Sophos-Other"
        set internet-service-id 6488064
    next
    edit "Sophos-Web"
        set internet-service-id 6488065
    next
    edit "Sophos-ICMP"
        set internet-service-id 6488066
    next
    edit "Sophos-DNS"
        set internet-service-id 6488067
    next
    edit "Sophos-Outbound_Email"
        set internet-service-id 6488068
    next
    edit "Sophos-SSH"
        set internet-service-id 6488070
    next
    edit "Sophos-FTP"
        set internet-service-id 6488071
    next
    edit "Sophos-NTP"
        set internet-service-id 6488072
    next
    edit "Sophos-Inbound_Email"
        set internet-service-id 6488073
    next
    edit "Sophos-LDAP"
        set internet-service-id 6488078
    next
    edit "Sophos-NetBIOS.Session.Service"
        set internet-service-id 6488079
    next
    edit "Sophos-RTMP"
        set internet-service-id 6488080
    next
    edit "Sophos-NetBIOS.Name.Service"
        set internet-service-id 6488088
    next
    edit "Cloudflare-Other"
        set internet-service-id 6553600
    next
    edit "Cloudflare-Web"
        set internet-service-id 6553601
    next
    edit "Cloudflare-ICMP"
        set internet-service-id 6553602
    next
    edit "Cloudflare-DNS"
        set internet-service-id 6553603
    next
    edit "Cloudflare-Outbound_Email"
        set internet-service-id 6553604
    next
    edit "Cloudflare-SSH"
        set internet-service-id 6553606
    next
    edit "Cloudflare-FTP"
        set internet-service-id 6553607
    next
    edit "Cloudflare-NTP"
        set internet-service-id 6553608
    next
    edit "Cloudflare-Inbound_Email"
        set internet-service-id 6553609
    next
    edit "Cloudflare-LDAP"
        set internet-service-id 6553614
    next
    edit "Cloudflare-NetBIOS.Session.Service"
        set internet-service-id 6553615
    next
    edit "Cloudflare-RTMP"
        set internet-service-id 6553616
    next
    edit "Cloudflare-NetBIOS.Name.Service"
        set internet-service-id 6553624
    next
    edit "Cloudflare-CDN"
        set internet-service-id 6553737
    next
    edit "Pexip-Pexip.Meeting"
        set internet-service-id 6619256
    next
    edit "Zscaler-Other"
        set internet-service-id 6684672
    next
    edit "Zscaler-Web"
        set internet-service-id 6684673
    next
    edit "Zscaler-ICMP"
        set internet-service-id 6684674
    next
    edit "Zscaler-DNS"
        set internet-service-id 6684675
    next
    edit "Zscaler-Outbound_Email"
        set internet-service-id 6684676
    next
    edit "Zscaler-SSH"
        set internet-service-id 6684678
    next
    edit "Zscaler-FTP"
        set internet-service-id 6684679
    next
    edit "Zscaler-NTP"
        set internet-service-id 6684680
    next
    edit "Zscaler-Inbound_Email"
        set internet-service-id 6684681
    next
    edit "Zscaler-LDAP"
        set internet-service-id 6684686
    next
    edit "Zscaler-NetBIOS.Session.Service"
        set internet-service-id 6684687
    next
    edit "Zscaler-RTMP"
        set internet-service-id 6684688
    next
    edit "Zscaler-NetBIOS.Name.Service"
        set internet-service-id 6684696
    next
    edit "Zscaler-Zscaler.Cloud"
        set internet-service-id 6684793
    next
    edit "Yandex-Other"
        set internet-service-id 6750208
    next
    edit "Yandex-Web"
        set internet-service-id 6750209
    next
    edit "Yandex-ICMP"
        set internet-service-id 6750210
    next
    edit "Yandex-DNS"
        set internet-service-id 6750211
    next
    edit "Yandex-Outbound_Email"
        set internet-service-id 6750212
    next
    edit "Yandex-SSH"
        set internet-service-id 6750214
    next
    edit "Yandex-FTP"
        set internet-service-id 6750215
    next
    edit "Yandex-NTP"
        set internet-service-id 6750216
    next
    edit "Yandex-Inbound_Email"
        set internet-service-id 6750217
    next
    edit "Yandex-LDAP"
        set internet-service-id 6750222
    next
    edit "Yandex-NetBIOS.Session.Service"
        set internet-service-id 6750223
    next
    edit "Yandex-RTMP"
        set internet-service-id 6750224
    next
    edit "Yandex-NetBIOS.Name.Service"
        set internet-service-id 6750232
    next
    edit "mail.ru-Other"
        set internet-service-id 6815744
    next
    edit "mail.ru-Web"
        set internet-service-id 6815745
    next
    edit "mail.ru-ICMP"
        set internet-service-id 6815746
    next
    edit "mail.ru-DNS"
        set internet-service-id 6815747
    next
    edit "mail.ru-Outbound_Email"
        set internet-service-id 6815748
    next
    edit "mail.ru-SSH"
        set internet-service-id 6815750
    next
    edit "mail.ru-FTP"
        set internet-service-id 6815751
    next
    edit "mail.ru-NTP"
        set internet-service-id 6815752
    next
    edit "mail.ru-Inbound_Email"
        set internet-service-id 6815753
    next
    edit "mail.ru-LDAP"
        set internet-service-id 6815758
    next
    edit "mail.ru-NetBIOS.Session.Service"
        set internet-service-id 6815759
    next
    edit "mail.ru-RTMP"
        set internet-service-id 6815760
    next
    edit "mail.ru-NetBIOS.Name.Service"
        set internet-service-id 6815768
    next
    edit "Alibaba-Other"
        set internet-service-id 6881280
    next
    edit "Alibaba-Web"
        set internet-service-id 6881281
    next
    edit "Alibaba-ICMP"
        set internet-service-id 6881282
    next
    edit "Alibaba-DNS"
        set internet-service-id 6881283
    next
    edit "Alibaba-Outbound_Email"
        set internet-service-id 6881284
    next
    edit "Alibaba-SSH"
        set internet-service-id 6881286
    next
    edit "Alibaba-FTP"
        set internet-service-id 6881287
    next
    edit "Alibaba-NTP"
        set internet-service-id 6881288
    next
    edit "Alibaba-Inbound_Email"
        set internet-service-id 6881289
    next
    edit "Alibaba-LDAP"
        set internet-service-id 6881294
    next
    edit "Alibaba-NetBIOS.Session.Service"
        set internet-service-id 6881295
    next
    edit "Alibaba-RTMP"
        set internet-service-id 6881296
    next
    edit "Alibaba-NetBIOS.Name.Service"
        set internet-service-id 6881304
    next
    edit "Alibaba-Alibaba.Cloud"
        set internet-service-id 6881402
    next
    edit "GoDaddy-Other"
        set internet-service-id 6946816
    next
    edit "GoDaddy-Web"
        set internet-service-id 6946817
    next
    edit "GoDaddy-ICMP"
        set internet-service-id 6946818
    next
    edit "GoDaddy-DNS"
        set internet-service-id 6946819
    next
    edit "GoDaddy-Outbound_Email"
        set internet-service-id 6946820
    next
    edit "GoDaddy-SSH"
        set internet-service-id 6946822
    next
    edit "GoDaddy-FTP"
        set internet-service-id 6946823
    next
    edit "GoDaddy-NTP"
        set internet-service-id 6946824
    next
    edit "GoDaddy-Inbound_Email"
        set internet-service-id 6946825
    next
    edit "GoDaddy-LDAP"
        set internet-service-id 6946830
    next
    edit "GoDaddy-NetBIOS.Session.Service"
        set internet-service-id 6946831
    next
    edit "GoDaddy-RTMP"
        set internet-service-id 6946832
    next
    edit "GoDaddy-NetBIOS.Name.Service"
        set internet-service-id 6946840
    next
    edit "GoDaddy-GoDaddy.Email"
        set internet-service-id 6946939
    next
    edit "Bluejeans-Other"
        set internet-service-id 7012352
    next
    edit "Bluejeans-Web"
        set internet-service-id 7012353
    next
    edit "Bluejeans-ICMP"
        set internet-service-id 7012354
    next
    edit "Bluejeans-DNS"
        set internet-service-id 7012355
    next
    edit "Bluejeans-Outbound_Email"
        set internet-service-id 7012356
    next
    edit "Bluejeans-SSH"
        set internet-service-id 7012358
    next
    edit "Bluejeans-FTP"
        set internet-service-id 7012359
    next
    edit "Bluejeans-NTP"
        set internet-service-id 7012360
    next
    edit "Bluejeans-Inbound_Email"
        set internet-service-id 7012361
    next
    edit "Bluejeans-LDAP"
        set internet-service-id 7012366
    next
    edit "Bluejeans-NetBIOS.Session.Service"
        set internet-service-id 7012367
    next
    edit "Bluejeans-RTMP"
        set internet-service-id 7012368
    next
    edit "Bluejeans-NetBIOS.Name.Service"
        set internet-service-id 7012376
    next
    edit "Bluejeans-Bluejeans.Meeting"
        set internet-service-id 7012476
    next
    edit "Webroot-Webroot.SecureAnywhere"
        set internet-service-id 7078013
    next
    edit "Avast-Other"
        set internet-service-id 7143424
    next
    edit "Avast-Web"
        set internet-service-id 7143425
    next
    edit "Avast-ICMP"
        set internet-service-id 7143426
    next
    edit "Avast-DNS"
        set internet-service-id 7143427
    next
    edit "Avast-Outbound_Email"
        set internet-service-id 7143428
    next
    edit "Avast-SSH"
        set internet-service-id 7143430
    next
    edit "Avast-FTP"
        set internet-service-id 7143431
    next
    edit "Avast-NTP"
        set internet-service-id 7143432
    next
    edit "Avast-Inbound_Email"
        set internet-service-id 7143433
    next
    edit "Avast-LDAP"
        set internet-service-id 7143438
    next
    edit "Avast-NetBIOS.Session.Service"
        set internet-service-id 7143439
    next
    edit "Avast-RTMP"
        set internet-service-id 7143440
    next
    edit "Avast-NetBIOS.Name.Service"
        set internet-service-id 7143448
    next
    edit "Avast-Avast.Security"
        set internet-service-id 7143550
    next
    edit "Wetransfer-Other"
        set internet-service-id 7208960
    next
    edit "Wetransfer-Web"
        set internet-service-id 7208961
    next
    edit "Wetransfer-ICMP"
        set internet-service-id 7208962
    next
    edit "Wetransfer-DNS"
        set internet-service-id 7208963
    next
    edit "Wetransfer-Outbound_Email"
        set internet-service-id 7208964
    next
    edit "Wetransfer-SSH"
        set internet-service-id 7208966
    next
    edit "Wetransfer-FTP"
        set internet-service-id 7208967
    next
    edit "Wetransfer-NTP"
        set internet-service-id 7208968
    next
    edit "Wetransfer-Inbound_Email"
        set internet-service-id 7208969
    next
    edit "Wetransfer-LDAP"
        set internet-service-id 7208974
    next
    edit "Wetransfer-NetBIOS.Session.Service"
        set internet-service-id 7208975
    next
    edit "Wetransfer-RTMP"
        set internet-service-id 7208976
    next
    edit "Wetransfer-NetBIOS.Name.Service"
        set internet-service-id 7208984
    next
    edit "Sendgrid-Sendgrid.Email"
        set internet-service-id 7274623
    next
    edit "Ubiquiti-UniFi"
        set internet-service-id 7340160
    next
    edit "Lifesize-Lifesize.Cloud"
        set internet-service-id 7405697
    next
    edit "Okta-Other"
        set internet-service-id 7471104
    next
    edit "Okta-Web"
        set internet-service-id 7471105
    next
    edit "Okta-ICMP"
        set internet-service-id 7471106
    next
    edit "Okta-DNS"
        set internet-service-id 7471107
    next
    edit "Okta-Outbound_Email"
        set internet-service-id 7471108
    next
    edit "Okta-SSH"
        set internet-service-id 7471110
    next
    edit "Okta-FTP"
        set internet-service-id 7471111
    next
    edit "Okta-NTP"
        set internet-service-id 7471112
    next
    edit "Okta-Inbound_Email"
        set internet-service-id 7471113
    next
    edit "Okta-LDAP"
        set internet-service-id 7471118
    next
    edit "Okta-NetBIOS.Session.Service"
        set internet-service-id 7471119
    next
    edit "Okta-RTMP"
        set internet-service-id 7471120
    next
    edit "Okta-NetBIOS.Name.Service"
        set internet-service-id 7471128
    next
    edit "Okta-Okta"
        set internet-service-id 7471307
    next
    edit "Cybozu-Other"
        set internet-service-id 7536640
    next
    edit "Cybozu-Web"
        set internet-service-id 7536641
    next
    edit "Cybozu-ICMP"
        set internet-service-id 7536642
    next
    edit "Cybozu-DNS"
        set internet-service-id 7536643
    next
    edit "Cybozu-Outbound_Email"
        set internet-service-id 7536644
    next
    edit "Cybozu-SSH"
        set internet-service-id 7536646
    next
    edit "Cybozu-FTP"
        set internet-service-id 7536647
    next
    edit "Cybozu-NTP"
        set internet-service-id 7536648
    next
    edit "Cybozu-Inbound_Email"
        set internet-service-id 7536649
    next
    edit "Cybozu-LDAP"
        set internet-service-id 7536654
    next
    edit "Cybozu-NetBIOS.Session.Service"
        set internet-service-id 7536655
    next
    edit "Cybozu-RTMP"
        set internet-service-id 7536656
    next
    edit "Cybozu-NetBIOS.Name.Service"
        set internet-service-id 7536664
    next
    edit "VNC-Other"
        set internet-service-id 7602176
    next
    edit "VNC-Web"
        set internet-service-id 7602177
    next
    edit "VNC-ICMP"
        set internet-service-id 7602178
    next
    edit "VNC-DNS"
        set internet-service-id 7602179
    next
    edit "VNC-Outbound_Email"
        set internet-service-id 7602180
    next
    edit "VNC-SSH"
        set internet-service-id 7602182
    next
    edit "VNC-FTP"
        set internet-service-id 7602183
    next
    edit "VNC-NTP"
        set internet-service-id 7602184
    next
    edit "VNC-Inbound_Email"
        set internet-service-id 7602185
    next
    edit "VNC-LDAP"
        set internet-service-id 7602190
    next
    edit "VNC-NetBIOS.Session.Service"
        set internet-service-id 7602191
    next
    edit "VNC-RTMP"
        set internet-service-id 7602192
    next
    edit "VNC-NetBIOS.Name.Service"
        set internet-service-id 7602200
    next
    edit "Egnyte-Egnyte"
        set internet-service-id 7667846
    next
    edit "CrowdStrike-CrowdStrike.Cloud"
        set internet-service-id 7733383
    next
    edit "Aruba.it-Other"
        set internet-service-id 7798784
    next
    edit "Aruba.it-Web"
        set internet-service-id 7798785
    next
    edit "Aruba.it-ICMP"
        set internet-service-id 7798786
    next
    edit "Aruba.it-DNS"
        set internet-service-id 7798787
    next
    edit "Aruba.it-Outbound_Email"
        set internet-service-id 7798788
    next
    edit "Aruba.it-SSH"
        set internet-service-id 7798790
    next
    edit "Aruba.it-FTP"
        set internet-service-id 7798791
    next
    edit "Aruba.it-NTP"
        set internet-service-id 7798792
    next
    edit "Aruba.it-Inbound_Email"
        set internet-service-id 7798793
    next
    edit "Aruba.it-LDAP"
        set internet-service-id 7798798
    next
    edit "Aruba.it-NetBIOS.Session.Service"
        set internet-service-id 7798799
    next
    edit "Aruba.it-RTMP"
        set internet-service-id 7798800
    next
    edit "Aruba.it-NetBIOS.Name.Service"
        set internet-service-id 7798808
    next
    edit "ISLOnline-Other"
        set internet-service-id 7864320
    next
    edit "ISLOnline-Web"
        set internet-service-id 7864321
    next
    edit "ISLOnline-ICMP"
        set internet-service-id 7864322
    next
    edit "ISLOnline-DNS"
        set internet-service-id 7864323
    next
    edit "ISLOnline-Outbound_Email"
        set internet-service-id 7864324
    next
    edit "ISLOnline-SSH"
        set internet-service-id 7864326
    next
    edit "ISLOnline-FTP"
        set internet-service-id 7864327
    next
    edit "ISLOnline-NTP"
        set internet-service-id 7864328
    next
    edit "ISLOnline-Inbound_Email"
        set internet-service-id 7864329
    next
    edit "ISLOnline-LDAP"
        set internet-service-id 7864334
    next
    edit "ISLOnline-NetBIOS.Session.Service"
        set internet-service-id 7864335
    next
    edit "ISLOnline-RTMP"
        set internet-service-id 7864336
    next
    edit "ISLOnline-NetBIOS.Name.Service"
        set internet-service-id 7864344
    next
    edit "Akamai-CDN"
        set internet-service-id 7929993
    next
    edit "Rackspace-CDN"
        set internet-service-id 7995529
    next
    edit "Instart-CDN"
        set internet-service-id 8061065
    next
    edit "Bitdefender-Other"
        set internet-service-id 8126464
    next
    edit "Bitdefender-Web"
        set internet-service-id 8126465
    next
    edit "Bitdefender-ICMP"
        set internet-service-id 8126466
    next
    edit "Bitdefender-DNS"
        set internet-service-id 8126467
    next
    edit "Bitdefender-Outbound_Email"
        set internet-service-id 8126468
    next
    edit "Bitdefender-SSH"
        set internet-service-id 8126470
    next
    edit "Bitdefender-FTP"
        set internet-service-id 8126471
    next
    edit "Bitdefender-NTP"
        set internet-service-id 8126472
    next
    edit "Bitdefender-Inbound_Email"
        set internet-service-id 8126473
    next
    edit "Bitdefender-LDAP"
        set internet-service-id 8126478
    next
    edit "Bitdefender-NetBIOS.Session.Service"
        set internet-service-id 8126479
    next
    edit "Bitdefender-RTMP"
        set internet-service-id 8126480
    next
    edit "Bitdefender-NetBIOS.Name.Service"
        set internet-service-id 8126488
    next
    edit "Pingdom-Other"
        set internet-service-id 8192000
    next
    edit "Pingdom-Web"
        set internet-service-id 8192001
    next
    edit "Pingdom-ICMP"
        set internet-service-id 8192002
    next
    edit "Pingdom-DNS"
        set internet-service-id 8192003
    next
    edit "Pingdom-Outbound_Email"
        set internet-service-id 8192004
    next
    edit "Pingdom-SSH"
        set internet-service-id 8192006
    next
    edit "Pingdom-FTP"
        set internet-service-id 8192007
    next
    edit "Pingdom-NTP"
        set internet-service-id 8192008
    next
    edit "Pingdom-Inbound_Email"
        set internet-service-id 8192009
    next
    edit "Pingdom-LDAP"
        set internet-service-id 8192014
    next
    edit "Pingdom-NetBIOS.Session.Service"
        set internet-service-id 8192015
    next
    edit "Pingdom-RTMP"
        set internet-service-id 8192016
    next
    edit "Pingdom-NetBIOS.Name.Service"
        set internet-service-id 8192024
    next
    edit "UptimeRobot-Other"
        set internet-service-id 8257536
    next
    edit "UptimeRobot-Web"
        set internet-service-id 8257537
    next
    edit "UptimeRobot-ICMP"
        set internet-service-id 8257538
    next
    edit "UptimeRobot-DNS"
        set internet-service-id 8257539
    next
    edit "UptimeRobot-Outbound_Email"
        set internet-service-id 8257540
    next
    edit "UptimeRobot-SSH"
        set internet-service-id 8257542
    next
    edit "UptimeRobot-FTP"
        set internet-service-id 8257543
    next
    edit "UptimeRobot-NTP"
        set internet-service-id 8257544
    next
    edit "UptimeRobot-Inbound_Email"
        set internet-service-id 8257545
    next
    edit "UptimeRobot-LDAP"
        set internet-service-id 8257550
    next
    edit "UptimeRobot-NetBIOS.Session.Service"
        set internet-service-id 8257551
    next
    edit "UptimeRobot-RTMP"
        set internet-service-id 8257552
    next
    edit "UptimeRobot-NetBIOS.Name.Service"
        set internet-service-id 8257560
    next
    edit "UptimeRobot-UptimeRobot.Monitor"
        set internet-service-id 8257709
    next
    edit "Quovadisglobal-Other"
        set internet-service-id 8323072
    next
    edit "Quovadisglobal-Web"
        set internet-service-id 8323073
    next
    edit "Quovadisglobal-ICMP"
        set internet-service-id 8323074
    next
    edit "Quovadisglobal-DNS"
        set internet-service-id 8323075
    next
    edit "Quovadisglobal-Outbound_Email"
        set internet-service-id 8323076
    next
    edit "Quovadisglobal-SSH"
        set internet-service-id 8323078
    next
    edit "Quovadisglobal-FTP"
        set internet-service-id 8323079
    next
    edit "Quovadisglobal-NTP"
        set internet-service-id 8323080
    next
    edit "Quovadisglobal-Inbound_Email"
        set internet-service-id 8323081
    next
    edit "Quovadisglobal-LDAP"
        set internet-service-id 8323086
    next
    edit "Quovadisglobal-NetBIOS.Session.Service"
        set internet-service-id 8323087
    next
    edit "Quovadisglobal-RTMP"
        set internet-service-id 8323088
    next
    edit "Quovadisglobal-NetBIOS.Name.Service"
        set internet-service-id 8323096
    next
    edit "Splashtop-Splashtop"
        set internet-service-id 8388751
    next
    edit "Zoox-Other"
        set internet-service-id 8454144
    next
    edit "Zoox-Web"
        set internet-service-id 8454145
    next
    edit "Zoox-ICMP"
        set internet-service-id 8454146
    next
    edit "Zoox-DNS"
        set internet-service-id 8454147
    next
    edit "Zoox-Outbound_Email"
        set internet-service-id 8454148
    next
    edit "Zoox-SSH"
        set internet-service-id 8454150
    next
    edit "Zoox-FTP"
        set internet-service-id 8454151
    next
    edit "Zoox-NTP"
        set internet-service-id 8454152
    next
    edit "Zoox-Inbound_Email"
        set internet-service-id 8454153
    next
    edit "Zoox-LDAP"
        set internet-service-id 8454158
    next
    edit "Zoox-NetBIOS.Session.Service"
        set internet-service-id 8454159
    next
    edit "Zoox-RTMP"
        set internet-service-id 8454160
    next
    edit "Zoox-NetBIOS.Name.Service"
        set internet-service-id 8454168
    next
    edit "Skyfii-Other"
        set internet-service-id 8519680
    next
    edit "Skyfii-Web"
        set internet-service-id 8519681
    next
    edit "Skyfii-ICMP"
        set internet-service-id 8519682
    next
    edit "Skyfii-DNS"
        set internet-service-id 8519683
    next
    edit "Skyfii-Outbound_Email"
        set internet-service-id 8519684
    next
    edit "Skyfii-SSH"
        set internet-service-id 8519686
    next
    edit "Skyfii-FTP"
        set internet-service-id 8519687
    next
    edit "Skyfii-NTP"
        set internet-service-id 8519688
    next
    edit "Skyfii-Inbound_Email"
        set internet-service-id 8519689
    next
    edit "Skyfii-LDAP"
        set internet-service-id 8519694
    next
    edit "Skyfii-NetBIOS.Session.Service"
        set internet-service-id 8519695
    next
    edit "Skyfii-RTMP"
        set internet-service-id 8519696
    next
    edit "Skyfii-NetBIOS.Name.Service"
        set internet-service-id 8519704
    next
    edit "CoffeeBean-Other"
        set internet-service-id 8585216
    next
    edit "CoffeeBean-Web"
        set internet-service-id 8585217
    next
    edit "CoffeeBean-ICMP"
        set internet-service-id 8585218
    next
    edit "CoffeeBean-DNS"
        set internet-service-id 8585219
    next
    edit "CoffeeBean-Outbound_Email"
        set internet-service-id 8585220
    next
    edit "CoffeeBean-SSH"
        set internet-service-id 8585222
    next
    edit "CoffeeBean-FTP"
        set internet-service-id 8585223
    next
    edit "CoffeeBean-NTP"
        set internet-service-id 8585224
    next
    edit "CoffeeBean-Inbound_Email"
        set internet-service-id 8585225
    next
    edit "CoffeeBean-LDAP"
        set internet-service-id 8585230
    next
    edit "CoffeeBean-NetBIOS.Session.Service"
        set internet-service-id 8585231
    next
    edit "CoffeeBean-RTMP"
        set internet-service-id 8585232
    next
    edit "CoffeeBean-NetBIOS.Name.Service"
        set internet-service-id 8585240
    next
    edit "Cloud4Wi-Other"
        set internet-service-id 8650752
    next
    edit "Cloud4Wi-Web"
        set internet-service-id 8650753
    next
    edit "Cloud4Wi-ICMP"
        set internet-service-id 8650754
    next
    edit "Cloud4Wi-DNS"
        set internet-service-id 8650755
    next
    edit "Cloud4Wi-Outbound_Email"
        set internet-service-id 8650756
    next
    edit "Cloud4Wi-SSH"
        set internet-service-id 8650758
    next
    edit "Cloud4Wi-FTP"
        set internet-service-id 8650759
    next
    edit "Cloud4Wi-NTP"
        set internet-service-id 8650760
    next
    edit "Cloud4Wi-Inbound_Email"
        set internet-service-id 8650761
    next
    edit "Cloud4Wi-LDAP"
        set internet-service-id 8650766
    next
    edit "Cloud4Wi-NetBIOS.Session.Service"
        set internet-service-id 8650767
    next
    edit "Cloud4Wi-RTMP"
        set internet-service-id 8650768
    next
    edit "Cloud4Wi-NetBIOS.Name.Service"
        set internet-service-id 8650776
    next
    edit "Panda-Panda.Security"
        set internet-service-id 8716432
    next
    edit "Ewon-Talk2M"
        set internet-service-id 8781970
    next
    edit "Nutanix-Nutanix.Cloud"
        set internet-service-id 8847507
    next
    edit "Backblaze-Other"
        set internet-service-id 8912896
    next
    edit "Backblaze-Web"
        set internet-service-id 8912897
    next
    edit "Backblaze-ICMP"
        set internet-service-id 8912898
    next
    edit "Backblaze-DNS"
        set internet-service-id 8912899
    next
    edit "Backblaze-Outbound_Email"
        set internet-service-id 8912900
    next
    edit "Backblaze-SSH"
        set internet-service-id 8912902
    next
    edit "Backblaze-FTP"
        set internet-service-id 8912903
    next
    edit "Backblaze-NTP"
        set internet-service-id 8912904
    next
    edit "Backblaze-Inbound_Email"
        set internet-service-id 8912905
    next
    edit "Backblaze-LDAP"
        set internet-service-id 8912910
    next
    edit "Backblaze-NetBIOS.Session.Service"
        set internet-service-id 8912911
    next
    edit "Backblaze-RTMP"
        set internet-service-id 8912912
    next
    edit "Backblaze-NetBIOS.Name.Service"
        set internet-service-id 8912920
    next
    edit "Aerohive-Aerohive.Cloud"
        set internet-service-id 8978580
    next
    edit "XING-Other"
        set internet-service-id 9043968
    next
    edit "XING-Web"
        set internet-service-id 9043969
    next
    edit "XING-ICMP"
        set internet-service-id 9043970
    next
    edit "XING-DNS"
        set internet-service-id 9043971
    next
    edit "XING-Outbound_Email"
        set internet-service-id 9043972
    next
    edit "XING-SSH"
        set internet-service-id 9043974
    next
    edit "XING-FTP"
        set internet-service-id 9043975
    next
    edit "XING-NTP"
        set internet-service-id 9043976
    next
    edit "XING-Inbound_Email"
        set internet-service-id 9043977
    next
    edit "XING-LDAP"
        set internet-service-id 9043982
    next
    edit "XING-NetBIOS.Session.Service"
        set internet-service-id 9043983
    next
    edit "XING-RTMP"
        set internet-service-id 9043984
    next
    edit "XING-NetBIOS.Name.Service"
        set internet-service-id 9043992
    next
    edit "Genesys-PureCloud"
        set internet-service-id 9109653
    next
    edit "BlackBerry-Cylance"
        set internet-service-id 9175190
    next
    edit "DigiCert-OCSP"
        set internet-service-id 9240728
    next
    edit "Infomaniak-SwissTransfer"
        set internet-service-id 9306265
    next
    edit "Fuze-Fuze"
        set internet-service-id 9371802
    next
    edit "Truecaller-Truecaller"
        set internet-service-id 9437339
    next
    edit "GlobalSign-OCSP"
        set internet-service-id 9502872
    next
    edit "VeriSign-OCSP"
        set internet-service-id 9568408
    next
    edit "Sony-PlayStation.Network"
        set internet-service-id 9633952
    next
    edit "Acronis-Cyber.Cloud"
        set internet-service-id 9699489
    next
    edit "RingCentral-RingCentral"
        set internet-service-id 9765027
    next
    edit "FSecure-FSecure"
        set internet-service-id 9830564
    next
    edit "Kaseya-Kaseya.Cloud"
        set internet-service-id 9896101
    next
    edit "Shodan-Scanner"
        set internet-service-id 9961638
    next
    edit "Censys-Scanner"
        set internet-service-id 10027174
    next
    edit "Valve-Steam"
        set internet-service-id 10092711
    next
    edit "YouSeeU-Bongo"
        set internet-service-id 10158248
    next
    edit "Cato-Cato.Cloud"
        set internet-service-id 10223785
    next
    edit "Solarwinds-SpamExperts"
        set internet-service-id 10289323
    next
    edit "Solarwinds-Pingdom.Probe"
        set internet-service-id 10289326
    next
    edit "8X8-8X8.Cloud"
        set internet-service-id 10354860
    next
    edit "Zattoo-Zattoo.TV"
        set internet-service-id 10420401
    next
    edit "Datto-Datto.RMM"
        set internet-service-id 10485939
    next
    edit "Barracuda-Barracuda.Cloud"
        set internet-service-id 10551477
    next
    edit "Naver-Line"
        set internet-service-id 10617015
    next
    edit "Disney-Disney+"
        set internet-service-id 10682552
    next
    edit "DNS-DoH_DoT"
        set internet-service-id 10748089
    next
    edit "Quad9-Quad9.Standard.DNS"
        set internet-service-id 10813626
    next
    edit "Stretchoid-Scanner"
        set internet-service-id 10879142
    next
    edit "Poly-RealConnect.Service"
        set internet-service-id 10944700
    next
    edit "Telegram-Telegram"
        set internet-service-id 11010249
    next
    edit "Spotify-Spotify"
        set internet-service-id 11075786
    next
    edit "NextDNS-NextDNS"
        set internet-service-id 11141324
    next
    edit "Fastly-CDN"
        set internet-service-id 11206793
    next
    edit "Neustar-UltraDNS.Probes"
        set internet-service-id 11272397
    next
end
config firewall internet-service-definition
end
config wanopt content-delivery-network-rule
    edit "vcache://"
        set comment "Static entries are not allowed to change except disable."
        set response-expires enable
        set text-response-vcache disable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/*.m3u8"
                    next
                end
                config content-id
                    set target hls-manifest
                    set start-str "/"
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/*.mpd"
                    next
                end
                config content-id
                    set target dash-manifest
                    set start-str "/"
                end
            next
            edit "rule3"
                config match-entries
                    edit 1
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set target hls-fragment
                    set start-str "/"
                end
            next
            edit "rule4"
                config match-entries
                    edit 1
                        set pattern "/*.*"
                    next
                end
                config content-id
                    set target dash-fragment
                    set start-str "/"
                end
            next
        end
    next
    edit "vcache://youtube/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "youtube.com"
        set category youtube
        set text-response-vcache disable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/videoplayback"
                    next
                end
                config content-id
                    set target youtube-id
                    set start-str "v="
                    set start-skip 2
                    set end-str "&"
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/videoplayback"
                    next
                end
                config content-id
                    set target youtube-id
                    set start-str "v="
                    set start-skip 2
                end
            next
            edit "rule3"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/stream_204"
                    next
                    edit 2
                        set pattern "/ptracking"
                    next
                    edit 3
                        set pattern "/get_video_info"
                    next
                end
                config content-id
                    set target youtube-map
                    set start-str "/"
                end
            next
        end
    next
    edit "vcache://googlevideo/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "googlevideo.com"
        set category youtube
        set text-response-vcache disable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/videoplayback"
                    next
                end
                config content-id
                    set target youtube-id
                    set start-str "v="
                    set start-skip 2
                    set end-str "&"
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/videoplayback"
                    next
                end
                config content-id
                    set target youtube-id
                    set start-str "v="
                    set start-skip 2
                end
            next
            edit "rule3"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/stream_204"
                    next
                    edit 2
                        set pattern "/ptracking"
                    next
                    edit 3
                        set pattern "/get_video_info"
                    next
                end
                config content-id
                    set target youtube-map
                    set start-str "/"
                end
            next
        end
    next
    edit "vcache://metacafe/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "mccont.com" "akvideos.metacafe.com" "cdn.metacafe.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://facebook/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "fbcdn.net" "facebook.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://dailymotion/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "dailymotion.com" "dmcdn.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/video/*.mp4"
                    next
                    edit 2
                        set pattern "/video/*.flv"
                    next
                    edit 3
                        set pattern "/video/*.ts"
                    next
                    edit 4
                        set pattern "/video/*.on2"
                    next
                    edit 5
                        set pattern "/video/*.aac"
                    next
                    edit 6
                        set pattern "/video/*.h264"
                    next
                    edit 7
                        set pattern "/video/*.h263"
                    next
                    edit 8
                        set pattern "/sec*.mp4"
                    next
                    edit 9
                        set pattern "/sec*.flv"
                    next
                    edit 10
                        set pattern "/sec*.on2"
                    next
                    edit 11
                        set pattern "/sec*.aac"
                    next
                    edit 12
                        set pattern "/sec*.h264"
                    next
                    edit 13
                        set pattern "/sec*.h263"
                    next
                    edit 14
                        set pattern "*.ts"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "start=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://break/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "break.com" "0ebe.edgecastcdn.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/dnet/media/*.flv"
                    next
                    edit 2
                        set pattern "/dnet/media/*.mp4"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "ec_seek=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/*.mp4*"
                    next
                    edit 2
                        set pattern "*Seg*"
                    next
                    edit 3
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://msn/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "video.msn.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://llnwd/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "llnwd.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.fll"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "fs=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://yahoo/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "yimg.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.m4s"
                    next
                end
                config content-id
                    set target parameter
                    set start-str "vid="
                end
            next
        end
    next
    edit "vcache://myspace/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "myspacecdn.com"
        set request-cache-control enable
        set response-cache-control enable
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://vimeo/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "vimeo.com" "vimeocdn.com" "56skyfiregce-a.akamaihd.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.m4s"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://blip.tv/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "blip.tv"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.m4v"
                    next
                    edit 2
                        set pattern "/*.flv"
                    next
                    edit 3
                        set pattern "/*.mp4"
                    next
                    edit 4
                        set pattern "/*.wmv"
                    next
                    edit 5
                        set pattern "/*.rm"
                    next
                    edit 6
                        set pattern "/*.ram"
                    next
                    edit 7
                        set pattern "/*.mov"
                    next
                    edit 8
                        set pattern "/*.avi"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "ms=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://maker.tv/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "videos-f.jwpsrv.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://aol/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "stream.aol.com" "5min.com" "vidiblevod-vh.akamaihd.net" "stg-ec-ore-u.uplynk.com" "vidible.tv"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/*.mp4"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "*timeoffset=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://clipfish/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "clipfish.de" "universal-music.de"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.f4v"
                    next
                    edit 3
                        set pattern "/*.mp4"
                    next
                    edit 4
                        set pattern "/*.m4v"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://cnn/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "cnn-vh.akamaihd.net"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/*.flv*"
                    next
                    edit 2
                        set pattern "*Seg*"
                    next
                    edit 3
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/*.mp4*"
                    next
                    edit 2
                        set pattern "*Seg*"
                    next
                    edit 3
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule3"
                config match-entries
                    edit 1
                        set pattern "/*.ts*"
                    next
                    edit 2
                        set pattern "*Seg*"
                    next
                    edit 3
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://foxnews/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "foxnews.com" "foxnews-f.akamaihd.net"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/*.mp4*"
                    next
                    edit 2
                        set target parameter
                        set pattern "*Seg*"
                    next
                    edit 3
                        set target parameter
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://discovery/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "discovery.com" "discidevflash-f.akamaihd.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://liveleak/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "edge.liveleak.com" "cdn.liveleak.com"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set target parameter
                        set pattern "*seek=0"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/*.mp4"
                    next
                    edit 2
                        set target parameter
                        set pattern "*seek=0"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule3"
                config match-entries
                    edit 1
                        set pattern "/*.wmv"
                    next
                    edit 2
                        set target parameter
                        set pattern "*seek=0"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://sevenload/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "sevenload.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "aktimeoffset=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://stupidvideos/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "stupidvideos.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://howcast/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "media.howcast.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "start=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://vevo/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "vevo.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://ooyala/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "ooyala.com"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "*Seg*"
                    next
                    edit 2
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://ms-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "msads.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://yumenetworks-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "yumenetworks.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://2mdn-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "2mdn.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://eyewonder-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "eyewonder.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://eyereturn-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "eyereturn.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://serving-sys-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "serving-sys.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://amazonaws-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "amazonaws.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://edgesuite-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "edgesuite.net"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://gorillanation-ads/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "video.gorillanation.com"
        set response-expires enable
        config rules
            edit "rule1"
                set match-mode any
                set skip-rule-mode any
                config match-entries
                    edit 1
                        set pattern "/*.flv"
                    next
                    edit 2
                        set pattern "/*.mp4"
                    next
                    edit 3
                        set pattern "/*.ts"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://youku/"
        set comment "Static entries are not allowed to change except disable."
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/youku/*.mp4"
                    next
                    edit 2
                        set target parameter
                        set pattern "*start=0"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
            edit "rule2"
                config match-entries
                    edit 1
                        set pattern "/youku/*.flv"
                    next
                    edit 2
                        set target parameter
                        set pattern "*start=0"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
            edit "rule3"
                config match-entries
                    edit 1
                        set pattern "/youku/*.kux"
                    next
                    edit 2
                        set target parameter
                        set pattern "*start=0"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
            edit "rule4"
                config match-entries
                    edit 1
                        set pattern "/youku/*.mp4"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "*start=*"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
            edit "rule5"
                config match-entries
                    edit 1
                        set pattern "/youku/*.flv"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "*start=*"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
            edit "rule6"
                config match-entries
                    edit 1
                        set pattern "/youku/*.kux"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "*start=*"
                    next
                end
                config content-id
                    set target youku-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
        end
    next
    edit "vcache://tudou/"
        set comment "Static entries are not allowed to change except disable."
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/f4v/*"
                    next
                    edit 2
                        set target parameter
                        set pattern "*id=tudou*"
                    next
                end
                config skip-entries
                    edit 1
                        set target parameter
                        set pattern "*begin=*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                    set start-direction backward
                end
            next
        end
    next
    edit "vcache://cbc/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "cbc.ca" "mobilehls-vh.akamaihd.net"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "*.mp4*"
                    next
                    edit 2
                        set pattern "*Seg*"
                    next
                    edit 3
                        set pattern "*Frag*"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
            edit "rule2"
                set match-mode any
                config match-entries
                    edit 1
                        set pattern "*.ts"
                    next
                    edit 2
                        set pattern "*.mp4"
                    next
                end
                config content-id
                    set start-str "/"
                    set start-skip 1
                end
            next
        end
    next
    edit "vcache://megaupload/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "megaupload.com"
        set response-expires enable
        config rules
            edit "rule1"
                config match-entries
                    edit 1
                        set pattern "/files/*"
                    next
                end
                config content-id
                    set target referrer
                    set start-str "d="
                    set start-skip 2
                end
            next
        end
    next
    edit "update://windowsupdate/"
        set comment "Static entries are not allowed to change except disable."
        set host-domain-name-suffix "download.windowsupdate.com"
        set request-cache-control enable
        set response-cache-control enable
        set response-expires enable
        set updateserver enable
    next
end
config log tap-device
    edit "default-tap-gui"
        set status enable
        set port 12121
        set format json
        config filter
            set forward-traffic disable
            set local-traffic disable
            set multicast-traffic disable
            set sniffer-traffic disable
            set ztna-traffic disable
            set anomaly disable
            set voip disable
            set gtp disable
            config free-style
                edit 1
                    set category event
                    set filter "subtype router or VPN"
                    set filter-type exclude
                next
            end
        end
    next
end
config system cluster-sync
end
config system fortiguard
    set update-server-location usa
    set sdns-server-ip "208.91.112.220" 
end
config endpoint-control fctems
    edit 1
    next
    edit 2
    next
    edit 3
    next
    edit 4
    next
    edit 5
    next
end
config system email-server
    set server "notification.fortinet.net"
    set port 465
    set security smtps
end
config system session-helper
    edit 1
        set name pptp
        set protocol 6
        set port 1723
    next
    edit 2
        set name h323
        set protocol 6
        set port 1720
    next
    edit 3
        set name ras
        set protocol 17
        set port 1719
    next
    edit 4
        set name tns
        set protocol 6
        set port 1521
    next
    edit 5
        set name tftp
        set protocol 17
        set port 69
    next
    edit 6
        set name rtsp
        set protocol 6
        set port 554
    next
    edit 7
        set name rtsp
        set protocol 6
        set port 7070
    next
    edit 8
        set name rtsp
        set protocol 6
        set port 8554
    next
    edit 9
        set name ftp
        set protocol 6
        set port 21
    next
    edit 10
        set name mms
        set protocol 6
        set port 1863
    next
    edit 11
        set name pmap
        set protocol 6
        set port 111
    next
    edit 12
        set name pmap
        set protocol 17
        set port 111
    next
    edit 13
        set name sip
        set protocol 17
        set port 5060
    next
    edit 14
        set name dns-udp
        set protocol 17
        set port 53
    next
    edit 15
        set name rsh
        set protocol 6
        set port 514
    next
    edit 16
        set name rsh
        set protocol 6
        set port 512
    next
    edit 17
        set name dcerpc
        set protocol 6
        set port 135
    next
    edit 18
        set name dcerpc
        set protocol 17
        set port 135
    next
    edit 19
        set name mgcp
        set protocol 17
        set port 2427
    next
    edit 20
        set name mgcp
        set protocol 17
        set port 2727
    next
end
config system auto-install
    set auto-install-config enable
    set auto-install-image enable
end
config system ntp
    set ntpsync enable
    set server-mode enable
    set interface "fortilink"
end
config system ftm-push
    set server-cert "Fortinet_Factory"
end
config system automation-trigger
    edit "Network Down"
        set description "Default automation trigger configuration for when a network connection goes down."
        set event-type event-log
        set logid 20099
        config fields
            edit 1
                set name "status"
                set value "DOWN"
            next
        end
    next
    edit "HA Failover"
        set description "Default automation trigger configuration for when an HA failover occurs."
        set event-type ha-failover
    next
    edit "Reboot"
        set description "Default automation trigger configuration for when a FortiGate is rebooted."
        set event-type reboot
    next
    edit "FortiAnalyzer Connection Down"
        set description "Default automation trigger configuration for when the FortiAnalyzer connection is lost."
        set event-type event-log
        set logid 22902
    next
    edit "License Expired Notification"
        set description "Default automation trigger configuration for when a license is near expiration."
        set event-type license-near-expiry
        set license-type any
    next
    edit "Compromised Host - High"
        set description "Default automation trigger configuration for when a high severity compromised host is detected."
    next
    edit "Incoming Webhook Call"
        set description "Default automation trigger configuration for an incoming webhook."
        set event-type incoming-webhook
    next
    edit "Security Rating Notification"
        set description "Default automation trigger configuration for when a new Security Rating report is available."
        set event-type security-rating-summary
        set report-type any
    next
end
config system automation-action
    edit "Default Email"
        set description "Default automation action configuration for sending an email with basic information on the log event."
        set action-type email
        set email-subject "%%log.logdesc%%"
    next
    edit "FortiExplorer Notification"
        set description "Default automation action configuration for sending a notification to any FortiExplorer mobile application."
        set action-type fortiexplorer-notification
    next
    edit "Quarantine on FortiSwitch + FortiAP"
        set description "Default automation action configuration for quarantining a MAC address on FortiSwitches and FortiAPs."
        set action-type quarantine
    next
    edit "Quarantine FortiClient EMS Endpoint"
        set description "Default automation action configuration for quarantining a FortiClient EMS endpoing device."
        set action-type quarantine-forticlient
    next
end
config system automation-stitch
    edit "Network Down"
        set description "Default automation stitch to send an email when a network goes down."
        set status disable
        set trigger "Network Down"
        config actions
            edit 1
                set action "Default Email"
            next
        end
    next
    edit "HA Failover"
        set description "Default automation stitch to send an email when a HA failover is detected."
        set status disable
        set trigger "HA Failover"
        config actions
            edit 1
                set action "Default Email"
            next
        end
    next
    edit "Reboot"
        set description "Default automation stitch to send an email when a FortiGate is rebooted."
        set status disable
        set trigger "Reboot"
        config actions
            edit 1
                set action "Default Email"
            next
        end
    next
    edit "FortiAnalyzer Connection Down"
        set description "Default automation stitch to send a FortiExplorer notification when the connection to FortiAnalyzer is lost."
        set trigger "FortiAnalyzer Connection Down"
        config actions
            edit 1
                set action "FortiExplorer Notification"
            next
        end
    next
    edit "License Expired Notification"
        set description "Default automation stitch to send a FortiExplorer notification when a license is near expiration."
        set trigger "License Expired Notification"
        config actions
            edit 1
                set action "FortiExplorer Notification"
            next
        end
    next
    edit "Compromised Host Quarantine"
        set description "Default automation stitch to quarantine a high severity compromised host on FortiAPs, FortiSwitches, and FortiClient EMS."
        set status disable
        set trigger "Compromised Host - High"
        config actions
            edit 1
                set action "Quarantine on FortiSwitch + FortiAP"
            next
            edit 2
                set action "Quarantine FortiClient EMS Endpoint"
            next
        end
    next
    edit "Incoming Webhook Quarantine"
        set description "Default automation stitch to quarantine a provided MAC address on FortiAPs, FortiSwitches, and FortiClient EMS using an Incoming Webhook."
        set status disable
        set trigger "Incoming Webhook Call"
        config actions
            edit 1
                set action "Quarantine on FortiSwitch + FortiAP"
            next
            edit 2
                set action "Quarantine FortiClient EMS Endpoint"
            next
        end
    next
    edit "Security Rating Notification"
        set description "Default automation stitch to send a FortiExplorer notification when a new Security Rating report is available."
        set trigger "Security Rating Notification"
        config actions
            edit 1
                set action "FortiExplorer Notification"
            next
        end
    next
end
config system federated-upgrade
    set status disabled
end
config dpdk global
    set multiqueue disable
    set sleep-on-idle disable
    set elasticbuffer disable
    set per-session-accounting traffic-log-only
    set ipsec-offload disable
    set hugepage-percentage 30
    set mbufpool-percentage 25
end
config dpdk cpus
    set rx-cpus "all"
    set vnp-cpus "all"
    set ips-cpus "all"
    set tx-cpus "all"
end
config system ike
end
config system object-tagging
    edit "default"
    next
end
config switch-controller traffic-policy
    edit "quarantine"
        set description "Rate control for quarantined traffic"
        set guaranteed-bandwidth 163840
        set guaranteed-burst 8192
        set maximum-burst 163840
        set cos-queue 0
        set id 1
    next
    edit "sniffer"
        set description "Rate control for sniffer mirrored traffic"
        set guaranteed-bandwidth 50000
        set guaranteed-burst 8192
        set maximum-burst 163840
        set cos-queue 0
        set id 2
    next
end
config system settings
end
config system dhcp server
    edit 1
        set ntp-service local
        set default-gateway 10.255.1.1
        set netmask 255.255.255.0
        set interface "fortilink"
        config ip-range
            edit 1
                set start-ip 10.255.1.2
                set end-ip 10.255.1.254
            next
        end
        set vci-match enable
        set vci-string "FortiSwitch" "FortiExtender"
    next
end
config firewall address
    edit "none"
        set uuid 91bf89fe-877d-51ed-7144-1d4d8df7ff67
        set subnet 0.0.0.0 255.255.255.255
    next
    edit "login.microsoftonline.com"
        set uuid 91bfd17a-877d-51ed-43ca-c3a21074d0c7
        set type fqdn
        set fqdn "login.microsoftonline.com"
    next
    edit "login.microsoft.com"
        set uuid 91c02c2e-877d-51ed-d1e3-f58187eb640c
        set type fqdn
        set fqdn "login.microsoft.com"
    next
    edit "login.windows.net"
        set uuid 91c07418-877d-51ed-1b5e-b582a5b1212b
        set type fqdn
        set fqdn "login.windows.net"
    next
    edit "gmail.com"
        set uuid 91c0b428-877d-51ed-c847-759a6f882950
        set type fqdn
        set fqdn "gmail.com"
    next
    edit "wildcard.google.com"
        set uuid 91c0f87a-877d-51ed-94ef-28e762b06b14
        set type fqdn
        set fqdn "*.google.com"
    next
    edit "wildcard.dropbox.com"
        set uuid 91c13ccc-877d-51ed-84b4-7888a78736ec
        set type fqdn
        set fqdn "*.dropbox.com"
    next
    edit "all"
        set uuid 9cd6cfdc-877d-51ed-e542-1752f61677fe
    next
    edit "FIREWALL_AUTH_PORTAL_ADDRESS"
        set uuid 9cd6e1a2-877d-51ed-12e0-c54f6cb36bf8
    next
    edit "FABRIC_DEVICE"
        set uuid 9cd6f1b0-877d-51ed-4fc1-1dd268087767
        set comment "IPv4 addresses of Fabric Devices."
    next
    edit "SSLVPN_TUNNEL_ADDR1"
        set uuid 9cdc7536-877d-51ed-30ae-badc2d985caf
        set type iprange
        set start-ip 10.212.134.200
        set end-ip 10.212.134.210
    next
    edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
        set uuid 2d85220e-877e-51ed-cd3d-4a0a94c7270d
        set type dynamic
        set sub-type ems-tag
        set dirty clean
    next
end
config firewall multicast-address
    edit "all"
        set start-ip 224.0.0.0
        set end-ip 239.255.255.255
    next
    edit "all_hosts"
        set start-ip 224.0.0.1
        set end-ip 224.0.0.1
    next
    edit "all_routers"
        set start-ip 224.0.0.2
        set end-ip 224.0.0.2
    next
    edit "Bonjour"
        set start-ip 224.0.0.251
        set end-ip 224.0.0.251
    next
    edit "EIGRP"
        set start-ip 224.0.0.10
        set end-ip 224.0.0.10
    next
    edit "OSPF"
        set start-ip 224.0.0.5
        set end-ip 224.0.0.6
    next
end
config firewall address6
    edit "SSLVPN_TUNNEL_IPv6_ADDR1"
        set uuid 9cdc86d4-877d-51ed-dfcb-16ba5e1a85b9
        set ip6 fdff:ffff::/120
    next
    edit "all"
        set uuid 91c239f6-877d-51ed-68f1-2ac6e3554da3
    next
    edit "none"
        set uuid 91c2702e-877d-51ed-2384-f7d69163b13e
        set ip6 ::/128
    next
end
config firewall multicast-address6
    edit "all"
        set ip6 ff00::/8
    next
end
config firewall addrgrp
    edit "G Suite"
        set uuid 91c17b9c-877d-51ed-8e0c-68cc93cff48f
        set member "gmail.com" "wildcard.google.com"
    next
    edit "Microsoft Office 365"
        set uuid 91c1dbc8-877d-51ed-cb7c-d43b9d71f915
        set member "login.microsoftonline.com" "login.microsoft.com" "login.windows.net"
    next
end
config firewall wildcard-fqdn custom
    edit "adobe"
        set uuid 91e5882a-877d-51ed-d31a-fc7604b7f83e
        set wildcard-fqdn "*.adobe.com"
    next
    edit "Adobe Login"
        set uuid 91e59216-877d-51ed-78be-95eb71e71e6e
        set wildcard-fqdn "*.adobelogin.com"
    next
    edit "android"
        set uuid 91e59b12-877d-51ed-1b02-82768aa79e8f
        set wildcard-fqdn "*.android.com"
    next
    edit "apple"
        set uuid 91e5a404-877d-51ed-b9f8-df728ea4f91f
        set wildcard-fqdn "*.apple.com"
    next
    edit "appstore"
        set uuid 91e5adf0-877d-51ed-ee78-d26412230276
        set wildcard-fqdn "*.appstore.com"
    next
    edit "auth.gfx.ms"
        set uuid 91e5b6c4-877d-51ed-8075-4d976f692c1e
        set wildcard-fqdn "*.auth.gfx.ms"
    next
    edit "citrix"
        set uuid 91e5bfb6-877d-51ed-81e8-3fee609e66bc
        set wildcard-fqdn "*.citrixonline.com"
    next
    edit "dropbox.com"
        set uuid 91e5cc90-877d-51ed-450f-05b424c4e9ea
        set wildcard-fqdn "*.dropbox.com"
    next
    edit "eease"
        set uuid 91e5d8de-877d-51ed-197d-98b8298d4680
        set wildcard-fqdn "*.eease.com"
    next
    edit "firefox update server"
        set uuid 91e5e8d8-877d-51ed-5b68-fe8a88865dd1
        set wildcard-fqdn "aus*.mozilla.org"
    next
    edit "fortinet"
        set uuid 91e5f1f2-877d-51ed-d1c9-3aa9670074b6
        set wildcard-fqdn "*.fortinet.com"
    next
    edit "googleapis.com"
        set uuid 91e5fad0-877d-51ed-08c2-6e62eb609cd3
        set wildcard-fqdn "*.googleapis.com"
    next
    edit "google-drive"
        set uuid 91e603fe-877d-51ed-1d6c-3012ca6aee87
        set wildcard-fqdn "*drive.google.com"
    next
    edit "google-play2"
        set uuid 91e60d9a-877d-51ed-b751-ba75d82313b9
        set wildcard-fqdn "*.ggpht.com"
    next
    edit "google-play3"
        set uuid 91e6168c-877d-51ed-7997-6c77130ad6ba
        set wildcard-fqdn "*.books.google.com"
    next
    edit "Gotomeeting"
        set uuid 91e61fba-877d-51ed-d0eb-643d83af6f4a
        set wildcard-fqdn "*.gotomeeting.com"
    next
    edit "icloud"
        set uuid 91e64350-877d-51ed-d537-85f2221fcf90
        set wildcard-fqdn "*.icloud.com"
    next
    edit "itunes"
        set uuid 91e65232-877d-51ed-638c-f1d4ea5bd588
        set wildcard-fqdn "*itunes.apple.com"
    next
    edit "microsoft"
        set uuid 91e65c0a-877d-51ed-1df9-3425664c2e36
        set wildcard-fqdn "*.microsoft.com"
    next
    edit "skype"
        set uuid 91e66538-877d-51ed-c387-0fe7054d5ae8
        set wildcard-fqdn "*.messenger.live.com"
    next
    edit "softwareupdate.vmware.com"
        set uuid 91e66e52-877d-51ed-c175-b604bd638bb0
        set wildcard-fqdn "*.softwareupdate.vmware.com"
    next
    edit "verisign"
        set uuid 91e6787a-877d-51ed-a4ae-2f47a51a2186
        set wildcard-fqdn "*.verisign.com"
    next
    edit "Windows update 2"
        set uuid 91e681a8-877d-51ed-2c5f-425b06b54999
        set wildcard-fqdn "*.windowsupdate.com"
    next
    edit "live.com"
        set uuid 91e68cac-877d-51ed-725d-2385ca63e9d7
        set wildcard-fqdn "*.live.com"
    next
    edit "google-play"
        set uuid 91e69990-877d-51ed-34a9-d7ef6b6cdb0c
        set wildcard-fqdn "*play.google.com"
    next
    edit "update.microsoft.com"
        set uuid 91e6a714-877d-51ed-73a6-d92125f7de5a
        set wildcard-fqdn "*update.microsoft.com"
    next
    edit "swscan.apple.com"
        set uuid 91e6b43e-877d-51ed-878d-6748062f9dec
        set wildcard-fqdn "*swscan.apple.com"
    next
    edit "autoupdate.opera.com"
        set uuid 91e6c082-877d-51ed-0c9a-6e9fefd5d35c
        set wildcard-fqdn "*autoupdate.opera.com"
    next
    edit "cdn-apple"
        set uuid 91e6ccda-877d-51ed-21de-a6a105c48365
        set wildcard-fqdn "*.cdn-apple.com"
    next
    edit "mzstatic-apple"
        set uuid 91e6d9fa-877d-51ed-0391-e75f2301cc32
        set wildcard-fqdn "*.mzstatic.com"
    next
end
config firewall service category
    edit "General"
        set comment "General services."
    next
    edit "Web Access"
        set comment "Web access."
    next
    edit "File Access"
        set comment "File access."
    next
    edit "Email"
        set comment "Email services."
    next
    edit "Network Services"
        set comment "Network services."
    next
    edit "Authentication"
        set comment "Authentication service."
    next
    edit "Remote Access"
        set comment "Remote access."
    next
    edit "Tunneling"
        set comment "Tunneling service."
    next
    edit "VoIP, Messaging & Other Applications"
        set comment "VoIP, messaging, and other applications."
    next
    edit "Web Proxy"
        set comment "Explicit web proxy."
    next
end
config firewall service custom
    edit "DNS"
        set category "Network Services"
        set tcp-portrange 53
        set udp-portrange 53
    next
    edit "HTTP"
        set category "Web Access"
        set tcp-portrange 80
    next
    edit "HTTPS"
        set category "Web Access"
        set tcp-portrange 443
    next
    edit "IMAP"
        set category "Email"
        set tcp-portrange 143
    next
    edit "IMAPS"
        set category "Email"
        set tcp-portrange 993
    next
    edit "LDAP"
        set category "Authentication"
        set tcp-portrange 389
    next
    edit "DCE-RPC"
        set category "Remote Access"
        set tcp-portrange 135
        set udp-portrange 135
    next
    edit "POP3"
        set category "Email"
        set tcp-portrange 110
    next
    edit "POP3S"
        set category "Email"
        set tcp-portrange 995
    next
    edit "SAMBA"
        set category "File Access"
        set tcp-portrange 139
    next
    edit "SMTP"
        set category "Email"
        set tcp-portrange 25
    next
    edit "SMTPS"
        set category "Email"
        set tcp-portrange 465
    next
    edit "KERBEROS"
        set category "Authentication"
        set tcp-portrange 88 464
        set udp-portrange 88 464
    next
    edit "LDAP_UDP"
        set category "Authentication"
        set udp-portrange 389
    next
    edit "SMB"
        set category "File Access"
        set tcp-portrange 445
    next
    edit "FTP"
        set category "File Access"
        set tcp-portrange 21
    next
    edit "FTP_GET"
        set category "File Access"
        set tcp-portrange 21
    next
    edit "FTP_PUT"
        set category "File Access"
        set tcp-portrange 21
    next
    edit "ALL"
        set category "General"
        set protocol IP
    next
    edit "ALL_TCP"
        set category "General"
        set tcp-portrange 1-65535
    next
    edit "ALL_UDP"
        set category "General"
        set udp-portrange 1-65535
    next
    edit "ALL_ICMP"
        set category "General"
        set protocol ICMP
        unset icmptype
    next
    edit "ALL_ICMP6"
        set category "General"
        set protocol ICMP6
        unset icmptype
    next
    edit "GRE"
        set category "Tunneling"
        set protocol IP
        set protocol-number 47
    next
    edit "AH"
        set category "Tunneling"
        set protocol IP
        set protocol-number 51
    next
    edit "ESP"
        set category "Tunneling"
        set protocol IP
        set protocol-number 50
    next
    edit "AOL"
        set visibility disable
        set tcp-portrange 5190-5194
    next
    edit "BGP"
        set category "Network Services"
        set tcp-portrange 179
    next
    edit "DHCP"
        set category "Network Services"
        set udp-portrange 67-68
    next
    edit "FINGER"
        set visibility disable
        set tcp-portrange 79
    next
    edit "GOPHER"
        set visibility disable
        set tcp-portrange 70
    next
    edit "H323"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 1720 1503
        set udp-portrange 1719
    next
    edit "IKE"
        set category "Tunneling"
        set udp-portrange 500 4500
    next
    edit "Internet-Locator-Service"
        set visibility disable
        set tcp-portrange 389
    next
    edit "IRC"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 6660-6669
    next
    edit "L2TP"
        set category "Tunneling"
        set tcp-portrange 1701
        set udp-portrange 1701
    next
    edit "NetMeeting"
        set visibility disable
        set tcp-portrange 1720
    next
    edit "NFS"
        set category "File Access"
        set tcp-portrange 111 2049
        set udp-portrange 111 2049
    next
    edit "NNTP"
        set visibility disable
        set tcp-portrange 119
    next
    edit "NTP"
        set category "Network Services"
        set tcp-portrange 123
        set udp-portrange 123
    next
    edit "OSPF"
        set category "Network Services"
        set protocol IP
        set protocol-number 89
    next
    edit "PC-Anywhere"
        set category "Remote Access"
        set tcp-portrange 5631
        set udp-portrange 5632
    next
    edit "PING"
        set category "Network Services"
        set protocol ICMP
        set icmptype 8
        unset icmpcode
    next
    edit "TIMESTAMP"
        set protocol ICMP
        set visibility disable
        set icmptype 13
        unset icmpcode
    next
    edit "INFO_REQUEST"
        set protocol ICMP
        set visibility disable
        set icmptype 15
        unset icmpcode
    next
    edit "INFO_ADDRESS"
        set protocol ICMP
        set visibility disable
        set icmptype 17
        unset icmpcode
    next
    edit "ONC-RPC"
        set category "Remote Access"
        set tcp-portrange 111
        set udp-portrange 111
    next
    edit "PPTP"
        set category "Tunneling"
        set tcp-portrange 1723
    next
    edit "QUAKE"
        set visibility disable
        set udp-portrange 26000 27000 27910 27960
    next
    edit "RAUDIO"
        set visibility disable
        set udp-portrange 7070
    next
    edit "REXEC"
        set visibility disable
        set tcp-portrange 512
    next
    edit "RIP"
        set category "Network Services"
        set udp-portrange 520
    next
    edit "RLOGIN"
        set visibility disable
        set tcp-portrange 513:512-1023
    next
    edit "RSH"
        set visibility disable
        set tcp-portrange 514:512-1023
    next
    edit "SCCP"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 2000
    next
    edit "SIP"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 5060
        set udp-portrange 5060
    next
    edit "SIP-MSNmessenger"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 1863
    next
    edit "SNMP"
        set category "Network Services"
        set tcp-portrange 161-162
        set udp-portrange 161-162
    next
    edit "SSH"
        set category "Remote Access"
        set tcp-portrange 22
    next
    edit "SYSLOG"
        set category "Network Services"
        set udp-portrange 514
    next
    edit "TALK"
        set visibility disable
        set udp-portrange 517-518
    next
    edit "TELNET"
        set category "Remote Access"
        set tcp-portrange 23
    next
    edit "TFTP"
        set category "File Access"
        set udp-portrange 69
    next
    edit "MGCP"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 2428
        set udp-portrange 2427 2727
    next
    edit "UUCP"
        set visibility disable
        set tcp-portrange 540
    next
    edit "VDOLIVE"
        set visibility disable
        set tcp-portrange 7000-7010
    next
    edit "WAIS"
        set visibility disable
        set tcp-portrange 210
    next
    edit "WINFRAME"
        set visibility disable
        set tcp-portrange 1494 2598
    next
    edit "X-WINDOWS"
        set category "Remote Access"
        set tcp-portrange 6000-6063
    next
    edit "PING6"
        set protocol ICMP6
        set visibility disable
        set icmptype 128
        unset icmpcode
    next
    edit "MS-SQL"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 1433 1434
    next
    edit "MYSQL"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 3306
    next
    edit "RDP"
        set category "Remote Access"
        set tcp-portrange 3389
    next
    edit "VNC"
        set category "Remote Access"
        set tcp-portrange 5900
    next
    edit "DHCP6"
        set category "Network Services"
        set udp-portrange 546 547
    next
    edit "SQUID"
        set category "Tunneling"
        set tcp-portrange 3128
    next
    edit "SOCKS"
        set category "Tunneling"
        set tcp-portrange 1080
        set udp-portrange 1080
    next
    edit "WINS"
        set category "Remote Access"
        set tcp-portrange 1512
        set udp-portrange 1512
    next
    edit "RADIUS"
        set category "Authentication"
        set udp-portrange 1812 1813
    next
    edit "RADIUS-OLD"
        set visibility disable
        set udp-portrange 1645 1646
    next
    edit "CVSPSERVER"
        set visibility disable
        set tcp-portrange 2401
        set udp-portrange 2401
    next
    edit "AFS3"
        set category "File Access"
        set tcp-portrange 7000-7009
        set udp-portrange 7000-7009
    next
    edit "TRACEROUTE"
        set category "Network Services"
        set udp-portrange 33434-33535
    next
    edit "RTSP"
        set category "VoIP, Messaging & Other Applications"
        set tcp-portrange 554 7070 8554
        set udp-portrange 554
    next
    edit "MMS"
        set visibility disable
        set tcp-portrange 1755
        set udp-portrange 1024-5000
    next
    edit "NONE"
        set visibility disable
        set tcp-portrange 0
    next
    edit "webproxy"
        set proxy enable
        set category "Web Proxy"
        set protocol ALL
        set tcp-portrange 0-65535:0-65535
    next
end
config firewall service group
    edit "Email Access"
        set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
    next
    edit "Web Access"
        set member "DNS" "HTTP" "HTTPS"
    next
    edit "Windows AD"
        set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
    next
    edit "Exchange Server"
        set member "DCE-RPC" "DNS" "HTTPS"
    next
end
config vpn certificate ca
end
config vpn certificate local
    edit "Fortinet_CA_SSL"
        set password ENC ZGxRuLbtoKg45rD0QaVGH4jElwy3OwUmD6DVuptOEbTMHxhjrvH2D1wmkE/s6fcKRpqaTf8tlf1xuRxWh86dHVG0nh4Pi3r+r9UDTnYFJ1R8zt7UCm3NBnD3mqr62NxmQccxHX5ej3VRYYMxTnZp2jfOP8B9nk0MEd9pVxk+ZlHKcpV4bLetzYz0/fkZcLEBebyyvA==
        set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBrDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIMlrs1IoDCS8CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBivGdvpRiYyBIIBWEc8xUvdrvq5
r8ehCUSiqcrXH8LhON4wpHJprE6JYDRugDDUyWrK2EQlkq08+lHTchmjrJyecHGp
Dqre/M4vyvWF+kRI3m3zGcluGUSpVr7JZHWKcwSWDK9s9tLzpaCAM5He0xG6xL5I
kpUm1Lx1qdktzA5XRkVHNMUg3SW6Wz7VoOtAaPCH+Imsn0ZREHFViH9g7Ix3NmRg
qSScr/uLSl/Ra1iIh/Ycte5puGOvo829jyJsbW5wO8OMjq+fb1OOyGf0+GxIaWFU
0iqzHImHQhnd76WMaCe7qCMh8tiC1Kexu8BCQi9q1g1nVOkRtUuvhmVCyQe0st1L
UZkSiWbofc5alecT1J7zwcD0CBZ8ScTojewfCLn5SwhMZQ/mB9KNT7xvuyWx7qm7
PkzvErrwUGDuiAagWr50Iphbg4nBR8FkiZSLtLD8X3yojgrqP18idKjCWjGovPjC
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICaTCCAhOgAwIBAgIINDNMWkeG4iAwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTIyMTIyOTEzMzg0NFoXDTMyMTIyOTEzMzg0
NFowgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH
DAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEZHVk1FVkRQOTkySjMzQzQxIzAhBgkq
hkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tMFwwDQYJKoZIhvcNAQEBBQAD
SwAwSAJBANYaPoStcl876Su9UgQmiXwBJ68iGukZYE+ulz0Mzzc+hBmhL4GtoP8p
12DWKm9TPVVGQeJ/JiJpRJSLGcAwzs0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zAL
BgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQELBQADQQASfS/Jb8oHpSagnTHWQze9ylhM
0sZCnwyIkA0S/SuTDCAG9nKk0rHPYFa0GvAe9yQgKqSUVPW9DIaUk55yOy/w
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_CA_Untrusted"
        set password ENC 7QmlybREKnkmvrCkaQva3JUwgHgloHAebZvkQn1GV0TtHnwmejRY0Dq1K0FRDofuLpSlFwA61XMNGSvqPffIz03mz4Hb2+lqvz5SShITOtXqlPBKtjaIGvO3dFyYR9VU48Cg2XSebeIm51xiJf5sSPJXsNWeFdBIc8GBbOQ+3JaEcik5lZZnLEmP6gD+KkmN6pu+pA==
        set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI5RQA+ZxhgkECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECL4QRgXfULjhBIIBYKf0By3Ycovj
0OscB3LvNkkE824mOYyKrd1EuXXZnGrTliZhi/FY2/Tz+JZBZyO9e/HHoHqqGcn8
6ft55YzID4XVeK8XDo7tUHeM7zEYcMr5jUI/dckodPscvwCwQtyDo050FWfaeYxO
OcKglbxhAnMdHI31KtxS1MbDqqg3kPaLZ4vMIIhtVs1CHltbbu8rf8eBLZENX/iU
XU+tpAKUZi0O0JEBXzZOQ+7kkyc1n6KnB9s0kZ65aJL8KGwXcZPJqj/oeq9Bxq9q
P7leKPjvtb1vjS3B6+FR8Z6t1OVliMnjt+2kbblLDwdJ9jDM8UGKAmRo9OltaXki
45mMwhTKfjCyCd1xmHLJ48YbHNqib8gcIgsfE13jlHeTEsOM+w9kQOdGa+WZcV7N
fuGXi/Gad5vyMDwXk1LC6YMaC02T5iZQ3pq+vtNbvow82dpIrXWkptaTgV/iisRZ
2Z7CFF4paJ0=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICczCCAh2gAwIBAgIICxuRCFrjHskwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxHjAcBgNVBAMMFUZvcnRpbmV0IFVudHJ1c3RlZCBDQTEjMCEGCSqGSIb3DQEJ
ARYUc3VwcG9ydEBmb3J0aW5ldC5jb20wHhcNMjIxMjI5MTMzNDQ0WhcNMzIxMjI5
MTMzNDQ0WjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQ
BgNVBAcMCVN1bm55dmFsZTERMA8GA1UECgwIRm9ydGluZXQxHjAcBgNVBAsMFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAwwVRm9ydGluZXQgVW50cnVzdGVk
IENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBcMA0GCSqG
SIb3DQEBAQUAA0sAMEgCQQDGxtbRzYOaQQTojbqeABstWfIMvqqCQu6wKYQiJUpZ
J70NSxXpQ/ps+kgieoWCfNBKVI/TeP9LbnPGSAI9PVovAgMBAAGjHTAbMAwGA1Ud
EwQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBCwUAA0EAA0nKTHP4NQoi
raVmFCbj+mYaUvrd28Eovp/Ji1MUdipgF7jD58oy1VKvRNQ4w8gTx2sJ+DLwlCd0
49FZdITo2A==
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL"
        set password ENC DMDAZc0ZbSD3GJkgI/fDDN0ZcmWDMDBDdsfz+oxlI0cx4C86mSSNW/QEvnHUkEuOiILJcS3fucD0iNyx9+ygtbYowXMjpxT03yuGNdDAGJmGh3FXUr7Dl5edM5lIIYBK/soUwzTslNZoh5ruVPWdynwa3sX7+Hv3fJucykVoK3QdSUaouT7dbF9JcQjGn1w8pk0mGw==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI2fVyWVWNAm0CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPnComM3571xBIIBYL/pGExNMVaS
DfMyVCBVMrlGvTyt0PtDcqx31LAnv/NtcfmpP3imLF2wlAzKxA8blRuTPoBSEcHc
zpDIp/66h98w0wmkVV8QEbpPd/o5hFNsIYi701wwioJY9F81n9ZZ/1oqT9sVFEsM
Vz1PoyEkz9TizV9Hxs9HOkRVNc9zIN/H7WOrWL8xFPvSXDoZj4/7Rtx8wxOsNVCM
vQ0Z5XFzz4X2bCJ4R7pt2qxpnAA75MJx8FElvdCjuZIG3kjqMw0dsj9oRuKP1az/
TCfVWp0CkEOwYZpAz5ehY3kC6anBOevaUW4WfxCKO8PFTkA95wsAf4hBU3kTY8Oc
A75r/YwccXwVeu7SpLTJQGQP+kuspOPBzRpY5IqtOdpiS70DzWD+O0WE+AtTMuvA
61slYLLLFEGaY5HiskpWBTaFhdnoV4CoAKs42cGJLcu+LRIYZ0d2cbe7dKiXvVNg
GLVEwpw1MPM=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIAiwASpV7MicwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzg0NFoXDTI1MDQwMjEzMzg0NFowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKRd4FL/V//I6ZU75cQ8Kka+
e/L1Pa/OlFfapiPW4lNv5bmrn2PaXi9xdEM3TwagbZG5OIuzROWAXvFUyjb1GOEC
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAHtREkU2B3QI+GIE3Mb0a7p1h4XZfOj105Z70UiXnUwF6tDt9o8V
STtKJq2q9iMm2GGTPcTuSmzNKtYYqREuFsc=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_RSA1024"
        set password ENC 7eKFbjcHCQRO5wBGqw7fab1OB3JGYCtoc3ZoJMxrnnM5scv/8ULqjuV3K1WjAhAYy2AnCpOKvgWyIuW3GZR3MNJZQzVpPHY0YWvzMAmcyO4HpJ6zo9ugYbJ4qny3PiN+bLJWB94e7sVTHT9MFUtq/PYOhoACv3e9ssvlzwuvHShMGjeNQMeUfIh/VGs+re8bA3Y8Mw==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIsepn8PyJCKACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFaJRRVOLNUKBIIBYHg/ctUhfanc
ahu3Pqe7Gl2FEzXVaglr53Ax0OYNt6Y6BG7CtJyiHhZzdm0vztOPYs2ZpDrJOxIs
q/a0DRCRkXmY2mUTc9GvEwwkgU6tN+YkIGq73mIOHyM7Hbf2iAPfrM8jxKWeV9C0
RJhsFYqpeER8J/kmtiZDxCCxh/VOxWE6vNYwbyJm0+Lz5NfxIkyZ+VwWNFHHXdDe
7Ezd3ezPVmY/SSrDjDEI6eXMa4COPAa8fJowybI7T4+PT4GYEFNp+hCaEOOhW1EL
hox7ujYqcqk8ActFa17glg4UseuWknfgquKyY5+vgFiSGTFrMidwzJQOkUne3qoi
JUjK+WctJTk3GwgygSzmBb/k+tMiFGqLteYLom44Klt4loGK9TIaOn331ftvwG7+
a2nnj2K49M0+KLqRQHVqlyrbAf8dxkmbYdRfYCszVMVnz04bpKAZzveADKC5Ogod
aXIn981phUQ=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIQSmcW6n3WN8wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALbRyB27ramvQ3T4jNjuPwT6
h7/FkfCxOmDdd4mLuWGO75jSECFE6RJ1QfxYZbZPwQGqyozrWCkyWmHgxUKdCT8C
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAAYDcN4jQfUnKAbjH3UfGtu1mXOCjNsWbbBFzhf3nTFVIpZjTzhN
LtD0bQ2QhRpSiGcJzCdYMzMaYPFo3Y/BAK8=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_RSA2048"
        set password ENC arAVW3IFACQZI7RtuGLzOleLm415EuA7GgGDsFvA9mEi1vn9Dk5C/9MSAmE3cm8NL2hEK9ACfn34kOl02Y3a8vBxk0ukBMzbYBjikWuNRDemRZ6SMEfddfdYcnTl5OiXFtcXI/wwoTq9IF86h2tT52aP1vh24xejX4ZI1N2ySUxWoud07XNfx5UzrWECJik/BlChDQ==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBrDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIbJ2bNLQmwGUCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECGj9TKEJbFhGBIIBWMTBQuh7Gm/c
5OhhwGKXnV1mPbK3f1/6LUUZuNh4nCJrhy6WZLFmq6iT9ZwZiWCmvHfIhfmMO7ZH
qenGv3hbYxmi3diQpQ3tUf+OB+vV1u0t9dE3z+mqPRUgY2IpPnlMhehEg873BL0x
QMf+zDEe+jLPNfHuqLYzG6A4jQT4KasJajbk0O2llyYRpHtW9jxvKMG35EVZYhxH
dS2e4jBUXnJDpP1LN1MsBCvX9rdQ6kC3krkIi1OM6ZnYFPWm7LMST/0zknnM+1Zv
VKdac3hlovqYYreysplaQl3LQC2OosQ3WTVO8Sj7+MYt+dP2r3c6OnAMhzuKE6Ep
V4wDlEp+IOK/RBCu6d3D6S6rPuGspJbvrRaCkJTSp8nKAND/ChcmbwmNRFjPQdoG
7FqGLjNUFEGN42fEL49+fwiQxiXZ7ZDrDSgiaO2VI9wSKRgKrwxj8Xqal23xHZoE
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIIcJhFCHMq+o8wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANAxcqiPAfEZ1gOlqd8ccBLf
2Ld0xDbKRExb4CT11yJEVfgCuG0Ght29mXnQtyKnZ6EzfoJkMdoRCHRBe2hRYJ0C
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBAHOjmK28EdEFUbZOogoVE2pcnUDTTs+ZTXgJOmFDu3Lbjk/paH6L
YEVqJJasf7zVXOjLzD2m3wRhR3VfMDN61jM=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_RSA4096"
        set password ENC VyK+QP8RaQUuTXW3f0zHRSI3PUoGi5gNYoxEqWosljzT6i2t0RDK1GF92jgYQTtHjVTk63bCxaMzexD1Ym+Jf1R/Jq7BIP/YYRP1bPc/ITZWosS1D64m2kF4CPRtA5+kE82xQ20Ul9Ti+rfCBlk+bQ0w+xH0pFCP71gkvB/L4hqw2+w6pJY0GrpMo4m0gQ2Z7LclfQ==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBtDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIE0jfV13MZqkCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBu+BCiRt7z3BIIBYDNRlOur4yQE
oU//TP4+8ZbzdhdqXl8wEenFvc0qeI2U9wOJRukbXLnu2kOqKeRZjxI1mh2cUhSX
wF3bapABQWsulKMNe7BtJVxgilufCvTe/mzS2CirVAmifrxI7rtEvL6d1XiYrDBc
/M9ASkcq3NHWuEEnpyiuHXZP2pytBdw8IQvkzpLvt6c6bGAlyTFfUHGJ2K6U2fnj
a5rEWlHjjN5R4FnqL8xdd48O0KzNT7yKyZuOqx+6n0tVGMHsW9G2cq5ShkErqhSk
FyStH1RMM0AfdmJNfvhoZFiCD7jKMjyhoaBAKMcBqDDI7FeTlSYrghyQPrsYPQyw
Y/L8e/jcqU8vP+qcfgidAxI97/5dhJBk3oT9HyEaFoYEWYUc6M4KKbN67bXr41ZF
ncvDl+q78v7sMIf/sKwVWwULsxklElr4ExyUAhWFUdgPLmRoeFZFhkDnvOj9Vs3i
hY3P0nlbJPk=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICVjCCAgCgAwIBAgIId0lg/XODsjIwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEZHVk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMdz6pWVy6uVakvNdCObn7jV
K6XZG97Psp6btXEq7dQk0jOA4RNp81DfKTTipZC7qoRf2BcNNxaqkXkFRT5XRZsC
AwEAAaMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG
9w0BAQsFAANBADEe40c/+OhqC60wYy1Bn3lBPFPr0tCIcSVpFVnlR6Nmd726KxFG
UEKcYv9MUJWWvvRVuHYZYt/SS66HcRx7Tx0=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_DSA1024"
        set password ENC LwIPBMHZNntS1ZdLFDMzwjPBw6d8527a52ldbd32T7YFzrFribsITpyW6AqRvKswymn3Yihatv4iOUj/oEEkgZgcWyz7eaBHBEzt+5ky6y//fKxOO7nUuU8GUhZ/iuFI3T3F7mNtBdKNvBbgN/c/h1LGf/niddwHy0SIef1SbAv6yoIfjmDc/APf0voqVGT5F+s4Nw==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBIzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI26aKo/XLfYICAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFD0hhifoIMQBIHQFSIC39UyzwO9
kd1hBv5YrfP8yxuDl3o6DGYJsI/hQ9PZSrPDznkH6Fdcso6HsTZ1cQaBsLtDIJ9h
QlW3hBgwgxXETUFt1VrxAa4KHoK7i+ADblSKqT/jFEkY4VVVGb2PHIuCb8o2h9JY
U8kgz/hkc1EZOVb5jVErjvI0JgURx+guCYCBgr72TU466Yoh+8SWo4k+vj2lC5pH
er4xs+hujhVh/vnFQVcdmXkZokvvhXwknRuWgjF1OGrpYqmMa4GwrnX6appjrNzn
rxQxWhIRVw==
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIIC1jCCApSgAwIBAgIIePZRuQoJgFAwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCB8TCBqAYHKoZIzjgEATCBnAJBAMF5QEbLGgBRxjPO9Jmr2c2f8q0f+d1s
MFfk2Atzo4zKPxlG2lm9tEBvvGg/fFFV0k5tmPPYJ6YTSnpvQbHyI5kCFQCJdwLi
qLIGP755jrGqkajOSsO6SQJADq0YRYKOjn5ZJBZeiaza6CQZN8Aq4OG+RbXp6twC
hFDClXKBrjjNP9J0WkndzZ1Gxg2arg015Lc7EgaGn12kiQNEAAJBALjxtwrvMx6U
3crobVvs84nwf9T+o5m6s7WQSwXT30IKOBQ7pGzTWZ/w+mFqf1oU4IjTDfsaNfJT
bBKNi6Owj+CjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYJ
YIZIAWUDBAMCAy8AMCwCFEbosjUM2Uwe4RTzyTYDguecqZ1hAhR7qPTgEwelqKWE
AE6ImBMNhB3Gyg==
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_DSA2048"
        set password ENC TKY/mnu2aF2ajjaztBX30H6yuDSrq7pOUoxVfevyKzovRZeSlgc1y8drhtf9yFDRYL7fu3XApAYUStLXOBF8ytWHSNNLfyJJzU2FIftml8golDYxeDYmby4kzr+zoXSIjomd7hNYZQMC0uRRGxEWqaeVHw+5Se+7KuS4mw+0PbV2lPPply2x57k6ax3kzQVFlsFuEQ==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBIzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIzdcl9E6CVpACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIsb+d7LBUSpBIHQWbWoS2GaiysP
B+Dwt+GkyAuKld88o732Z7DCPPp54vMkZPPUeSD6AJdNoXt2nDyjxHZDSBg+B4pj
tqtQi9jrrbmRBlG1wQqDwaB3ZUhJ7wgR4CYWTAhGh1gAjeVFiTptIBFNCxwuTmgU
Gebd2t4nz7B+Y2BHQLV36xZ4JSjuAjkYdoeoiQ5HKI9znRA5uNsX8dolkDqZLfAk
xiAOkYkDsYRJe9Oyh7kprEaEkJBCKf6NBV6pKdn1HjBwTMdMaYvgx0vnKKVpsKyN
z4kO+Qtacg==
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIIC1jCCApSgAwIBAgIIGZlZx9P2rP8wCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
R1ZNRVZEUDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCB8TCBqQYHKoZIzjgEATCBnQJBANvoEEptDn5xFm7rgrbca7UGNRZ10Bq8
YC5dg90vKrrviXNoRkeIY9p2PK/Ss7i6R9rMglbVoQFv03Z/K6Qx3BUCFQCcqNen
RvMbL5BwJMDh4dKpqARVXwJBAKhgmCJmPTYA5iodwCAb9H6GYag4eG7YGpc8J+kU
0hUzzm8qJKeBE6pdvPK866lmn8RrxvteJN8kLJ4uPlDe6j0DQwACQA4y0ve3AQNx
f2zNHk57ulz7GbUr4H/rX9TsVzXdF8wbxrKIWGSLIOAN65arZPSsTZwPMZe0H1n2
Lp0MZ71bgtWjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYJ
YIZIAWUDBAMCAy8AMCwCFFzoYbW9M0ZP9x4548NIHqjv0EbCAhRLf/0tId0QuGjG
2RFEeg6l+JgE2w==
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_ECDSA256"
        set password ENC v8rYSdKBw8qt2aKxoONpesf00IBr/7qkAzCuRrbxJnETuVFAkqWOZFVJwyeqIc06OUpsSUE+VRaxQ2mfL+NG/weevn+DjJjPDHD7ZbVU3bPVpxc2f2ZQe91+C28ayCUyPYQOUfsxeikHgp479mKbpPl5GFSQrDTdB1jxtOFecqSZREv6ju/1Uvk/b5IYkM/1t5EZVw==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIHjME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjbFKvb7mAJ/AICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQInbeqzpXctq8EgZCAjfSHhQEvUt2D
7n4dZPQQhUf1B8dPKvsskiTo+Y24t5zQ4KEAcQp3qBTSIoPsTIZDBPrGXbMbMZwK
OzHeSeeAa/Tc0IpL855xCg/S9W/SQMxPv51q8ceRjeGDXmFqZwpBuMz+ZixTITJH
Xb3+Eai+V4EB/M0ViVKQ2LMs8D2x12XMpGRK9M4CZa2TDOBFMk0=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICVDCCAfqgAwIBAgIIH2mFUnV/iuAwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEx1/SElXvimtm5cNAz1a0tAWV
3m5kof5yInREerOLisvh1phBbiLbjsGfdVf09FwPj1v3KvdyDM5GAeXF27NgZqMi
MCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNI
ADBFAiEAg+KcASV7EImjCvbsOHeHhBJ6KxZq7SEkyx2mHpeSlGoCICpnzh/wvJAN
nyL6YEsOduBzBqIECGcUpqKhCyKbaxSz
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_ECDSA384"
        set password ENC wVpOlLKc3uHw9USmCQuB5nJGoRNfLF5TXis2BOBWnGou2TANHSTg8VEkFGXmTePNM6F/eH5uNfzY5zsWRf1m+hS/nUZg46Kk6nYdOBn/vLhrgSYAU0A5okQTye10VFsl03ESSsqbNVIHrQIaNu0UUG9n2qgKAoOL7Jbnh3TCs9rXtdIuAqDRKUDFv8SUze23zAePwg==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBEzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIB0LWga72ZXECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPCPRgqEPxFDBIHAA01vb3ntx6a2
NKlpurwlBsM8xU0By6jTy1kpAilSQylwd0Uyw6Yr2vK5ycuggY0yNVra+w4kBjXa
GoRLm23hNZMLfW4IClqEUg6aebgu3sak1m0ZuzkZDOGNu78oz8WHbxEwCeHAxPKw
4g7va2fb5yCZkq5Kt0vHjtUfuIeXJh4W/KiFunFgG+H7o29z0ZrWqUH8sHQdOcVs
WPw1R4cRYjieWz7POmnLczaPK3zuEOTtmHbet7MyoxLIAQ7igeHp
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICkTCCAhegAwIBAgIIIKQ/mvMtjgswCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEL6QzxGHkbCQPPGT/hP9qRQjc3/Er
RBxyCWHgTBLj4jqO9q2e7HK3ktzsmcSwOsHONXpTnj2xs6fL4FAY/74BDQAfjn9C
AmRUq7T069Pm9cvgWdQfmjyFckbmTlzPgZb2oyIwIDAJBgNVHRMEAjAAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2gAMGUCMQDn9HnR/4LLZVP+t7GS
hjsQjmsRo7cwm2vCFm0jnTOhL20ms9S29ZTzhVvuR/83QbACMG3egAoTA2JnrHBf
eY9zSXpsvkAsBSCPDkmKS+t0/mL28NwKqvhb/y3XEdyw8iCIkg==
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_ECDSA521"
        set password ENC z7Ujvt1CwiRHp6zeqbgCYZXzKoQQuR0CPkDpMolOQOqRwbqRlLxOTf5lQOTdAUZYRoV5hOpvz/d8exBF2W9XTcs0A+FR06W8539+AJe8z0AkyVpMFNjqhz1U0aNJ/WmRDqbhfh9j9LvYgvYIdfnBHxi2iraI4X+mLOJmxo8Q/XF0BKScRhOZD5L3GQU3l7EojA3a+A==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBSzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIN42+wGm21lICAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCky4vZc5UDyBIH4DvXMeecT0XTb
kDnkz+LFOSBnJTqTAofx3eeZVkQw/CewBtaIFNcaI72ugOoQcYA4LtUZ4Rli6toc
VuQYZSIB6+GKBQsh+GnO/CxirjfQkTlNXVbegSS9+keTr7J/82NAy0e8hcvHrKK8
JK0srAZtvdq8ofMEtEn/Sb09GeZLuFne2mTYon0Mdwbzp3BUUtQkTForgSmJEssn
JdtbI8gr/5xjL981S+v/XGnkJrBftLnEyXetmHczJ633XbBtfjmzIz4nnkpyYCpW
5btv4xtGmWAp4aRwCfx/sTAEbGfCI5TEzFn05rX+QuMEcT5gmXNgbniQwI3DSAA=
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAj2gAwIBAgIIcMaHh7iUTFgwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMTIyOTEzMzQ0NVoXDTI1MDQwMjEzMzQ0NVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEZH
Vk1FVkRQOTkySjMzQzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQArFGJNkFZNR+DhbMdU5dYc42y
y4KFufmB45J5nglkxg0FSPOU0dw8dHxzSIkaWEmAp1eti5RFKwvYWu3kh0xuZPIA
a8V0cu2wFy9z43pj7azR4ELeJzO8yE4f6pEpbD0YCc4ty6ObG5y3dZ45mHSkm0x/
13UksYw6d8pI/pAhyE8e8gyjIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwCgYIKoZIzj0EAwIDgYsAMIGHAkFlAmmoBxlX0B5ye7ffv3zmqMRFi7Y/
CYUcwKYiOdDDFrj6EBqDx4DgMqlapKqWEnc8N+x7ah+kFNEZp+Zl1qZifAJCAW4V
kEhnK4mhN2d6MeCr9lMs7NiXOoPU1hPTWU54v65/MBRJ8OSute489/yJcZgGv9Ed
v05HH4oTDXOpPZiRWOgY
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_ED25519"
        set password ENC wFtFNiIdy65XlWar/SrpC8K0MDycMdMICdPx6BcT1oOdbZNR5MDRbVCHKGW0FyrDfcdCUPybntc3eHKLc2RZ2h2CFWnQRUTStEA/f9T+fnXWygUgrsYxSSvLOFFSagNZHk/jcB41krWVyxC9P17lJtzw5vpRsRaql7pcfqGECgVN7D+TuIImge0TvslsD6x3OnT4FA==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGKME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjvWcbqPCI4JAICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI3Bu2zsCgHqIEODwoLeNSA+OiCU64
Mg7jP4eyFxP1LKHLTMT8anFDdbPBxQAxABM2+1cPSAQ2tVhA15TpqaNyn88c
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICFDCCAcagAwIBAgIIQXIrZmmGmWIwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAq
MAUGAytlcAMhAMSSczBS5w0Ek6XgKxfACGYBhr/R9MaOMNcWseS4YahYoyIwIDAJ
BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAUGAytlcANBACrveo+uLvqb
vXVyxfCNzNr7K5IrhFfS+GiCB/CaBn7F2asJ4WlejgOWJZlJJofJ0+bIElqQqVjC
sHvb340t8Qc=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
    edit "Fortinet_SSL_ED448"
        set password ENC 58TwpxMu5BGewpULltbJ7pg68jYm+x6vzSP3i7XqmGqr3ZDpvAMze/t5EsZXIALZgZHIOXU0zo4MUXG3IgNk8ORfnQlv10uSBjkvsj10hnhXZ8GgWpVsyQIWtazhpNxTsySMObJVVCztqtCbEy4ESpBKc4fFmz4Q0d0ia/VZ7wwz/ENJ+LXAeCJxNbumZQorILUPaw==
        set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGiME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAi3IaH1XXH7oAICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIVf2LnlhXK/sEUFnhNyjeZ6KxB9VB
DJOWSZPjHETRvixLC5rEgzcFcFg29X6EYMeTf5oCOnCyrP6vZE04vDwM6wd9O4Tk
N7eniBCYOSWQAyHDCL/0Re+o2RgX
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
MIICXzCCAd+gAwIBAgIIYriTeGcEtFowBQYDK2VxMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjEyMjkxMzM0NDVaFw0yNTA0MDIxMzM0NDVaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGR1ZNRVZE
UDk5MkozM0M0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBD
MAUGAytlcQM6AMD3IgLdpbOE0Hhmi1fBrCxt7udfGYkZH00ygVYVG01dK4pWAAHW
NtTrdC+L8VI7Hcqnth2i+ZnngKMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggr
BgEFBQcDATAFBgMrZXEDcwDQXarhXJ9882ulHpoX0l5DEDF1QZi7wA5eAHf4sTTr
cLjqA8OqbJH9DZi+c+TLk1HTHvWBWuAJIgAuR/ieVUEEVcweEoYVDAYWNQ2luGE6
VZroEhM7lXg04vqC4cFNCJ/l269phE7P0pk28BY9svdQLgA=
-----END CERTIFICATE-----"
        set range global
        set source factory
        set last-updated 1672320890
    next
end
config webfilter ftgd-local-cat
    edit "custom1"
        set id 140
    next
    edit "custom2"
        set id 141
    next
end
config ips sensor
    edit "default"
        set comment "Prevent critical attacks."
        config entries
            edit 1
                set severity medium high critical 
            next
        end
    next
    edit "sniffer-profile"
        set comment "Monitor IPS attacks."
        config entries
            edit 1
                set severity medium high critical 
            next
        end
    next
    edit "wifi-default"
        set comment "Default configuration for offloading WiFi traffic."
        config entries
            edit 1
                set severity medium high critical 
            next
        end
    next
    edit "all_default"
        set comment "All predefined signatures with default setting."
        config entries
            edit 1
            next
        end
    next
    edit "all_default_pass"
        set comment "All predefined signatures with PASS action."
        config entries
            edit 1
                set action pass
            next
        end
    next
    edit "protect_http_server"
        set comment "Protect against HTTP server-side vulnerabilities."
        config entries
            edit 1
                set location server 
                set protocol HTTP 
            next
        end
    next
    edit "protect_email_server"
        set comment "Protect against email server-side vulnerabilities."
        config entries
            edit 1
                set location server 
                set protocol SMTP POP3 IMAP 
            next
        end
    next
    edit "protect_client"
        set comment "Protect against client-side vulnerabilities."
        config entries
            edit 1
                set location client 
            next
        end
    next
    edit "high_security"
        set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities"
        set block-malicious-url enable
        config entries
            edit 1
                set severity medium high critical 
                set status enable
                set action block
            next
            edit 2
                set severity low 
            next
        end
    next
end
config firewall shaper traffic-shaper
    edit "high-priority"
        set maximum-bandwidth 1048576
        set per-policy enable
    next
    edit "medium-priority"
        set maximum-bandwidth 1048576
        set priority medium
        set per-policy enable
    next
    edit "low-priority"
        set maximum-bandwidth 1048576
        set priority low
        set per-policy enable
    next
    edit "guarantee-100kbps"
        set guaranteed-bandwidth 100
        set maximum-bandwidth 1048576
        set per-policy enable
    next
    edit "shared-1M-pipe"
        set maximum-bandwidth 1024
    next
end
config web-proxy global
    set proxy-fqdn "default.fqdn"
end
config application list
    edit "default"
        set comment "Monitor all applications."
        config entries
            edit 1
                set action pass
            next
        end
    next
    edit "sniffer-profile"
        set comment "Monitor all applications."
        unset options
        config entries
            edit 1
                set action pass
            next
        end
    next
    edit "wifi-default"
        set comment "Default configuration for offloading WiFi traffic."
        set deep-app-inspection disable
        config entries
            edit 1
                set action pass
                set log disable
            next
        end
    next
    edit "block-high-risk"
        config entries
            edit 1
                set category 2 6
            next
            edit 2
                set action pass
            next
        end
    next
end
config dlp filepattern
    edit 1
        set name "builtin-patterns"
        config entries
            edit "*.bat"
            next
            edit "*.com"
            next
            edit "*.dll"
            next
            edit "*.doc"
            next
            edit "*.exe"
            next
            edit "*.gz"
            next
            edit "*.hta"
            next
            edit "*.ppt"
            next
            edit "*.rar"
            next
            edit "*.scr"
            next
            edit "*.tar"
            next
            edit "*.tgz"
            next
            edit "*.vb?"
            next
            edit "*.wps"
            next
            edit "*.xl?"
            next
            edit "*.zip"
            next
            edit "*.pif"
            next
            edit "*.cpl"
            next
        end
    next
    edit 2
        set name "all_executables"
        config entries
            edit "bat"
                set filter-type type
                set file-type bat
            next
            edit "exe"
                set filter-type type
                set file-type exe
            next
            edit "elf"
                set filter-type type
                set file-type elf
            next
            edit "hta"
                set filter-type type
                set file-type hta
            next
        end
    next
end
config dlp sensitivity
    edit "Private"
    next
    edit "Critical"
    next
    edit "Warning"
    next
end
config dlp sensor
    edit "default"
        set comment "Default sensor."
    next
    edit "sniffer-profile"
        set comment "Log a summary of email and web traffic."
        set summary-proto smtp pop3 imap http-get http-post
    next
end
config webfilter ips-urlfilter-setting
end
config webfilter ips-urlfilter-setting6
end
config log threat-weight
    config web
        edit 1
            set category 26
            set level high
        next
        edit 2
            set category 61
            set level high
        next
        edit 3
            set category 86
            set level high
        next
        edit 4
            set category 1
            set level medium
        next
        edit 5
            set category 3
            set level medium
        next
        edit 6
            set category 4
            set level medium
        next
        edit 7
            set category 5
            set level medium
        next
        edit 8
            set category 6
            set level medium
        next
        edit 9
            set category 12
            set level medium
        next
        edit 10
            set category 59
            set level medium
        next
        edit 11
            set category 62
            set level medium
        next
        edit 12
            set category 83
            set level medium
        next
        edit 13
            set category 72
        next
        edit 14
            set category 14
        next
        edit 15
            set category 96
            set level medium
        next
    end
    config application
        edit 1
            set category 2
        next
        edit 2
            set category 6
            set level medium
        next
    end
end
config icap profile
    edit "default"
        config icap-headers
            edit 1
                set name "X-Authenticated-User"
                set content "$user"
            next
            edit 2
                set name "X-Authenticated-Groups"
                set content "$local_grp"
            next
        end
    next
end
config user local
    edit "guest"
        set type password
        set passwd ENC X4GYl/BPNoigZgb2003Sd7N33kMsuIKaq5GFeP/ULpcLbjQhpiXmzbOF3rark+DOYLMBGAgGmrK1d1TnvGOt8NTaX3CSashMkA9xps8E8RCUqj8t/5klZIePRz6XZCkg6AbASjJWcGcCor/RkRF/j6KNoHdHqAlogbofq4ygPW63+bjM+xgglSjsF0X8BuUcm2ON7g==
    next
end
config user setting
    set auth-cert "Fortinet_Factory"
end
config user group
    edit "SSO_Guest_Users"
    next
    edit "Guest-group"
        set member "guest"
    next
end
config vpn ssl web host-check-software
    edit "FortiClient-AV"
        set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
    next
    edit "FortiClient-FW"
        set type fw
        set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
    next
    edit "FortiClient-AV-Vista"
        set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
    next
    edit "FortiClient-FW-Vista"
        set type fw
        set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
    next
    edit "FortiClient5-AV"
        set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
    next
    edit "AVG-Internet-Security-AV"
        set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
    next
    edit "AVG-Internet-Security-FW"
        set type fw
        set guid "8DECF618-9569-4340-B34A-D78D28969B66"
    next
    edit "AVG-Internet-Security-AV-Vista-Win7"
        set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
    next
    edit "AVG-Internet-Security-FW-Vista-Win7"
        set type fw
        set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
    next
    edit "CA-Anti-Virus"
        set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
    next
    edit "CA-Internet-Security-AV"
        set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
    next
    edit "CA-Internet-Security-FW"
        set type fw
        set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
    next
    edit "CA-Internet-Security-AV-Vista-Win7"
        set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
    next
    edit "CA-Internet-Security-FW-Vista-Win7"
        set type fw
        set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
    next
    edit "CA-Personal-Firewall"
        set type fw
        set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
    next
    edit "F-Secure-Internet-Security-AV"
        set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
    next
    edit "F-Secure-Internet-Security-FW"
        set type fw
        set guid "D4747503-0346-49EB-9262-997542F79BF4"
    next
    edit "F-Secure-Internet-Security-AV-Vista-Win7"
        set guid "15414183-282E-D62C-CA37-EF24860A2F17"
    next
    edit "F-Secure-Internet-Security-FW-Vista-Win7"
        set type fw
        set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
    next
    edit "Kaspersky-AV"
        set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
    next
    edit "Kaspersky-FW"
        set type fw
        set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
    next
    edit "Kaspersky-AV-Vista-Win7"
        set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
    next
    edit "Kaspersky-FW-Vista-Win7"
        set type fw
        set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
    next
    edit "McAfee-Internet-Security-Suite-AV"
        set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
    next
    edit "McAfee-Internet-Security-Suite-FW"
        set type fw
        set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
    next
    edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
        set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
    next
    edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
        set type fw
        set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
    next
    edit "McAfee-Virus-Scan-Enterprise"
        set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
    next
    edit "Norton-360-2.0-AV"
        set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
    next
    edit "Norton-360-2.0-FW"
        set type fw
        set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
    next
    edit "Norton-360-3.0-AV"
        set guid "E10A9785-9598-4754-B552-92431C1C35F8"
    next
    edit "Norton-360-3.0-FW"
        set type fw
        set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
    next
    edit "Norton-Internet-Security-AV"
        set guid "E10A9785-9598-4754-B552-92431C1C35F8"
    next
    edit "Norton-Internet-Security-FW"
        set type fw
        set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
    next
    edit "Norton-Internet-Security-AV-Vista-Win7"
        set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
    next
    edit "Norton-Internet-Security-FW-Vista-Win7"
        set type fw
        set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
    next
    edit "Symantec-Endpoint-Protection-AV"
        set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
    next
    edit "Symantec-Endpoint-Protection-FW"
        set type fw
        set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
    next
    edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
        set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
    next
    edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
        set type fw
        set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
    next
    edit "Panda-Antivirus+Firewall-2008-AV"
        set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
    next
    edit "Panda-Antivirus+Firewall-2008-FW"
        set type fw
        set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
    next
    edit "Panda-Internet-Security-AV"
        set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
    next
    edit "Panda-Internet-Security-2006~2007-FW"
        set type fw
        set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
    next
    edit "Panda-Internet-Security-2008~2009-FW"
        set type fw
        set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
    next
    edit "Sophos-Anti-Virus"
        set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
    next
    edit "Sophos-Enpoint-Secuirty-and-Control-FW"
        set type fw
        set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
    next
    edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
        set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
    next
    edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
        set type fw
        set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
    next
    edit "Trend-Micro-AV"
        set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
    next
    edit "Trend-Micro-FW"
        set type fw
        set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
    next
    edit "Trend-Micro-AV-Vista-Win7"
        set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
    next
    edit "Trend-Micro-FW-Vista-Win7"
        set type fw
        set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
    next
    edit "ZoneAlarm-AV"
        set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
    next
    edit "ZoneAlarm-FW"
        set type fw
        set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
    next
    edit "ZoneAlarm-AV-Vista-Win7"
        set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
    next
    edit "ZoneAlarm-FW-Vista-Win7"
        set type fw
        set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
    next
    edit "ESET-Smart-Security-AV"
        set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
    next
    edit "ESET-Smart-Security-FW"
        set type fw
        set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
    next
end
config vpn ssl web portal
    edit "full-access"
        set tunnel-mode enable
        set ipv6-tunnel-mode enable
        set web-mode enable
        set ip-pools "SSLVPN_TUNNEL_ADDR1"
        set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
    next
end
config vpn ssl settings
    set servercert ''
    set port 443
end
config voip profile
    edit "default"
        set comment "Default VoIP profile."
    next
    edit "strict"
        config sip
            set malformed-request-line discard
            set malformed-header-via discard
            set malformed-header-from discard
            set malformed-header-to discard
            set malformed-header-call-id discard
            set malformed-header-cseq discard
            set malformed-header-rack discard
            set malformed-header-rseq discard
            set malformed-header-contact discard
            set malformed-header-record-route discard
            set malformed-header-route discard
            set malformed-header-expires discard
            set malformed-header-content-type discard
            set malformed-header-content-length discard
            set malformed-header-max-forwards discard
            set malformed-header-allow discard
            set malformed-header-p-asserted-identity discard
            set malformed-header-sdp-v discard
            set malformed-header-sdp-o discard
            set malformed-header-sdp-s discard
            set malformed-header-sdp-i discard
            set malformed-header-sdp-c discard
            set malformed-header-sdp-b discard
            set malformed-header-sdp-z discard
            set malformed-header-sdp-k discard
            set malformed-header-sdp-a discard
            set malformed-header-sdp-t discard
            set malformed-header-sdp-r discard
            set malformed-header-sdp-m discard
        end
    next
end
config system sdwan
    config zone
        edit "virtual-wan-link"
        next
    end
    config health-check
        edit "Default_DNS"
            set system-dns enable
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 5
                next
            end
        next
        edit "Default_Office_365"
            set server "www.office.com"
            set protocol http
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 5
                next
            end
        next
        edit "Default_Gmail"
            set server "gmail.com"
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 2
                next
            end
        next
        edit "Default_AWS"
            set server "aws.amazon.com"
            set protocol http
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 5
                next
            end
        next
        edit "Default_Google Search"
            set server "www.google.com"
            set protocol http
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 5
                next
            end
        next
        edit "Default_FortiGuard"
            set server "fortiguard.com"
            set protocol http
            set interval 1000
            set probe-timeout 1000
            set recoverytime 10
            config sla
                edit 1
                    set latency-threshold 250
                    set jitter-threshold 50
                    set packetloss-threshold 5
                next
            end
        next
    end
end
config vpn ocvpn
end
config dnsfilter profile
    edit "default"
        set comment "Default dns filtering."
        config ftgd-dns
            config filters
                edit 1
                    set category 2
                next
                edit 2
                    set category 7
                next
                edit 3
                    set category 8
                next
                edit 4
                    set category 9
                next
                edit 5
                    set category 11
                next
                edit 6
                    set category 12
                next
                edit 7
                    set category 13
                next
                edit 8
                    set category 14
                next
                edit 9
                    set category 15
                next
                edit 10
                    set category 16
                next
                edit 11
                next
                edit 12
                    set category 57
                next
                edit 13
                    set category 63
                next
                edit 14
                    set category 64
                next
                edit 15
                    set category 65
                next
                edit 16
                    set category 66
                next
                edit 17
                    set category 67
                next
                edit 18
                    set category 26
                    set action block
                next
                edit 19
                    set category 61
                    set action block
                next
                edit 20
                    set category 86
                    set action block
                next
                edit 21
                    set category 88
                    set action block
                next
                edit 22
                    set category 90
                    set action block
                next
                edit 23
                    set category 91
                    set action block
                next
                edit 24
                    set category 96
                    set action block
                next
                edit 25
                    set category 98
                    set action block
                next
                edit 26
                    set category 99
                    set action block
                next
            end
        end
        set block-botnet enable
    next
end
config antivirus settings
    set machine-learning-detection enable
    set grayware enable
end
config antivirus profile
    edit "default"
        set comment "Scan files and block viruses."
        config http
            set av-scan block
        end
        config ftp
            set av-scan block
        end
        config imap
            set av-scan block
            set executables virus
        end
        config pop3
            set av-scan block
            set executables virus
        end
        config smtp
            set av-scan block
            set executables virus
        end
    next
    edit "sniffer-profile"
        set comment "Scan files and monitor viruses."
        config http
            set av-scan block
        end
        config ftp
            set av-scan block
        end
        config imap
            set av-scan block
            set executables virus
        end
        config pop3
            set av-scan block
            set executables virus
        end
        config smtp
            set av-scan block
            set executables virus
        end
    next
    edit "wifi-default"
        set comment "Default configuration for offloading WiFi traffic."
        config http
            set av-scan block
        end
        config ftp
            set av-scan block
        end
        config imap
            set av-scan block
            set executables virus
        end
        config pop3
            set av-scan block
            set executables virus
        end
        config smtp
            set av-scan block
            set executables virus
        end
    next
end
config file-filter profile
    edit "default"
        set comment "File type inspection."
    next
    edit "sniffer-profile"
        set comment "File type inspection."
    next
end
config webfilter profile
    edit "default"
        set comment "Default web filtering."
        config ftgd-wf
            unset options
            config filters
                edit 1
                    set action block
                next
                edit 2
                    set category 2
                    set action block
                next
                edit 3
                    set category 7
                    set action block
                next
                edit 4
                    set category 8
                    set action block
                next
                edit 5
                    set category 9
                    set action block
                next
                edit 6
                    set category 11
                    set action block
                next
                edit 7
                    set category 13
                    set action block
                next
                edit 8
                    set category 14
                    set action block
                next
                edit 9
                    set category 15
                    set action block
                next
                edit 10
                    set category 16
                    set action block
                next
                edit 11
                    set category 26
                    set action block
                next
                edit 12
                    set category 57
                    set action block
                next
                edit 13
                    set category 61
                    set action block
                next
                edit 14
                    set category 63
                    set action block
                next
                edit 15
                    set category 64
                    set action block
                next
                edit 16
                    set category 65
                    set action block
                next
                edit 17
                    set category 66
                    set action block
                next
                edit 18
                    set category 67
                    set action block
                next
                edit 19
                    set category 83
                    set action block
                next
                edit 20
                    set category 86
                    set action block
                next
                edit 21
                    set category 88
                    set action block
                next
                edit 22
                    set category 90
                    set action block
                next
                edit 23
                    set category 91
                    set action block
                next
                edit 24
                    set category 96
                    set action block
                next
                edit 25
                    set category 98
                    set action block
                next
                edit 26
                    set category 99
                    set action block
                next
                edit 27
                    set category 1
                next
                edit 28
                    set category 3
                next
                edit 29
                    set category 4
                next
                edit 30
                    set category 5
                next
                edit 31
                    set category 6
                next
                edit 32
                    set category 12
                next
                edit 33
                    set category 59
                next
                edit 34
                    set category 62
                next
            end
        end
    next
    edit "sniffer-profile"
        set comment "Monitor web traffic."
        config ftgd-wf
            config filters
                edit 1
                next
                edit 2
                    set category 1
                next
                edit 3
                    set category 2
                next
                edit 4
                    set category 3
                next
                edit 5
                    set category 4
                next
                edit 6
                    set category 5
                next
                edit 7
                    set category 6
                next
                edit 8
                    set category 7
                next
                edit 9
                    set category 8
                next
                edit 10
                    set category 9
                next
                edit 11
                    set category 11
                next
                edit 12
                    set category 12
                next
                edit 13
                    set category 13
                next
                edit 14
                    set category 14
                next
                edit 15
                    set category 15
                next
                edit 16
                    set category 16
                next
                edit 17
                    set category 17
                next
                edit 18
                    set category 18
                next
                edit 19
                    set category 19
                next
                edit 20
                    set category 20
                next
                edit 21
                    set category 23
                next
                edit 22
                    set category 24
                next
                edit 23
                    set category 25
                next
                edit 24
                    set category 26
                next
                edit 25
                    set category 28
                next
                edit 26
                    set category 29
                next
                edit 27
                    set category 30
                next
                edit 28
                    set category 31
                next
                edit 29
                    set category 33
                next
                edit 30
                    set category 34
                next
                edit 31
                    set category 35
                next
                edit 32
                    set category 36
                next
                edit 33
                    set category 37
                next
                edit 34
                    set category 38
                next
                edit 35
                    set category 39
                next
                edit 36
                    set category 40
                next
                edit 37
                    set category 41
                next
                edit 38
                    set category 42
                next
                edit 39
                    set category 43
                next
                edit 40
                    set category 44
                next
                edit 41
                    set category 46
                next
                edit 42
                    set category 47
                next
                edit 43
                    set category 48
                next
                edit 44
                    set category 49
                next
                edit 45
                    set category 50
                next
                edit 46
                    set category 51
                next
                edit 47
                    set category 52
                next
                edit 48
                    set category 53
                next
                edit 49
                    set category 54
                next
                edit 50
                    set category 55
                next
                edit 51
                    set category 56
                next
                edit 52
                    set category 57
                next
                edit 53
                    set category 58
                next
                edit 54
                    set category 59
                next
                edit 55
                    set category 61
                next
                edit 56
                    set category 62
                next
                edit 57
                    set category 63
                next
                edit 58
                    set category 64
                next
                edit 59
                    set category 65
                next
                edit 60
                    set category 66
                next
                edit 61
                    set category 67
                next
                edit 62
                    set category 68
                next
                edit 63
                    set category 69
                next
                edit 64
                    set category 70
                next
                edit 65
                    set category 71
                next
                edit 66
                    set category 72
                next
                edit 67
                    set category 75
                next
                edit 68
                    set category 76
                next
                edit 69
                    set category 77
                next
                edit 70
                    set category 78
                next
                edit 71
                    set category 79
                next
                edit 72
                    set category 80
                next
                edit 73
                    set category 81
                next
                edit 74
                    set category 82
                next
                edit 75
                    set category 83
                next
                edit 76
                    set category 84
                next
                edit 77
                    set category 85
                next
                edit 78
                    set category 86
                next
                edit 79
                    set category 87
                next
                edit 80
                    set category 88
                next
                edit 81
                    set category 89
                next
                edit 82
                    set category 90
                next
                edit 83
                    set category 91
                next
                edit 84
                    set category 92
                next
                edit 85
                    set category 93
                next
                edit 86
                    set category 94
                next
                edit 87
                    set category 95
                next
                edit 88
                    set category 96
                next
                edit 89
                    set category 97
                next
                edit 90
                    set category 98
                next
                edit 91
                    set category 99
                next
            end
        end
    next
    edit "wifi-default"
        set comment "Default configuration for offloading WiFi traffic."
        set options block-invalid-url
        config ftgd-wf
            unset options
            config filters
                edit 1
                    set action block
                next
                edit 2
                    set category 2
                    set action block
                next
                edit 3
                    set category 7
                    set action block
                next
                edit 4
                    set category 8
                    set action block
                next
                edit 5
                    set category 9
                    set action block
                next
                edit 6
                    set category 11
                    set action block
                next
                edit 7
                    set category 13
                    set action block
                next
                edit 8
                    set category 14
                    set action block
                next
                edit 9
                    set category 15
                    set action block
                next
                edit 10
                    set category 16
                    set action block
                next
                edit 11
                    set category 26
                    set action block
                next
                edit 12
                    set category 57
                    set action block
                next
                edit 13
                    set category 61
                    set action block
                next
                edit 14
                    set category 63
                    set action block
                next
                edit 15
                    set category 64
                    set action block
                next
                edit 16
                    set category 65
                    set action block
                next
                edit 17
                    set category 66
                    set action block
                next
                edit 18
                    set category 67
                    set action block
                next
                edit 19
                    set category 83
                    set action block
                next
                edit 20
                    set category 86
                    set action block
                next
                edit 21
                    set category 88
                    set action block
                next
                edit 22
                    set category 90
                    set action block
                next
                edit 23
                    set category 91
                    set action block
                next
                edit 24
                    set category 96
                    set action block
                next
                edit 25
                    set category 98
                    set action block
                next
                edit 26
                    set category 99
                    set action block
                next
                edit 27
                    set category 1
                next
                edit 28
                    set category 3
                next
                edit 29
                    set category 4
                next
                edit 30
                    set category 5
                next
                edit 31
                    set category 6
                next
                edit 32
                    set category 12
                next
                edit 33
                    set category 59
                next
                edit 34
                    set category 62
                next
            end
        end
    next
    edit "monitor-all"
        set comment "Monitor and log all visited URLs, flow-based."
        config ftgd-wf
            unset options
            config filters
                edit 1
                    set category 1
                next
                edit 2
                    set category 3
                next
                edit 3
                    set category 4
                next
                edit 4
                    set category 5
                next
                edit 5
                    set category 6
                next
                edit 6
                    set category 12
                next
                edit 7
                    set category 59
                next
                edit 8
                    set category 62
                next
                edit 9
                    set category 83
                next
                edit 10
                    set category 2
                next
                edit 11
                    set category 7
                next
                edit 12
                    set category 8
                next
                edit 13
                    set category 9
                next
                edit 14
                    set category 11
                next
                edit 15
                    set category 13
                next
                edit 16
                    set category 14
                next
                edit 17
                    set category 15
                next
                edit 18
                    set category 16
                next
                edit 19
                    set category 57
                next
                edit 20
                    set category 63
                next
                edit 21
                    set category 64
                next
                edit 22
                    set category 65
                next
                edit 23
                    set category 66
                next
                edit 24
                    set category 67
                next
                edit 25
                    set category 19
                next
                edit 26
                    set category 24
                next
                edit 27
                    set category 25
                next
                edit 28
                    set category 72
                next
                edit 29
                    set category 75
                next
                edit 30
                    set category 76
                next
                edit 31
                    set category 26
                next
                edit 32
                    set category 61
                next
                edit 33
                    set category 86
                next
                edit 34
                    set category 17
                next
                edit 35
                    set category 18
                next
                edit 36
                    set category 20
                next
                edit 37
                    set category 23
                next
                edit 38
                    set category 28
                next
                edit 39
                    set category 29
                next
                edit 40
                    set category 30
                next
                edit 41
                    set category 33
                next
                edit 42
                    set category 34
                next
                edit 43
                    set category 35
                next
                edit 44
                    set category 36
                next
                edit 45
                    set category 37
                next
                edit 46
                    set category 38
                next
                edit 47
                    set category 39
                next
                edit 48
                    set category 40
                next
                edit 49
                    set category 42
                next
                edit 50
                    set category 44
                next
                edit 51
                    set category 46
                next
                edit 52
                    set category 47
                next
                edit 53
                    set category 48
                next
                edit 54
                    set category 54
                next
                edit 55
                    set category 55
                next
                edit 56
                    set category 58
                next
                edit 57
                    set category 68
                next
                edit 58
                    set category 69
                next
                edit 59
                    set category 70
                next
                edit 60
                    set category 71
                next
                edit 61
                    set category 77
                next
                edit 62
                    set category 78
                next
                edit 63
                    set category 79
                next
                edit 64
                    set category 80
                next
                edit 65
                    set category 82
                next
                edit 66
                    set category 85
                next
                edit 67
                    set category 87
                next
                edit 68
                    set category 31
                next
                edit 69
                    set category 41
                next
                edit 70
                    set category 43
                next
                edit 71
                    set category 49
                next
                edit 72
                    set category 50
                next
                edit 73
                    set category 51
                next
                edit 74
                    set category 52
                next
                edit 75
                    set category 53
                next
                edit 76
                    set category 56
                next
                edit 77
                    set category 81
                next
                edit 78
                    set category 84
                next
                edit 79
                next
                edit 80
                    set category 88
                next
                edit 81
                    set category 89
                next
                edit 82
                    set category 90
                next
                edit 83
                    set category 91
                next
                edit 84
                    set category 92
                next
                edit 85
                    set category 93
                next
                edit 86
                    set category 94
                next
                edit 87
                    set category 95
                next
                edit 88
                    set category 96
                next
                edit 89
                    set category 97
                next
                edit 90
                    set category 98
                next
                edit 91
                    set category 99
                next
            end
        end
        set log-all-url enable
        set web-content-log disable
        set web-filter-command-block-log disable
        set web-filter-cookie-log disable
        set web-url-log disable
        set web-invalid-domain-log disable
        set web-ftgd-err-log disable
    next
end
config webfilter search-engine
    edit "google"
        set hostname ".*\\.google\\..*"
        set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
        set query "q="
        set safesearch url
        set safesearch-str "&safe=active"
    next
    edit "yahoo"
        set hostname ".*\\.yahoo\\..*"
        set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
        set query "p="
        set safesearch url
        set safesearch-str "&vm=r"
    next
    edit "bing"
        set hostname ".*\\.bing\\..*"
        set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
        set query "q="
        set safesearch header
    next
    edit "yandex"
        set hostname "yandex\\..*"
        set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
        set query "text="
        set safesearch url
        set safesearch-str "&family=yes"
    next
    edit "youtube"
        set hostname ".*youtube.*"
        set safesearch header
    next
    edit "baidu"
        set hostname ".*\\.baidu\\.com"
        set url "^\\/s?\\?"
        set query "wd="
    next
    edit "baidu2"
        set hostname ".*\\.baidu\\.com"
        set url "^\\/(ns|q|m|i|v)\\?"
        set query "word="
    next
    edit "baidu3"
        set hostname "tieba\\.baidu\\.com"
        set url "^\\/f\\?"
        set query "kw="
    next
    edit "vimeo"
        set hostname ".*vimeo.*"
        set url "^\\/search\\?"
        set query "q="
        set safesearch header
    next
    edit "yt-scan-1"
        set url "www.youtube.com/user/"
        set safesearch yt-scan
    next
    edit "yt-scan-2"
        set url "www.youtube.com/youtubei/v1/browse"
        set safesearch yt-scan
    next
    edit "yt-scan-3"
        set url "www.youtube.com/youtubei/v1/player"
        set safesearch yt-scan
    next
    edit "yt-scan-4"
        set url "www.youtube.com/youtubei/v1/navigator"
        set safesearch yt-scan
    next
    edit "yt-channel"
        set url "www.youtube.com/channel"
        set safesearch yt-channel
    next
    edit "yt-pattern"
        set url "youtube.com/channel/"
        set safesearch yt-pattern
    next
    edit "twitter"
        set hostname "twitter\\.com"
        set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
        set query "variables="
        set safesearch translate
    next
    edit "google-translate-1"
        set hostname "translate\\.google\\..*"
        set url "^\\/translate"
        set query "u="
        set safesearch translate
    next
    edit "google-translate-2"
        set hostname ".*\\.translate\\.goog"
        set url "^\\/"
        set safesearch translate
    next
    edit "translate"
        set hostname "translate\\.google\\..*"
        set url "^\\/translate\\?"
        set query "u="
        set safesearch translate
    next
end
config emailfilter profile
    edit "sniffer-profile"
        set comment "Malware and phishing URL monitoring."
        config imap
        end
        config pop3
        end
        config smtp
        end
    next
    edit "default"
        set comment "Malware and phishing URL filtering."
        config imap
        end
        config pop3
        end
        config smtp
        end
    next
end
config report layout
    edit "default"
        set title "FortiGate System Analysis Report"
        set style-theme "default-report"
        set options include-table-of-content view-chart-as-heading
        config page
            set paper letter
            set page-break-before heading1
            config header
                config header-item
                    edit 1
                        set type image
                        set style "header-image"
                        set img-src "fortinet_logo_small.png"
                    next
                end
            end
            config footer
                config footer-item
                    edit 1
                        set style "footer-text"
                        set content "FortiGate ${schedule_type} Security Report - Host Name: ${hostname}"
                    next
                    edit 2
                        set style "footer-pageno"
                    next
                end
            end
        end
        config body-item
            edit 101
                set type image
                set style "report-cover1"
                set img-src "fortigate_log.png"
            next
            edit 103
                set style "report-cover2"
                set content "FortiGate ${schedule_type} Security Report"
            next
            edit 105
                set style "report-cover3"
                set content "Report Date: ${started_time}"
            next
            edit 107
                set style "report-cover3"
                set content "Data Range: ${report_data_range}  (${hostname})"
            next
            edit 109
                set style "report-cover3"
                set content "${vdom}"
            next
            edit 111
                set type image
                set style "report-cover4"
                set img-src "fortinet_logo_small.png"
            next
            edit 121
                set type misc
                set misc-component page-break
            next
            edit 301
                set text-component heading1
                set content "Bandwidth and Applications"
            next
            edit 311
                set type chart
                set chart "traffic.bandwidth.history_c"
            next
            edit 321
                set type chart
                set chart "traffic.sessions.history_c"
            next
            edit 331
                set type chart
                set chart "traffic.statistics"
            next
            edit 411
                set type chart
                set chart "traffic.bandwidth.apps_c"
            next
            edit 421
                set type chart
                set chart "traffic.bandwidth.cats_c"
            next
            edit 511
                set type chart
                set chart "traffic.bandwidth.users_c"
            next
            edit 521
                set type chart
                set chart "traffic.users.history.hour_c"
            next
            edit 611
                set type chart
                set chart "traffic.bandwidth.destinations_tab"
            next
            edit 1001
                set text-component heading1
                set content "Web Usage"
            next
            edit 1011
                set type chart
                set chart "web.allowed-request.sites_c"
            next
            edit 1021
                set type chart
                set chart "web.bandwidth.sites_c"
            next
            edit 1031
                set type chart
                set chart "web.blocked-request.sites_c"
            next
            edit 1041
                set type chart
                set chart "web.blocked-request.users_c"
            next
            edit 1051
                set type chart
                set chart "web.requests.users_c"
            next
            edit 1061
                set type chart
                set chart "web.bandwidth.users_c"
            next
            edit 1071
                set type chart
                set chart "web.bandwidth.stream-sites_c"
            next
            edit 1301
                set text-component heading1
                set content "Emails"
            next
            edit 1311
                set type chart
                set chart "email.request.senders_c"
            next
            edit 1321
                set type chart
                set chart "email.bandwidth.senders_c"
            next
            edit 1331
                set type chart
                set chart "email.request.recipients_c"
            next
            edit 1341
                set type chart
                set chart "email.bandwidth.recipients_c"
            next
            edit 1501
                set text-component heading1
                set content "Threats"
            next
            edit 1511
                set type chart
                set top-n 80
                set chart "virus.count.viruses_c"
            next
            edit 1531
                set type chart
                set top-n 80
                set chart "virus.count.users_c"
            next
            edit 1541
                set type chart
                set top-n 80
                set chart "virus.count.sources_c"
            next
            edit 1551
                set type chart
                set chart "virus.count.history_c"
            next
            edit 1561
                set type chart
                set top-n 80
                set chart "botnet.count_c"
            next
            edit 1571
                set type chart
                set top-n 80
                set chart "botnet.count.users_c"
            next
            edit 1581
                set type chart
                set top-n 80
                set chart "botnet.count.sources_c"
            next
            edit 1591
                set type chart
                set chart "botnet.count.history_c"
            next
            edit 1601
                set type chart
                set top-n 80
                set chart "attack.count.attacks_c"
            next
            edit 1611
                set type chart
                set top-n 80
                set chart "attack.count.victims_c"
            next
            edit 1621
                set type chart
                set top-n 80
                set chart "attack.count.source_bar_c"
            next
            edit 1631
                set type chart
                set chart "attack.count.blocked_attacks_c"
            next
            edit 1641
                set type chart
                set chart "attack.count.severity_c"
            next
            edit 1651
                set type chart
                set chart "attack.count.history_c"
            next
            edit 1701
                set text-component heading1
                set content "VPN Usage"
            next
            edit 1711
                set type chart
                set top-n 80
                set chart "vpn.bandwidth.static-tunnels_c"
            next
            edit 1721
                set type chart
                set top-n 80
                set chart "vpn.bandwidth.dynamic-tunnels_c"
            next
            edit 1731
                set type chart
                set top-n 80
                set chart "vpn.bandwidth.ssl-tunnel.users_c"
            next
            edit 1741
                set type chart
                set top-n 80
                set chart "vpn.bandwidth.ssl-web.users_c"
            next
            edit 1901
                set text-component heading1
                set content "Admin Login and System Events"
            next
            edit 1911
                set type chart
                set top-n 80
                set chart "event.login.summary_c"
            next
            edit 1931
                set type chart
                set top-n 80
                set chart "event.failed.login_c"
            next
            edit 1961
                set type chart
                set top-n 80
                set chart "event.system.group_events_c"
            next
        end
    next
end
config wanopt settings
    set host-id "default-id"
end
config wanopt profile
    edit "default"
        set comments "Default WANopt profile."
    next
end
config log memory setting
    set status enable
end
config log disk setting
    set status enable
end
config log null-device setting
    set status disable
end
config firewall schedule recurring
    edit "always"
        set day sunday monday tuesday wednesday thursday friday saturday
    next
    edit "none"
    next
    edit "default-darrp-optimize"
        set start 01:00
        set end 01:30
        set day sunday monday tuesday wednesday thursday friday saturday
    next
end
config firewall ssh local-key
    edit "Fortinet_SSH_RSA2048"
        set password ENC KEnTjVz2DsNX8GG32/ZZsgVttZOKaqHvlyeDxVAXAVduUetiyRrJ6AtXpYTsNvNUIDS6KYqEFAr5/wDK+AE/d4WLExSvc5d7k8op1qGPkxMfc0BAR/wJuDPNPIRphsTLYNnGw1InVkc7ett4V+dNRUk5bvhjelzPTR9WnyNBRqL6HOTo3xVBpqYyHSq6WjhNkcTeqw==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB703T625
w6986ELi4WPjM8AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQCuLO2I/1tV
NBRF3ve9Jzu6is6RC744IxWqocajB2a6QULFi6+2+TqnPA5IbROgfZoPwhDanL2c/DLnqa
Dz4p9IhSvhngLy6BGqxvM/IC+WkTR4OBfEt9fgfkYN2qaVvafp+6rau/E0RPw16+J9w1jL
tmrMF5ZKV3Nk32VVmar4dxK0CM4vLBE1TzX7++6hDpVWwDtf0ROoGMO3wP9xXecfJ6IKIG
8wcQX5E3fY2TWZGh4UeHTIH+Op2kE+D4Punb3JLKNVAtSdTRFnTr8Gg+eCwuEkMSEEfYqa
1wxU0hFi3TPPMoWa4PGVJG8JI3iRkC53BgquiZ2UaWJizgb57TSHAAADwIXrVB9CB3lYZY
KzYEqDQt/G3zlZAwoMwIXtzeTf8UIxlNWcdRK3BqtHs5SuSL3GXxZJFbjOwqEOBZiPN5bC
WcO1biwBKqnn5w6LYYwWvTNPSwR6gbb2T7IBULS4ljBD2zgKHALgvTeILKXxLGYBYB97fu
jomQEfpgjcECa+BGWklOPoXO4uahif2Ozcr52sMjGNKKRdT55kaNOMcNvkVPgg/pgTFda4
KOuZ9TOhz+TwrmDUg24p+QxnMh5VWjxqqTcguej4JXhzwbSkDtthto67ME5J4pQje588Cc
LNaGaSObeMg9JDzoAla3VWakMvAvBGntRGr2dM+YBkWNXdGKowZ1kL0TbimnI4r+9DTdUJ
iTUmShN/v8NsW/+LVYq1+cePVJatE1nBjbKdfxQW7HqLiV78mgIjEgv4T8Vt8XVFAQHOM9
VZ435Q+U3HVJyYMrxNXrjBQWMwcCwrGp1AQu/OlUFaIsy4/S8zx5r23k9LToCrdrMOcDtH
exm2luLbULrCG8ZOnapcT+EvjG5c9HwFL0v4FzbqIOpuwCFeQVolsUT9LutWds2xtlsOzB
+eaeM1fmOO7v33NNq3AsK8m7c1a0Mbv98imj0j24B7wtYE2CQRGQhuZL2L+GUCvFX0GYaO
tv3/DQ11ibZLUNwJzKCdGPsykV3/MYBfCYzusXAewoFiMIZUG60xf5kyvaEgmJMYqaPxy6
qZSZjDZxKpohXc26MxEGFndCz9uK/Hga93t4xvh3gifXB85rkg0e5NsR6K/yqSMb3QAl6l
S97QWUUREAbnu2FS9AwdTluY+MOZTQc84dtE2M0N826F5EyXIbBRfQMK7fBJQGzOFTl3sN
ZUyWJg18dC0Cg+of2xU4Pp2Ej+YLRj3FGmZveg8uvwLKRWTT9UHoYofsyAELkLti5RtPMO
DJa/i2zP1bWR5tS6AdnzaRuY+64MROWSsNHKy4sp5eWy8DOFqCxnzvNXeJjhTRNpVpCpCR
CQYpH+4hH1omCdu7rOarKPl5gVp+Tnf3KCXHJruPdzN5OJB6aZlEzRsXVMlfyAqzOiGTo+
+luHcRrjqp3an+F66IsBRVtUWEBRXMhCe6q4m9CBW0eclA9QK3nFDDeEM2rZiQrmoADXJj
kZLw+7NHuce485V6tiAJooLMMeIRRqsZu28eBqTxexgo9iCZ+8NRwgIVpq31aOYFUvSjQ8
c1+S/jKoEJi94XZWNzYBDFTHueHlnxJ7U0i33VGCqDMY/7zCyp3wMZdl5H+fLwWbJsCRaY
bDLQVeXw==
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuLO2I/1tVNBRF3ve9Jzu6is6RC744IxWqocajB2a6QULFi6+2+TqnPA5IbROgfZoPwhDanL2c/DLnqaDz4p9IhSvhngLy6BGqxvM/IC+WkTR4OBfEt9fgfkYN2qaVvafp+6rau/E0RPw16+J9w1jLtmrMF5ZKV3Nk32VVmar4dxK0CM4vLBE1TzX7++6hDpVWwDtf0ROoGMO3wP9xXecfJ6IKIG8wcQX5E3fY2TWZGh4UeHTIH+Op2kE+D4Punb3JLKNVAtSdTRFnTr8Gg+eCwuEkMSEEfYqa1wxU0hFi3TPPMoWa4PGVJG8JI3iRkC53BgquiZ2UaWJizgb57TSH"
        set source built-in
    next
    edit "Fortinet_SSH_DSA1024"
        set password ENC Mj06L0vkpdgh0KpJm79j3YrZcJ4inCwLtQgAUPywlVpEGHokc1hy9FQ7AdMB7A8kRZwtlEwiolUbUYDMCLRZbxhepybNiB5P9aA8NRFUbJ1z1zxCY7QiXZQQmKCXS3pGiPxUQq+JU8uV5L8kVXqX3IuepDbv1gNMWgZPxbmBmz8ZENrfiKpgjRYIwqjFsK4R9tLenA==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB6iG9T8a
a46ZGycVXGUl7/AAAAEAAAAAEAAAGxAAAAB3NzaC1kc3MAAACBAJBX0GgJmQfE2qASwOH+
Cod/PsPP1ALtl2Xn5CMwvZcbnluBHRZlQpHqnUI710FD9qu+10TCjgrrbdscG1yo0p5G0b
DK+fTpIipKVRtRgpkRGZhZmfRJlMzG946s7AkT+qZTBe6il6rfgPVZy8TAUP8FV6GMLAWy
siHueQCUNBiTAAAAFQC98rp6eqLTsdmxWFNVSyviQExw4wAAAIBqU6xn6tuTim1FvE7/Le
gwOmfC8t5rxMmM1s2bBiTdSrbFNf4/rJN20InXMDzyAiI6arYckV7hP/OVLhVGFrWAp2MG
MnJXl2hQ9J5aG1eOsF6ExZPnkV1PiDJ1aFgVMXarJ2RBLLwbtUp8yVbKo1OlKh9efOS8/5
MCbPR1vHXTsAAAAIAkRem+zI4n509wNj8tm034a99r5aH/OrdtzoedQ3u7J+5AKC9O7tTR
J7hWPMPevKbpU2Rp+Uc/LTss5bmpztrca7WoEE9OPeLEFhpUPpIb7WkSkJySamYmU7L3lz
BYbv/kNySbL89ituluAGTcqkXA21+blkAWXLBmJ+0k0JfAOAAAAeAVDgLs/hdIIJT8lqjS
D9I7bt5FyA+3MZRMwCvmgYnMYgV6t9Shtjfo8pBvLoO8jO9vRVjTUZQsy4G7fi1QX3GMKi
2udA4yCXGcb8ekUZagYphr+jvHsCVzVmswyACkP0E/Vaw2rLOMZeopXmV0x2iGfoR+w1ZS
nvmeKkRjv7SUkAOVNC5tswbdxUJHxCDNqBFIjTFMAxvCrHVbNHcYzuSKgj0LKzmzKR9Hxy
15DrCxIGbxjZDglD6uoKY6TtUUmtqWGvQZnA3BLEcppHH3yx43QWYpBaxrgWVaDo/3tH8F
uI5WuYZv8LVhTUsvQJyN3BzZ19MFjy88rzLmvHw/3oThw2syujtDsbWsj3NVDUcyzaVnR1
3/ezZ46jnk4Wo3Oouapnh9QU5O4uw32FdbDVIQS5UGF4qqXJqKhSHpB/JQJKxRZSmIHv0F
ub/2DaCOXuQDiOu/MqPx866kgTSXOtk0pwl0M8SDuGDoqOTyHFRiK8yuSSjz8TZvf9jcNT
zCUtuAypmW+gruXD1kk2KrqNMQgFXXzCqx91HiUbHuGCCf+YVLQj8QhYXu79SFPA3cATgm
26QgFUoLh6ONcPlnLkBVZ4vMi68Oik950Yv0cZfuLodQge6iKokV2a5vRgEHWIo=
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAJBX0GgJmQfE2qASwOH+Cod/PsPP1ALtl2Xn5CMwvZcbnluBHRZlQpHqnUI710FD9qu+10TCjgrrbdscG1yo0p5G0bDK+fTpIipKVRtRgpkRGZhZmfRJlMzG946s7AkT+qZTBe6il6rfgPVZy8TAUP8FV6GMLAWysiHueQCUNBiTAAAAFQC98rp6eqLTsdmxWFNVSyviQExw4wAAAIBqU6xn6tuTim1FvE7/LegwOmfC8t5rxMmM1s2bBiTdSrbFNf4/rJN20InXMDzyAiI6arYckV7hP/OVLhVGFrWAp2MGMnJXl2hQ9J5aG1eOsF6ExZPnkV1PiDJ1aFgVMXarJ2RBLLwbtUp8yVbKo1OlKh9efOS8/5MCbPR1vHXTsAAAAIAkRem+zI4n509wNj8tm034a99r5aH/OrdtzoedQ3u7J+5AKC9O7tTRJ7hWPMPevKbpU2Rp+Uc/LTss5bmpztrca7WoEE9OPeLEFhpUPpIb7WkSkJySamYmU7L3lzBYbv/kNySbL89ituluAGTcqkXA21+blkAWXLBmJ+0k0JfAOA=="
        set source built-in
    next
    edit "Fortinet_SSH_ECDSA256"
        set password ENC yhF0gLJbLUg0IkS8nFxCOa5z2rdkxz9jriTiikOS5uBOAxylHpskCVZOjw1fc1f4+GVKoQy58KwSSSS3CxtQcHPn1btrT7bSYmabXWgvZyI2xQxq0jGXww+J3cfk6aGgKcl80SpRe2qMKGwDRgurwb8WlKSyfVMcfr15Ta6NhpIIj4wPV0Bde25x5S3QfIxxOsVSJw==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAeXPl+K2
R7vUiat93LR5D/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBEToKoNtXMVfw/y377VMPU+Q7uDdu9TISs0aSQCz64saY3i2zwC2k8fjo6
Tik1pZXOtQsdS4keNrlmEJY/ddqdkAAACgm+J2d33DGWQ8LyPnBl0FqTiw0S2VfpRBqNrD
nhVDkrle4JxfruD+P5Y1MeZyJSDrpJJN+NR36rOQED9IgEfo0QAc+KAdhErakVGMVe7Hix
P2rd4Jm8L1lxEnjvxRHdcFfjGqcJTGGCvBBN0tYxkF+pnqKBLR8mEHiVaPpfMACIla2Joa
WQFRjBywUIc1j8BEvL3+PJ4vDqRlc6O8YPeH8g==
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEToKoNtXMVfw/y377VMPU+Q7uDdu9TISs0aSQCz64saY3i2zwC2k8fjo6Tik1pZXOtQsdS4keNrlmEJY/ddqdk="
        set source built-in
    next
    edit "Fortinet_SSH_ECDSA384"
        set password ENC 5DLkOCwuBKDVz0/idLUNYZXMw5AOsuiplgvvnOoC5jU+4OqBMK9xqWsGfZeWH7DIgOdyWKjVHTnjfmIGO2CCeGn/REjPxwti1nl6ApBIejySX773jc1kkV5CaMzWVmdDScJA/bv3Ml+1EWM/sRIcJXk8gp6vqvOQZskCjo/JKy6LhGI7KY84lrjWtmL5U7icYB9fEw==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB6WyNDnK
3Qd3+71PskjdtfAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBMfKsrO9fbzVLYEYP9u9hbAXw7GhoSTbAliH//TRWMV+0b4C6SyGbpiO+M
w7N0FyaDvZz1+3dKniIVgipJ81lW8rUoKq8zcsxSEMB87S6v7zL5ySBNQtIJjNKDvLwYZA
RwAAANDa1wnu9CShCQgiVe/HcTnEnwnpbTlW8FSJLCrkzh2p5iFuIXTmZlxHkLA2GVwez1
dWIPkI583/nbdMn8nOKZs9AJTiUwpdIO7GwuthJ5cFwmPywEuauQWE/u9S8Q9IBXzy8jZG
lnqERLwPM8SwCb3ZKohxeAicb21K5yYGM7pkgB9wjl5Wdzko2MO+OLds55LuZa1o3eTn+u
nrBhEkBHh3LS7rcYJCRJLczvIZfXpcpOMz3Gd3VyeoMzJKTvKDY6QVp0p3X8SS0XGqys0E
qtci
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBMfKsrO9fbzVLYEYP9u9hbAXw7GhoSTbAliH//TRWMV+0b4C6SyGbpiO+Mw7N0FyaDvZz1+3dKniIVgipJ81lW8rUoKq8zcsxSEMB87S6v7zL5ySBNQtIJjNKDvLwYZARw=="
        set source built-in
    next
    edit "Fortinet_SSH_ECDSA521"
        set password ENC FdAXKeBab80FlYRi7X2mQrS6d+uq+c2CMgcI/vZwvFklTxfmuMda8EH/7ErHUcFmC3PUCpYUME3HF+RZojK3uyttR92vmtqwO4C5LhVXZgOFB0T3UVAu4lY6secJAUYVFt3NeEGwHyTaH9LWscgHoX3zeBccDmwjD4uXXYOxlvikntI1OFCMTnWyfVJBDrX5FyasPw==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAiCukpRD
mxSM5HRmw3vtbxAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBAEalGPIktj21oJelUHppZUo+mEpazzpTKykWZDJD4vBbFri13+Qzq+zYc
0MCYXMmqD8rclNVTte+96wmu+VSIUkrABl1tDRdlUWqeePZyhRSVZRyoddXqLqHAT+eWgp
vs4241oaTE//Z4vVDxNFI5zq1jK1kSeZwCKbbEpLQZyntzZWjgAAAQCzU5GXxtxwIQxIJj
MX51TzdlyMTgjm+wY2xRVn8iIAYVc8txem6nBUoCvIy5ck4mP2CycdtJ8F3/+SyRirfdc1
Jt5uTLQbZDS/8tY/RNu9QFN2eCtEed9LWONTMRzKaW3J+++ub28rB2wzfuTv9tPAEI3g0s
8I+G0SzOLN2CsVwGB6lhLJQLi6+ksTumL6paSjOHvwKrsWtNnnqMbUbs4Zox2VgxGe9ntf
yI+u59PpTfo2Zh5S0Vc1CxeHN4xgnhSU8bG3LFgI769t/sWKsc9xe8UGdxI7xh0heVxU8x
TzYqjfD8VkVxKXgEdVB10ukXw4OWi5OdYdN6Je4eo2fMmN
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAEalGPIktj21oJelUHppZUo+mEpazzpTKykWZDJD4vBbFri13+Qzq+zYc0MCYXMmqD8rclNVTte+96wmu+VSIUkrABl1tDRdlUWqeePZyhRSVZRyoddXqLqHAT+eWgpvs4241oaTE//Z4vVDxNFI5zq1jK1kSeZwCKbbEpLQZyntzZWjg=="
        set source built-in
    next
    edit "Fortinet_SSH_ED25519"
        set password ENC TxS7oNxw0s6Vv3DbCEpzu+0sdLbWP1rVk+gTOzSzfp1hsSJWiSSshbYGT5hs6H+967sVTcpsURDX5m+pgPeyJ+fINg+cOxQCH18gISO99SqMH0DlRidlBlK7Lb/pp6tXa9zoLqC2luO1tfMWvXvbOFbfgW840MD51dVzSSmGAEULBdTIJo96KuEmZM1RLWkFqVunzA==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCQtRpatO
5e73GCriBTvpBEAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIAl4FFs3Ly0gK1qy
brvfd9Lc4/PFv8TkL0iM8eDsOu71AAAAkBIsE4njc9hLM5uGuo56RFKuAgyxzahtQ16Tbo
mF4WhgATkLX5ZmfVeVjOp2+Op8MuXIbXP+dcHjSz50iI/7AhN4eYanuxrlj5kNBdjJwdCq
G/u6b+OONguExkmDE/73r932fLdiAs0U2C+lzW47n0ryioH+6A6YA5uNQ3t+RIYCeTdDsx
Knxzr3ePSzdLrPkw==
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAl4FFs3Ly0gK1qybrvfd9Lc4/PFv8TkL0iM8eDsOu71"
        set source built-in
    next
end
config firewall ssh local-ca
    edit "Fortinet_SSH_CA"
        set password ENC H1i1brhfINo4+wWOts4487DLwYDbDBmMNO8q5n+cg0yJ6WnQKYAyxK1rcmL0HwrAQPKyOkHV4y56Ni5kK5Cy1PminvN8VJH0zC/VEs6eQ3FbRVgKbaOjuA2nJjj7Bu+oPbdaiFyYq/tqnWabXS+c4TPsolDiU7jKbuGvoFnRyBrJsCGrGYKg2XqHRrzvVYAWI2ejkg==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBJ/lf7nf
vHT9kEIEQSxAUBAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDztuoYE39b
VLJUFOPRN5HA25Ph+JEVSWJ2GbTIZ15mhjHApGgIvr2/9SbMJ+4ADy8B+jjQSyRvdck15t
FmJwUhJLHYh16soJ0VZg2M9lN8tmC1Iz0jBrHlKUsWnzu2d3r8lXm4A6R/NQTkSRB6vMwZ
ztDSiQM/spgQs/ekmlZNjNTgmxDrmbyVnIM+ZxicizuM+t98nK85ytDC+kukAVZAS0CbWw
PZZeN+3kM/dT1I648xo5jGV5C3P3xUDBseTbjdgIVRpdppvwIQ+nrN68N/D57jnBtI4iTM
leTNtlqlEShIbf50bE1egScK+LqspFYaVzxzsxpRFKmed9HqKVjzAAADwI4/V6d7BG93xU
DaDBF/ry7Y+aU2dQb7IAaXCya9CaFy7FH4wA0fmvyVgs/FuPEh1uvo2wkQExLlIrXj7q0b
9Bme2Rz1Xdcu5zKcnE6+m4jNALCtfHh2T4bDXpevfaup9H3j8e/+37W1fYoFJPEMAjBCbO
dNqVh3jSdmZb9Q509aIT2/I5p7OLmpQqULPsl94y41HApsxZyPBwvEnzUhLyKaycP+hu3o
4csRbwbysSgtBRXSWdly9CmAgkYms/uiYSuQYAD/nx55Hz5JsD2HRByyBooBhqwuxbOgvG
4zE/Pinfwi91Ii0SxDDxbxDRu23KRLbIioWOQb2LhujxfWh9oeFqWfb3cLYVGP3/Vijqnf
1/c9QUNWqIIzSNDfawHv43pMbgoLZ1yc1tkAlAM3SiWeGBJI7Bvwt4FgFGyuCDKM+oF/XN
Xx+I9T3Ai14x6xEqFHNv0/OGyBv29W6iroKVdriyFct9Hi9gLCZpVBt1ebsseDXj2ALKML
5XKP/6I1jRuMisz8mJOzX3hRPEBDsnviyDC8qga2zhIAR2OeDCsKlHJOzgHvYpvwG/tZUA
L37j8+hjcx32urcplR4n5wwdQoWAmRwlAIk6yuGJiA0wwnn1kUe6mrbBQ7dV9b84xCZqGh
vMxONOJubhmWrLgxc6qwU32+Ob4TXyvLq1+Dykn92UKOd3YRy6P4I0y9hkCv1v05z5O7Ug
0FtQXMSfF8ceqboYfE38f4CSfSCwYKocJv1C8FLKUfs+gd2wtNPdF/5iKXkkfj+l4p7dmF
ovT36DZwA+LjbjxodFTrhOdVYooL1YQQGYYjpK97M1ohQVL5ywI/OpoNN0MdbZKOncR12O
GI5XJ2OmzVoXl8AzbwnfFypXezfwQLd8VJ9IfxTlUf8qu5LMWhLnqEYtQy7ebtMWXBB6CW
85UYm4IxhtxhmmM4h1GuR2wM6FPrG514f/1rz5YxL2ftaLNFuqEXQNCaf0iVa2bqoGtaKt
cjYyzHpzYaSnpz14TIKNR0A3E8wshQKFjKmsrwyF8dt3suZAnQ0S9s4ANIzdgWStqbS2pB
P1hcPI9y5SaDVlbmy0k+2/KLdK2jsvDCra6wSl5u28SiKoUxRkWjySc0Y2vkifieejq09S
3F91CrJKBtkHteIwfMhtDh2kBP15t/HnAQ7WudjE6xxXviIMsEvi/IWljRw8HY2hfCX1OO
5NdSOSXKPxv2IaZ5XYnE4DCmMIivJHvBYiXCME+wg9AfkWDzeXHTADfT8HaJtej6nfRV5D
lpuvlOfQ==
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDztuoYE39bVLJUFOPRN5HA25Ph+JEVSWJ2GbTIZ15mhjHApGgIvr2/9SbMJ+4ADy8B+jjQSyRvdck15tFmJwUhJLHYh16soJ0VZg2M9lN8tmC1Iz0jBrHlKUsWnzu2d3r8lXm4A6R/NQTkSRB6vMwZztDSiQM/spgQs/ekmlZNjNTgmxDrmbyVnIM+ZxicizuM+t98nK85ytDC+kukAVZAS0CbWwPZZeN+3kM/dT1I648xo5jGV5C3P3xUDBseTbjdgIVRpdppvwIQ+nrN68N/D57jnBtI4iTMleTNtlqlEShIbf50bE1egScK+LqspFYaVzxzsxpRFKmed9HqKVjz"
        set source built-in
    next
    edit "Fortinet_SSH_CA_Untrusted"
        set password ENC k8nmDO1U5i8cNT2xwkA365/37ixoidNn7/oyHf2xTgAa9kwAmAliyE/Msd9iVD336TV15Rxlj/qknIUlCgHx3l6QrlXLa+10wksWVnDXD9taqHLg2PqOeKj3auiAgCYKlM0mOf78xqgDj/AVIkWhWyF78NWC/Bmdb+B2brt1lZQ8YW1zmYqSRq0RxDzAZPAfXskCDA==
        set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABC6xlxwcd
nRxQooRSH137VsAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC/6ujOl9Dx
UyvCjutsienSJ5/5d5x0rA7QXayrk9oV3s3Q6CTjdXgvTowX9cRCKpHqCGu7iGgXHPLqsr
YBNEgifWLoYyzyUk/e2VgfAaqfynj4b2QVbKmeDNWfFZjjOIqcWWuRm/LxS1JNCMhAE/cv
6jsqWromFCRmUwnWWqIjRbfj4xymplnsCIXbdNPRXdw06sYmYMujikZ5KR+xttZYcFLo8q
zVu2c+iu7HBQ+QXcxS+DVsNzgMgqoV4zC5V9Ny0q24jf/bgTP/OEPZ0fyRdMP9uNjWoQkH
u4SFRZiWZDnsiwbwTdqVtafyFzoXtjymNUFG7dW1hqxkHY8fyWHNAAADwDPC/jY8CpMWtB
Nx+vNvgE4qrgmjyceaRNivLeTWma1fZsmClURJOJ8iEDZg55gzjZlfWZvQA2u96RkIkpxT
UEZPBrvoA7po/w2XUFOSWF/VIGaRpc4Wv1VgZbOW0kwmFfHJKXey8Ukmsc3GQGfS6KloLl
6P5fxLpxCnLGyILP4Uh/l9ITp+czU3Ck/hN6F5iJvJhWm2bS8wZyIY29K/qCV2/83kvBXI
/9wuCGfPyP0C1QP/ib+SRWqdFIuq/aUQlcIneJmFS9uAThnuOG+z26IL0WdeZfpeZ1g8v3
MfXvkDdXcBkc3q9sq84vUrHbkaace/HYrXoOXPZNibpGLoOVTzPoENgTMV7GsGMvlIj/Go
vDyG4MWYn6BQFR+oQWZfmaR2ds1xziSl5c/17ZnHRqwvPbzX9wsUqqwLALXQor+/w0TZSy
9ePexPNG89675Z2VKa7BgzXCUz0Vis8RFkQiInOeG7oDUS/xCGEeqicojuby9RY+x5Je5M
/GMoYHuPBA11EtSALYiicyddaT3A2kx4L1OmdxXBVQtcwdh32XlVouEZPEfbVKOmp9xxge
7V5GSS5NFcpB0Aem01p0UYgCsB4/UUeWPRsb3HNg+0ie+3GtPpN9rkVzLy8vYyuI2nv5Cg
wro/40zwTCU0M0obYnIciP06q6K6+LcsGhKCbi3TR8ZAQCWtl5ElQBbq4yjBWmjl5zaBsz
HZhTWyACsR6UoeE5LGh5m6zDsX0jaPnGMKIhrHVX6eGXazDX4J5y9o7F2PxF46tKbvYsAZ
FuS8ZDKSTx4QGb0uEpOM+WOmQg9vT638UxTiOVjWGoAR4rzBAH0IR4EwHhbFo+h7liaBG1
kGLrOc1yKjtM9Hdu1uUP4Pty8BfFUhycKLu7evs6OE02dWW2xZG8HboXaM553wwFjOYXlw
Smh/FD9uBEnK5n+D5Q9nS4d92LgRacotoJXZTfDH6sfSrMLn7YwYrPWhc+GK/CxkbMgE/V
398tr7ND2v7dh8hiQhgSZNl/qDa1q+upmtooHszkZjSwnIS2CusvIhFGq29Ob87e3mp2BL
gV74/cOd8pq5imkkS6X1omNIuuGwWQE4uYr9ubLpoeTUxe8fApAKNnyAj8TeQtcFk1av0X
RrAvhCn3LZK+iGaQYahoazxEFJD9gm5H+sMw+XCLT8ewSWJ2/HcukKrD4rBuC0H69l6xg+
UpGFt5EQqnlTxtBZBC1srH8yAwyoClCdW+vk4J8ych30FkORXhiE1N1pUAizNCsqZYGMRd
WmR/f5hQ==
-----END OPENSSH PRIVATE KEY-----
"
        set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/6ujOl9DxUyvCjutsienSJ5/5d5x0rA7QXayrk9oV3s3Q6CTjdXgvTowX9cRCKpHqCGu7iGgXHPLqsrYBNEgifWLoYyzyUk/e2VgfAaqfynj4b2QVbKmeDNWfFZjjOIqcWWuRm/LxS1JNCMhAE/cv6jsqWromFCRmUwnWWqIjRbfj4xymplnsCIXbdNPRXdw06sYmYMujikZ5KR+xttZYcFLo8qzVu2c+iu7HBQ+QXcxS+DVsNzgMgqoV4zC5V9Ny0q24jf/bgTP/OEPZ0fyRdMP9uNjWoQkHu4SFRZiWZDnsiwbwTdqVtafyFzoXtjymNUFG7dW1hqxkHY8fyWHN"
        set source built-in
    next
end
config firewall ssh setting
    set caname "Fortinet_SSH_CA"
    set untrusted-caname "Fortinet_SSH_CA_Untrusted"
    set hostkey-rsa2048 "Fortinet_SSH_RSA2048"
    set hostkey-dsa1024 "Fortinet_SSH_DSA1024"
    set hostkey-ecdsa256 "Fortinet_SSH_ECDSA256"
    set hostkey-ecdsa384 "Fortinet_SSH_ECDSA384"
    set hostkey-ecdsa521 "Fortinet_SSH_ECDSA521"
    set hostkey-ed25519 "Fortinet_SSH_ED25519"
end
config firewall profile-protocol-options
    edit "default"
        set comment "All default services."
        config http
            set ports 80
            unset options
            unset post-lang
        end
        config ftp
            set ports 21
            set options splice
        end
        config imap
            set ports 143
            set options fragmail
        end
        config mapi
            set ports 135
            set options fragmail
        end
        config pop3
            set ports 110
            set options fragmail
        end
        config smtp
            set ports 25
            set options fragmail splice
        end
        config nntp
            set ports 119
            set options splice
        end
        config ssh
            unset options
        end
        config dns
            set ports 53
        end
        config cifs
            set ports 445
            unset options
        end
    next
end
config firewall ssl-ssh-profile
    edit "deep-inspection"
        set comment "Read-only deep inspection profile."
        config https
            set ports 443
            set status deep-inspection
        end
        config ftps
            set ports 990
            set status deep-inspection
        end
        config imaps
            set ports 993
            set status deep-inspection
        end
        config pop3s
            set ports 995
            set status deep-inspection
        end
        config smtps
            set ports 465
            set status deep-inspection
        end
        config ssh
            set ports 22
            set status disable
        end
        config dot
            set status disable
        end
        config ssl-exempt
            edit 1
                set fortiguard-category 31
            next
            edit 2
                set fortiguard-category 33
            next
            edit 3
                set type wildcard-fqdn
                set wildcard-fqdn "adobe"
            next
            edit 4
                set type wildcard-fqdn
                set wildcard-fqdn "Adobe Login"
            next
            edit 5
                set type wildcard-fqdn
                set wildcard-fqdn "android"
            next
            edit 6
                set type wildcard-fqdn
                set wildcard-fqdn "apple"
            next
            edit 7
                set type wildcard-fqdn
                set wildcard-fqdn "appstore"
            next
            edit 8
                set type wildcard-fqdn
                set wildcard-fqdn "auth.gfx.ms"
            next
            edit 9
                set type wildcard-fqdn
                set wildcard-fqdn "citrix"
            next
            edit 10
                set type wildcard-fqdn
                set wildcard-fqdn "dropbox.com"
            next
            edit 11
                set type wildcard-fqdn
                set wildcard-fqdn "eease"
            next
            edit 12
                set type wildcard-fqdn
                set wildcard-fqdn "firefox update server"
            next
            edit 13
                set type wildcard-fqdn
                set wildcard-fqdn "fortinet"
            next
            edit 14
                set type wildcard-fqdn
                set wildcard-fqdn "googleapis.com"
            next
            edit 15
                set type wildcard-fqdn
                set wildcard-fqdn "google-drive"
            next
            edit 16
                set type wildcard-fqdn
                set wildcard-fqdn "google-play2"
            next
            edit 17
                set type wildcard-fqdn
                set wildcard-fqdn "google-play3"
            next
            edit 18
                set type wildcard-fqdn
                set wildcard-fqdn "Gotomeeting"
            next
            edit 19
                set type wildcard-fqdn
                set wildcard-fqdn "icloud"
            next
            edit 20
                set type wildcard-fqdn
                set wildcard-fqdn "itunes"
            next
            edit 21
                set type wildcard-fqdn
                set wildcard-fqdn "microsoft"
            next
            edit 22
                set type wildcard-fqdn
                set wildcard-fqdn "skype"
            next
            edit 23
                set type wildcard-fqdn
                set wildcard-fqdn "softwareupdate.vmware.com"
            next
            edit 24
                set type wildcard-fqdn
                set wildcard-fqdn "verisign"
            next
            edit 25
                set type wildcard-fqdn
                set wildcard-fqdn "Windows update 2"
            next
            edit 26
                set type wildcard-fqdn
                set wildcard-fqdn "live.com"
            next
            edit 27
                set type wildcard-fqdn
                set wildcard-fqdn "google-play"
            next
            edit 28
                set type wildcard-fqdn
                set wildcard-fqdn "update.microsoft.com"
            next
            edit 29
                set type wildcard-fqdn
                set wildcard-fqdn "swscan.apple.com"
            next
            edit 30
                set type wildcard-fqdn
                set wildcard-fqdn "autoupdate.opera.com"
            next
            edit 31
                set type wildcard-fqdn
                set wildcard-fqdn "cdn-apple"
            next
            edit 32
                set type wildcard-fqdn
                set wildcard-fqdn "mzstatic-apple"
            next
        end
    next
    edit "custom-deep-inspection"
        set comment "Customizable deep inspection profile."
        config https
            set ports 443
            set status deep-inspection
        end
        config ftps
            set ports 990
            set status deep-inspection
        end
        config imaps
            set ports 993
            set status deep-inspection
        end
        config pop3s
            set ports 995
            set status deep-inspection
        end
        config smtps
            set ports 465
            set status deep-inspection
        end
        config ssh
            set ports 22
            set status disable
        end
        config dot
            set status disable
        end
        config ssl-exempt
            edit 1
                set fortiguard-category 31
            next
            edit 2
                set fortiguard-category 33
            next
            edit 3
                set type wildcard-fqdn
                set wildcard-fqdn "adobe"
            next
            edit 4
                set type wildcard-fqdn
                set wildcard-fqdn "Adobe Login"
            next
            edit 5
                set type wildcard-fqdn
                set wildcard-fqdn "android"
            next
            edit 6
                set type wildcard-fqdn
                set wildcard-fqdn "apple"
            next
            edit 7
                set type wildcard-fqdn
                set wildcard-fqdn "appstore"
            next
            edit 8
                set type wildcard-fqdn
                set wildcard-fqdn "auth.gfx.ms"
            next
            edit 9
                set type wildcard-fqdn
                set wildcard-fqdn "citrix"
            next
            edit 10
                set type wildcard-fqdn
                set wildcard-fqdn "dropbox.com"
            next
            edit 11
                set type wildcard-fqdn
                set wildcard-fqdn "eease"
            next
            edit 12
                set type wildcard-fqdn
                set wildcard-fqdn "firefox update server"
            next
            edit 13
                set type wildcard-fqdn
                set wildcard-fqdn "fortinet"
            next
            edit 14
                set type wildcard-fqdn
                set wildcard-fqdn "googleapis.com"
            next
            edit 15
                set type wildcard-fqdn
                set wildcard-fqdn "google-drive"
            next
            edit 16
                set type wildcard-fqdn
                set wildcard-fqdn "google-play2"
            next
            edit 17
                set type wildcard-fqdn
                set wildcard-fqdn "google-play3"
            next
            edit 18
                set type wildcard-fqdn
                set wildcard-fqdn "Gotomeeting"
            next
            edit 19
                set type wildcard-fqdn
                set wildcard-fqdn "icloud"
            next
            edit 20
                set type wildcard-fqdn
                set wildcard-fqdn "itunes"
            next
            edit 21
                set type wildcard-fqdn
                set wildcard-fqdn "microsoft"
            next
            edit 22
                set type wildcard-fqdn
                set wildcard-fqdn "skype"
            next
            edit 23
                set type wildcard-fqdn
                set wildcard-fqdn "softwareupdate.vmware.com"
            next
            edit 24
                set type wildcard-fqdn
                set wildcard-fqdn "verisign"
            next
            edit 25
                set type wildcard-fqdn
                set wildcard-fqdn "Windows update 2"
            next
            edit 26
                set type wildcard-fqdn
                set wildcard-fqdn "live.com"
            next
            edit 27
                set type wildcard-fqdn
                set wildcard-fqdn "google-play"
            next
            edit 28
                set type wildcard-fqdn
                set wildcard-fqdn "update.microsoft.com"
            next
            edit 29
                set type wildcard-fqdn
                set wildcard-fqdn "swscan.apple.com"
            next
            edit 30
                set type wildcard-fqdn
                set wildcard-fqdn "autoupdate.opera.com"
            next
            edit 31
                set type wildcard-fqdn
                set wildcard-fqdn "cdn-apple"
            next
            edit 32
                set type wildcard-fqdn
                set wildcard-fqdn "mzstatic-apple"
            next
        end
    next
    edit "no-inspection"
        set comment "Read-only profile that does no inspection."
        config https
            set status disable
        end
        config ftps
            set status disable
        end
        config imaps
            set status disable
        end
        config pop3s
            set status disable
        end
        config smtps
            set status disable
        end
        config ssh
            set ports 22
            set status disable
        end
        config dot
            set status disable
        end
    next
    edit "certificate-inspection"
        set comment "Read-only SSL handshake inspection profile."
        config https
            set ports 443
            set status certificate-inspection
        end
        config ftps
            set status disable
        end
        config imaps
            set status disable
        end
        config pop3s
            set status disable
        end
        config smtps
            set status disable
        end
        config ssh
            set ports 22
            set status disable
        end
        config dot
            set status disable
        end
    next
end
config waf profile
    edit "default"
        config signature
            config main-class 100000000
                set action block
                set severity high
            end
            config main-class 20000000
            end
            config main-class 30000000
                set status enable
                set action block
                set severity high
            end
            config main-class 40000000
            end
            config main-class 50000000
                set status enable
                set action block
                set severity high
            end
            config main-class 60000000
            end
            config main-class 70000000
                set status enable
                set action block
                set severity high
            end
            config main-class 80000000
                set status enable
                set severity low
            end
            config main-class 110000000
                set status enable
                set severity high
            end
            config main-class 90000000
                set status enable
                set action block
                set severity high
            end
            set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
        end
        config constraint
            config header-length
                set status enable
                set log enable
                set severity low
            end
            config content-length
                set status enable
                set log enable
                set severity low
            end
            config param-length
                set status enable
                set log enable
                set severity low
            end
            config line-length
                set status enable
                set log enable
                set severity low
            end
            config url-param-length
                set status enable
                set log enable
                set severity low
            end
            config version
                set log enable
            end
            config method
                set action block
                set log enable
            end
            config hostname
                set action block
                set log enable
            end
            config malformed
                set log enable
            end
            config max-cookie
                set status enable
                set log enable
                set severity low
            end
            config max-header-line
                set status enable
                set log enable
                set severity low
            end
            config max-url-param
                set status enable
                set log enable
                set severity low
            end
            config max-range-segment
                set status enable
                set log enable
                set severity high
            end
        end
    next
end
config switch-controller security-policy 802-1X
    edit "802-1X-policy-default"
        set user-group "SSO_Guest_Users"
        set mac-auth-bypass disable
        set open-auth disable
        set eap-passthru enable
        set eap-auto-untagged-vlans enable
        set guest-vlan disable
        set auth-fail-vlan disable
        set framevid-apply enable
        set radius-timeout-overwrite disable
        set authserver-timeout-vlan disable
    next
end
config switch-controller security-policy local-access
    edit "default"
        set mgmt-allowaccess https ping ssh
        set internal-allowaccess https ping ssh
    next
end
config switch-controller lldp-profile
    edit "default"
        set med-tlvs inventory-management network-policy location-identification
        set auto-isl disable
        config med-network-policy
            edit "voice"
            next
            edit "voice-signaling"
            next
            edit "guest-voice"
            next
            edit "guest-voice-signaling"
            next
            edit "softphone-voice"
            next
            edit "video-conferencing"
            next
            edit "streaming-video"
            next
            edit "video-signaling"
            next
        end
        config med-location-service
            edit "coordinates"
            next
            edit "address-civic"
            next
            edit "elin-number"
            next
        end
    next
    edit "default-auto-isl"
    next
    edit "default-auto-mclag-icl"
        set auto-mclag-icl enable
    next
end
config switch-controller qos dot1p-map
    edit "voice-dot1p"
        set priority-0 queue-4
        set priority-1 queue-4
        set priority-2 queue-3
        set priority-3 queue-2
        set priority-4 queue-3
        set priority-5 queue-1
        set priority-6 queue-2
        set priority-7 queue-2
    next
end
config switch-controller qos ip-dscp-map
    edit "voice-dscp"
        config map
            edit "1"
                set cos-queue 1
                set value 46
            next
            edit "2"
                set cos-queue 2
                set value 24,26,48,56
            next
            edit "5"
                set cos-queue 3
                set value 34
            next
        end
    next
end
config switch-controller qos queue-policy
    edit "default"
        set schedule round-robin
        set rate-by kbps
        config cos-queue
            edit "queue-0"
            next
            edit "queue-1"
            next
            edit "queue-2"
            next
            edit "queue-3"
            next
            edit "queue-4"
            next
            edit "queue-5"
            next
            edit "queue-6"
            next
            edit "queue-7"
            next
        end
    next
    edit "voice-egress"
        set schedule weighted
        set rate-by kbps
        config cos-queue
            edit "queue-0"
            next
            edit "queue-1"
                set weight 0
            next
            edit "queue-2"
                set weight 6
            next
            edit "queue-3"
                set weight 37
            next
            edit "queue-4"
                set weight 12
            next
            edit "queue-5"
            next
            edit "queue-6"
            next
            edit "queue-7"
            next
        end
    next
end
config switch-controller qos qos-policy
    edit "default"
    next
    edit "voice-qos"
        set trust-dot1p-map "voice-dot1p"
        set trust-ip-dscp-map "voice-dscp"
        set queue-policy "voice-egress"
    next
end
config switch-controller storm-control-policy
    edit "default"
        set description "default storm control on all port"
    next
    edit "auto-config"
        set description "storm control policy for fortilink-isl-icl port"
        set storm-control-mode disabled
    next
end
config switch-controller auto-config policy
    edit "default"
    next
    edit "default-icl"
        set poe-status disable
        set igmp-flood-report enable
        set igmp-flood-traffic enable
    next
end
config switch-controller initial-config template
    edit "_default"
        set vlanid 1
    next
    edit "quarantine"
        set vlanid 4093
        set dhcp-server enable
    next
    edit "rspan"
        set vlanid 4092
        set dhcp-server enable
    next
    edit "voice"
        set vlanid 4091
    next
    edit "video"
        set vlanid 4090
    next
    edit "onboarding"
        set vlanid 4089
    next
    edit "nac_segment"
        set vlanid 4088
        set dhcp-server enable
    next
end
config switch-controller switch-profile
    edit "default"
    next
end
config switch-controller ptp settings
    set mode disable
end
config switch-controller ptp policy
    edit "default"
        set status enable
    next
end
config switch-controller remote-log
    edit "syslogd"
    next
    edit "syslogd2"
    next
end
config wireless-controller setting
    set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller arrp-profile
    edit "arrp-default"
    next
end
config wireless-controller wids-profile
    edit "default"
        set comment "Default WIDS profile."
        set ap-scan enable
        set wireless-bridge enable
        set deauth-broadcast enable
        set null-ssid-probe-resp enable
        set long-duration-attack enable
        set invalid-mac-oui enable
        set weak-wep-iv enable
        set auth-frame-flood enable
        set assoc-frame-flood enable
        set spoofed-deauth enable
        set asleap-attack enable
        set eapol-start-flood enable
        set eapol-logoff-flood enable
        set eapol-succ-flood enable
        set eapol-fail-flood enable
        set eapol-pre-succ-flood enable
        set eapol-pre-fail-flood enable
    next
    edit "default-wids-apscan-enabled"
        set ap-scan enable
    next
end
config wireless-controller ble-profile
    edit "fortiap-discovery"
        set advertising ibeacon eddystone-uid eddystone-url
        set ibeacon-uuid "wtp-uuid"
    next
end
config router rip
    config redistribute "connected"
    end
    config redistribute "static"
    end
    config redistribute "ospf"
    end
    config redistribute "bgp"
    end
    config redistribute "isis"
    end
end
config router ripng
    config redistribute "connected"
    end
    config redistribute "static"
    end
    config redistribute "ospf"
    end
    config redistribute "bgp"
    end
    config redistribute "isis"
    end
end
config router ospf
    config redistribute "connected"
    end
    config redistribute "static"
    end
    config redistribute "rip"
    end
    config redistribute "bgp"
    end
    config redistribute "isis"
    end
end
config router ospf6
    config redistribute "connected"
    end
    config redistribute "static"
    end
    config redistribute "rip"
    end
    config redistribute "bgp"
    end
    config redistribute "isis"
    end
end
config router bgp
    config redistribute "connected"
    end
    config redistribute "rip"
    end
    config redistribute "ospf"
    end
    config redistribute "static"
    end
    config redistribute "isis"
    end
    config redistribute6 "connected"
    end
    config redistribute6 "rip"
    end
    config redistribute6 "ospf"
    end
    config redistribute6 "static"
    end
    config redistribute6 "isis"
    end
end
config router isis
    config redistribute "connected"
    end
    config redistribute "rip"
    end
    config redistribute "ospf"
    end
    config redistribute "bgp"
    end
    config redistribute "static"
    end
    config redistribute6 "connected"
    end
    config redistribute6 "rip"
    end
    config redistribute6 "ospf"
    end
    config redistribute6 "bgp"
    end
    config redistribute6 "static"
    end
end
config router multicast
end

他設定

他の設定については、随時追加していこうと思います。

ter len 0

Ciscoのter len 0のように、showコマンド実行時にすべての結果を一度に出力をする設定です。
Ciscoでは設定したときの、ssh/telnet/consoleセッションでのみ有効になる。
Fortigateでは一度設定すると、コマンドで削除しない限り有効のままになってしまうので、注意しましょう。

設定コマンドは以下です。

config system console
    set output standard
end

NTPサーバ設定

私の環境ではNTPサーバを別途用意しているので、NTPサーバから取得するように設定しようと思います。
しかし、NTPサーバの設定は初めはGUIから設定することができません。
そのため、CLIから設定をしていきます。

設定コマンドは以下です。

config system ntp 
  set type custom 
  config ntpserver 
    edit 1
      set server 192.168.1.201   <--NTPサーバのIPアドレス
  end
end

スタティックルーティング設定

デフォルトゲートウェイやスタティックルートの設定をするためのコマンドを記載します。
宛先はデフォルトで0.0.0.0/0.0.0.0のためデフォルトゲートウェイを設定する場合は省略しても問題ありません。

設定コマンドは以下です。

config router static 
  edit 0                       <--0にすると未使用番号が自動採番される
    set dst 0.0.0.0/0.0.0.0    <--宛先NWセグメント
    set gateway 192.168.132.1  <--ネクストホップ
    set device "port1"         <--インターフェースを指定
  end
end
1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
1
1