scsd/scsd-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fortigate Wed Oct 15 08:58:19 AM EDT 2025

Browse Source
This commit is contained in:
John Poland 2025-10-15 08:58:19 -04:00
parent e6bbc169aa
commit dc149130c4
9 changed files with 70 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
configs/fortigate/global/certificate.cfg
View File

@ -2,67 +2,67 @@ config certificate ca
end
config certificate local
edit "Fortinet_CA_SSL"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set source factory
next
edit "Fortinet_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set source factory
next
edit "Fortinet_SSL"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_RSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_RSA4096"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_DSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next
edit "Fortinet_SSL_ED448"
set  *HIDDEN*
set password ENC *HIDDEN*
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set source factory
next

19
configs/fortigate/global/firewall.cfg
View File

@ -5186,42 +5186,45 @@ config firewall internet-service-name
edit "DNS-Generic.TLD.Name.Servers"
set internet-service-id 10748284
next
edit "Microsoft-Azure.Front.Door.MicrosoftSecurity"
set internet-service-id 328080
next
end
config firewall internet-service-definition
end
config firewall ssh local-key
edit "g-Fortinet_SSH_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end

12
configs/fortigate/global/system.cfg
View File

@ -679,36 +679,36 @@ config system admin
set trusthost2 10.1.6.32 255.255.255.255
set accprofile "super_admin"
set vdom "root"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "tmarri81.admin"
set trusthost1 10.1.6.34 255.255.255.255
set trusthost2 10.1.6.20 255.255.255.255
set accprofile "super_admin"
set vdom "root" "scsd"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "nocview"
set trusthost1 10.1.6.0 255.255.255.0
set accprofile "NOC_Dashboard"
set vdom "root" "scsd"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "josoto.admin"
set trusthost1 10.1.6.126 255.255.255.255
set accprofile "super_admin"
set vdom "root" "scsd"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "jpoland"
set accprofile "super_admin"
set vdom "root"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "jkafta72.admin"
set accprofile "super_admin"
set vdom "root"
set  *HIDDEN*
set password ENC *HIDDEN*
next
end
config system sso-admin

16
configs/fortigate/vdom_Policy/firewall.cfg
View File

@ -653,37 +653,37 @@ config firewall schedule recurring
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end

16
configs/fortigate/vdom_TEST/firewall.cfg
View File

@ -697,37 +697,37 @@ config firewall vip
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end

16
configs/fortigate/vdom_root/firewall.cfg
View File

@ -653,37 +653,37 @@ config firewall schedule recurring
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end

16
configs/fortigate/vdom_scsd/firewall.cfg
View File

@ -4292,37 +4292,37 @@ config firewall vipgrp
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set  *HIDDEN*
set password ENC *HIDDEN*
set source built-in
next
end

8
configs/fortigate/vdom_scsd/user.cfg
View File

@ -5,7 +5,7 @@ config user ldap
set dn "dc=scsd,dc=ad"
set type regular
set username "fortinet ldap"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "HVDC02.scsd.ad"
set server "10.21.48.10"
@ -13,7 +13,7 @@ config user ldap
set dn "dc=scsd,dc=ad"
set type regular
set username "fortinet ldap"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "DC01.scsd.ad"
set server "10.1.40.10"
@ -21,7 +21,7 @@ config user ldap
set dn "dc=scsd,dc=ad"
set type regular
set username "fortinet ldap"
set  *HIDDEN*
set password ENC *HIDDEN*
next
end
config user saml
@ -68,7 +68,7 @@ end
config user fsso
edit "Orion"
set server "10.1.48.37"
set  *HIDDEN*
set password ENC *HIDDEN*
next
end
config user adgrp

8
configs/fortigate/vdom_scsd/vpn.cfg
View File

@ -71,13 +71,13 @@ config vpn certificate local
set source factory
next
edit "Star Cert Expire 4-24"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "StartCert-Expire042025"
set  *HIDDEN*
set password ENC *HIDDEN*
next
edit "StarCert-Expire03202026"
set  *HIDDEN*
set password ENC *HIDDEN*
next
end
config vpn ssl web host-check-software
@ -741,7 +741,7 @@ config vpn ssl web user-bookmark
set host "10.1.7.110"
set port 5900
set logon-user "tmarris"
set logon- *HIDDEN*
set logon-password ENC *HIDDEN*
next
end
next