Profile cli configuration, Command syntax pattern – Fortinet 100A User Manual

Firewall

Profile CLI configuration

FortiGate-100A Administration Guide

01-28007-0068-20041203

229

To add a protection profile to a policy

You can enable protection profiles for firewall policies with action set to allow or
encrypt and with service set to ANY, HTTP, FTP, IMAP, POP3, SMTP, or a service
group that includes these services.

1

Go to Firewall > Policy.

2

Select a policy list to which you want to add a protection profile.
For example, to enable network protection for files downloaded from the web by
internal network users, select an internal to external policy list.

3

Select Create New to add a policy or select Edit for the policy you want to modify.

4

Select protection profile.

5

Select a protection profile from the list.

6

Configure the remaining policy settings, if required.

7

Select OK.

8

Repeat this procedure for any policies for which you want to enable network
protection.

Profile CLI configuration

Use this command to add, edit or delete protection profiles. Use protection profiles to
apply different protection settings for traffic controlled by firewall policies.

Command syntax pattern

config firewall profile

edit <profilename_str>

set <keyword> <variable>

end

config firewall profile

edit <profilename_str>

unset <keyword>

end

config firewall profile

delete <profilename_str>

end

get firewall profile [<profilename_str>]

show firewall profile [<profilename_str>]

Note: This guide only describes Command Line Interface (CLI) commands, keywords, or
variables (in bold) that are not represented in the web-based manager. For complete
descriptions and examples of how to use CLI commands see the FortiGate CLI Reference
Guide.