#config-version=F2K61F-7.4.11-FW-build2878-260126:opmode=0:vdom=1:user=jpoland
#conf_file_ver=5962183407380906
#buildno=2878
#global_vdom=1
config vdom
edit root
next
edit Policy
next
edit TEST
next
edit scsd
next
end
config global
config system global
set admin-concurrent enable
set admin-console-timeout 0
set admin-forticloud-sso-login disable
set admin-host ''
set admin-hsts-max-age 63072000
set admin-https-pki-required disable
set admin-https-redirect enable
unset admin-https-ssl-banned-ciphers
set admin-https-ssl-ciphersuites TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set admin-https-ssl-versions tlsv1-2 tlsv1-3
set admin-lockout-duration 60
set admin-lockout-threshold 3
set admin-login-max 100
set admin-port 80
set admin-restrict-local disable
set admin-scp disable
set admin-server-cert "Fortinet_Factory"
set admin-sport 443
set admin-ssh-grace-time 120
set admin-ssh-password enable
set admin-ssh-port 22
set admin-ssh-v1 disable
set admin-telnet enable
set admin-telnet-port 23
set admintimeout 59
set alias "FortiGate-2601F"
set allow-traffic-redirect disable
set anti-replay strict
set arp-max-entry 131072
set auth-cert "Fortinet_Factory"
set auth-http-port 1000
set auth-https-port 1003
set auth-ike-saml-port 1001
set auth-keepalive disable
set auth-session-limit block-new
set auto-auth-extension-device enable
set autorun-log-fsck disable
set av-affinity "0"
set av-failopen pass
set av-failopen-session disable
set batch-cmdb enable
set bfd-affinity "1"
set block-session-timer 30
set br-fdb-max-entry 8192
set cert-chain-max 8
set cfg-save automatic
set check-protocol-header loose
set check-reset-range disable
set cli-audit-log disable
set cloud-communication enable
set clt-cert-req disable
set cmdbsvr-affinity "1"
set cpu-use-threshold 90
set csr-ca-attribute enable
set daily-restart disable
set default-service-source-port 1-65535
set delay-tcp-npu-session disable
set device-idle-timeout 300
set dh-params 2048
set dhcp-lease-backup-interval 60
set dnsproxy-worker-count 1
set early-tcp-npu-session disable
set extender-controller-reserved-network 10.252.0.1 255.255.0.0
set faz-disk-buffer-size 0
set fds-statistics enable
unset fgd-alert-subscription
set forticonverter-config-upload disable
set forticonverter-integration disable
set fortiextender disable
set fortiextender-data-port 25246
set fortiextender-discovery-lockdown disable
set fortiextender-provision-on-authorization disable
set fortiextender-vlan-mode disable
set fortigslb-integration disable
set fortiservice-port 8013
set fortitoken-cloud enable
set fortitoken-cloud-push-status enable
set fortitoken-cloud-region ''
set fortitoken-cloud-sync-interval 24
set geoip-full-db disable
set gtpu-dynamic-source-port disable
set gui-app-detection-sdwan disable
set gui-auto-upgrade-setup-warning disable
set gui-cdn-usage disable
set gui-certificates enable
set gui-custom-language disable
set gui-date-format yyyy/MM/dd
set gui-date-time-source system
set gui-device-latitude "43.02974913459805"
set gui-device-longitude "-76.14486694335938"
set gui-display-hostname disable
set gui-firmware-upgrade-warning enable
set gui-forticare-registration-setup-warning enable
set gui-fortigate-cloud-sandbox disable
set gui-ipv6 disable
set gui-local-out disable
set gui-replacement-message-groups disable
set gui-rest-api-cache enable
set gui-theme jade
set gui-wireless-opensecurity disable
set gui-workflow-management disable
set ha-affinity "1"
set honor-df enable
set hostname "noc-fortigate-a"
set hyper-scale-vdom-num 250
set igmp-state-limit 3200
set interface-subnet-usage enable
set internet-service-database full
set ip-conflict-detection disable
set ip-fragment-mem-thresholds 32
set ip-src-port-range 1024-25000
set ipsec-asic-offload enable
set ipsec-ha-seqjump-rate 10
set ipsec-hmac-offload enable
set ipv6-accept-dad 1
set ipv6-allow-anycast-probe disable
set ipv6-allow-local-in-silent-drop enable
set ipv6-allow-multicast-probe disable
set ipv6-allow-traffic-redirect disable
set language english
set ldapconntimeout 500
set lldp-reception disable
set lldp-transmission disable
set log-single-cpu-high disable
set log-ssl-connection disable
set log-uuid-address disable
set login-timestamp disable
set management-ip ''
set management-port 443
set management-port-use-admin-sport disable
set management-vdom "root"
set max-route-cache-size 0
set memory-use-threshold-extreme 95
set memory-use-threshold-green 82
set memory-use-threshold-red 88
set miglog-affinity "0"
set miglogd-children 0
set multi-factor-authentication optional
set ndp-max-entry 0
set npu-neighbor-update disable
set per-user-bal disable
set pmtu-discovery disable
set policy-auth-concurrent 0
set post-login-banner disable
set pre-login-banner disable
set private-data-encryption disable
set proxy-auth-lifetime disable
set proxy-auth-timeout 10
set proxy-cert-use-mgmt-vdom disable
set proxy-hardware-acceleration enable
set proxy-keep-alive-mode session
set proxy-resource-mode disable
set proxy-worker-count 0
set purdue-level 3
set quic-ack-thresold 3
set quic-congestion-control-algo cubic
set quic-max-datagram-size 1500
set quic-pmtud enable
set quic-tls-handshake-timeout 5
set quic-udp-payload-size-shaping-per-cid enable
set radius-port 1812
set reboot-upon-config-restore enable
set refresh 0
set remoteauthtimeout 120
set reset-sessionless-tcp disable
set rest-api-key-url-query disable
set revision-backup-on-logout enable
set revision-image-auto-backup disable
set scanunit-count 0
set security-rating-run-on-schedule enable
set send-pmtu-icmp enable
set sflowd-max-children-num 6
set snat-route-change disable
set special-file-23-support disable
set speedtest-server disable
set speedtestd-ctrl-port 5200
set speedtestd-server-port 5201
set split-port ''
set ssd-trim-freq weekly
set ssd-trim-hour 1
set ssd-trim-min 60
set ssd-trim-weekday sunday
set ssl-min-proto-version TLSv1-2
set ssl-static-key-ciphers enable
set sslvpn-max-worker-count 0
set sslvpn-web-mode enable
set strict-dirty-session-check enable
set strong-crypto enable
set switch-controller enable
set switch-controller-reserved-network 10.255.0.1 255.255.0.0
set sys-perf-log-interval 5
set syslog-affinity "0"
set tcp-halfclose-timer 120
set tcp-halfopen-timer 10
set tcp-option enable
set tcp-rst-timer 5
set tcp-timewait-timer 1
set timezone "US/Eastern"
set traffic-priority tos
set traffic-priority-level medium
set two-factor-email-expiry 60
set two-factor-fac-expiry 60
set two-factor-ftk-expiry 60
set two-factor-ftm-expiry 72
set two-factor-sms-expiry 60
set udp-idle-timer 180
set url-filter-affinity "0"
set url-filter-count 1
set user-device-store-max-device-mem 2
set user-device-store-max-devices 507278
set user-device-store-max-unified-mem 2536392089
set user-device-store-max-users 507278
set vdom-mode multi-vdom
set vip-arp-range restricted
set virtual-switch-vlan disable
set vpn-ems-sn-check disable
set wad-affinity "0"
set wad-csvc-cs-count 1
set wad-csvc-db-count 0
set wad-memory-change-granularity 10
set wad-restart-mode none
set wad-source-affinity enable
set wad-worker-count 0
set wifi-ca-certificate "Fortinet_Wifi_CA"
set wifi-certificate "Fortinet_Wifi"
set wimax-4g-usb disable
set wireless-controller enable
set wireless-controller-port 5246
set edit-vdom-prompt disable
set fds-statistics-period 60
set long-vdom-name disable
end
config system accprofile
edit "prof_admin"
set scope vdom
set comments ''
set secfabgrp read-write
set ftviewgrp read-write
set authgrp read-write
set sysgrp read-write
set netgrp read-write
set loggrp read-write
set fwgrp read-write
set vpngrp read-write
set utmgrp read-write
set wanoptgrp read-write
set wifi read-write
set admintimeout-override disable
set cli-diagnose disable
set cli-get enable
set cli-show enable
set cli-exec enable
set cli-config enable
set system-execute-ssh enable
set system-execute-telnet enable
next
edit "NOC_Dashboard"
set scope vdom
set comments "For displaying info in Operations area"
set secfabgrp read
set ftviewgrp read
set authgrp read
set sysgrp read
set netgrp read
set loggrp read
set fwgrp read
set vpngrp read
set utmgrp read
set wanoptgrp read
set wifi read
set admintimeout-override enable
set cli-diagnose disable
set cli-get enable
set cli-show enable
set cli-exec enable
set cli-config enable
set system-execute-ssh enable
set system-execute-telnet enable
set admintimeout 0
next
edit "Read_Only"
set scope vdom
set comments ''
set secfabgrp read
set ftviewgrp read
set authgrp read
set sysgrp read
set netgrp read
set loggrp read
set fwgrp read
set vpngrp read
set utmgrp read
set wanoptgrp read
set wifi read
set admintimeout-override disable
set cli-diagnose disable
set cli-get enable
set cli-show enable
set cli-exec enable
set cli-config enable
set system-execute-ssh enable
set system-execute-telnet enable
next
end
config system isf-queue-profile
end
config system npu
set dedicated-management-cpu disable
set dedicated-lacp-queue disable
config dos-options
set npu-dos-meter-mode global
set npu-dos-tpe-mode enable
end
set napi-break-interval 0
config hpe
set all-protocol 400000
set tcpsyn-max 40000
set tcpsyn-ack-max 40000
set tcpfin-rst-max 40000
set tcp-max 40000
set udp-max 40000
set icmp-max 5000
set sctp-max 5000
set esp-max 5000
set ip-frag-max 5000
set ip-others-max 5000
set arp-max 5000
set l2-others-max 5000
set high-priority 400000
set enable-shaper disable
end
set capwap-offload enable
set vxlan-offload enable
set default-qos-type policing
set shaping-stats disable
set gtp-support disable
set per-session-accounting traffic-log-only
set session-acct-interval 5
set per-policy-accounting disable
set max-session-timeout 40
config fp-anomaly
set tcp-syn-fin allow
set tcp-fin-noack trap-to-host
set tcp-fin-only trap-to-host
set tcp-no-flag allow
set tcp-syn-data allow
set tcp-winnuke trap-to-host
set tcp-land trap-to-host
set udp-land trap-to-host
set icmp-land trap-to-host
set icmp-frag allow
set ipv4-land trap-to-host
set ipv4-proto-err trap-to-host
set ipv4-unknopt trap-to-host
set ipv4-optrr trap-to-host
set ipv4-optssrr trap-to-host
set ipv4-optlsrr trap-to-host
set ipv4-optstream trap-to-host
set ipv4-optsecurity trap-to-host
set ipv4-opttimestamp trap-to-host
set ipv4-csum-err drop
set tcp-csum-err drop
set udp-csum-err drop
set icmp-csum-err drop
set gre-csum-err drop
set sctp-csum-err drop
set ipv6-land trap-to-host
set ipv6-proto-err trap-to-host
set ipv6-unknopt trap-to-host
set ipv6-saddr-err trap-to-host
set ipv6-daddr-err trap-to-host
set ipv6-optralert trap-to-host
set ipv6-optjumbo trap-to-host
set ipv6-opttunnel trap-to-host
set ipv6-opthomeaddr trap-to-host
set ipv6-optnsap trap-to-host
set ipv6-optendpid trap-to-host
set ipv6-optinvld trap-to-host
end
config ip-reassembly
set min-timeout 64
set max-timeout 200000
set status disable
end
set hash-tbl-spread enable
set vlan-lookup-cache enable
set ip-fragment-offload enable
set htx-icmp-csum-chk drop
set htab-msg-queue data
set htab-dedi-queue-nr 2
config np-queues
config ethernet-type
edit "ARP"
set type 806
set queue 9
set weight 15
next
edit "HA-SESSYNC"
set type 8892
set queue 11
set weight 15
next
edit "HA-DEF"
set type 8890
set queue 11
set weight 15
next
edit "HC-DEF"
set type 8891
set queue 11
set weight 15
next
edit "L2EP-DEF"
set type 8893
set queue 11
set weight 15
next
edit "LACP"
set type 8809
set queue 9
set weight 15
next
end
config ip-protocol
edit "OSPF"
set protocol 89
set queue 11
set weight 14
next
edit "IGMP"
set protocol 2
set queue 11
set weight 14
next
edit "ICMP"
set protocol 1
set queue 3
set weight 14
next
end
config ip-service
edit "IKE"
set protocol 17
set sport 500
set dport 500
set queue 11
set weight 13
next
edit "BGP"
set protocol 6
set sport 179
set dport 179
set queue 9
set weight 13
next
edit "BFD-single-hop"
set protocol 17
set sport 3784
set dport 3784
set queue 11
set weight 13
next
edit "BFD-multiple-hop"
set protocol 17
set sport 4784
set dport 4784
set queue 11
set weight 13
next
edit "SLBC-management"
set protocol 17
set sport 0
set dport 720
set queue 11
set weight 13
next
edit "SLBC-1"
set protocol 17
set sport 11133
set dport 11133
set queue 11
set weight 13
next
edit "SLBC-2"
set protocol 17
set sport 65435
set dport 65435
set queue 11
set weight 13
next
end
set custom-etype-lookup disable
end
set qos-mode disable
set double-level-mcast-offload disable
set qtm-buf-mode 6ch
set ipsec-ob-np-sel rr
set max-receive-unit 10000
config sw-eh-hash
set computation xor16
set ip-protocol include
set source-ip-upper-16 include
set source-ip-lower-16 include
set destination-ip-upper-16 include
set destination-ip-lower-16 include
set source-port include
set destination-port include
set netmask-length 32
end
config sw-tr-hash
set draco15 enable
end
end
config system npu-vlink
end
config system vdom-link
end
config wireless-controller inter-controller
set inter-controller-mode disable
set l3-roaming disable
set inter-controller-key ENC ZmlsZZn2w3be/mZLqfwOHw5UwBLtk9b92nHMkmAPjff0gGTc6T2ZAx9Gd9/+/op/MDAvixueGH6caXt2KS1RTyiLbp9GNitEQA9v1AQ4vlOjFSm96zLRti3u7yqpOlWoUmIHUOMDYg3ykU7CZQOplihrTha45OpKE9+hpFYkXhrxYMilhOCRJNwdu1qQ3bj/ARVp1FlmMjY3dkVA
set inter-controller-pri primary
set fast-failover-max 10
set fast-failover-wait 10
end
config wireless-controller global
set name ''
set location ''
set acd-process-count 0
set wpad-process-count 0
set image-download enable
set rolling-wtp-upgrade disable
set rolling-wtp-upgrade-threshold "-80"
set max-retransmit 3
set control-message-offload ebp-frame aeroscout-tag ap-list sta-list sta-cap-list stats aeroscout-mu sta-health spectral-analysis
set data-ethernet-II enable
set link-aggregation disable
set mesh-eth-type 8755
set fiapp-eth-type 5252
set discovery-mc-addr 224.0.1.140
set max-clients 0
set rogue-scan-mac-adjacency 7
set ipsec-base-ip 169.254.0.1
set wtp-share disable
set tunnel-mode compatible
set nac-interval 120
set ap-log-server disable
set max-sta-cap 0
set max-sta-cap-wtp 8
set max-rogue-ap 0
set max-rogue-ap-wtp 16
set max-rogue-sta 0
set max-ble-device 0
end
config system switch-interface
end
config system interface
edit "port1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "HA Port 1"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 1
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port2"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "HA Port 2"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 2
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port3"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 3
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port4"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 4
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port5"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 5
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
next
edit "port6"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 6
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
next
edit "port7"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 7
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port8"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 8
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port9"
set vdom "TEST"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "LAN_Test"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 9
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port10"
set vdom "TEST"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "WAN_Test"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 10
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port11"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 11
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port12"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 12
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port13"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 13
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port14"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 14
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port15"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 15
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port16"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 16
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port17"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 17
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port18"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 18
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port19"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 19
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port20"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 20
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port21"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 21
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port22"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 22
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port23"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 23
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port24"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 24
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port25"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 25
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port26"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 26
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port27"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 27
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port28"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 28
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port29"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 29
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port30"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 30
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port31"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 31
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port32"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 32
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port33"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 33
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port34"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 34
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port35"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 35
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "port36"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 36
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set eap-supplicant disable
set np-qos-profile 0
set port-mirroring disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set sw-algorithm default
next
edit "mgmt1"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.1.241 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set dedicated-to management
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 37
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set trust-ip-1 0.0.0.0 0.0.0.0
set trust-ip-2 0.0.0.0 0.0.0.0
set trust-ip-3 0.0.0.0 0.0.0.0
set trust-ip6-1 ::/0
set trust-ip6-2 ::/0
set trust-ip6-3 ::/0
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "mgmt2"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.200.1 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set dedicated-to management
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 38
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set trust-ip-1 0.0.0.0 0.0.0.0
set trust-ip-2 0.0.0.0 0.0.0.0
set trust-ip-3 0.0.0.0 0.0.0.0
set trust-ip6-1 ::/0
set trust-ip6-2 ::/0
set trust-ip6-3 ::/0
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "ha1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 39
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "ha2"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 40
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "modem"
set vdom "root"
set vrf 0
set fortilink disable
set mode pppoe
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 41
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set ipunnumbered 0.0.0.0
set username ''
set pppoe-egress-cos cos0
set password ENC 9o3gf9vPTh8NsAFemtu5HnkQp68RXLK97Kr4v+QncNf14zLrMo73P+X8OxjoBlbg3p1MjEVic1YTD7bNTpF/jxd/wTz8TRtDWOViazL/iOgzLHuzNaD3e87w9wsVmH3dwTdOHgEMTv+CurLVqqiUD8IDrJkiEF8oZsKn6qBbgRn7goysnTq5xlECCAqjQwJuN2qUCVlmMjY3dkVA
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set service-name ''
set ac-name ''
set lcp-echo-interval 5
set lcp-max-echo-fails 3
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set auth-type auto
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "naf.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 51
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 52
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 42
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 53
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 54
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 50
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 55
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 56
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 47
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 57
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 58
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 45
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "npu0_vlink0"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 43
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "npu0_vlink1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 44
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
next
edit "SRIC_BOCES"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 46
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override disable
next
edit "vpn-042e9903"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.69.218 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.69.217 255.255.255.252
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 48
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override enable
set mtu 1427
next
edit "SCHC"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 49
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override disable
next
edit "vpn-0fc50345"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.54.78 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.54.77 255.255.255.252
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 59
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override enable
set mtu 1427
next
edit "inside lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.251.1.5 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port17" "port19"
set description ''
set alias "Inside"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 60
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set lacp-mode active
set lacp-ha-secondary enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
set aggregate-type physical
set sw-algorithm default
next
edit "outside lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 198.36.24.5 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port18" "port20"
set description ''
set alias "Outside"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception enable
set lldp-transmission enable
set lldp-network-policy ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 61
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set lacp-mode active
set lacp-ha-secondary enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
set aggregate-type physical
set sw-algorithm default
next
edit "city_phones lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.250.100.94 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port6" "port5"
set description "City Phones"
set alias "City_Phones"
set security-mode none
set ike-saml-server ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 62
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam inherit-global
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set eap-supplicant disable
set np-qos-profile 0
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set mtu-override disable
set lacp-mode active
set lacp-ha-secondary enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
set aggregate-type physical
set sw-algorithm default
next
edit "vpn-0403e61"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.242.194 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.242.193 255.255.255.252
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 63
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override enable
set mtu 1427
next
edit "Highstreet"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.117.222 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.117.221 255.255.255.252
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 65
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override enable
set mtu 1427
next
edit "Highstreet_2"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.13.86 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.13.85 255.255.255.252
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 66
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override enable
set mtu 1427
next
edit "DPS"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 192.168.147.1 255.255.255.255
set allowaccess ping https ssh http
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 192.168.147.2 255.255.255.255
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 67
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override disable
next
edit "RAP"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 68
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override disable
next
edit "CNYWorks"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set ike-saml-server ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 64
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set eap-supplicant disable
config mirroring-filter
set filter-srcip 0.0.0.0 0.0.0.0
set filter-dstip 0.0.0.0 0.0.0.0
set filter-sport 0
set filter-dport 0
set filter-protocol 0
end
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-source-ip 0.0.0.0
set dhcp-relay-circuit-id ''
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
set interface "outside lag"
set mtu-override disable
next
end
config system physical-switch
edit "sw0"
set age-enable disable
set age-val 0
next
end
config system virtual-switch
end
config system password-policy
set status disable
set login-lockout-upon-downgrade disable
end
config system password-policy-guest-admin
set status disable
end
config system sms-server
end
config system custom-language
edit "en"
set filename "en"
set comments ''
next
edit "fr"
set filename "fr"
set comments ''
next
edit "sp"
set filename "sp"
set comments ''
next
edit "pg"
set filename "pg"
set comments ''
next
edit "x-sjis"
set filename "x-sjis"
set comments ''
next
edit "big5"
set filename "big5"
set comments ''
next
edit "GB2312"
set filename "GB2312"
set comments ''
next
edit "euc-kr"
set filename "euc-kr"
set comments ''
next
end
config system admin
edit "admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.255
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 10.1.48.55 255.255.255.255
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2NIQtVbk0l0Lrm3dwONB7RrUhVPaHnfe3sdOwytKqFPIf+/gW/GDwvE0Nz5XF+nNego+aEJJschu6jiqOwyxw2/0ccvTunolg6FVOHDds0kE=
set allow-remove-admin-session enable
next
edit "tmarri81.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 10.1.48.0 255.255.255.0
set trusthost4 10.14.50.140 255.255.255.255
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2Ggg4XUBk//gxWTzTGra0SrqdkaBK5AxH22W1iOvlLU3TzNEPZ3J33C8oYcHFhTbbZXrTXvajpPk2igXJU6YEkgMZe/tJPO2DD6gsi/J5haU=
set allow-remove-admin-session enable
next
edit "nocview"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "NOC_Dashboard"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2PgEvhec+ujfr1KsSHU0jmyvM7tEiL8xF7+dUC0Xf+Mkpa+59VE1MDmIgVWA=
next
edit "josoto.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.126 255.255.255.255
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2rRXWEUO/JSmqnhlm/MigMFHKo2Ik9G7iWxm/l6AKCwXQM5wOt1aUvo+dt0ydu+6ldD2hUN4Yio96oS5mAM4jrXlXrJyE2XahsREeyRnDVjQ=
set allow-remove-admin-session enable
next
edit "jpoland"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2P0kuXlxq+fAxE7YFWNe4J4LgUEAAMb9LL3y8zzVZh4qGe+Ui6oEvH1L318PasK3lkwtie2s3Ct9jDEE3vNMNga0KZkySK8Ant4oRjuJDDFU=
set allow-remove-admin-session enable
next
edit "jkafta72.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2/w6nufSySeFZ0NlH3RdiLizG70o8bT63PX+WQQu4o78tMYQHMWWHsbr10CMGWAnsI7LInym+HV0ULcFDeA+zCCT7cnMxVIMIV17sWLvUzCQ=
set allow-remove-admin-session enable
next
edit "estein66.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "Policy" "root" "scsd" "TEST"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB23MAJ8d4xLCNVfyxHxmdAeOwvxDpCdPJ5/r4VeuMzBp608l6DiuCQw6223fNecFe9KFycWki5l23OZBWKhVR4i7bijHEZI9QFkWdbZR7BXB4=
set allow-remove-admin-session enable
next
edit "acrame22.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 10.1.40.0 255.255.255.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "Policy" "root" "scsd" "TEST"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC PB2pu4lCia+w3uwtczEvU3fo2BfI6RhZhw6YrIx/PDJ7EM5QDEcFATcCAkBmzMJz1Kmjw25DDyy0eTA2GMaBz5cKHEZv/7+uSYd50uW19LjGZk=
set allow-remove-admin-session enable
next
end
config system api-user
end
config system sso-admin
end
config system sso-forticloud-admin
edit "FortiGateCloud"
set accprofile ''
set vdom "root"
next
edit "4fc9e93dd975@fortigatecloud.com"
set accprofile ''
set vdom "root"
next
end
config system sso-fortigate-cloud-admin
end
config system npu-post
set npu-group-effective-scope 255
end
config system fsso-polling
set status enable
set listening-port 8000
set authentication disable
end
config system ha
set group-id 0
set group-name "SCSD_Fortigate"
set mode a-p
set sync-packet-balance disable
set password ENC JiG2dx7RaDi4T8GmQvvWtzYVa+O31WN+vMKhatkSQLFE234H9uzWidFTxnU7bfhD55fmlkBVZpjxqaRfz/swhPfT1S3ocd2TNkSBujcQt2i9EG3gpl1299t3b8arx2EqFkHb0vBxFdYdHXdn6GG/iIM/hrkD+ggk1GcHiE9Mh+9i8KU+6JpdHm0OZ+q6C0Lj8LPbg1lmMjY3dkVA
set hbdev "port1" 50 "port2" 50
unset session-sync-dev
set route-ttl 10
set route-wait 0
set route-hold 10
set multicast-ttl 600
set evpn-ttl 60
set sync-config enable
set encryption disable
set authentication disable
set hb-interval 2
set hb-interval-in-milliseconds 100ms
set hb-lost-threshold 6
set hello-holddown 20
set gratuitous-arps enable
set arps 5
set arps-interval 8
set session-pickup disable
set link-failed-signal disable
set upgrade-mode uninterruptible
set uninterruptible-primary-wait 30
set standalone-mgmt-vdom disable
set ha-mgmt-status disable
set ha-eth-type "8890"
set hc-eth-type "8891"
set l2ep-eth-type "8893"
set ha-uptime-diff-margin 300
set override disable
set priority 200
unset monitor
unset pingserver-monitor-interface
set vcluster-status disable
set ssd-failover disable
set memory-compatible-mode disable
set memory-based-failover disable
set failover-hold-time 0
set override-wait-time 0
set pingserver-failover-threshold 0
set pingserver-secondary-force-reset enable
set pingserver-flip-timeout 60
end
config system ha-monitor
set monitor-vlan disable
end
config system storage
edit "SSD1"
set status enable
set media-status enable
set order 1
set partition "LOGUSEDX45501361"
set device "/dev/nvme0n1p1"
set size 937875
set usage log
next
edit "SSD2"
set status enable
set media-status enable
set order 2
set partition "WANOPTXX808E4B55"
set device "/dev/nvme1n1p1"
set size 266562
set usage wanopt
set wanopt-mode mix
next
end
config system dedicated-mgmt
set status disable
end
config system dns
set primary 10.1.40.10
set secondary 96.45.45.45
set protocol cleartext
set ssl-certificate "Fortinet_Factory"
set ip6-primary ::
set ip6-secondary ::
set timeout 5
set retry 2
set dns-cache-limit 5000
set dns-cache-ttl 1800
set cache-notfound-responses disable
set source-ip 0.0.0.0
set interface-select-method auto
set server-select-method least-rtt
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
set log disable
set fqdn-cache-ttl 0
set fqdn-max-refresh 3600
set fqdn-min-refresh 60
end
config system ddns
end
config system sflow
end
config system netflow
set active-flow-timeout 1800
set inactive-flow-timeout 15
set template-tx-timeout 1800
set template-tx-counter 20
end
config system replacemsg-image
edit "logo_fnet"
set image-type png
set image-base64 ''
next
edit "logo_fguard_wf"
set image-type png
set image-base64 ''
next
edit "logo_v3_fguard_app"
set image-type png
set image-base64 ''
next
edit "logo_fw_auth"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAPoAAAAeCAYAAAAFOQOpAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAPYQAAD2EBqD+naQAAAAd0SU1FB9oJDw4aKksK+ckAAAYdSURBVHja7Z1tiBVVGMd/z91d3faORtEbmfhJi4rSLAnDCnonsQ+9R2AJkW1F+UGiIDIMCokw05DoQwuaZIUlQkWQSZQia9KLWqGVkBVEljRX21zn6cOZda93Z+bO3Dszd+7u+cOwew9nznnmnPN/nuec85wZAW6nNRBgE3B4KEEdEBc8hzkCD6jSHXSTCltKLqv8e+YB96kyWLdCoUdc5lbVt0GVowH5QNmssAb4p1QJLXIWMCXDNuoAtgOdwA918l4NnJ5xn3UBb1b9ng1MCpF7C/BbTfqtQClD+QaBXTHaaghTgUsAL4fxXgK+Bvb4vycAN+bAse/8etEWXiNIog7PqIOqg+f/HXF5ZfqG8nsOi8PyBV01dYXnLeN5Zb6t05B9GbePV/X/JuDiCFk+yanPqvFuRL65ATIO5Di27oihVB7Lebw/VVX3tJzqXEbG2jURtAzqsARlSZU2GpkvzTo1UheKCBdomX6vHCxLTl7PEG4GdgIrsKjbtcBbwG7bFMPuROt7xQGpgMITeVJKYtSlwkwRphWozx4F7rZDN5aCPBfYb5ujIEQX11hzYeScPMrE5ThiPi7QANaaebJFNCYDz1uiF8fXWpCyZ56mbJPVYWrBrNU8y+HY7XW/JXo48lqJRB26BSbGMdi5zdGrR4pZ1piaTDdkPgedU5M2IaE8RVKqmnE5Z5JshTurtjmp6v+OBrjXCCd7wGzbRJFQcupmVWGH+ELF6IJ9VSm/Av1Qf3sNKNfM0b8E/otpQ48ktCK3ABubbJmVwMMh5c+qSbsspIzbgLdDyng1pPxWWN0ngReaLGczZpsxaNQ8C3yYQJ7ngKczfOY9EfzStDnZWQjfqsIAcE2Se7yyWUwTl7XA2tg6xd+r99cGZmb4WD0plLEmgojHUpBjXIGsencKZTyEWWmXAOIOJixr/Ghy3TvbVfCIIJZopeLaNZRRjD999zbILZ4ylhumEETXMh0qzIsjj6+q94vL9qbrdbhLY1pGga3i8kvOTTPDctciD6LPr53XNondwKcBLBonJsChKxZBlXXAPSnIsy72hEe5E1ifoOzrgFMbkGnQf7ajwBV2iLYMM4AHiV40C0MfUGknor+Rcn2vBxLd4EhcovskyBvHEuZf4F+ZOEEkWxy0SI5r/asRvFc0ohcjMk7jb3W1YnutgBBfaVpYtM8cXWRs1ZsCDgIb7PC1aCuLntSUjXEcBa63zWCRFtHVNk9Tc+isyhHfolsUv//awnUXYDnpBg58HjFfHh/rNFmKUw7VBO67JPJ+BHMQZm8T4g0Aj4f02Y+AQ8EWfEYRBHMk+IsGvd5KOxEdYFEu6lP5F+HSuI0q8FdKVU+Pq701+XHH14B3mpSvC+gNmbHclEL5FuH4CBOWO+oten7zhwoKdd/mkkW9XxW8bfsID4E9y3IxU3SMpocpRmScU3e9oNbdVnGNJfbKCJLAA3eHTwCpk8gt81oQPttl+WYxeogO3QK7UZxYsydlPfCI/7tXYCka69DCBE48KngQjXF6zdSzAPPeNouxgUFL9JQhxpqfhkSeqT6uFfTEs9c9wCkN7rudHOs+cx79bzv2xxTmY468prWj2wGs8qdjY5ToLoe1zCHAQaIbViT/iDYVEHI/0GLRWpztX2liUg5yd2PO0U/HvOZ5I7C1OAEzwrJ6JB8yrqkRWGPzHHH52Y59i4KjB3D9KeYOTLxFB7C0SJFxKyHmfDkt3RLPKROF8+0YsmgDXAWcA1wEfANsA64EJhaG6OKiqiyOMZ/PG7tE+d6OIYs2wOXA75gw6XuBhZgv/WwuVKx7qcIK4OUCibRXXC5EQl/KJxnrpDTKz1LGpGXnoafD6igVwG5kXV+//3cc8CImsvIGYGIn8FKEv58rPAdQFiEsIST6TYcfZAgN7zWHhcD66b2qrPacyNdPfQD8EZDexfA3tprBAeAVgs/f74zrkWC+7hK0XbStSfneB34Kef59AenLCQ5EKWHCTZvFEX88B5H6UEDaDt+wHMtheJcStPdqqr5JmICTn2HCb2f791cwn81a2LaHwbzycS8g8X1x70mS18KiIDgPE015hq/ADgBL/wdzAzk3USNrQQAAAABJRU5ErkJggg=="
next
edit "logo_v2_fnet"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAPMAAAHCCAMAAAANeQ+xAAADAFBMVEV/AAB6AACLAAOVAAIkIB8AKD6FCACiAAOsAgC5AADDAABJIT/OAATRAADbAAIAOVs0MC/nAAC+DA3pAA3wAACjFhpnLRB4KQyXHxxjLEIbQ10ASnWQLxflFhXaGR6ULi+ONgl5OxdnQBxMR0bOJSB8OzmLPAfGKSmgOA4JXJHkKCy3NjGMSgZVVlSCUg8WZox8UiezRQhwVyEAcH2/PkJuWi8AcZAQcHKuRkMObKp9WhaQUF3iPDp5WVqyURbcQESfWQelUk+XXglHan7wQDZuYHgQd7ypVzdlZ2SwXAIAfcfjTSV/ajUGgbrZTk2rZAN3bUQAh6STaiUahJbWWwcFjI/yTkauYkoHhtQqgKwRhcmRbUu1bQS4Y190dnPLX1+8bgGRcHCfcUDDbQHWXl5cf5MPkeMAl++tcmrfaEITluHTa13QdgLKeQTWa2+Bg4AAn/3qalmNhWERob/aegDldwAdoqYCpP/UdXTHhBosn92+fnxXmbXuei33exO4hW3jhADbhwGOkI9Loa5PncvtgwCxjFrQgH6Zko+blW8drf7viwDUiXF/na3RiYoAvuW8j42cm4Gam5gos/77jgHyjx7Rj47ylALJmk+6nWi5mpT7lQX1kjzsk1VLuMOgo6CjqJBGuf/PnJuoqqf9ogKlrZzupCXmpTjhnZxLwP+Gtb/PpJWtrpi2qqrLpaCItda/sIywsq7Tq41bxP2us7XKrKtpxvq1t7T+sRv7si61vKCWwNipvMilvsLLtbG5u7jRtqf8vAXBvLv+uiW8wcO/wb180P/uv3KbzObOw7zdwpvExsPUxKzFx8T+ygD+xELDyMvhwbrHyca9zdrLzcrdyb/+y1DazLbuzJT+zl3M0dTQ0s/U08rS1NHV19TH2+fk1tbY2tfW2t3a3Nnv2rXd39ze4N3h5ODX5+3w5NTl5+T74+Dk6ezn6ebw5+Dq7en/6OXx7d3q7/Ly7+bv8e788eTy9PH+8fH39ezw9vj2+PT2+/75+/j8/PP7/fr9//uXHhBNAAAAAXRSTlMAQObYZgAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB+AJGxYjIiP66ooAACAASURBVHja7Z0LYBNVvv9puxfabtsVlMdFC4ooCgZYEQSWtYguhmcFhAUtpUpFYVvKIgILrEJQeQl2C1IW1FgCCnXL3cgj9fKIxmZ3NTdrSYf9r8nt2CSbpNRmc7fmBpvObf6/85jJTJK2YANtaX7QNpk588v5zPd3zpyZnEcPQ/ezHpbuZz1iOsd0jukc0zmmc0znmM4xnWM6x3SO6RzTOaZzTOeYzjGdYzrHdI7pHNM5pnNM55jOMZ1jOsd07kidjd3PYjrHdI7pHNM5pnMX07m6+1lM55jOMZ1jOsd0jukc0zmmc0znmM4xnWM6x3Rup87a7mc9vN3Peni6n3VL5rruZz3c3c96uLqfxXTuJjp3xzrM2v2sh7P7WQ+WWLfS2dH9jNe5O1lM55jOMZ1vLp276/U5Vp5v8vKMn352M527Y2xrup91z36Apm5n3bI8G40xnbuDzrFxN7HxVTGdYzrHdI7pHNM5pnNM55jOMZ1jOsd0jukc0zmmc0znmM7dS2ej0cRIzGQim0wmE32P3xnRI9KQZNJj6XPFyOlMTEhKaZIbq3M166yrC/aGrKtz2VmrE7a4HOi32+V0uGCzk2VZu0tICcmcVhYlFG1x2J0uFyR0SNI5WLZavAm2Oe2SJODphupsNLGyu6VWZHFsWwDGHkO/Fxyrwb+rmert4lSyAqbaYpEcu90qv/tueUg6eRnLmFjJprvlbJnkvfZGCt0DZK77UYgVWI49DrbAiP88vr8G/znGOrdL092isbOSDXL2btiqZwuk6bJZ1pUtPdIkdaU03VidGdctIczZugWYWb0Hw278Av+ZrWcVIQnvNlmkzAbErGZCmH+0nbGHMKulzNu1hhursxuYb5GLbLsOx3SGmsT2RvJ2QRlmlvGp0JlSswXZ+AU90ISZsc58Mhk+N85s0Sa5PFtTli2X/0j4XKW+A3S+W6Xhhx9p1BojoysD0+jQn4NlevK2jEHM29UkmQFRFBlMej3iVKk1GrVaw+DXWOciNf6yV6snpyEb7dDwn6DWGIx6A/5cfKC6I3S+W8PwX+dAxVRzDBtjYVDVYmLJW5MDMxtwqhqHHL+xVDtkCMeArjkWV1DnIj2+DFkcsOlHKsJsoh+AtltYFn+ukVyuOqI83yJYNmO5iAvwAp3BiP4xl/Dbxy+Q8syno+WQcWJmPboIM86gztu1RmHTj5RMdvBIOWOEU2lkrIhZjQ+8we0worPIZAaWVNQLynBtWm2twVXa46erQ+swmcpgYeswsxGlZOtEOhsswqYfqapFddjdegbvcWKdTTe+HWYMq7fvVpuozmVa0tKiOh80hTIXgEpEZ5JUqrMhVGf+A2hQiHS+wfNK0Xq7QDCFhqnZth5sWxkpf9aaPeStBTHLSartBXdjxaqvSucyrHM2OXA71B2ogxbVGeqP6g7ROVhvQ1ULqKjI6fUMW1NTgzrx47dazKxQa4R6+5Zr0vkWFa2dIZxNYp1Ji/yG63y32mjhW/wWFjc2F/xa0vZcsOALXG8rcH0M1XUBromvSeftgqH4oTqjSMJXixuus7hcMaTSWmCgbc8vaDVOrs9EP5MVMSu1VGdVmM5F4fW2yLQGE6+zybR9e5npRutMKi7hTENJ24YhNcdo2xOfgm3qatRg3K6naRBzmbGaxddklbG6NZ2VltC2JwSIg+pcVpC9nbmBZRrpbL37FijP2uCJMFnYXHF7Gze/f7VdzWyHq/J2DdGZLYBLLehsYuXkBd4ou+WWu1UmSHdLEY0HtOmWImM2HBq8PuAAscDnylR6pgxinSS+YfMZsFZGoyqD+jNoULxOHzx4UPMF+n2wTHcR/qo0RpbVq5VqaHqRbrF6VZkaTg9r0apUcJnFGxn0mmF1qmA62KRUMxa9WiUypDMLn6vSMixTVrbdyNzYeStMJj2qh8WnwmQyQA0O1SyuovVGlEBvgK169JdPosdH4bRafiN2JU0X3CQyA92DvBr1er3hhs9bgYue1MgmWsItfAJJQuGNeCt5GZoukm/ph8TmJ4nNTxLTOaZzTOeYzjGdYzrHdI7pHNM5Nk9cbJ642DxxsXniYvPExeaJi80fFpsnrtPorJXhPzJte894trLD54nTy2Sy7Oq2KwG9DP+R6etCj5YVSFOhH1W2TCZXRnRUoOzweeI0MpM1u6DtCbg0MvxHprGGHh0hlUZWZLUWZUd0lF3U4fPEaWWMUyl3gi7ZrKIAbVFmO5WgksEpU8kVWrlMpnKi3zKcXAYJVYxMC8ex9Ggn2i1XwXFKpLpcK3MWKIhzudLJyBgVbFXg3UwBvFR2yDw0IUpZ5IoiucUiL1LJrYpsa0GRXq63KgqsMpBfrrTCVnmRoHORtQhSKdB/fDSYBnYr5ZYiuQangh+cXoaPM+FIUMrw7iK5qaN0Fk/QokXSsAqFw1GkYGXqbIVKrldhvRwyrYNBr2SgFaTDyWEbaKuVo034aPiDX8uYomwHTgU/BeDOoZI75EVopwpFCd6NPia7qMPnldLIUD+oIjnDyIvYArlSK5ezWrkW7ZJpWFauRK9gV5GMpdsUcpbNlheIjka75QCF3jPww6pkCuSTzVbAcQa5AjYY0G76MR0935CWCIbLswOy6ZAjyVEJRJo6UEmWO0B4OdUZFViHQ432CUfj8uxAQrJyVJ6RxpCuCAWRHBQmv+lueVEXnT8MidbN5pVi5OrYPHGdX+duPI9rbJ642LyPsXniYvPExeaJ6yLj6EyxeeK6RXmO6dw9dA60YZzfB+b3c7z5yQYu0F774Z57tNPazhaHMtGM84Ty14y2c+3Fbpfn68fc7Pd5fVxzM+fzevCYXmRoAK+HbobMNf8g4PZ6vl7MkB8435zP4474XNztAZVQ1q+duv2erw9zMxICslXXytcBdZC5a6eOhufrwuz3eP1+b53L2ep3IE6XGyXz+K8BOSqerwMzBx/m97ic4nw5HTZiDslWp8vj93m8V1ubRfDsdNbwJt3ciufoMyMpUL6IuVwOm9ms050+WIjs4GmdjjHbHK5gAu9VSx3q2VnDMpUV58+XIjt/vqKSYWucV+E56sxej89bJ3ysw2YsXDygb4LY+o5/8bTZ5hTyVucDQa4COcQzW1n63tZ5c8aNGnU/tlHjxs3bWnoeuNvyHGVmzuPxuYUnRzZT4Xjg7ZWYmJhEDV72SohPGLD4tNkupPP4PJ624lvq2cqUrp03btQEZFOJwSsEPm/reaamdc/RZebgEuniF4+w6Tb2RbxAmiw2BJ4QHz+4sNJKUzpccKFtHVriGSSeP2eUQDt9qmDAPWrcS6WmmtY8R5UZMuZx0ozVEGIMnJo2KGP2yvXwLzdjUHoa4kZqDyjktXY4Pa1Diz3bgRgkJrgvrFq3c28J2N51q15YiOgR9bxSXutInqPJ7Hd73OQxmdPBFGJiwEubtH7/BTScVQf/0J/D2zIwdq/4+PGnzZAWm7s1aInn0pfGYYmnL1xXcvJPYjtZsvOF6dMx9dbzrK0lz1Fk5uo8dfTRYI1uPCFOHbTtNLDqLohMB7YfYSdBhG802mvahBZ5tp5/bx7WePqqkjN/imAn1y0k1KWV1HGY5+gxc9D0pR/CgsiYOGM/4J4ONwA/kds7ORnK9XidjR4FDWauhcAWPFefXzsOE+9ECp8JN7R17zJEPW5rBRvZc/SYIWN2ZA4H8yIWOWX4ft2FEy3Zad2J2WkowAccrHbgA+1wmxCRmfdc4zCXzlsEyNPXnYwIzGOf2Qla3z9q3nk2oueoMXtcJGN2h24xFjlt/YXTJw6faMUu7B+UkpQYH19ottGsuTwRkAXPNSaIa1RvlbQMTLGPrwKpIb4t9gieo8XsoxmrsUNRRsjDD58+3JadODE7NRmgNwahfWHIvGe7rfK9eUTkMyfbsjNnduL4FkH7os3MuVx2K3ZuRMhJqbNPHN7fth0+vbI3QPfcaMbHWu0uV2iRDno2E+SdZ9pGRtQly6YjaDbcc5SY3dAWRP1L7AwK7KS03BP7r85ObEtD0HClRoezDmdokQ56fm/erKlTF+69KmIEffwFCh3qOTrMPqeTTMthexEjLzm852rt8LZ0gB5w2mxFUzGwTqc0ugXPllIe+ThYyzEtRMHxkwgaVWRW1ibxHBVmjs8YW4gDO3f/tqu3/dsgvHsO0NHFOZ1O8a0+77mGPT9/EQT2XkwcyU6e/NM3DY1gtX8h2McRNFRk8ypCPUeF2eOwE7+6vr2SklNnC8iHW4YP7tqzMi25V89HzcSF3SGuuwXPlWvn4KtyS8jHz3wjHNT0l9fOIObjJ0sWToXrNBPiORrMHJ8xBuqv5ORJeNoZNPPMiYB/4/qItq1QtGvP7NSkBCjSxInDEazGgp5R/TV93XHUsi6JpPKZRnGJ+Oa1DYi55PheuE5DkZZ6jgaz20p82lBkJ6dvW0lsfSHsu7JxycpwC9m1bRKObgptDQrNe2ZLUWS/0CJySRC5qamZQuO061CRrmQlnqPAzFEtcGRDlU04clcW4g+48uKSJSHY4bvWQ3THLeaZBaEFzyYU2Qvx/VMkbBHy7scee+ws/K16bcMGnPSF6RDdrMRzFJg91KN5I47slbnYlhTSXFxZnLtkSa7YRLuWkF0rIbrj4y5QaJZ/tsF7ri6dPwsiuyQILeYuOV4ilOXdAweOGjVqN7wCZgyNohvqbrHnKDA7xDLfSpFzC4UAvbL4ITHxbMkuunHloOTEOL4aY510t0Ms8wsle5FFwC4500QPqMTIo0bBOfhmFmKG9KumTxi31SL23H5mn0TmjNzZyERcGHp20EJ25ZIDZqeJhSZP7njPLJZ5515qJVI7fnzDX3h3zw8ctQgZCN28CUGjgyRC+6PC7ObFQDL3pmDbJA0LEXTG7ELJrv8ZT8/EcBCaL9EsaTLxnpm180DmvSKTUm+oFZhHjVoEQb1oE7w+C8x7ETMWmhV5bj8zrWeqTyCZh8/OwLbyihT60RGYNyNj9n5p0/LZ8eh0ZEyalJ6c1HOAib9I4318DXZ+7SIozXt3UguD3iDUYBUYecOsKlSLzZq1YgVKD7dYo+ZXVgc9t5vZT0eLmh9NgEo7g7cl/xMCPQxtnZQRgvzzwSMeyhiU3js1OSkpOSGu0EwnLEIhyHtm3wOZF+4UmVTtDRsaeHeNzy8CdTe8hk5C1ahZK5a9sAw/ILx/TCkb9NxuZjed9cbcF1qd6SAYsoxhwx6VQv8Pgp6UsTEUue+wZMSLjNRiZE4ddCHlPTOoBltFaNetE0MTcBFzoH7TolmzXmtoBjt3//0ThMehENwWwXO7mZ2kM435BGqPDJ9EbVg49Phhg8KQB4gffSeh4KZ9c1D9Sj1bSGgjXmIhcmPmJsFn7Te1Tc2Y+SciaGiXBD23l7mZzgJtXpyQlJxGiYcPHzpsWN9waCly8z3xPenzbyp0QtxpM3HHwm7i2Wx5D2rthetCTMS9YQN/eSawzc1NTU1c824x8/1jzrOC5/Yy++npY0agWns4b4MGDR3ad7AU+ttCTorcs2e8GDkJ2mIvUmYLFxA841qbkK5atSoce8WsTSLgJtrTouGx2yXMpazgub3MXjprrAmKc/KtwyXQvUKgpXZPXAhyUhIUaBrcjC/Ae67kmVdhW7fqBSn2ihWzoLEp5kUyc7t/cvv9E8QFulLw3F5mN83Zp+hKlS62QYP6JLYCHQE5KSluwKcWrDTjCfCeK6AKm75KZC+A8dArwJ7+S0AA5lXmGgZKmOFqVUGZPe1mdpF57c0fQRWWImFOT0HQ314LclL8gI/IlJmmugD1bDmLqrAQZMEEZAG4iWA//xNxaKNK7CzDe24vs4MyvwpX59T0W8WWnpKS3BJ0ZOSkhLhXKbMzQD1bcMMzIvALK5YtA2QicZOgMlA37f6JVOapo8aUMrzn9jKzYuZbpZaWlpKcFBG6BWSouF81k5xZA9SzZTdmfiHcli1b9vTTU//STGCbgho31T8/MERmqMR2W3jPUWXuHWppkZW+Jy4uErKYmZUyR0ReOP3pqWebCSb8M9c3cY3wr/7UwJ9g5MjMbLuZq1tl7p2Wmpw4IASa+zkgJ0RAljJTz+zutVPDmUHjhQunT596tqmJV1n5bwOfP1VZ8fxjAyMgT73/4d1stJgtrTOD0omJ0jupQGFcXM+IyGLm6oCFZ56PmJcR44F5ZCox528E5J/wBsQhyIjZwnu+zsxpacnJj14JhDY543tFQm6JGWIbEJeJbOFChDz9L0TiRn+jX/lvgErt/nBkkc5RYCZrXmPm5LRwS05dHF6FPdu3FWay/gswE8+W0rXAvDDMcGCjogzEGJmwEpsQiowaYgzvud3lWcKcGmrJqUsiXaqeTWyD2QDlmXhm0CNP0BSwp0uQp5+lEjeiwA4ii/vVSK9VvOd219sGwozbYVeLDGW6Dw+djP/Tn/ienwrM1DNzbv4czBxqZzlCDIYaXbdT2kjAYOPGnIsas53krBIzh1nKkpaangQ6JHlS3B2fkpzpHQHq2XRuPrS3IyHjoG70Nfp8oQ3NSMzzzpl4z+1ue+qJq0vxiZGQW+7AWjg0IvMlmjNoe1LPVfPnTw9jhhq7EREj5MaGhoEhLZBQmz51zLwqwXN7mT0kZ5WXBvRqU+XCEKXDoBPjfnmJlGK9J0A9G83z14bpDMg0rBu9DQ2YecKs1pgnjNlqFjy3l9lH55RnxyeEqpYcovI9cT8Pg5YegKow4k7vD1DPleattBKTquz3NWKJkXkRc0sKo1/ToQpjBc/tZeYMBpKzjfFJbSHHtQXdM+5TwmwwNgeoZyNbOn/O01OlyKgYE4nrkbkGtlyaySGoChM8t/t5GEPkMF0ILdBLpL0k0FOR+L7PtgYNxZmtJGJYYC/vGQq0hBmQeeIGL2ppDhzYYg3GHzJmntkkeG43s4NOpM8OSGgDOSGhV0KvEOhBSdLibCPMWvQMkHrWsfPXzno6SIxUhsuTl4T1Y6hxffv9LepMDlr08CYa2tooPAMMeOhCHeYXxcGdGoYcj7v39gqDFjHHQ2gTZ1r0XRr1rIM76JdEzGehHFPghvqGx0hjpHWZcWgHPbebmdPrsbPKC/GimntSIAwZN72AOgQ6NUkS2tiX3oDHDVHPxiqR0FOnNjbywGDkSd+ENpBnQWgbg57b/91NNRXaNj4hOYUYXKa+DUMmbEmJvSSXrEeTk+hRqajWpmKweB/vmd0KQlPoqRNExGCP3d5W9YVlLmVFnqPwHR3NWeVH8YlCmzO5z7cSZNzhNSU1BXXn7SuCfjRRaLImQ4OkkuaM9AfgPZvOz18bZK4XiG0VFRWjgo0RHAXii5RI5iqTyHP7mfkQrGAHJwgt7uTExG9DkFPwjhQJ9D0JvfgdSGZWRzJmIFc53rNYaMxMNX7+38gToGD1NjX4I6rox0ENZhB5jsJ37qzGoEeGhKZ3kKkpSYl9KfQ98fG4j28q2ZMqgr4nAd+ZkJtOJDP2o9fY6SnhPTMg9IYVBHoCIT71/G7hoZf4Oka1Dm5ZuBDLLPYcBWafljjUm8fH87fQQEahCXJKqnBHHYS+B5dyuic+7lUb9aPlB8sInpHQK1asQHeQE86eA9uNHorcLlFZrLYYeeGYMbtZiedo9BtiNMQj3GgkpPVOQ09HBGgkJeWiD04E6OAu2J4Y9wTLy1wtFHfeM1TdCHrZQtwL//bb8TMRconCYNNbsoULl815eJzZKPEcDWafhhf6zZ6JwYd/AP3szyhXyHNBtOueXqJdyXFwbdbRnAV7P/KeK6ABCtG9jELzDweQosFnCBGIly1bNmvMmHO8zNRzVPoB8nLo2Sfik4QnYVBdoW9ak1PS0kIfkoXuQpFtpz7UFtGljPesQ9EtQNMnAyR0xQ/IpBKjXRvGjNlUE+I5Ksw+DS14cEsZnyLSE91QpqZFfAQs2ZUQjGytRjz0TfBsrJonQIsCFz0Kxf8JtsTQU9IV8x6eYzPqpJ6j06+XVdMYNJ+OT0gVCZqWFoE4bFcvqLPNvBh2STuN9wx197z5byHoZQLSMukDbx58WfC5MCCPq2JCPUeHmdPSGNSaP+qZkNr72iwx7o5PzVRPjV7aUA96ZksBGn0PiWV9IbKhHcGdCPkcG+Y5Sn3WPWrsuUKvt73aMyHt1qsHvhUhf2SrIDnTqkNHZFDPep0eQ29Y8cJV216MrA/zHK3xGKyKzryOoONDv61rxdISEDK/IJeKDXtwFvSMoN8ruWroDQi5RhfuOVrMzXo1P9+87aOe8Um3pl8VcXpKPAS2jT9UbYgwsj3oGUGvPbmubdxV8O+l+TiwI3iO2lgjv0bImvnTO3r2Sr8qS4qLe+KSWciYJtJwZcFzhY49B9Bv7V3Vtu196eExc6pYbUUEz9EbU+YJLgFtvvREz/jktolTEuJ6PlcTRFZ7Ij4WFnlmbPPGAPXONoh3IpE32RhdRM9RHC/pCmatsubVnnEJKenDWwEenpIYF3fHxzWVwmLZKncLz8JFnnW20nkPz3/v5M5Widc+PGbcWYehBc/RHBfrDGZNb770S6BOTh8eEXv4cEL8KiuIrFWrXC1+ASDyrGOrNo15eO3at0rWReJdt67kLUS8ycbqWvIc1fHPDpVQprWVtk+f6BkXn5QyaHi4DerTC4ifu+ioFCE7W+lYJfZsdJybN+bh+WvfA+zQnnIlb2GNN1XVGDQteo7uOHeXKGuI+pd3xMUlJPYZJOYeNKhPQhzSWEzcqsqhnnWMvWrTOIS99q23TpbsRb0id+4tOfnWW2vnP4yJbabWPEeXOeBWqYJZ01TaLn38xB09cb+CPtgSE+PjEPATH7NALEihVbVQfUX2rNGa7LbSOePGYG7eEC8A/4etxqRr1XOUmeE2Xxn8PI2mwlxz6eNXn7gDgWPreccdT7z66aUac4VGlE6p9bU5bYXUM7RQHLazm+aMA/AxCBZwx83ZdNbmYHW6NjxHmznAmZRqRCtYhdnmqLl08cuPkX158VJNjQ0Ba/g0UKsqmauZlSXUs1bP1DhsVefO/geys1VV8DlwdRIlaMFz1Jmh6Kkhb9KpEisqKs3EKisqpLu0kNp1lfPQhHuGEmQiw+QYk06rvTrP14E54DcpVVc9c6RKabr6icSi4/l6MKOvXZQq9VVkS61Saj2Ba7FoeL4+zIFAnVapbCtvaqVSW3fN84e13/P1YoaLi17ZmiQghNLg/kHzxLXX8/VjRmPCNJC5CLlTqyBbGtYX+KHWPs9RZG5uppMver0ej4esh8MaIMxQ9iCDyFQoT2Bqg7UOJ4CUXi+dvrG5pR43UfYcFeZmPAMfZMbldDjsVmtwLkyr3c5ajFo1zRAWR2u0sHa7OJHV7nA4XXgOQz+Zv1GgvR6eo8HcTPNVBxkTf2Iwd3grWbmefxeaBrJWR/MmRr4enqMU28009nDo4dkn6bRO1ND0NNIXDjrZmwtlCAciicPQ+L4OnqNdh5GREXiaUTytKraQxQqF7X4/Pw1rc9uzP0bP8/Wstzur9YhZzGIWs5h1S7M6r9dyjm0tcenzRVrINuTyHdxBN1xzNpz2UGS7L3Czm79Oisx6Aze/+Vgps78bMAfsMeY2mJvxXaHH5YD7PtaOZkHnmm9i5mZE67Yb1cqioiKlCj3QUKIXGqPd7Ytw79jlmdHCDW6LRlmk1LJu0Zz+nNddrYWtapOTrHJx8zA3+1x6ZZHKRGibGmtrv6mq+qaqtrahCU+i4q9WK4qYLsvcHMk4Vqmvx3RNtVW6soNvvHHgwHPPPffqs89u336q6hu0q6m+yNfcReyqmJv15kBjU1Oj++LHBz788PPPP/vss/LyI0f27Xvlt79d/ssXn92+u6K+QeG5qZg5w6lG2yXg/fzzvxID6CNHEDVwv/Lb5U/oGpw3G7NJ1XT2uSOf/fWvEuR9b1N75Z3/bazf7r25mC3KprMH/vrXrygwDu19GPkdZG+/+7+NZsXNVZ45q7Kp6o3Pvvrqs88IcDkv8jvE3nVX7b7JmJudysaqNz7/+itMi6MaSjExAH73t7+uOhfCXCQTrEDdzjyqZTL3tR2hlcm0V8ts5yKbSwHMX30NwG9/eenLL3/78cWLly59vBx+ffnuO+/OSM2oOneqyCc+QsQsk8kNXHsMmOuu7QjE3PLeq2Ou2974jeLDrwH5YmNDk3v5pSawi080wIX54oyUlNSMc1WnlP4QZvqpdqWs1Rx0Vma3osGm+Prrfa+829jgabwMzFd8wOwNNDc2ZKSmpD3UCjPHWeQymaXLMXsU9bXbv/76lVc+RgJ7sc6Bi7/0B+DvtrQ0wsy1xIyyIO9yzF5gVr777iuvvPnRsWOH35zx5kcfffTpx8v37N+z//BszGw7pWqZmcuWyWiRNqCCLld78WfLZOREGWSybE7YUieTqTmDAtV+hhBm8dE4glC5kWWr+VPiVUNIydR1UWFWOupVbwLzjBkzhg6dgWz5jPR01CNwKBpnNB6Y1a0wQ64V+EUBX6vhWJdTVJRzL01nwcx8OrWEWXo0xymEWpKcHLuc7ldGhdlWf+rNd2fMeNN7+bK7ZsGM5ctn3Np7GFpVzL0emB8F5lOtMFtpcEOmiwBOKye5VFJUCAMZQyAgWR2+wFlBVblM7hUxhxyNtqNk6C9O54Udijp6zWg3s09pbjj15vIZqR+h8uxevmBBeu/eaSMamhobm/ak9gbm+lOaVpg5Gc62mg/mOkJjIJn3CorKUTggZgVfLNVB5tCj4VTJvXwYMeQUFvHvo8LciJiTP2q6cqXpyq+HoyFVwOzzeoEZ6dyg0rfGDApY0W95sJJRY1glKc4FmNKKt9bJeBa6nzKHHs3xp4Zj8Lnzyvnj0Me1n1kFzOt/nZ5yGGrqgHcSIu6dOr4RqQ7MaT+ralQZ2mBmEBtfuXtJfgtwgVZDLYR51PjM1AkscFiRwBx+dEg1bQhuVUaHuQmYH09/aMmS9Uty8fjnMc1jNgAAGy9JREFU1JTER5ENI8xKU5vMaqH25kVT4wKtkCmtmBYXZ8RcJKRSCMzhR9P2klpNZFXSAhKla5VfbQ5UrP/18PSM2bm5s4elZKCZtof1GfEQ2NDU1PSfn2tSWtpgrkPbrKKrFwlmA9ppwD/wS0mY1cJhBQJz+NFwacrmK24truL4k8JEg1lbEajalvs4xDbXxH074iLn9zefGPwtmqJxT3LqDMTMtsKMaim8zcVvKSC5RpQs2pxNXqBMu2QylYRZhY8LP9qAaYtUqiKemYkms1EdqN2YOyl5Y6CpsenbwZdQsT4x2I2mtFuZnDLjF1VNCmcrzCxudIhzTaOzCKBU6KUSEqjIpesqmPHR4JQm1IbqbIgGM6sMNBbmZqSPqAk0Bb4d/AVh9sKbmmHJg0b8orZR4WmFWYVzpwwK4aUtLwNkXoEKLeTSqyDbWmAOO1ohMBJmRfA4VRSYOXcR11SWOzs9+dEat7tm8GnUYevwYBZej09KnjH4+UazytcKsxznWhvMFEMrYcg9m422wguGFOeWmMOODlZkBFEVrLcV18DM+lqsuK0B27bH09KS+g4ePCBhwGCwvgnoV1LS0Bk/PhdQMf6WmSE3BQRQHtzN0NoIdrL4RRHVrQXmsKODzAX4w1zB67o8Gsx+kyrQdGJ4eloKGsxPDU+L12fo8sEDbQ0Kd8vMIIvcRTcSGhc5CZiHZh21ueVcK8xhRyv4Aq6lzS4FfwVXyqLBzHmKGmvPLUlPSU7qkyiiBls+48e7G09pfS0xu5TCPYAHzr/Sg1vMcpdQu5GINAgtzpaYQ4+GI+QgN9yByckRLvhb5IGsyqKiM+c3KKvOl01KBeagDQVbvvzfR9kcCpcUOeTZEF/5uOShWziaX1Et3BJz2NH8ZxSwcnwt5FiaINsQHWaPoqKq6uAgPGkD4A5CvEOHDVv+zuCfnGtQ6kMPFDErxHfWKtSKyBZtUZDijOHZ1pnDjjagt0UGEiQ4kFRkPxMVZs5nV9hsVScGpeHJowaBDZ00aRJBrlB6/FzXsVBmf4vmMylqbd+cntQ7jY6IBeQFywG5vkrhauW4zmdXz+z3GhS1tbaK3FtvuxVDPz5pwYJ/v/1cg03Bdinka2H2+yoVtvrab05k3AbUwPz44B8/X9toVli7FvI1Mfu9rKKioaG26nBG+m23De/741+ca2rUFDm6GPK1Mft9dSqFrbHWZruYO/jHj51raLIpVHVdDfkamf0+r0WptNVDDb67qqGpXqVgvF0O+VqZgdpjUigrbLaGBrNSoXd3PeIfwAzUbkapOKVSKE1uX1dE/iHMKMIder3T2yWBfyhzF7cQZm+M+aY0Xwizuxswe9iQoQnum71E+zxhgxNYq/3mNisbG3QTs5jFLGYxi1lXMTwm0+dvLQlq0oRv7aiGRnvbGV6y9Az8uD3eiCncHg+Z/N/j8XSKYXj+9jG76+ptpzcuBtt4wuIC7LAUdZCi4tS5c6dO6cz1dXXuLs9cX19TOD4xsc+wEcMSE/tu/MLlcoekcLqqds/Ba0zNWrRJaah3uYL7qsOYOa/LbrWJh6FdF+bqdiC76i+MTxy65PAF3Re60/tnJ/YttDmlw4Wdtt2Lnl5RcvLMn84c3/D0rE1Kh9Mp7LRImN2MWqXSVJpt5kqtWqU2uq4fs6U9yCf69sk9oTt9AtmFC/uH9drIiph69HCcnzdrBQJG9qczJU8v2s3aHRGYPVqV3tEYaLCxl77QmWy1jY3OCiXb+ZgdrtN9+6w/sX/Pnv3I9uw5fHh24kabLQhtPT/n6ZKT1I4fP37y5IZZAG0XmMWj0LjLX6IRWZ8fefvtd9597tWDtgb1dRpU4vvhzM4vRiSt3LPt8J7128DWw4ttezISTtiEGoI1v/R0yXFqf6ptrD1z8viGRUo7aw1jNlZWfkgGoH1GRty98ttLtZpOx2yzLU7KWL/yIndxZe7Klbm5h6/UbFu5vs9gkwDNls7aUEKgS/4UCNRXNZ4pKVkxr8zBhjFbKrSff4WGYuGBWK+gAUmXK/ixMKQ7QIG9TRi5sqU9Bpk9GsyOC337zM49BuXjRO7s2bP3eAOBS0tyMxILeWa2ct6KvXtLkB0vaQzUPz9qd8OGkp2zdltYNpSZ1VR++FV5+Ycfvv3uu2g40jvvzLiwu4JHUcAvd4HM0NHMZtvGpOEZGcfQSriHM4ZuA2Tu9ENDByWNZ3gZS2et2LmTUJ8BmTfNei3w2ooV0+cdtJGLhSXYTcFxynygfN/Fxpo3G5suftTk/1VKStl5vpuenHSWkbc5SEOubGkPMIv6QPxQZpYZnzxp0qBhSN/AsW3fQnVYOAD1hkq4UE2QqrdOx1MnA/ZeYA58c7Y2sGjC1KmjymyWUOY6le3AvncagLmp6dJHTU170lLKTpmkzGrU6cNeAFFexxXJ6Umok6m9MrUCNnoJM03AcdpsmUyupf3yi6LCbPtiRCrqNdEHKYzGcvsL43qh5TJ7FZoZlIAxz1u2bt0qPD/2itcCeBKz+tuBeUKpMYzZo7R9/Mpvf/WrXy/41Zu/zliyJKN3yqlTFimzRVbE1cnVHFcg91pkFngvq+O0MosXdeytQ4mAmU/A2VEPZwWkUMsNaNhCNJjNp/um3db71t69k7fhxZu8hXEJeOXbxBcpc9WcZfzq8xtqm9GMDv7H0LpTE7aeNptCmL3K2o9nLK+pubhgRnra+pqabWmDKipYKbNdpuAUBTSGAU0rBxlBcC/p8ibH24UEatJx3YBSIq2jojNmRj3w+5xAzF8MTiCr/Ca+aCHMFXMWkkVKFm6o5Zpsu83KgWRBtXkHw5h9yvo3ZyxvCvgXpPVOPdzUdCJtUFWFVcpsBWYMgMAKCriigoIiTl4AzKgYK+X8uSAJaBcsA4N7TTLBztzt0nlEClmbLLcGNx03kmWOkc6YyFQxh664BMh+20C09BRGnhCRueHNxyft2b8eORy/cWNu2rCqCqeUmUFFF9drimyIWMBTy6E4S5iDCbxFUIwVMoMB01qjw3xhRHIK6vGWi6ovKNP+bWSNQSjPlZi5ag5Zh2jDN82NgYHBRbgnbC0zG0KYOWXjnsczjh1bP/vYsW1Ljh1bkjqi6pQ7tA5jqIwgcp1MK2PgLEAER9AZEhTIrTi2ic6G6DDrxiPEPhi58MUaDI1XvD1dqUMJjJXzyPJ/33CNXu72CcHFekt1ptA6jFM1HZ40ojFQsxGu8oWBwJ7U8VVCd2fRtapAgfvhquBdtpxzyeCXlFlIgA9SofKswt1Y2SgwGyo3IuaVcH3mCgfEL3YD9J4+ySlJ43VGI05RuXUWQW6of/75+4OrP46jMkuYtQ0XM1IWXzq8+NKl/YsvnUhM+VmtcLHF2XcVIMEY3MNeTrvsk4E2EmYhQbbchbq3GjgVqbejwQwFelhKavIeuFDBdTk5EUGfGJacllhYaaBnpRSCe+o3Vxqu2EaJVoOcOq+sUh/G7NI3ze6d3KtXr4RevRJ7JSaP+IVNL+rXirum8n02FS7cI1mFwLUhzEICF7pOY1aVTJatjQ5zpXFxcu/UYcfcBwckQmWbuNh1YXCf3qkDdJVakkB//qWnp09ouFJ/6rH70cqPdGXARbsZfTgzp6o9mCL0Ah4649+rlL7r1YHzhzNrK8tGpN2WOnRx3yRyyRo/AF70Kqys4FNUlM5ZNn3RYwNvvz+4DOLCpwWZpcwuZe1GiJtBg4YOHTZp+T27K41c52PuUVF5cGjv23onp/ZG1+nbeqek3HZb0osGg8Csr9i6Ydn0CVPxQoB4sTy0BqLSpNdGYOYMp2r3p/dOHzR80qQF9+y2qbjOyAzQhcN633Ybv/QYvEparOcjG0Of2rpBusLUijm7dTwyMEu+3jacaqqZfett6cOH/fycTXkdv0f3toNZB0o/lNz7VrKAz629U/q+qA9GNk5xfutLK3ADdBX8XrUKIWuFkxLC7GeVtQ0Xc4f9bHdthdrfSZl7aCoqy14c0SclJT09JSWp7y8PVlSckpZ5XUXpSxt2kqWI1m2Ys1UpQg5j9vs0yqraqtpKJevvtMwQvZWGssLF4x96aPziFw9qKyv0YTWd5nzpS8TmbTqlr9Bogvss4d2OPBqlSmm5zn1E2sncQ1VRWanXlZXptIbKEJFpLOg0lRXnSneXntIaK06JkSMx3xBrL3OPHkWqUxXI1KqWSgBeBQbCXqPWSHZU+7oqMzZ567vJdP9hBYP1dYhZjR34haYeLQNww43Vx75KjlnMurv9X1tfKXCkw4XoiRfZwLX5BUwXZebQ6h1oXY5mupoHWaWjGZH7/NzNx0yB8ZI1eDWiujphMRY/1za2tO8GOh5+OjUzR1Zg8QFtXbgBOd7bWoyLvtN3uT31Nhtrq3e7xX0yOhczlGIfAoYsEkjRzPT8BjfCboVahOz6w+q5E+fOnThztd7Z8dCRmf1eL9AIwBJk8UYU5ZC0VWaXy/GHmZn5Wz4A25I/ZeYfHB1NHYmZQ/W0p47CUdAa3sTg8MeD6nGuZWaXy/JM5pav/vY1tr99tWXKansHQ/9fRJF9HrGuNdUmg1ZzlJhGazCxNeK1ILy+yFKTfhtO5rmcD/4msk+yZlok/XM6nhmVZBTV/LIS1YajO1bPnDl25oMzJ06cOBNejZ25+qhGzO32RSzVpBMDIH/ylcTKc56stncmZs7rEYlsNR1dPfPBkVOQZWZlIoNXIydOfPDJ1RomSA3HhMc37nDEPpNT/jm2T/7xjw/Iq/Kc1Q5r52H2w8VXqLBYw9GxE0ci2qwcsPwcalmZiPvB1UeNAnUdXML94cxW6x+mFFPQPwcCByj0kSl/sHcaZkAWRLYbj44dPRKAgXbLruLiI0fK0bS9xcW7NgN91uSRIx988mhQa08YNGZ+Lg8dh2TmAoHLH8Ar5GTzc9XWTsIsQnYyR58kxHmbi8v5apfWveVHduUvxdSrNaytJWjErJ9cjCc3Li//B5qh/gC8LC7evCZvyh/YzsEMyHzlZT26YyYm3hICTLH/9knxmrysyVMmjg0GeCh0jx7V1meWFh/adwhIP/z++y+/5C7nb0ExkpWVuaO6ujMwB5GdlqNjCfGRCMC82ke25GVNmTh6tZbl628pNDDbRuftO4Ss+O+By5k53wd+n0OYs56xdAZmDiGjdR9rUFzPnZKVk1/8SUvE2L46sjkvc8rEJ4+yTrwmJFrvkxMzW5gH1iDgXbu2QGGetub7wPeZOYT5OcbS8cycFy1wipkNO0aPzMzJ24Wj+m8tGdK6vBikfnDsUYudhxZdsoDZ9MCWXWCb11wG5sz85kDzHzOzsI3uDMw+t5ss72kz7EBxnVcc0pSIZCjAs1ChttDVP91un4iZMT2Qt2bzmjVrDkAF9s8pmfD7u7mU2cR0OLPf7XLgxUvtzI6Rk0lJ/upqrHzL0skAzZL1Tx0ut1/EzNyVk5+Xl5d/GXc8Q70rA3+c3FmYObilIKOBmR2jAXnNka+u1sp3YehqBx5xC9U3JzCbzKNzloIhmQPfjZyLO5rPxdH9jMnU0cw+uDwhs1uO8siowRQG+AlpSJG9OPg/R9BTHnxSw9qtNvDgcvmCzJbt0wA551+I9Z8jp2Dm/we149LM7R3O7KfINezRsXNRYH8ebp988uGHH36AoGkD+vPyTz5B8ACdA9Balpw1l4sT2iRG7b3A/HsyLOXyZTKg4LmspXkPqDsOmTJ7XA6cYVb/5ANQY0dE/vDv//v9PwC6vFxyIpDq5ZuzpoxebcIurA6XJ8hsemZp/tJ/SEdRvJGVv/QZxtjBzH6KbMX1V96h8jDickBG/XkB+oPysN3QgM4a+eDRauLE5fLzzHp92TRor70hscn5a+7VduRXTf+HKzA7yS17dDQUtuLyiIH9PQ7Q3//mA3SrIYpwDF2clznxST2JbqvdI9xL6g3PLN2ct3Ta0ry8pbzlbZ72O2NHM/tJYbZaDSiy1xyJLDNZxevygS0fRDgn5bvyp4xc/d98kfYLzwz0pmde3rxm8+uvb8a2Bn52LX1G36HfKCJmD0WuPnrX5ByI7AjQVGaAxkKHIZcf2ZIzcuZRHtobZNYansk7tEtkh6Y9YxD1RekYZk6QeSzIvIusbCOJ3PLyD/l6qPlfByJAQwqIbiQ0gcZVN/kArVa/+pFdh3g78vKdv9N3LDJi9gmlGct8hFq5OLT/LCw61/wlKdHln+P/1CD95pwpQaH9wWe9Wq1BM+SRNa8f2rdv3+svPzL6Dx2sMmLm+NA2PQl3FpuPiKycV/ED0eXmexD6iIiVWvEuJDRDqzGP+Jm+VmtUrX7muecmP/fMdpWxo4kxs0tUaeftOyKBJvbBn0XjW0HoLeI0xcjg3mlzHlyvtJZgcIs+RaPRgNwGLeqF0xm+r/KxxKp3jEaVdpgh5sviMb3+A/nFQeBdqDbGjwezsqYMef+/q7EzFNySz9FQ6xTf0XEeymzCNRhBOXRITC2RGQyELia2ZTP/MBTfLE2GWsxCvHk683exnIt0wrFoaGijugYsSF38wb8QM/pm1ocH/V45kL8FybslP5+nJZY5cazeQtxBcHdiZjvOo9my465pOWv2iQxfWhAylvm7ifjR/n/hW6OsnHxkiFjMnDVyyFHaj8nemZl9tGsXDu3XBdogdvEH/4s4L6OHJ1mZX+IW6IFMRJ0jVRnsgbve5/tu+Tsxs5cGo2HsvdDUppzAjLAxcvGfcSH+1xS44crL/xIX7cvwhgotwZ5812oDLSq+Tszsocza0ffCHZXIiovR7127SKuz+Z9TMpfmrcn/ktwL/35KVr4AHaTOHDlWS5k9nZjZxViwaVEVJkYmxJu3/J02RaZk5q3ZnE8bJ0h10RdYwQI9Vkv8Me4uwPz+XZOz8oMao2YGekq7mb+58IPOa9bwzCB0ZigvLtD93qfMrk7MbKfMv+s/LSf/EL3uItzXMTIPGeBQbOfxb5u/m4u/vQtBBubfEXeMvaswb6b3e68jQ5fgvA/5mwtu7uSlefm/EU7BH/F3tFktMls7MTNLmNnf3ZuZlb+ZGr3FX7NGYETMOcB8mX/vmztlcmYk5uouxHyXiBlzw0/+gWYRM8RyltDybv6vkVMyW9GZ7QrMENt5oKwYOz//sogZI/5L2OCPJHRQ507NbGKQWd6/d1oOVMxiy8sX3Vxwb8yFpudcX/BW4/9FEBrV29hMXYCZef+uKVlLoZUBqALyb/4luqEivXrFG94Ig84MMnfm8mynzJoh92YtXZofNED+e+tTYV0OZ753iKYLMDsIswkx55AH0BQ65zffS6cE+97nuyLZEiZ05r1jNcSfoTO3SVwGwmwacue0nBzhwftSqKO/FMvMrR49ceTIiRLoyxOnZIqhczL7jzVR5s7c9vRQZmbsnZlZEubfSGZC42aORPZPyXn4vUTonKUP9FvNUObOfI/hM5iQVTKr+0/OWipizpJ+tQbMD0DFLa7VcAuUXK9I2xuY36/G7kyGznwv6TcZcSbZo3dBcIuQD3BS5rkjp0wOYYYWKBUaEy9diqow7M3IdOpnQxY9UcY4RMoc8g0q6DwlVOdA4AoRmlQEOZn9xpqozGynZnYRZp1l7J3TgqEdKnOA2zFx7twpc69ItzYTocm5ypncbwcNbX2nfgbY7NEbkemgVfKISObLYdNXhrZJgi1QGh7TUGhjZ0a9t1OPu/EbCLTJODoodE6ozC3af42cnEkPmtbvScZEkE3+Ts3MsYTZWL26/0+F0P7H1c436ZsoMN8LtTaV2cp1bmY3ZTapoRaDRhiovDTry2tlzs+f1n+skchs0Hs6+ZgyPriNFix0HjQ7w6uwlgyuVogZNVXv7bfDYgyGdqdm5qxaox4Zox5y39I1ebitnXng8nffeb8D++d3keyf2L67/MeRD0xGj33z8qb1A5mxH73WwXX2sYM+klO9AQn9Mr6LROMPRrZqE+lfVG2jO9Cl/fv9rpo60vs6/XhJzqIlWTUZRvd/as3Lm9csRdCTH0A2ZTIy8pu8fEBsk/G3OHCa7oP2iJHKzHKdf4yolzJXVL9/133o8dCavLycnGmZmfCfb1Yuxb/R/SK2aeQPaoLlo+dJ0/oP0fAya31dYFysILTOsvquR9bgJ555+RgUCioO9rw8VGaR5YgNbUTpIbJ31FBkDZG5s48F9mr56DY+edcjr+OOXBgw+ExwDenctRk25YmMJFhzb7+ZFpOOqExl7uzMnFVDRWLUY/s/hR9v42diL7/8Onra/fpmqaFdoqfCL9/bb6yB4WV2cF1jzLdfz0NXHx1751Mvv/6y8HRfYpKn38R2YeSj1TRSNAZ/Vxnn7tGQPOv0lvdH3/nUZvJtVShyEJ38oO95incBMtRf5HitxtNlxvZzVrWWGECP7f9I8S76zWSrhr7OW4OQa3T0aLWV6zrzGfgNGgH66Ni7Hnl7X3Gbdqj40Oan7kSBrafHakxcV5rDwaelSlfoLJon77rvqdf3HWrL9r3+0/79Zhqq9RUUWevrUvNWcB61oDTDPNnvjvueapP4qfv6PbjDwgiBrZGOKev0zM2cS4DW6qBQ97vjkbcP7WuVuD/EtdXIH6RRu7muNj+JBLrauGNIvzt/+tSufZGw9+3bhYhB5GpeZK1a7eK63pwsAM3X3lq9yap5cki//vc9grD3HQp2lYP/u576KSY21ggihyF3lXloxNBaHcMadjzYr/+d9/30qafeLj506PVXXj90qPjtp5766R39+yFim0nfMnKXmXuHc6tVQnyD1qzl/ZkPgtr973zkp9juu69///79hjy44z8tNSadkFSjklRfXWu+Ic6rF0FDg7Ta+t9Hd8wc++CQIf369bur35AhY8fO3HG02lqt04nSqfSR53DoEszQOGFUEN98f2vUJGVqWEul5j+JGU0WtobR6UUpNCqVxd+155XiXBqg1ohMq9fqTAzul82YdFq9dCeUBhfX1efS4nyMSqUJMxLFYaZSMX7uJpg/jPPoVSq1pm1Tq1R6D3eTzJnGufUqpfoqiN3czTNPHMe5DarWxAZglcnNcTfT3HhoqQZWq1JG4gZepUrLerlWkLtIe5vMc4gmBPMQc7tZo0alVAI4oCODv2jGXpXGaEUT5GFD040F50fsKszCTIdofiWHw05HE6JRgHY7azGhSzCZnhjoNVq4RNslaRwONM+SMDtiV2DGxF402yEitoaaHZ0ENOqsGg0YQ4j2sDSIGgmP1l7lusrzMBTWPp+XhrQr1LCSkheimeJoiKMIF8V316nD+Ola8bT4vHmlJmz302LMRarMOi/z9bPOivz/AXQ0URo+U0pGAAAAAElFTkSuQmCC"
next
edit "logo_v2_fguard_wf"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAewAAABSCAIAAAAZ/3CGAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9sCChMxDHDbo/gAADePSURBVHja7X0JmFxVmfa9tXZXVaeXdBaykEBCQogEEhYRosAIRhwCohHZhAcUfn9mfnVmHphBfRT1EZ7fDZQBFERA0YisYRslLIEEEhMWszYhezpJJ+lOJ9VLVdc+b9Xb/XFya7u1dndyD6SfqlvnnvU773nPd77zHX3ZsmWaFcodvF4v/uq6jr92u71cyXZ3d8fj8dxxkKnL5aqpqRl2jRYKhfr6+kpJAU3tdDodDkcZ23xYhFgqJBIJCgCEJBqN4ok1Eo+G4Kirq7NawXyQcSKIyVBR0ESmgUAAfz0eT45oNpvNmQrDrlUBOkDwggrPjjDMXoBvt9ttSSnbR20ifAamA9nT280Kwx7EQe6sViisyRwOQDYQU6AcAyMYDFZiHGLUAb7zxkRJamtrQT+jqTC82jOcCiXSRqA/OgWTQSU64kgKEJWYEgxYbwWLiR9pXIYwTYqHAOCu2uoYzBSQhBx9Pl9u9s0ZZTi2MCoYiUSAv6VrP5CIy+WSadUKRdAFwrrVGhYTP3ICcAH0ViUvVRhLADVwybzkCEVi8fABcD8cUYMTFeqrVqqgFPgB2I12wHxQoj7dCtqAPh2dgt7BB4unW0x8+AVQWgJ39UENIweghgJwUzQHtLlSYfg2Mrfd8NedCkXTZ3WFZHHwSsgk+kjQPO+OuhUGDcR7enqGtZyVKylOZtxCrGYVMEhAIVVCmo2T4iHwfZgqvlUEx1KD9c2BvBl/MnQ34BszrqUBqE6vcV9U6LmZoWfNrFUC8dwq16OEcRj+ljhb6IeHbE/C4TCwDCmTkOYQfTDN3HYpQ3/AsAFRX8xYUt/0MpusBRoEKRxtdoRDoQfFeNFSsxyZTDwbGgpyVQhryihPuZMqC8QXh8JdXV3a4QaOuolgaPxBnAO4xMG8lS3HggrgdDqBIxaID6KaxcxeqMXEhx8TZ++qejSSJgSMNyouB7dfQd9YQnVJaB6aM8Ys4xRSSuMYimF+zZu7MOmTQRGzBUY7CLhBla9GzqY+MtRITPKHqTXOEYnmZOXUmFv0fLgyccELTsvozrqRo9u7At4al8+eaNuz2+Fw8BydugdVFjQ3KTS1tbXImhqMjDiVN3Gpo2zySCiav5vH7nQ4M59RoeOqxHGYrS45eLd5Ss4DmZCxsuxkWjyxjFDOfRoDK7daeBgwcQN8J7c+ElpYd8Ud7jNmTd5/4FBr276mYybE+3qDgQBtCWgUXB1WPujHFyHcvb29Jrf1ze/ymQTrSq8biqhURuzOS8kzNmy2uTZbTXOsJ9Svhqk92zRvZulw9ASyGW57WpBa/aC/9dZbhdI0lZYOsO+Et25EzFnjcLomjh29e1/Hhi3b586Z5fPU7Gzb1xsMBg91xkKBeCzqdrvFu4VAeaHcPDcSpVvpDYpYd3V1mZHpUuDADHBXVI9fHHybR3A+yTsbyeccHypUcYMDhiIUUOmRh93qQdWjyp6ntLPFxweZiaejttphdrvD5tDsNns4Ybd7veNHNY1qrLdp2tL31u7rPLTvQGdNzZjRzSMR85DP1xvsC/V22WKRRCxK/SZ15QiUYCo6DYJeUBhcbSnbChMWlTZ57UnKDuK5vxaNXyUak+Vm39l2vPOaGJoB7qpBeUGze9EYXdAyIseHHM1edC+L7YoESz8++Ew8nW4TtUPhsNdXF4xEne7amM1RW1PTWOcb09TQMMJrt+mRaJKWd3b17DnYPbZhBF4GdkdiUbxo123hSLirNxDo7XXoiUQk1O0/5HY6wMuBerL5SVjndqgByjOKBSIALgd9pysSiVBzUjTkmdQmm1GS5EXzKgBZQdS7II1KOpSbhO8c9R2+iFOorX3efsmxUMg7ZwiOc2/MUjQNPhMncAejiUg0AeyO6XGv12dH9zidI5s8Xk9Ng8/r89TUuJwOOzeaEi6Xo6sv2trpX7dyxc4Jk6ZPO8HjdsX74oFgX18kiigjfN5RTQ3hSLSvL+Ssa8R7gH1/xwFfbY0zBejRXj912VS55Oh+xhn0haQclC/oqKcZNauZHde8UFUFPl5GGm6In3vGMnzI9tU8lA87TC9U92JSx2Wma7I9FLtPC7iHBBOPRqPgyB19iWlTptiTxytcCS3htNuAnU5Qa/x14LMd/7udLt2m+0PR9dt3rl76Ruh/npu8dn37MWO7LvjM+LnnTzhmXI2u9yW9RSePlYN919a4vW6X2+VMgmDK2CDYF8bs0Lpvf/euzV6vtwZTg8sFmCbFVvVr+GkoYDdPHpbit6Tooy4mSXcp8F0ciuWlfubh254SMPFplUgLYicqKr50s9EcsH4EcPCCYN181xTdZWWXbSuYZeLZfKeAg1O360z6mXPsbNsfCAbHjGxsrPdhtaS7kvTbmTT5ciHSrk7/hxs3blu2JPHmG5M3b5sVt0+oG+Xf37Phkd9/8Oridz7xCd/p5zSNO9bjdPqceMuGMReKRLREHDiOBdi23XuB12OaG+s8tR2hkMfjoXcn9VQexvNQONwh7mHxwWD9ktHDdREKh9wPS6HheQGrEqeWiiDjpR/IzGgemjEYJoN0N9zDBfQL0quYtPjM1k3mAd0kdlsQXxKIZ/NiSCdzPT09cUctOPK+A51bd+2ZNnni2OaRNocjZrMfCEW7Og/t29W6f93qvndX1rdsnN3ROc3hafaO1MCU44lGX905ibqT9/ds/sszW/721z0nnRQ75XTvtBnNY45pqqurdzhtTnuN293W0fnGO2uam+r/qX42BkhbWxttTiORSDbSLdaK1VSFY/T2pUJBh2hKGVrFAVYpIF46TuWulJnBj05Hz1bHNSMpv5nFjQHl0+m/+jmbpn4YKViKg3LNnLmRFcrc6WvWrMn4A2A0GAz6/f4RYybYna69HZ0JUCRNi4Chg2Pv3R/dudW2aUvDjm0T/N0TE86xtT63u0ZLKsY1/tP4JdVtkXB4b6CnVYvsaa7vnDgxcsI0x4TJvgkTG0aOdttsgXDEbrNNHDPqwKGupf/zzPjx40eNGtXQ0OD1eoXqml8LcyWekccVp6+gj6oibkUp4uSLyXKa16JUU6lSojpFPUkwXMaPmU1jA7JnQ385OJZtNWBwZVE5ITS/e1GcssVC9ioxcSoNurq6RozV4wnN7XI1+Lz7ewOd//2Tif9YPSWmNUa1Zoerzu1x1h+jJeE9noTuAd21dBCfOJ2uiQ3NExOJaG/Iv3pz+3stnY54R01tW1Njzf/7jzNOn93TE0i9nMC04fP5uJqGWKef1imIbBrkXjDCjFku3g2Hw2iE4o4wmNdOlhfEtaFhnVLEOh2djqXVcHSPXnTjiGVt7glAS1l9FKoRKvSosBnDlUIR3CLj1QDxbDpxOgtNjqhEvyjFYnH0QEPXwfOj7poR9f1ATTlJmIC5VByHyz3S7R6J1zAzhMOLW/fvHZBATbPhMWSabv49Hg+YeEbH2WYMD3KQUzkcrMoT8lVVNKh4QebeBRFSk3y8CCZYFn1u6eBuUqmiKSYNllfCSqwMDNu86cHwXEu7nDNbP+awOi+IjFuYXkEmTsPnnp6ekSrBTrJZZ1LljabvB+5C+yDRr2/Bey6nLe5SmQh+A8LSYSly11L7mQWhlUkcL2WLr0S1Y9npSdF68OroavPSPU7bKIzl1qr6SwEtuylnxjkg42SgZTfYLyNfsULBTJw8FIRUFNsJPbURpAv9ZognYnGdD2w6CK0WjamgrCfpla7FoincB+mypRLT2dUOXbPrfDuptMFfjGeQ3xEjRjQ1NaFsdDwtJwgMoqPlO8WnmbARLgLLCjpGUXSECsF35c5tFsS5+JV3hFoc/IhcE6TfxWxpVwaBiSMkO2CgE9Dgtv5GTz5Jom8orDc1JpwOAr/WF9KaGnRN1lOaFggm4nGtYUTyIV7q7Exl6+JMkIRzmy6Qz3xDSYvyZHA4HAa/aK2trZdccknuKn32s5/95je/abi1qzg7jdw4hXnlwgsvxIdTTz31jjvuUE8nkd0sXLjwnXfeef/99+XFBQsWjBs3bv78+fSqWIQxVt5alKhFwd9f/OIXL774Ij4/9NBDEyZM4AFaQ8xRo0adfPLJ/PrBBx9s375dGhzxP/WpT/Gntra21atXS8vgxZkzZ44ePZodvXz5ckzSZjg44kyZMgVTOz4fOnQIOeY9C2YI4ATHHnts7jhIuaWlBRzilFNO4ZP169djCNTW1kpl+aTSt2Y7nU40VDVzrASIi8NxuXPcAu5BYOLJy2c/Wm2lHJ6ox+DDEe2r1+pXLtCT24+JxNPPab9fqD14j1Zfrw28oN1+h9Z5UP/lT/tfWb028cP/b/N3aSnbQXuSvts+wnA9Kb4Y2DWpgMFj0ImbOebDS+LxrnpWKNtWjxmAW7lyJWYFfLjxxhuvueYagQ+5U40qIBaYJVyxYsWdd965Z88eQ1JPPvkk/r700ku33HLLrFmz0q0kS/QCVlwF1Th09CoygPKwJQ3+D9RL7LxeL94C9nFnklDLMHLkSCTClkGjIRrAlD/t27cvGAzyNEDeblXncm6519fXm1ejQyTMNCwP36q3LCEj9qz6BAVAHEgmZgW6Wuvo6Ni9ezd7s+wIJTmWch/poATxTV3QEtYK5WTiPT09PNUyoPxIaTCpFcHHYChywacc//YvH3UG5gP8Cp5V13+UP6mEgeQ5XVpz/9DVP30eACBx2+26A8MvYUsSN51ad0KtMHEMJwMTp2tAfm5sbLz55pvpo1wVAoxqn8/X2dnJ834c5HKnFNG2IENvxJQmAlMDtaTxDO0owLXb29uRJvAa5BQzIjJdtWrVrbfeylc+97nPnXXWWYiAMoDlgZVv27Zt8+bN3/3ud3/+85+PHTsW8QU0S1SnmEHtvBUH5sq18eDXANnm5maDdxq62D1w4AAwGl8RAZVCXQCsaHB0jcRE7dB6kCI8JAwJXn/44Yc7duwgrOeFJ/UaUojl1q1bx48fjzRVeM0R0Ptm2hYpb9myBSnLk507d+Jd9Kz6BGUeM2YMspYioY4QDPR+WVRD1Bym5wjBG17Gl7yWU/waWmR8cJg4rVOSq6FUw9t0oc1xrIHtV19xWFdQwgxGgTYqwT9SmejzP6f95mGtdRfjD+gf+lU0oDMY+RjVtamgMnEIt0AAAR2owdP5KojzdbI/9SdavnMPraARJZkGUgFMkynjOdIEnKGt8ASkDMMMBPNHP/oR42OaAULhV042oN4nnXTSY489BnAE9D///PNf/epXDQyraCe0Jf6kwqWUgWiOloSQGECc4EIQR90pRTyno0IeAtAHbcKtDsaX9Q3eQn+xp/LWVwpPRZ+WuqfJpL8aeliTr4888siyZcsMxBklgTiNGzcOXYy5GbMyBAx9OmnSJLVTAPT00YbXpUgoz8GDB1FBw+1FRYM4ZoVnn30WMwrLcNxxx/EM8/DaPBAn46o6xVKLDwYTl31M+o+VznC79K3btUBQoyjreqJlI1ZQ2utv6D5fCq1TXHx/e8LfpS9Z+hGEYDi5XaI0t9tUdYoN+ZIMAnB5s7sqE7KKJ1shLqgjmSe2gQuIIPQNCVK5bx6+Cdwk73L5kd/vBx6RhmOskl8TufAVMVG8Bx98kE167rnnovwoA6ABaIUEWf6LLrro/vvvRwSA+IUXXnjMMccQywqS6RLpdo5XVM6L+gJECFuHGRElEugd/DR79mxRm+zatQstgx6pH1CmiTJ67dq16CN0pZBcTGOYA0444QR0DYgCWmb06NFAf6oyEBOp7d27Vw5tofuEnKJ4WBIBbWfOnMluQmQQYRq6ZGw9w41OyBGpUZMj9aLk0I/mlClTUFS8BRjl3XIqiCNO8iRzPK4uDiAYPJsmi4NRqZCtRmjDqVOnUvWE1kD5J0yYAGFAhHXr1kFOANxkACgDMkK9hG8hMhqZSx92GVJGATi7SFFBKdAv1F8hDtY9mGmkC7BaRbKV0P+o6hSevs4o2xZ2V4+J2x3OcDTKIW532F12u23AJ5F+1739NidUncTjejym/ef3VfMV3eFIOOzaf35PUwh5Ih5NILLDWaMn3Wn1Wx3GE1rqdA8AUXTiqoISMiEjBBLQ0NAAucdgVh0xciTLVXAoP0bI4sWLwX9luvryl798xhlnnHnmmbIzhgF2+eWX48NNN930la985aGHHgJZw9fbbrvtzjvvlMSXpQI+IEEy6Hnz5uErsOwnP/kJSovBvHTpUnLSGTNmANEwLDHYUFTUi1qI5uZmYDeVRcBBVAEvYgRyw/bSSy9FpkIS0cgXX3zx7t27Uc2nnnpKTioh5hNPPIFigM9K8b7+9a8jZTBHeRdrgmeeeQY/vfXWW+++++599933wQcfnH766b/61a+YBVJ4+umnJRGkMHfuXAECgjKwycDE+RPKDGhgjwAsUEh0HHi3kFPqi0888cQlS5agsniFW5oILS0tACC81ZAKACyVwCLy5MmTgT4ffvghOS/3OaSL0UfHH3+8xEcbIimkycjpwMTn8hUNPnHiRHQNyiDLLJ42Qn1RWZmcyCXVswI8D4wZWqUOZ6UCPqCRubZA+fPWSF39TJ8+XXYLSF9kc5V8BUVFmUV7g/jyOrND+ckwWFNMD5AZNQ5e2bx5sySCiVAbuP2qQteXy81tBnWKZXFYZhDPdscmQJxMPGmEkrIx1AmRkLlATziSPIZe//Tj+iRlx3/RC4mf/hJDJHlyp5+d27RwSJtzpvaTHyVSNor93fatW/2vveb2+hIuYC1mheSooytuUrNsOnGVE9EQgqCfroyDjOLv66+//uMf/9hQtcdT4aqrrgKaUyUt+I5Mr7/+esg6v3Z0dGRsHDAa1e0GynzgwAEMfiA42xNITbDAWKKhpGAQ6A/wGuONu22IjyqIrh8lwUJezqzKvYX40NraiqS4pv7Wt74FvDCU6tepcNddd5188slc7MvpR9QXwC2QAcAFwt577720QlFT+MMf/gBMlHqhQSADquKeA5IbVigS2DS+Ai+A1Kgs0ITRMD1ccMEFqAgQEAiC7kCbCJJiZhVPwph1MqogkBpKAhaPWnPRw+eYHdMjo1kAymvWrMFbamkzMnH8ilI1NjYC+g26OPykrmN4xYdKb+kYLtshXjBiVBn8IG+NkIJMeJzmJRpaVRV7lkEdp1gopCeOZly9ejWyQM9CeFQElyAIjgAxQ7JoBDRdhexeBMSz+dkv1Bm6FTKDeDZ/4sLEo9FwPKFHYomuYCgei9dqerC3x1njTlqejGxKNDVKY4ddjsCB/brHk+g/0ZOytAsGnaGAV4mW7F2HIxKLxrv9WkNDKBLbe9Bvj8ddTgc6mtYp2XTiQsyBeunojAB8vOWWW2h9DGomcRYsWABqA3naunXrCy+8ABT+05/+hOfXXXcdxrM0AtguMOvaa68FISWDuP/++997770HH3wQv86ZM+cTn/gE1abq+EdMNBSeAMr5BJQTwxJLVwxajBOiVXKiisc9qQBiBWDCB/Av5I7yCMICxzHIqWDFABbsAA5yfP7xj38kggPOPv/5zxMR1q9fv3DhQjz885//jOeIqQ4DlB+M+Oqrr0Zh0Djo3DfffJMIjoy++MUvgqYhPnj6Sy+9tHHjRtmWZOOoTFzsfDgDCYLwWiUBpp07dwKt0Fz4PHXqVNkFZdi2bRswF03EF/kQawJMuqgpKvWZz3yG6IbCoHkNBnY7duzACgMwhOzQg5wykSAjpx/0NTDxa665Jl1y2tvbMbcZNHj0d6aCOD9DhLDUOP/887GGwNfXXnsNC6NxqXD22WcLSc9dI0kT7YCOXrRoEVCY5j0yF7IMciW3DATMtZs2bcJPN9xwA3qWz9FZ6Fl0lqx4EF555RVINZLFWgErGHkOcUIPolMqbaevnvDIhtEWZFeWiTcltHA0eqgnkNT3JcdSijbTdM9htx0+VuLRiM5zPQPbn4loJMXBDwu93X6b06XHY0mqrmuHeoKhYLDOU+u022idgpCuE1epZbYA0dy1axdwB6X93e9+x4eXXnopRhdoNUYOhj1GFBAcSQEI5s+fj5hC8FFfDDaMzP3798vFFKL6pBpU1gryHF9BwTAYJB3OQ0QTFpvLbUP42te+hsJwThItRFtbGwERf+WeZbQDMIvPxQX8hRdeSPUuyjkpFYButPoAoiFraS7UBTVFyTs7OzloAUP86eKLLway4zkKDOy44oorwNAFPtALKEO6KSQrhSKJ5gHAAYERRglSjCcEcXwA4ghYg4YjWd5bj3L2r+IWLcL8wdX9888/D85Ixo3+QlIAJpWc3n333dTkoK8xP912222iNMDkgbIZ5jDpqRyBFiaGFyFOnHfV7XGeKKYq3yAYkB+hyXlrpMr2Pffcg2ahPscg9lxTqtvFSG3FihWYKlDU5557TkAcPQVBwsOTTjqJTzZs2PDoo49SM4kZAh2N7lbVKSATVfA4xnWbQLl1HL/aTJz8MXkiI3U4xU6VSDxpdxh64mn76NHi8yr69oqkacrhx3M0hyO+py3857+oy6no3r1auA8/pezE+0M0Fk/eODFgnZKuE1eZOMbAl770JbF+o3DQvhDDiRpY6q8BE8ceeyzShASTUWI8nHbaaW+//TagBAQWXFgkBm+BNiIOIgOPCJpACvkV75Jw4S0V3CGg6uEd/IS8qEshP8rYyLSlUatJHQsngNqkYuqw46bcLfjZz36GIoE2YtDiK8qJKQcVAXZrA0bcvD1DBue0adOQMhqH52CBEeDCJIYIKCFaEqVFfAAuIACDn0wcZTAwcSHjKCTyhYSw8GgTmcOApEhKzORB81999VVkxK9YRiAvtDDgTAgyyg9AwRM8R1ExKRLyMDMtX74crSEFwFoKgItuRVFRPDQCmoL7dagFlxEGmyUUMt2TmiFgBsJ6iJsxak3pUUfVbiOgkKiC9BoigNKiSBAeWQSYrxGqgGIjJmrEjlAV7hRslbkD7tEpyA5/VQUjJxgeklDLgJhIFins27dPTZarXjncMIhk3ILsCjPxFN2gpfgATiVNDhOBYPBX9+pi2JA6cA/k0L3e5GeapyByb29s85be73xfuZ5H09GhdjnsM6AoT0mWWKekn9hUdeJiIKF6OuTufCB5i2cvEY1rVer+gF/4TKsSUQ6CEwFipBFIDImMGJY8TyhEDInTnA5P1MM+9HeIsomJNEYL70VigfEXzBfDGDCBYr/55ptY5FLnDhzExKAmxVUI7TH6T8wOeDNn1fAcZLylpYWbqOmsB8misjwyJ1pXXkYKgMDIB+qJ6Qjio0YY5BjtiIPGBJQQxKkTV5m44VgQ0gfF/tjHPoavxx9/vGwtrFu3Dm114MABHudBwDwqkLd27VoyA3Vi+Pa3v51RDrnrq0oCph88RMmBeoBC9B0tDoliqDu3kdXpn6eW5Ot9992HLqBZEZ/jA/fJ0RRqHWlcoc7BbFLDHMkjUWhY1TLHfI0wLUEsUQDUCFJnsIKlTlktA9oNFUcLQN5E4ca5Cq2hPkHLULuCgBw7eV5aSZZ7HpUGcTm9KWsXy+149Zh48m9yy5GuDCE9YOIJ2VUc8ehvbdOmaUR5u73vsT/1/ea3I576sy2FIMmHNlvPf9ya2N/ue/ShftdXqYP23dfekGj5QItF9ZRE9mN04iM78YwnNlUmjvyBR+BfEGWhTrQSo7224DJiYmhhfB533HGASww8ddVPJBKhobYaUC66bPwqRxBRNjp14fkU1SMEy3z66afzCaAZTceHXPbyKCCnEKGoeAhopsGiuueGgYcScg+T7UPUoIb6gQceoEJfArjzCSec8PLLLyNBetxlZBmcKDCGMSoFNMdPgrZcc0xMBVQN71IjL9oJWqcg04weUxGfq3ISTDEAxSQBMEKOra2tWATgycc//nGBFUAYEN+8e0jDZiNpL4g/qoOCocAiAEgTQiLrm2w6cXxGHeXQFvl1fSrwakCVd6u9I0wc76oEFumzy0wePjKoL9gLInWUFjVHllmdBlBTdCWmXpnAtAFPnCrvoQkQYiJxpKCew2JF1GPGldaoyKkfLc3foQXclWLikI8kE+9vXN1uSxq32Rt88XgCfZ6orYnva3fMPeejbgAy2nTbuGOArx85FK+tTWCojPlopyXh74rvaUuBsmar0e1Om9iEJTRdPbHJg9qC4FTpqutcDDmMHIED2hdSiy1IRO02Rh2GIokVksJD/gqxBgqoOlOqwkmu8ZybliKIUjayGJWJ83z53Llzly1bhmhvvPHGlClTkC9pCApGKMSYoSqDII7FBNpZVhi8t5NZkMKzg+T8G1qACI50Lr74YkAka42iLlmyhFc2kz4DoVTVKpqF5aTmR1YM2sB1zywDPkjxeAw9o05chES2ZDXFbS9W8WhYvNXe3k4QF78loOEsDBKXfWCEW265BV+po+ByhAtBmi0iKakLkqLZAxdtqI4QEb5CuVVBwcDE0b+ANiSL7IhfnP55JFIVBm5uqzsxZJRsK1UnzlWLSnXBxP1+P2AUUsGFVE8qICNAqqpSZwHoQB/PGdmQo1oq6iWoPFGfs2DIVHRcJ5544ubNm2lRQ4836RWhGVilmTibSNWJW8d/ygbihvWjuheEpkS7R/swHhw2XTvU5bf5POETT4nqf3VTofHrB5wXfUYXSuVIOSw0GFfZ7NrhXRL69YPxPXuwIIQMxo+foNXV+dsOJLePGtyxaER8p4h1CkcRlcWqnTjPMvA4sqHXKSjgxe+88w7W11iu4jMTxHMQ4cWLF5NpgvvIbbwc3iSetI2jrAsRo9trUdbL2KYWggvqBQsWIFOMjVdfffWTn/wk1go8AEI9DFK7++67Bf3laJJYIwDTVe8xb731FqkWs8Bz1IUxUSOwb+5/ooSIxvKwlVgLoW/InUwTsEUbkpkzZwJqAbKAzlNPPRVlo1n3pk2b1q1bJ9YpGXXiEjhPIBEVHTgHgCTiYTpF2LlzJ1VVZIUCN8D6d999V86vMms2PpYRXCUwBbQVvnLWZNuKhfWOHTvUI7vSOwYmTot1pCMmRnK8ADFVyCYTVzUzQmC5X8KHqCl7h1M+40+dOnXNmjVcWYqE0P0AGgeNIHycU7tnIBgM8phjul6er6gzAeUTz9EOnDtnzJgBjoKpGq+Dj6smhtVk4sRutANLm9EXuUnstvA9A4jnOLEJOgMwqg0F9Jp6iOaOXbsiCW3snDOD48fU7vdrTkf0H2u6r7/J/cXLkvCt22Kr3gXmhR5/Uq/zaQPqlNjOnUCm8NOLknJp02Pr1vc98BDoOVh3SE/0zfusvy+6actWn9c7sr4OU4WokkkqSZyF76h+l1AkfFXVJqo0Y2BccsklwFN8XbhwIYT46quvRgqrVq264447+NacOXM4YFS+z3EoOKuqRIH+LBjyxSvpTByvY1a45pprfvvb3+L57bfffuWVV9544400OWhpaXnkkUdee+01lTqRd6N4tC3BeFu0aBEVBcuXL5ejRqIrF3OO1atXAwtQBcDB9u3bX3jhBaFvJG5kqVILNhchEunMmzcPII6fHn74YURDW+GV119//ac//anawulMXMUXNteuXbtUEOeFf+wOMFM5ECRMHEmRlyF8+OGHdBB41VVXoYloWQRQPvvsswlDGzduRIsZfF5ffvnlS5cuxfSD6syaNUuev//++5gFucyi+TO3SVBB1RCbc3z6IQPpx7xMnMIpknliKtBuBMyXDgh5CgGFwZSD3E877TTaI2Ia/vvf/86FkeTLBSiSZeOk52goFcuADlUVL4zGtRRbD+HMM89UVyRSXzWRKqhTuLcp64a8dwBZYF0YEzdYHUgfU/p7/Qc9tQ3NTfU+T41ud/Q2jOm77J9Dv/xdjdOX8NRGlrwRee11cm0douB09t7yXwPXbCY7IpGiId1f/5eBO4ASuqcmifiBvuDsaX1nnevsCp90wvEQo3Ak6kmEyKG4tORQVOVA/UrSQdasrkkFpwBw11133aOPPoqffp8Kas3PP/98IiAgQ9URiyKbeaEdxA0pWCo9Wy1btowGMAadOIYr8Pq8885Duz399NNY2C5MBUOjYzp58sknMVDJ8sjrL7vsMpB0LXW6UowIgVA8SURejGjor/nz5wMsgFbPpIIkS0N1WtDfddddIJvC9YRTU6WD51gl0CocIPtAKhjSIVnLoROnwOC5uvbXUsdfybXpwhAzn5yuxBQF2o4FBDfl0AIAcTBWep654YYb0rMAPaeHHFWPDEYJ0DfExPSwZcsWACU3b1X6bLgflaoYBE5ybBBu2hssKDgHqEBP6EeB0d1oJbGLF5TE5Ir6skYZDdKx0OGJJHVfVPUXZDhJRNOUjGUwRGZRkS9wGSI6d+5cQ9YrVqwQL8FqIlUAcdnezK1RsY7/lJOJU1+GYZbUVI6ZYNMBjrW6TQ/3BLovu8KzbJnzH1tsnlqtn2Ql5IofXfVJ1H9PsqYno+kDNijJ0Oex9958M0i+yx7RvV6sYwPBvnXvreLtzDQboPMp6bx0Jo7I5NSUSKpTRbeLh+eccw4GzHvvvQcsEKwBfNNADRJPv4MG5aaopNkOiHDTTTf95S9/kU283bt3gwWnW6fQ1xXSPOOMM8CmlyxZAkQTFTMA8YILLqAWe/z48WBk8iJwBNwT+Lt48eLW1lbG/8IXvoAhBzovWaDKwA7wULQDlhRiXY6YAA60GyYqkjhERmmlhAY7E+qIL7roIjQOsI+UnDoQgHtHRwftXmj4nE0nTrBD4aVZGDZs2ICVuwAlUFtAHJOTLRXokISurJ544okFCxZk3OfERIiJEzQfv8qq4q9//SsKSeWPBEwP999/P1UEJJiqspjnqtSvyBfNpaop9AFnEiosUo+nsl0hsIiPpRWINuZs+RUzFl55/PHH0UcZa4RZEzMNdYCSkYiBMHF1XuSWoMrEaeYRHAgGJo4SolLoBSzsZs+eTZtxCBWWWRgFAuJqIlVQpxi2NzPaGlr7nMUFnRtN6c3NNR0gHiDudNfE60Y7nY5oPOF2Otz1DWN2b2j4xr95g0VeraBr+v6br277/HXhru7UOiveFwo31Die+ePDPOhIizcDR0DZMPAAoIA/ejcFp6NL0vT7ASigKDziY6QhPpWeSYP0lIqGqkma0NJiBGiLKgMywA0B8VQC0KUcfsXYA7pBBBGf6kWkhvTBJZPbv01NKAyeI1nmu3fvXsTnGKNqlQCBAnBdSWRB+SdNmgTcx2yEkQbQBzRTScoCcKuK5u2YAGhVhvHZ1tbGIzPUiWuKhRmTRdWQI0qOYqBUoKgoM1qVMIFoPKNIW2885MQpS2we50NT4C10SrZBxf3J7du3b968GQkiRzTdlClTJk+ejKLiV7QDftq5cydqwYIhTZSNXsjxEFUGBM+YMWPevHkCzc8++ywgEu+itWn5hxdRO8THc+SIyJiEGPm5555DfFQBMZEvCmDwnYtidHZ2onnRxUgEAIpoxx57LHdfDfKP9keziAdBquDRIKgjnuBdlB8P2WWoF/oCLYwsEA19hALTNnT69OmYswXKX3zxRSx90EQoHnocHYE4kGSeQkDJKT9Uc2NeRGk3btyI+qIMmAWROHKnjTyyhiQgEZQfBUNp2SaQBLQ8niMRvIiyIfGDBw9yVc2l2A9+8AOWB8s1zCWIj16uDhOX/fmMIJ6bjFuYXgwTTwyYbKPR9+7YPmPO2O5IzOF0JO/nCfT6p5zq+P53HLd+zx2zac4CJADr1XB3d+C6L+7//LW9B/0uu63foUoivuqNV3i2iISCFiDqIpraSUSguzhIJDeXsh2loYtBDCrEgUxTkU27cqo+gLxEDVJ++oPmERuedRaxAwgiMrGPFuKIQB8d5PIcq2TBNC3HeEaazJeQTeM/Xp7AyFSnULNMV6jcrGMussrmzhj3b7lBhMLgFSQu7tFZci6lae2TdF6WUi6hhARoojynE64wgAKcGnnyk/Mc/W9oKTd4dCKGt7KNIuo6ubvI4tHNNycDmm9yC5paI/ocZ5dxVkOD4Ces9EGx2exSd3p/JP8FTgGtAIKkq0Dtp556CmUj4+aeIUpOOxZ1xSabBMiXEUgOaHtjEB5VxsQYnEViF9NBJlqM2nPEJzjShS8FjDucK1euxLpK9uSpqeNdFuwCpklvBAb54bl8+ufiJM3XedABkVlNLv4ohKJwQ3aAeO5SYHa85557eAIIb4kJLA090WViBlY1xBEynnuT0wLuInXiBj5O2wB0Pxq9e/8uvXG8nuh3YhUF9s+9yPnDPu17P3ZjFLidmhn3p/FEpKc7fOX8tv/zrc4Dflfq0k70lL+7t8kZ27BhPZgIj0rScJDgpV6xRo05hI9WGdRB5+ARHGAkLFxi0zaR9hvEU1qVcVYg7hu8+9NkApHBoSD0eE5zcr5CIwpE4EE7vkVbb+SL0UKkIEQSQVgvog8N26kIog0JLQ7jAw4deQib2C1n+fAXTURX5mT6vG9Bph+WDTmirThb0P5EVa3ycApGO3Ok6SE1EtrAAVHESXdF8pHlUQqMOHlwicCv7Bf66uPsgqajrok+EdnsnO2odkd1wCU5nUjW9FFF3OfERp8zlEkq06g9QI7NqcA5NX1ZRslBgsRH1kt1TCbckN0tR39p5MPjAnzC016sHTsC0kUwZVPQnJRoi4FCaEbutNpGU9BGhQWgVh2fVflhL/CsrxjI4jPyoqyKoys8pzxTMpkIVgYEcSR+5ZVXvv3220gKKw+x1v/b3/7GMwe0wqrmxW+iGU+n4ZbRYZGKDXRwjg1lWotjcQcGNHPWqR0RR/2IOpcTjNzucDo9TY0NSxZ5vv9jlz+ieWqy4bjOe9oi0VgoEPrq5a3X/+vu9h5nIu5CQnZ7p7/ba088t/AR+nWD8MkVyeI3SpKiJwryHW74pN8AmW7bRKorhi7cyFIvaaRgUbYMPwlhJJtjClTBk3hyYiBAU+GrvqVeM6gNHMfgQOVDPpHzkCyG/MRi9Ls9GHiXTySmJCuLGB6GlCdkgtJWar3kNlsZV6yC+A7N1sLivDu9MGoDMn2SVk4S3CpUdxHFyFomWiZC9JdzlVz9kPwyU0mWkcnoM95FKT1IGRAByCg5aky2ABtEfSJbNWoXi50im50kV3zscKLlRiJFhY3DNLk65BkFloqbCqqEiEdA1dkyE6Fksmwk2rRcyjgoli5d+thjj2GsTZ8+nZ6cqwmRHDKqGWUpFodW0HL4E5cDBQRTNOiGtaunnPgxf7fe1FDn0h1o4LC/q+vTX9CbR9m+80P7lt16nTdzUoDxYCju0sLf/sbWf74Ca2Lwdl7Leai7x1vjXLfsFQgirwWgCS1pePq9ZRwJA95WrD7OMF1lHABFb/rn8CBaXPur5RRspZc+Hq1SJzC5fJkxxZmfTA981xDZ/D5bKXt0eaOp+J6ROmQMcqxfG7CU5bTHqnGKVYU/PSkC/aZNmzZv3owxpe67rl27dtWqVatXr+aRV/ppMXnKtBIalXT4tiwOy8zE5VwcKFJXVxdWu+0dHVM/Nlv3NY5uaqzzeiBa+M9ZP8J3YKf3h7c7X35bq/WkjvwoLByp9PRoU8f1fPe/WqbM3rujze0AaXWAhQf7Qhh2LctfXb9uHaQKCM5bArhOFL6WsS/JhcnRrA7O6Hq/civTgq6ZNwnr6rJAgF6138iLpAXdm1oh7K5CshR48hsV4tkp5OaGLX2aHtIoiHshBHGMOIy16l/5Jqc3MyK4RcYLFgmDdYpBvDiuQqEQbxFsb2/H37M/fVFrZ/fopobGhhEOoDhkCQtZe8z72IOu3zyiHwhonlrNlmr9vrCWiCQu/aeOf/33lkht++62pHGL0wEQD4XDLocDCN6yYQNP9yHQ0aAsivMCkAg00byaqr0hheAGy+JC6Uz682zgUuV1NxfdKmEXsdTKcUddRXG/ouifG+JppAjihdGKv9xmoC5LVPPc1c/r3LFCgdOJoHZuKLfQPI86JZt1ikGpwn05bpS/s/TVSdNm7uuIY/U7dtRIp9OmhUJBuyNy/Tfqzj2v9t7/1v+2TOuO6pjgZ00J/d+bWs84f/vujoB/nyN1s5tu03uDoREe9441K1f/4x8UJrEm5J67AcFN0kk57KNKxhFPwFVfKJo5q9viWsawkB8ExqFo0uW+GM5hRXPz4cLfC0pKjFm5DU7TI2ojMYQ5QMDWuZ0gipoSFWUFVUT1y2heqTKIlGJYMnGV7xAseOkM5nas1Do6Os6a+6nOmNPldE0aN8bnrY0nVV1xzemudSVGvP927WuvRKZN7zxvXmvEeXDv/lg0dT4uHnMmTbuiTT7X+hVvImsgOGg4PWnQpIH2GKUbjRro+RHW30JOc2B3ec9QDNkGFKou6JDO2cuL6ZXm72WBfsOudbYtfcOKlmxd1b8LnSo7vnPbNgeIW3oVs2Nz+fLleaVHXOjRE5vf7+/s7ASaTzp+yjHTT/H3BCaMaR7d3KQnfRBGIxhETtfBroNOZ008GOoLBjCmItHUvddAeS0x1udc+PCDIAI88o7A++Bpe5dRFa6VsI1GwRVrxSNAGsQZYQ7mUhY+LmNseKmqBL5lqhNEkw3VoQzl5QLxMq5+RAYM+nf11+LWkdlO/eQl4xasm2LiqiiIJRNx/NChQ6TkdXUjRk+eGnPX1bhdE8eO9tbWJHRt287dK1evHze6+cSpx4WSnn0iwb5wKBKu93p69mxd8upi3lVPBMcHuVJStWYrsZMyUjCDIeBwlAOxPDNIee6v5peoGUdLlRW7FW09dbNHdO6GM4QVwvThtfWaO0EBbgNtV+1n8pJ31VWylqYcL0Vojy4Qf/nllwtatIo/vO7u7q6uLqA5iPn0k2ZOmjmns6evYYRvdFMDhkdXV7c9uenp6O4J9vT11boctfG+De+vWrVypc/no183EnC64edFf+ViyrmNGYiAPC05jOi5WJEXpEIpdGvBwIyO7K0FlaOom6jpe8VFw2XlIlcIvgtKLZu2U7A43TJS1c/IfkZxLrEsfO9vAYP3IjNaNupV6EKIfBwBP5182pldMUdndy9YudvpjMZioXDY7XR49Oi2DWs+aNnAg3lg33Rxp3LwbCcvMvZT2QfGoG/ZFcQizSOyVoiPZkNDHUkEvERQM/D0KnPeqs1kpSte8j5PR+q89yZbGJ03OMxcBG4QaG1gm1vsloDCnZ2dK5e90dDYePy0GXqtJxCK9BzqONTeFgl0b9uyBZFHjRoF6g3g5sF68RcqxxdzcJ+yyKJJYU0/JjoU4DubEWHuhwV52c89Q1hBbaXyWjoeATNBodJo5rMlimabmp6jDfNhXu2EHEMnJe/q6gIrP5QK+BwIBOj3R7yF8HYY3ixD+KbfEtkoL6KrikZtk+Ku0vPBkiTV7sK8lB95I6Ho8lcB2gwkXVXRDDt0Lj2vvPSiOCi3AD0X71TvECmUktNXA21RycfBuAHQ9AdEK1SCuFcJdIhBAp7NwrcsMlciiKv2TzLTVFOMDEaEZUFt6was6hP2CoH7kOXgucXJ4uDlB/GCDt2mU3K544oeiEC3ScPp44aeeuTGSB40EA14Ga3WCsVrMyxelSFx2WHYmak0Ac/YREUcrLfGw1BYOmRUrFcO3IcIyhcB4pZL8cJAvCCdeDYop7NjEnPAND0ZCVXn/SnEbvrSUo12K029SzQdyxitovRcTJuLU3yXuL1phUHh7Nrh5u2DCMplTLw4tbgF4gWDeBGXeqR3MyUP8C3Hw0QPID561AMCVdCcFAToxR3HEJ2SGFGVKG3i3i/j8ii3oFvD4MiD9YxqmeFIzC0yXlkQz3YtTtFiIWe6DO1OeFLZd+nCZBKpi3CsUXTZ5NRyoQJncJZfRvi2HFAcSfieztyridfmEyx6h1OzvF9VgYlXc6ovnYCXBdMLqpf4qTBp3yIHTFQNuPmlqFbC2XrLGPyI4ezZCPvgkveyGBpaIJ4HxHlb/FCA7NJdTOT1Ol1NSm6SnotDPpNLyNLl3hoSRxW+m1e1V07+TRJtSyVYJIiXy6Fwlc/+Forggw7oHEVyClm9Fk71FVcKZykUxy0OftSCe25VTIUEwwwdqcKVJkcgiNM6Jcdhn0oP9bL4+ikLKy/djsVMTMOZ49J5dxHGttZIsEI6pmsVtmevxLLSEmmtXDrxQbm8qiDqXV5iXvb6FrHeLNrFlcXBrVDQ8rGMYlMuMxWLiBwG4n19fdWc8yuRSKEAXQorL6O+pfQDypalrRWGAmevEJRb6hSzIM67rnP7Thl0Sq4Va02Yg0eU0bKl6Iqb1IOXwsTVn0oZeFawgskRav6C1hLVKRag94N4MBgcstJQXko+iAy9RFZSuhbF2sm0wuBiunw1bxJurSbNgjjdVx2FIF660rxoe/O8EmySj5tXHVoc3ApDOVjnNocuE6/mhmclTFaK2w7VCrFRKZciJbfEWwhuheEL65p16jg3iHs8nuHFwUuE8uqr0YvgIEWw74yzgsl7ga1ghSEI33lPO1uUvB/EA4GAVr6NzUHn49UBd61YM3PzV1hp5b663gpWGEZBXMuZF++jdggMRZ146XNDJSwRS2ToBS0Ys11dr+W8QDb9JlI6Jbfw3QrDkY8b/DxbYpyHiQ9HpK40N9dK3gvN9rxQhbhWuEFhehksNLfCcNSoaJZCPC+IV8KL4eACekEMvbzAbWa2MH/GJ7c6xYz4Zlw9WPTcCkMfxOnRk38tnXgeEN+yZcsRUI1SLkMpO7JrJbhdLsgcRTN3qj6jxa54bhncm6CtYIUc6hTNOrRpBsQnTJhw5NWqXBcol47m5SLjBSlSzNzlmO7HzrCVZAUrDC6Cp6vFLQTPDOJD8MTmYBHzQkG8OEA3Q8PN6FK0TDuZeQm44a/hqwwYXsxkYboVBhfKs1FySywPA/G6urqjAbUrwcRLB3GtNC9XeStoHr4zxhEoL/pmVCtYoUQE11KacdGSW9qVDCDe3d199NS2Qgy9xCM/5bprLQeC50DqHEAvf7n7zfuJrGFjhWpycNmEt/QqRzgTLwtPL5qhVw7EzeN4Dj14NtQuCM0ldwQydIueW6FyIC7rv3QEt8i4IfwvAoF+ROLRux8AAAAASUVORK5CYII="
next
edit "logo_v2_fguard_app"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAewAAABSCAIAAAAZ/3CGAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA4ZpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMDE0IDc5LjE1Njc5NywgMjAxNC8wOC8yMC0wOTo1MzowMiAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo1ZjMyNDdkYS0xOGMyLTRmYWUtOGE4ZS1mNDkzMTQwOWM3Y2UiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6Q0IyNjY5QjU0OTBFMTFFNThFMUNGQ0FBRjMxNDhDMjMiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6Q0IyNjY5QjQ0OTBFMTFFNThFMUNGQ0FBRjMxNDhDMjMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTQgKE1hY2ludG9zaCkiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo2MDZhZmM2OC02YjBlLTRlNzAtODdiOC1hYTlmZmU5YWMwODkiIHN0UmVmOmRvY3VtZW50SUQ9ImFkb2JlOmRvY2lkOnBob3Rvc2hvcDozZmMwMGU3Zi05MTc1LTExNzgtYjM5MC1hZmEyMzFmOWJmM2EiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz746FfVAAA8XElEQVR42uydCZSUxdnvu6d7enaGYVhkVxA3iLiB4oIajRr3iFuiuCQqxtycGDUn8SbHL4nJl5zPJTdXY1zuUTGaxDVuuOGOoKKouIDsi+wwwOwr0/fX/Wceat6e6enZGgbeOpw5L2/XW8tTT/3rX089VRV+7733An7ozhAKhfLy8jIyMrowzZp4aDNaZmZmTk5O12adhhCNRmtra1OpYGuBKlNxqt+jNQc5NDQ01McDz35X8kOLIVxQUOBLofNBQBkOhyORSLdmVBcPmfGQJBrFIEIwGOxxkmxsbATB26xg8lEzHA89sfqph21NQfjuoryP+HsWiJeXl/tS6IjgwuFQPLioTY+qrq7ujuxgZKRM+m3GhIFSJHXvHifVFGcYyUfT7OxsSWwPUUWNVfrLEEjFPeCu4PdZn4n7IUbxsrKy0mydgHczm6aL5ubmJo9J2XquAQH0oaaaQHQ4Eb7V4OrrqlHyxniwB4IvFp+J73GMOz8/3/7LTD9tWcsu3CaHAt/hniB4Qzz0RKCh2FS2k4UHu5GDD1LJR0qE7GO6z8T3iADt3VnrgVrWo7N5xo8WTQdQV6L1aKpITfmbk5PTmXTg4Ihi9zaCdx9Jl+3FB/SeCuIVFRW+FMwcARBoMs7UPv2dir6UYnOIdQLiPZR9B5pstUw1OilqhIA0fLNvJxtimxN8NO9hIJ6c6+1RQTzO1gPd9SI9uG8S/5v4SbvmuVVVVTy02RxgFoPNbmD2Rc5MOCLx0EkOjkB87e1CJmHrov64uIcycWt4e3BxcA8fIRIFovlsipRT7Bv2akNIT5SqCHjnVxdkTZIMfUNK1xJzgvzTe6KPk8/EOwvf22dnjY2byqpLKmuK87P7FmSHMjI81NUPHQua6npwP1GkiRDf4lwhyTSimwaJzruBW6nkle+rU3qIuW9j2c2ZuMG3lkoqahsqG4P7DBt+8F79V61bv3jFyvxQND8rnBEPOwvKQY28vDy3nG7wF3baNYdo8blNcxNYIC/mznNwTUrS6Sy0J+O4ll7M99wPu1YPnTt3bucnX4Em76XNFTWltdsG7bXXyKGD15eUlFVUjhgyCGhcvmrtug3ri3Iye+dlh0OhdEK51gC7nE6q4ob+/paKdA4qLhtIZQ7hG/S6JPhQvvswcXebr/Crqq6hvHZbKCt3yMCBhwwakJsdoa9MfXY2c7DB/fs2RgOD+vUdOnDA2o2blq9dH9pWm58Vys4MqzcGOrEemJysZcVDoPudu10LdYviqqqqqq+v97VtZ00gWnzT2kwi0LqVqQPDxu40criU3J+29hgm7lmlNL5JG9bUbausrausbQiGI8V9eg8e0Le4sFdediSUEaSR6xsaN24pra6py8/Nqa1vqK9vqGtoQJtzcrLqauvXbSrZWro1MxjNy8rMzcrMCoeEg+aa3RnqBPXupNNxFxJ2xg9/aWhPGCFSGSqSoH/HhoT0Dw+ad5qV3KfkuzoTd00lmyrrG2PYHW0MBGMbK7Kze+XlDyjO61NYkJ0ViYRDOZHMUDgUzsiIRYkN2o3LV6+bv2TZyGFD9x48UAnW1taVVVTR+MW9C4cP2osEt5aVl1VUri+tqq+tbdzWEI4vfzIMFOdmGklPUVMjkYhtTO/k+RudV/ROHsLnB3+E6MDY0OZcoV0Wp9aIlPZnKfh8fJcA8STeKQJxzZ6qyhvGfWs0bRYKZUQbQfZoRjADtM0MZYC8IWdzY2V1zcdfLVz63rR+M/4zeH5VzYG5M44+s89hpw4d2N/4aXlFVU1NbSSSCU/vV1SoA+cYIaDsaMXHX84blJWlQzDaBPGdcp5JkpDiZks/+GFXm0OkaIMi6IwafxGoBzBxmzcBTBnB7Pr6huWr18K1CwvyYN/ZkUhG5o4N3yD94m/WfL1wUf2MxwrmfjJyeXDf/N4FxX3KVtctfvDZqhnPLTjs6LqDz+pXXJyXu8PWsS1meIltOIwGoqVllfwtLCiAjm/evFlbWkLxVdAWta2AmPGf0r+7MjHExrmqKt9y4gc/+CHdIJ7k7BRAvL6+vqamJraxuwGcDSxdtWbdps0TDz8YEBdV37SldMPmLWvXrsn4/OXeCz7N/WJL/2D+kNy+2UXbtxT2yowc1qd/1fqGlU/N3vzCmw2HDl524PHRfcZDwPv1KcoMb49WsrXsuTdnjhg6aOIRh4hfRyKR7OxsxnwPiO9qZ/UhIi2ctnnKoB86QBulCdKBaPMQcLzm3Zc+PfTDntVNZs6cmYRdQnIhmLD1aOHAMfuNXLpyNcS5MD9v9YaNjZtW5n4zJ2/D8vDSVaGVjX1Cuf2ycwojyTZA07c21VRvqKkqj1RHRxVU7z2yauCBjcMOyy8sGj5kwOp1JXD8Qf37fvzl18HStfn5+cCiHWayqxkotKVNe+X90E1B/kWpr4skb68Wg+se6vuJ+mF3Y+IQcGg4Wh47pSjeESKZ4cL83Iqq6kH3/SJraaBXJFKQmVUY6Z9ZlJJJmo4I0POP58oV9VsXLiuvX1Cx7YnG0VlVv546avjgmrq6aBzrM8NhaDggzl87pU/GCh14pLCznLfA7vjyQMg/A7Kbglo5cR62E8fsQPMLFhLpvz8V8MPOAfEk54kLxIlQWlqak9fPNDO2slHVOLZ4r85knBfO5J+ePy1ZZ3CsXMrKyui9YrupH7UqJ0VdzdWaMb0zAeCurKz0Dd/GYe1AaluCNhe0Fv3PtEkn1LTbyxrIDtKz3bMyptGOih9sCqmUynLXJ0qkXXTeamcbW1JJp7WfEkG/zeBuJLa626/udqc08Bi3SOnPvbUZlVpZDWRFcrWlp/es1EWdjIkDoEjErhxzDrQKZHSpiGKpBa0ajZpHQ8Pz8vI6fN2tmjkR4oUg7WXxutky4Bu+mwYzBngEwhgvIRtr5r863IpfdVC4C3DuUodOQhc2KTWtLjTE9xNoMYY4WU1BlvHWBmapvj5XASiJNnyhQnbIcCqNrqRUHjRfJ/3qcwqchsmB9tTIS5WSkJ3JllLptC+d/qhxxTMb6MxUwMVHvZExU1nrihLLPf3zJKE27aLW0V8JRF5qVjAbcbsPZ93jTqVanZeGliHbK+pkTFxKXFFRAf3M7xOIumjYtXNnx5NJuZCjjKFoc3qWMdUSdnOmiQwJ+Ad0JKIMMkExmDAhn/gerpz8/Hykh84wb9N7wbF7xILOHWQgzI8H3bwhlkCLkyDJCj4UmaZXylANRnTj5i0O2FYkVFqeQtr2xbeFhYX6PBUcF4KTwpZ4oDuRI0UtLi7u1asXD919BbPuU0WMVAR5Sghkqvd6o0rpffKpQJJ5QOJ7stDwqdHC/He1/EN55D5bEA+uqTM9FFVloySV8SCfC5sLSrVoaBRGN812h8VV8I18jHCIaphLdCebXsaPdom6bSYum3gzJh7YQZxNfTL69xM/j5aVR+vqMvoWN6v5phLqGuwVz6sx2rhhY8AlC8Ed6em1NQYPLYL41KlT77zzzuQSufDCC3/96193ksW3eeD1zJkzr7vuOh7uueeeY445JjHCq6+++vrrr7/22mv25r/+678GDBjQYuRdJGzevPnEE0/k4YYbbrj88ssTFUOU4cgjj9x///158/HHHy9dupTejnIfddRRBx54YGspr1ixYlE8hOPLHjbVAy6HDRvWv3//cePGWeSVK1d+8803CxculCoS3/i7p1+pP1fEw0EHHXTYYYfpp08++WTx4sV0CeWVylHs4noUia8uuugindywZMkS6ijQ1Nlb3Sd86gJCAVWnnnoqXYAaTZs2jawp1WmnnUa/4Ne33npLytmFZ6mj9hq9tFsNOdD15FxA1oj3/PPPV3nQZ42OREjPMoBGVk1QGN74O2bMmIMPPpiRzOK8/fbblA0FQz3EytVSXYvjmmsKxDXAi8QIqTqpGKQpJj5p0iTEiwa++OKLaCyJJ2notpm49Cm/OOjaxN2SBvNy8+/47/DBo/Xfqr/+veGTub2m3usmVXb5teHDxub+7MfbB5zPv6q46dfRisoWmHgsm6CZTa3xXNsI/4VwtSkRWhQw6kIi/69//etvf/sbDw8//PC+++4r3QJ99CsPqJfbip9//rnw3RN+97vf8feQQw65+eabBw8evAsa5kpKSrY3XFkZ9fKwAFpk69atGzdulJ1Not6wYQN9RvwoSeLD4wHpPf/884gL1VQi3/ve9/bay7vKMiweGO1QZTon+fbp0ycRiAXfFABFPfPMM92ODZqPHj36ySeflJ2RjpGcPAq/qN369esZaK3njBw58pVXXpFawse7lYEiEMSOeKXz/OWZktsKhNZmQHN0uwv3TOqQH5qbv+eeey5v1qxZA0dBnvrJ8FpYQxB5d20L3YTg5EWV6c6IgjYVw/CEE044gb/r1q37z3/+gz7069cPoZl/alcFSkLimzZtgm1AF3iDcqItKGfn73Sk71BHqmBNz7NYC52r80w8Kmv1dhB3xracq68wBE8xED/nqsur/s89ZhMPNqPiUZkyxcc9KEw5EKKdJ/X9738fNGwhi3AYUNDEs6smufaMWCiYjkI1YwsPurBY/6XP//KXv+QBZQJZaG/1N6gl4P7uu+9+9tlnN9544yOPPMI8fVczedN7DVDoBjrC1+UL4iDu0Tpa+pONWy+B6enTp/ft2xf6xntQoKioCLAeNGjQ3nvvPXHiROikbqS79NJLQUw+mT9//qxZs9Bj4oPXEyZMEKlHgM8++6wm+CiGB8QpD/HpRWPHjhWCP/bYY6TDf6+55hpahMnBnDlzbOabnGfJJE1pR40axZsFCxZotvGtb32LmQFloJpKxMzHrhxsIdQWYNSxPSulifFtPi47uMVULrL1mWGKAqBsMvdbynqw5VzXUOsaTOzWHjemSsh/EaYRO7ElmSY8ufNSfVMkXddH2HKcu/IklUg8M8vk5lnubnFajJKoMCeffDLNynsG2vfff5+ZluZ/xx57LIM9MqHXgwlPPfUUH1JOCmkFSF5Cu2vUszoSaH5wJn/NkmPISwFkKkwC4sorce3dLQkPiazazESdZ+Ku7QTuvEPWkVO+3QGk4KsdIB7YgeJRByYklMQ7JKviwTowshCguOeDo3Mys3YVtJEjXE/PDI9DhgxBg5HP0KFDBdY8xNx44mdvzZ07Vy8hkueddx4NgJwpJAUDZdA2ZIsKrlq16oEHHoCt71KL6WiYTS8QIJXydD/XbGeqwn9jByqUl7sLPnQqBlGoqwzcCPD+++//7W9/q4kIjAnKz6RYCA528ytTE0Y1dJqsYdCTJ0/eZ599+BUknTdvHm0qOEssD+WkUfjvF198MWPGDJTn008/5RnwZRyl/5Mg5UlOXakI6ADPov8z0vCGwYAuROOC6R9//DEDkkY1zRFtCddgWp1TXVqDuqmxFqxEYM26qvLokjnFJ03ZfF3d05LDo48+SiIkSI140IKNTe15IEFti7fUxIFkUBbnUBk0VNjSMYlrWsn4bb2GaHAOvqUReZ46dSq1ILJyV47qjJRWNmJbiVUBbElWVgIbP4zCW90VEp3KJGcKtnr16jFjxgjBKSQdh/i9e/em5ESgN82ePfv666+nA/Jyv/32W7JkCT+JY0lErZVQd7SqhAR37FQDyRCnmCTCbICea9NQdBjVjd2jUFEh1utZcpDLnLs63VpJ+AlNju3LafqcZ96ggUn0NlUmHg26Zq9mmFP1t/ubQcC8BY0lmyv/eFuzlli/oWH2HM9Ld1QwK3ucIQSy47US10i0h1BV68b9+/c//PDDE48tFIJoGcoaozNzT3cbCInTjdU/KYAMCDwA0GJGgJFinnLKKRBP2AEklMi0HE2CEjD1Q+1kovnxj38MzO1SIG7DPsLXuqIbgZdUGZlbf+NBMyd0xl4iCuo+fPhwODWKJF1cvHgxGs8bDXtLly7VM2HhwoUkwn8HDhzIA52E3rho0SKBOEC/YsUKUvCs5hk3ND0xFHO9WYy6JpmWGr7Qx0aP3j65fO+99ygSRaVUDMlyUhLWiOIwPMiXwPV+07UViA6VMB8SGWrsXOLYeUFNjEw3lqAG6lqem49UHeFsoGkPlMYGnfegIcpdaiM1Wk2ioLQaQmgCYqoABuKKKbGQgsuQSFyrxPpVbNH1F1JlVQA3WXmXqeSi+TL0y51JdbQjtIiMoKRCiZu0VQZV/OijjzbDJiM9LYJ4SZ+qMYSvX78eHD/++OOJwMQXoDdk1DDfWgll2ZeIECN/VUJ5YQkGc+OBBDUgyXHI4EjjomY5sjV51ueljbLpS8KtlUSKatXnWauDSbY6psrE86I7ViIzmq+BN65d36wnVFZFy8rrpr3m7SGQoOYxm4G4axOPtsHE3bmMFnBbq6HgW8+vxcOrr76q/zKvhxEz0Xbjv/nmm7fccgsPL7zwgkwiMoITGdpo0W666Sa9/PnPf/7ll19q+fSPf/wjSE2Lwtd0wO/IkSMBIFQN5iJ7mVRWXhynn366jC2QHWmt5X777bd7CsZsUez17rvvdo2njATPPPPMZ599pjdEgPh/+9vfTvz2Jz/5CdPMDz74ADZHfP2X9xCcd999V9UkXHbZZePHjzeUlAXQM1FQhyR302Me+K9wzR0pEw/Ak8FdwM1fgNuGRoBSLhC0pl4iNMj7gw8+KPsV4tXyfaI5RdP5ZcuWIQH4GoMHwwPEnCYgAiOBVlA1b0syepE7xYOJMz8Q4yP+/PnzzznnHDUoApeyURJiksWpp56qlXbejxs3DqC3FRHIIMWgiYEnFIP4l156KT8tX778kUceOT4eFBkMYtKA2hA5cWlBjjc8XHLJJVrvQhsF1gic0iIZLfS5qVGAvn37MhASjdwZO0mWCQ1TE1s2ICYKTEytUhIZlbZ84bN33HEHD8899xx1ueqqqxhmyJ3/arWTggGdTEyPOOIIUrZVDSr49ddff/XVVzQxjYhgyQiywk9Mj/75z3+eeOKJ9D4Vg89RS9KHBlERzyBNLtBwcgGXhW5UjTKQshie+g7qIXXStxo8yFRtSt3R6tZKqLETCVNf9Ts6IMmedNJJIv4ESkjTKy86vrUy4ac//anMpPREtOLGG2+0atITqSbpk9cbb7whMx1DUWslARw8kzD1NePmnfdOaXTMKTtCwd23NzM7/OVvlY8+Hg3E5orbQZ8BPJCRd/wxuT//iRtzy9HfsYXNaLCZR1RWykxcDljJDxCn8yDoDz/80H35n3i44IILELo+d9GH5r/55ptpmESDuAtJKuH2tYH4er1axVbV9t13X9qbn1w4o6tQQT6Hv/SPB4/BC12Rzd3q6+YogTChu/baa62ECp/Fw/PPP3/bbbcJKN3TwV5++WVGmh2LGTk5qCZo7qbwSDxcccUVnWfigeb3hxhRtTUAVJNnuPl3vhPThMGDB0+ePPmll15COAhc92eSJrmLrZi3kicLuQBSgJkzZ2qB5JprrgFVr7zySsRF/zdwlH96iy698s2QbZ0+JryYN28eYzD0ee3atTwceOCBs2bNkjKYhcTaGnB0Ezw4HigSOC7Gap2TYqCQAJZFBs4Ya0lh2rRpiMXoqsWXn59JUuuKFACAO/LII23ekJgaEIYugbaICPTxLAnIuMcAgM4wHrhrwp65jmujF4sUtec94O75cO94QFyonIGRKTPa5RYYODv33HNnzJgBjsvTQ+7FxlQEYfYJeEeX4SuGKMXUkjVYqfVt/iu9RT60HRHQhyQl1MKP5Klf0RaPUxbgfsABBzADcBHWIyLQ0iYxVPPMM8+0QZoi8RNNwEhG92+tJJKwO4alxMSTWI3FxMmbv7kB1ycwmCHbNXpfm+CKUFkW2rqxheQqvf4kdTXVkazsmHtiIHZMudvtU2fiKmQSvzHKj+DmzJnD8xlnnEFnQ0Z8wswL5vvkk09u3LhR0EayZvW+6667kB2sBE4nIyy6jpTfeecdfgUdIGVM8CERYIQ+4UGmZCbgeoOS0QYUNbHhqRqfaxortkurW+5Kyvqba6EmjrwFbIyBeoNcWiRhSGf8Zyrw+OOPQ/p4Y9+C1wiBQYvIVIfc4aeG4DBNSQZtgzI8/PDDJl4K74E8+ep6mLgIsjvNpBHFZOFBWrFB1AxpZj+BQtLxQIHp06cLxw+PhwULFhCT0YiftIYmrxItHyFPz3RbRJUiMat48cUX6TyMDTfccAO/QjOhjeQiz2sl2JqfInHk/2BL5eAv0iZHHgBxGoupFYCucZQx2OoCYlJZRMcQTnyY6VlnncV71Eb2XLKjvooslyTw/fXXX9ckA/mPGDGCvGB/DD+kj9iNfHkEHjvff9MmLcCSr9CNUgHElIGXkyZNojVJ7eSTT3766afp/7Tj+eefL41CPzWtJE16hPx5SIcJGW9uvfVWUpADFcSWmZ9Zt8yUT400FlJINEr4iNYhfNqCwYlkKdXw4cNB53vvvRdpmzsZQ46oPcMhDUq7a0p63HHHffLJJ1RcI7c1MUWi4cBiwz4aSAYiwwHbgKPPzSZGOckXOE5ewoceeogcycj4NZ/Q4jBruhu698Mf/pAmowBIidn8/fffDy+EcMi885e//IUOS2d3lyXBDWaW9DhAxgxHjHaqRWslue+++5CVax0xv/hkfiJJAF6sqmnHZrDRluChIXTaDWsi0cbOuO9llpagknWwomGBWoODuIth6kz87nhITByMQ2Q8wOyE4GeffTaarXkWYeLEiTQw0nz77bf5K/8k6zbQdpCd9pO9UmUwh3FttaAB+GvaRiNRWsRl+or2yzcjsXgoDc1J02qE0DKs5a6kbHeoDbS8pwwkiIYxBZaphBmfHAz4FbKA6gDugJeIp32LEJj4o3ZIT4IFQfQTvUjIrj4A+oARpBBoul3aUwWNgh4mrjSFswavMhkLeniG8ckuIWsDAkQ+5Ei3BIAoPPNZrWESZAUCcfiQwVLUWEZDG7PFB7XChroyALje9/S0J554gvfqopKz9r8lnkEvUBAZl0sMsEgflg2HKbxS5qdly5ZpD5rrioNAGD5JFpQnR0ZTin3xxRfz07hx4xiWtCJi2cEGAHFQg08QEaMmVAOFYXAdNWoUn8tXxJi4h6bILEsEudXzTAqoJZyOXBgUGcbABRgrkgTZSVbrLvPnzwfWEaZmMP/4xz8mTJhAZM3utSpoDldE4CfaSCOox+ePjJCGUAkezQAm1kLFEcWPfvQjhiWSZTyDQLjXE1IAKjhkyBDSBONodDnsUni+lZnera+2utiUl3zpd9oF42qCFoq1T1iblXimd7RZQpSf9nW9jBjLGXtoDnoTI8ELL7zArFf2NA268heyvtw3HlzXZz6kB4HUkHoZdgAfzb2Sywpy6Ta0FvYS+2AHmTh1rGuMVlVWU/Z+gUBWk3Wl4tr/1awzLFjUYmp1b7zduGq1dw4STycYyNhaXrmlvDozM9wrftp46ky8tcBoBhIR02zZ6ApCRKYkK9LNuAp8CykQMdU0TWUeRNujwfzVZBZBGarynp6mhSNreI0NWoK3GZZr2UQbYD2JRf39738P/6I5LXce+K9RWhuHNSmjamR0++23gzLUBTKoSqGIdFHRc34Cwmh4dwyny4mDa2h89tln9f6ggw4iBbSKl6SP3HgjEO8MEz83HlpsnRUrVjBMylwr5gXVQrNRenCHzgziyMIrKF+5ciXApIU7KiUAVX+meNQUqguCjx8/XnMORHH11VfTTFOmTLnttttgx3/961/lNURMc9rzuIfTQKq7XiJMOf6TC6OIxi0wmgrSyeldRk416pMC/ItMtbo4b9480JM3mnKhb+bPQGAElR+O9nEgN8iEVilQVKrgHlpgW8yttDrDhz6vsQ0SLcDVvAH5kDUgzk9IEpXgv3/+85+poJYuBHBHHXUUwCHrlrxi3P07ZiUT4rsUR57s/BX4BuI72vrEg4whVIfWBJi0MwAiZbrNVwxgmnbIILNq1SqlQ3YIXPcEGEvTjnGPlVxrdeYcacO5fHV0AAMp02rW45KUkKEU4QeajtgjvP/++7LjIQ0ERQkNUuUd5HrRmOeJVketnOSog0O0nml6lVxWr7zyiuvp2JVMPBqI1jZsK62szo5khsNtHJ0SpPJHjW+W1Aezk8WP79lkvlFVUQXliMb9xFNk4hdeeCG66EEZ/kvP0bAsJxCRO3qgfJKoGrpLYzCT0lKJzlswaSBNoASyYDM71MsFcXEo5GvFk3WeTM3VhPIzmMv8LSVrTQJK2Zi+yEgiE5fxl59oEa2W0Jf+9Kc/tWivF2e3b4kP1UVX0B6KCozCfwUZeo9kZHjlPUoDh+0YE0/uLgkcL1myBDIrbqh5sXbW8V/BK3FQejgarUDjyi2E6TbQpsIrvpBX+1BAfCH4G/GAtBmYGQAAyiuvvFLL1BpH7UAVF8SlKlJ162ykYMe5EJjsi4wTYfHixeq3JgEgg4EQTOQv6WhSzIQJENcSLiBukqEYVAEJ8KsaFLnZ8gaRPXtnZMp39UdGarMwkBeDH6lp3oAkGcUfffRRftIedCWIDBEmo13LXr+RiLqbDTa6eoXUkCf6b+WX6BCj+Lv8QMidxKkLOkmjLFy4UJHpRO6sAlQS8eev+XVYsiqDuztERhvgmJgasSiPRRMOiHrLb0Qe5QJ6EqFIKiGf8EwhE0vIS/7r4jJJwWmIrw3b7tZCOR3Js9udKNAWsnrbWAUvAXNoEd5rgG+zJKir+e93PROP0WNns0/I6ad5t/856GRQ9Yc/1X84O//eZiaO0rO+l3nk+Nzf3LwDZSoq6sZu32Ad2u6dEu2ATVyLS7ajQcxX+wCpmhmsJQUa1bbnyLEJqUHNQEMdSWH6hKKoqWxq6WYqF11ZUe0TiUs6au7kRlflTHb//ffTtLYIyUxK2xa0fSlFJi4Ie+aZZxi0XbFcdNFF5PLUU0+ZowUCtG/pjVoVlGxtTybV1OzVuq5QssM2cSMRzIGmTZsGqMnHWSs/6gOiIdppSTm1W0fKKsc13lAMbXb/zW9+Q2QGG56hwESQ664IKYBICoceeqjmH2+99RZwxq9wKya/9BYm1Nq2I3LNGwrpnsEiAiX3cMqgbk+Qp1BiYNIGM5D5xUVbO3vENvWYSDX5c1FYw5WMEiLd1hMRkee4Hg8TVweRfd80ROTa9vJogJHnvvysL774Ynm+W/joo4+otVYjlKZGLDcj0VuXgggxtbXNAMuqo9PH5CwkX1JQzJ2fmaDMXdoURs4byEEmL0tcvtukJhxEk+nXcimxhU0+1F7Hn/3sZ/rwD3/4g0Ghzo5WpvL19pSQXMyD020dVdaFIGKKPltknWkjzLGZt5peCzY6Xyj1krjz+y61iTsuhp5jdupenZ416XvtNYjzVbPdQ+6OzWg7vFPkJy5scjdH6XOrPFIDTdx1Yborn4DgMnXJ6GZ5yertnlnoZioiIIrtYeK8oTwyN9PVoYGy5SFG2/oh1LNOyyci79YWPMhkJuj3MHHKNmPGDCE489BzzjkHIZgtz43pMnGKJxcuKb1NFxIlo31u9lWHbeLGOGSSck8xlOg0I5YNgXDfffdp+4bESL78hQDSRppuQ980MolHyzJLstRFgEJMnmUvosxPPvnk1VdfbasLX375JfFFw93CawTSX6PhSQIyBA3BEZdgqtdphUNjjBwtTHnI18Ov7dhkjXAmZDlLuC5liUzcjjA0ZUYyHvOCXXmhU26E4KD5c889h6BkuyBfA3HlIsF6stZijHV/bRGy6mg3hl5KB2TE16qvph1u3TVaa7HanRJpO67xLauphqIFCxYIxA855BCmVjKIaYFEBFzTU3MNcF1RNZ9WIWUS8ZRQxbD4xMyLB81LXOc3QZOGSYtsDnI2sGkriQz3WgNPvSQi493CxN2tLhnZ1HZ7S1f/zx3hQw8JjdinHdtJli7jqx3anBNydmy2j4lrJdqzOcI6A1VgRkPzf/7555AOtzGIbxNYpu1UUyeguiY214iZIhMnDjmK4M+aNevTTz8VSdQmYDqSPBOIaa7Z+lAPNpuzMcMtlVlvSVb/HT9+PM1M4bU314QgbiJ7or3RVkDbxYDGo1uJkuEnGGvnvVNsyNH8N+BssBbBIWVmlzZN5kMdViWrqE6oAGisY1BaedHaLjvjfabxKpjIB7zskUcemTJlin6dPXu2fuWvOx3WWjR5kbKdnHXDDTfQXuC1AIifNm7cePLJJ8vnhCb+6quvZH0yP7m5c+fKD0SnnRBk6LTB1SRDsuQO0GgXCbnzPHToUDO2yMqUhImrn5vrERJj1iLWIsfqAw44QC7PMAkoBZxAMZnAzZs3T2uVHsOXNqEI9C0X7Q8yum0SUydFwlScoZri8axtEHzClEgWefnCenqx9IfS1sSDicXOs3S3bsnSRWmZh02YMIGvRo8e/fzzz69YsYICyCLHAxKmx51xxhm2bK4ya1mCQAkpFVVA1VEtt4TEEbNJLIk88T0++55i8ywU1f5Vl/bJpKMzIOWlmrwk8mJyl1hTYuLJ/cRFK2LLBQ31AbfJB/dqnF+int24qaT09HNCo0Zu78/rNqAOpWc14+aNS5fXrttQ/+F2y/i2RUsCBpex1AodRhOk1fLiPFq7pBLR2b0pQg6hLQ5TOidILmvaPy33Zzkn8OtLL72kmKiFbNBGN+SY7DJxN1P9qsmsa8jmJRWB8MKO77kndqjAnXfeee+990J1bT+CIj/00EP0OvdDNym6jZv7119/bbAoq4gp0KhRoyAmMvRrd5LraU5ka3503Ty+xcRPOukkrfqCPnILMR95c1xJ0U9cHCqRiRcXFyMNICPxJEiZs+nwCxcu1BrmxIkT//3vf5O4SJZ2mYGD2kyvzkYfsH3k5lSrrTEoDDMqEUzzP7P9L4RTTz31wQcf1KqjCKYZ1j3u4QA0OMtwS3uJCZIFMzMb9ceNG4fo3K1DjKbvvPOOwJostEAq5sgYSYPSRi7DRfgIWbCrU8YuuugiWzbQtNrl3SibYauxPFSIdJT7nDlzSkpKtLJHanZE1LJly9xVwQ0bNogG6gh4820XbddsycMYCBoyrZOigTrdl0FXZnGKQfWVsmp0wQUX2CI2YnTRzXyfpTauFmn6qBVF68V2KvWHH34oz2s68sMPP4y0pSpalAYKzVeHWRcF4xO0S61A67/xxhuaxnlKiMBRVG2L8ZSE+LZh1XZXyPzokgDbfpno4q0JPa1JSWSpS1ISZEVJXPOLTU06vmNT40DMjpNRGQoGoD1bSkuHDxzQMPaw6unT84I7om6b93Uzrt38vxpTtjVN9pvx5Wig4eBDtzVGv1m7viA/r7ggr4Ghb1uNbEmCDM+2OmiLe3ZKku1MVAGApjmhCeApjTp58mRkTW+cOnWq3DPAr7Fjx8oe51qlPfdn2v0Ach+G5mjDsecTWRXowGeffTZ8Aco8adKk66+//rTTTlM07ex64IEH3BFbedlaPwMA0Cwv1HfffVcbRM2XWasutn9nzJgxNDyVmjZtmu3lATjMrucOaaaOZIpkXnvtNV7eeuutaKSm1XAB2CtkLcmOTW0d9hBDsUWXcNnRpqTQ4kgs0c2cOZMmEMO68sorP/roI5FccgGJjjvuOHMYENCIEspuqOUs/n722We0CJK/5JJLnnjiCeCenn/ZZZchnB3EY/BgsIaYOhTJlqzlQk4w90T6EuMuw48MQWSkAXX58uXiU1okRH9cK8FVV1315ptvIjpewuhPOeUUMz1rdHdBXNti6cw6/e7CCy9UsjQcY6qWIl1bjeemJB3ChYiYXpAUoI/onnvuOTST9+edd57IHcCBKKgCXUZ+k8jkqaeeYoyh7oyazC0MLEQw3ZYiWYrB2OAx0+vYLGIyY9P+z2OPPZYUYEU6LOEHP/iBZiH0Oxi07AbuVE9LVhpyElXLtYnbuVSkjyQhH0xtkdW11177ySefvPXWW3J/RFXMLkQxdPIdOoYwxXJoL1Iw72y3hKiEtpW6em5K7ln50MzAbUr0ipFSzMmVkqopzk4hKYn8HZOUhJHYHa1dV5wO7tiUr9L2Mx9qq+rqY+yGuWhNbd3mwyZnF76aW9bZG34oV23vxi1HXFFdVVsaX6itLewVra/Ozc+VKVPmNsMdOT+4JjOtT7Y2TCFWtPnSSy99/PHHQc//Gw9uBHg6Gj9gwAARJQ+t9jBxHeJBuCMeSPZXv/pV4ifafX7CCScg28cee4zp5E3x4CkbzAttk5FXX6EN5557roaWa665xmKSkTwN5PJFfPotkE2N6MM2jCsMGzYMZgExoX+Svhm7EWO/eLDDPRgzgDwd8/LbeLBE6JlffPFFa0ycAuhgOas7vVQbpsVw3Zdy6U0EcaStZX3whVGNiTAxR8RDYjtSTfoAlJzhynVd0EQ7ED83HMJF3SHjN998s/stfO3pp5+++uqrA/HDN0STZaQ2NwCkwbho634gNUmBFJqty26j2RvkV2gLNNAPLRdG6wMOOGBSPLi5QwkZF7Wa6jo5MC+kMGa9MeCYPn06WVMp0FxjDH8Ro6aJ9oYBRuvnpA/PpSmFa25qkG4GSJSKOoIyYB8S5r+29Gfy0TozDIDcEY5OPSMy77Xr54UXXmA6aLLivRxS0V70UG2njVoeR1KmhpKqu1rD56gln8i+Z8SCMkhhPIf9InbtyKUJPvjgA4oHDhLzpHjwGPqY34iVoydqa+ZM9HGSPSIeEkuIwOWCklgSnbxkE2j5cfJfrYTr5RnxQCuTkRnl3WpqKYi/bZaEYiNkO9HaEiHZJJvS275jU/4xVVtLyyr3Hj5wr/qY+1SoKhDZds0plbdNz+/c8XuMLw1TvlsfzMrLzRy9376hYLCssqqufEt9Vh9j4vLWcoc+9yja5Eycr9A2wBeeghYy+6O36yf0gMYbNWqU3CdkBUvCxBEFVNE9REVTocRPyBS5MzBAA2+55Ra6PYQIEqFovIeka38X5Ah40oc6UwVGw19eAsREJoXvfve7fCIQtyNK0OnLL7+cDmy+3sSEWKF5KBNUS0Y6GSVcs7WMDJojo+V0sClTpgCjlk4gfkAHOQrEW2Ticrxzp962yOZZHbIGSjyA227eoC70OsYScboJEyZYHPoJ4LhgwQJiUjU57cqibZWyC1AYCZDn/vvvb1jM51CbV199lbyAIZmzkRJ8GY3iJR/Kh4T/AsH6atGiRaogfUkuBHLz0NK07aoFNLXaYVNyBuzTTz/dDq5BqpBQiDCAKwOUO025++67+QQct12CaIhmCdqRqzVb0V5bRfe8kVTffvttFAwcN5sYWaPqtCCIowGYWjCSoe02s6F2jIt0B3T14osvFn5pvYEyMEU78sgjrWzyy7Tc5R8lH1YERcXhmBRAp1FqykKr6TwQzSoMg8TiRTDVi0031BxaXPFsbpLBmnwRzueff06zHhIPxlGgsXRwIJ438kNVXmgXCaJdiWenuCXUam2LJXEvF1M0nWnFlIsH21hvi3OJ1ZRRWrtek5dEllJX1EqEdkmyMyaovtoaAmrWQx+Lebn26r/PiJFl1bWZ4Zg1rTAna+hdP8x+e2ukozBeFw3UfLtoxXUP1DXEXFLq6uozQ8Hly5Zl1mylhlQJFZGlyfMh0Em1ddQkigt3S2TiUnS+pSVoYCTFrBBlsrPf5FNIB9PGNt5TUzowKWvPHkrpMnFEwWjJr0ADkUVq0Foko2VA9xOtlcHBgVTBqB1lZwfRkQhJEXNUPMhplOkwRRXJFbEVclF4KjJ06FAUF8ls3LiRokIYdTSo1uil6Gpyeb8CTLyhr1JIvqWnyY9Yc3PQEIihUuQr7bTDrOUPwH8htiic55BFXW6i019lv5MBUQrHe3uJlHjf2lU4QkbNW/lKh2rJec40WBMynXEmgbhetOaArxR0lp5c4szwrZ6pWmu7nbie7voRXCJwOXpKQxTBvYlNK0OiqDq2UJ+AwjKUvfzyy++//z6EwBx7hHGF8UAWNAHKYxMy6DATC5lrZNglOzIlss7LRRp2PZtKogFMb+QCK0tCWTzIOqE5lvYZ9IoHobNMRoqmcwvMlUUeUMpF8bWQqwt05AEiWNG4QuJE04E20hNdiSf/ELm0adFIvhmqoHxJBYgSr83n1GpaNFK9EvfT2vVssi3oSEJlJ0cRu8lPwXqE1s9VcRk/Fd8tobxNtIPJUxIBiCSswhNfAxIxpTOCXS2S2SFrVk35veh9myWRTNymVyMmntyZKhM3Dw3ZOstWLS3qNyA/N7c+DkPV9Q0lP7mr/+orMhZtC7cfxxuigfr9wxum3FVRWx8JxcoXDmVsQRnWf1PUK19ns8nXKrH/67AUnVLtWTcPNN3YYLsl+QlpgtQIQjvW5PhRFA/AN7KTg63e65gFOVp4kIuY8C9ZvuxCXpUk8RPdSoF+gL80thROLEZ7QeWWp+3gWg8kaKuILs0xjRcS6ShXlZMPgQBeai1Li64a9vgvL4XjKp5OAtIamnugrpY3AXeyE+sU9IjzyjYn//HEY0aEs7YDXiYUUUX3peiM1hJbtqfFUVhmIuGFdtxJvw1BtLoogbd4MqIKo25gl+dqnc1AXGU2kmU2UFk5xUDNTdBD+c0ySy4CIK3KehTPvPTcLUU29XHtv0JM2aDsxGrdP6dRSmOAHTltV7/aEbImOtnidH+be5642/NlFpPnnB3gZScHmLjE7kU4NCRLYnbdh12UarsTeRZSy1FaSu4eqaqTRDVKaRuUlpHtGF7r47qoSNt/WlQY0RS1lO7Jk5u5DdjSPTuq26omPieVNtC3EupliyXRgqqErMKbC6ZEqph2eIaCJnmqZrtKYlRDMy1hgiXSEZu4aJ2dZd7QsHHN8sUj9h+DLm3fJxbKz771rsJfXBf8JhBqD45viwbq9snY9Lu/r68NZoS295Ka2nrSDwejIqEaf1q8tk7sDBSz2+1sLo8sEptf46oO/pbs1EnksGwTN4GFpoR2r65nXyWQymxdXUVrmPKzbvETZAuwwojdqwCkfGoz8uK90tGHZKGlfPUQImtNjMrKx1l6o6GbfLXOqR4oCHD5mq7U4a/UMdHVB7GQHVMKpWN+JiIgJCWfEw8LcC/8tstZpMdyJlP/tFuS27yzyr1k3XPVunvnS5K9oIIDS8Hgxr1Yx66zcS9SSayLXbbiydG9kwVE1nm5tt1Gu3N1TJI6sHthjfVzS41oNB8KoDYyn3H3Ih63Ioa2dh2MCVbQJjhLvNlHVbDCu9W0ZO3uAru/xtMQdv2NHix384fT8rL2LqmyLd7s45G/5z6dVK6N99wp4Umzxc+thKnf7GMlaa3wtmXJvZ/InSC61bT3KZbEve4uFeVPxsTtEnENBTEP1lXL1vTqM6zJoZXCb80bGrzz//X+zZTAwm2hFDk4/w4Mb/rdvcsrGPeiAnEaf83aNaRfVNTbTjXSXtjWSq9JjfaMCNfcPXItWI7iiO9ZH/BsjUNeZplp8ZJ7N4JYhrtNo8VPWsxXHMfc2z0fumYc1dFS0BmkrtegZxnD/VyKIvgQ/WztAkzXiUrtbmVLIlJXLAYWZtC0Azfcy8PadTVHmyfkJB8YuvD+SS8LaRrwbMw2QJRBI+AcxKGpt8cNQ9YJ3XLnvlSwwc+9FSyxAC02hImuNem5mJLIc5NAp7Vpa7kb1rj+FWkIauvUtaU7dKNjt4x2SUmSMXG1nA58MePghsVfZOfm9etTFAirowYq8gZn3Pl47zuuanxra5uHGtK20ZP6rL/u7kWbazMC2+cIjBIbSjaTMgjet29fHdOu5fjkQ5A5fQf80IpiiZJ34W3RicHmkqlcMueeLW67Ct0brXpE0BRbp3HpDQ/a+CqrRaKWir/bG636yAKeSo62O9R4mWG9hZ0rE89Vn4FAoAc1aI8OwVmzZiVvGNckv3nz5i1bttRFg/sfMbG4qFf8pIvYwVExg1dmuM9Tvwj+fU44EAi24k3YEAxErxu36MT/vXz9pnAoIzMUih2mFYiWbC1b8PG7kWC0qKhICK7LzxIv3POQRx++k42XcReLbr2GPNB0hFviXp4OUBIjJi4W7JrgbttfdZif5oWmt4lKqxU5rY95Fqy6anz1UHjP3b5po8PbmoLHsd0P3QjiSbxT3EVhbdkAwYXj9dGMEYdO6FPYq3fvXlnxlZyYPTozVLjwpcjvbwt+E/XQgpj3ydCMmltuml9w+OqNsZPkYi4uMZAOlpZXLP30/cxgoxCcv3aBSyr8QrZgvyE9rSarS3f3Iq1xJVk37ypkN+buHgmycyVsRziZZay16yYCTctLWpi1Qz8S75Psxn7ePHgofJeweLeNfBBPK4jrpNY2Z0lyU5FblUJjRnjUEcf16V3Ur7h3Tk62Fs/DGRm50cqCqTdEH52f0dBk5s+MBiePWX/Bfy9aV1ZeXVPfEDMaZoHiwYytZaWLPp6R0djQuynIk0zLxO3Vb1nGfROKXC+6uwvJmSHJokW3YqjdMuMJaQMO1xYUaDoWpjXa667ctrbqtdMgoMklOZG/txfibcnRFrd9hN35TNxtGHnjMh8EweHjMW/Z+oahY8b17duvX3FRUe/CmPEjmIFiQ0V6lS/NffJPgZlLA8eMrJj0q5WBvhu3lNbXN9Q1NADikcxwRuzilU3ffPlRdmZYPhLamCRTuOhMZ/S7NU+V3ZuA21Go3Z2XHYS/60g4kba7f/2u3kmIb43CJyqAHc7uiz09Idkphok4bnsodAIZc8OFH7xVvt+YuhH7VVbVDBrYLyszZhutadhWGRkcnnxP6PJgZXVNeUVVbcOOU7iywmFaeOXShWsXfpmbC+nO1bxS7kryhOkShlJaWmqA7t7at1sGiU47CLq7V8vXpUdMls1jLJG2++DetVYa4++ucdwXUTpAPMnhWJ7OICceO9JED7HVzhULK7dsGj768Iqq6oH9i/v03r67b+XaDW++P/uYw8YWFmzPojF+VnhlddWKr+bUlm0uLu6jLWqyopCaDtPoDn5nm7y1xWY3A3QR8O72Qgk0+c8mXvnYE2ctrdH2nuUn4wc/hNetW5e60tudFNobYoc5bFm3asPqlcMOGFtbf8CGki39iovyc7Mzw6FRQwdHMsN8WVdfX11TW9+wbfXir1d+PTczlKE9LMJWre9rw6TgNT2TdDl9d9+6XHrASAccp4FUandZ4h6o3cwkZcHdfNTjnCD9sAfNh+wsrhT1Wziug7HkMqVjPHX2RUMgo2jwiF5994qZpLMy46fmN9TVx+wwZZvWbVm9NBxo1FHIOlNCjlYeDr6zzKw7ZY2u84iTNpvAzm2dXYS8uyw+4LtC+2FXYOLt2ltlJEU+UjLF2FI7KFxRUVGybF7JN4sL+g7KLx4Qycmtq66qKFlfvmlNoKEufkJN7EQkYbdONZKHgxGfnYgRrihS3LqyczElDS4oZkWRrXOPRfBULDOBhJ2NfvBDOkC8vdZh21ct1LbTW8xWrrPoqjetKl+3XN0+duxOVlZO7166okLndZkRXNfMp9OKkkpw6W3yPUc7ccqfHl7s+iT4HaaTnN0Hdz90PYi3eNxHKmoqmBMlt5NcbP+eNkHYAWM6blEgrovQ7OQp17beA+Tl3EW7s0YX93ycNCC4HcHj95bOw7o7Bnue/eCHDoJShyHJ7CqReLBbmauqqnTQkgvi2c6dmTpsT9t5dpH9Du2qtZ2zk3h0fRoQ3G5VTyeC+/0kPbTdt8n4oSMg3pnzxkzV5HamebcgW4dSmjlFZFxBZNZ8z3suxXNF5zlotDu6untcahqChth2HTrohy4cPm16Gm0efHD3Q6J5oLPQY+ep6/4kwbedwR9wTrkz8/cucu5a1wa3vl3LlM3JPW3E3z2J2w+7IHNP5Ow+su+5IO455riTUB5octTTQfgup7NDlneuC0qagwawztTXzoRLZ5n14HPwnoLpnm7oG9x9Jt4FNMEe3LMXAruS/0n6Gbpub2nXcUK2yzRtpNgdcf2wGyB7a5zdB/fdB8RTOTvFD93BdpMfQ2qnCKWtSLak4SP4bg/uiVdz+GaZHgzi3X3ahh+SwLQRbRc6bRdPOgm4XfPo+4P7yJ5okPGRfZcG8TTfhueHFoN56wu40+mFEnBcCX0juB9MJWw3WSKg++C+a4F4jz7+aXcN6XQ/t11aPgH3Q3uZe4v4HvAN7mkG8dauP/fDnhBkQvF7nR+6CtldIu+e3u6LqBtB3L+gck9GcLm0+xzcD92E7O4mNZ8odBeI6yxvP+yBCJ6ZmWlejH7wQ3cEY+I+jncjiOfk5PhS2AMRfKef5OWHPYSMe26U9nHcZ+J+6GywY17sJC8/+KH7QNxjHPdBvOtBPDc315fCHhLs+g7/aFk/pA3EA02nb/og3l0gXlVV5Uthz2rycDgSifgg7oe0BTOL+54q3dKjfZv4HjvJDTSZVvx99n7oVibuWlR8Ju4zcT90I0PPzMz0Vzv90LVcwbeJp6Hn+js2/bA91MdDoOl8Lh/Q/dB5EDf7iV237Uumi0F8yZIlvhT8kCSA5jk5OZFIxBeFH9oL4rofBmZgfuI+iHc9iA8ZMsSXgh9SDGLo/uzNDymCuNYztaTpw3d3gbjvJ+6HDgO6Lrz2ReEHD3a7CG5/fRDvLhAvKCjwpeCHDgdZPLWJ32fofjAc93ik+J6F3Qji5eXlvhT80IUBQBdD913R99hx3RDcfMN9Gu4zcT/0SC4Gjouh+4C+R4G4S8D9xczuDv9fgAEA1RuxUIoWvOsAAAAASUVORK5CYII="
next
end
config system replacemsg mail "partial"
set buffer "Fragmented emails are blocked."
set header 8bit
set format text
end
config system replacemsg http "url-block"
set buffer "
The URL you requested has been blocked
FortiGuard Intrusion Prevention - Access Blocked
Web Page Blocked
The page you have requested has been blocked because the URL is banned.
URL
%%PROTOCOL%%://%%URL%%
Description
%%IPS_DESC%%
URL Source
%%URL_SOURCE%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg http "urlfilter-err"
set buffer "
Web Page Blocked
Web Page Blocked
%%URLFILTER_ERROR%%
Web Filter Service Error
%%URLFILTER_ERROR_DETAIL%%
"
set header http
set format html
end
config system replacemsg http "infcache-block"
set buffer "
High Security Alert
High Security Alert
The URL you requested was previously found to be infected.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "http-contenttypeblock"
set buffer "
Attention
Attention
Content type not permitted.
URL
%%PROTOCOL%%://%%URL%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg http "https-invalid-cert-block"
set buffer "
Invalid Connection
%%FORTIGUARD_WF%%
This Connection is Invalid. %%CERT_INVL_REASON%%
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site\'s identity can\'t be verified.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "https-untrusted-cert-block"
set buffer "
Untrusted Connection
%%FORTIGUARD_WF%%
This Connection is Untrusted
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present trusted identification to prove that you are going to the right place. The identity for this site can\'t be verified.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "https-blocklisted-cert-block"
set buffer "
Blocked Connection
%%FORTIGUARD_WF%%
This Connection is Blocked
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present identification to prove that you are going to the right place. The identity for this site is blocked.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "https-ech-block"
set buffer "
Invalid Connection
%%FORTIGUARD_WF%%
The Encrypted ClientHello has been blocked for %%SNI%%
SNI
%%SNI%%
Site
%%HOSTNAME%%
"
set header http
set format html
end
config system replacemsg http "switching-protocols-block"
set buffer "
The request has been blocked
The request has been blocked
The protocol switching request has been blocked for %%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "http-antiphish-block"
set buffer "
Webfilter Violation
Webfilter Violation
Your attempt to submit internal credentials to an external site has been blocked by your system administrator.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "videofilter-block"
set buffer "
The URL you requested has been blocked
Attention
Video Access Blocked
The page you have requested has been blocked because the requested video resource is not allowed.
URL
%%PROTOCOL%%://%%URL%%
Description
%%VIDEOFILTER_DESC%%
"
set header http
set format html
end
config system replacemsg webproxy "deny"
set buffer "
Access Denied
Access Denied
The page you requested has been blocked by a firewall policy restriction.
"
set header http
set format html
end
config system replacemsg webproxy "user-limit"
set buffer "
Access Denied
Access Denied
The maximum web proxy user limit has been reached.
"
set header http
set format html
end
config system replacemsg webproxy "auth-challenge"
set buffer "
Firewall Authentication
Firewall Authentication
You must authenticate to use this service.
"
set header http
set format html
end
config system replacemsg webproxy "auth-login-fail"
set buffer "
Firewall Authentication
Firewall Authentication
Authentication failed.
%%WEBPROXY_AUTH_FAIL_REASON%%
%%WEBPROXY_AUTH_FAIL_COMMENT%%
"
set header http
set format html
end
config system replacemsg webproxy "auth-group-info-fail"
set buffer "
Firewall Authorization
Firewall Authorization
Group information query failed.
"
set header http
set format html
end
config system replacemsg webproxy "http-err"
set buffer "
%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%
%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%
The webserver reported that an error occurred while trying to access the website. Please return to the previous page.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg webproxy "auth-ip-blackout"
set buffer "
Access Denied
Access Denied
Your IP address has been blocked by a firewall policy due to too many failed login attempts. You can re-login in %%DURATION%% seconds.
"
set header http
set format html
end
config system replacemsg webproxy "ztna-invalid-cert"
set buffer "
ZTNA Access Denied
Invalid ZTNA Certificate
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the ZTNA certificate is invalid.
Certificate Information:
%%ZTNA_CERT_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-empty-cert"
set buffer "
ZTNA Access Denied
Invalid ZTNA certificate
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the ZTNA certificate is empty.
Certificate Information:
%%ZTNA_CERT_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-manageable-empty-cert"
set buffer "
ZTNA Access Denied
Invalid ZTNA certificate
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the device is manageable but with an empty ZTNA certificate.
Certificate Information:
%%ZTNA_CERT_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-api-gwy-matched"
set buffer "
ZTNA Access Denied
ZTNA Application Not Found
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because no API gateway was matched.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-cant-find-real-srv"
set buffer "
ZTNA Access Denied
ZTNA Application Not Found
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the real server in the API gateway cannot be found.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-fqdn-dns-failed"
set buffer "
ZTNA Access Denied
ZTNA Application Not Found
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because ZTNA FQDN DNS failed.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-ssl-bookmark-failed"
set buffer "
ZTNA Access Denied
ZTNA Portal Error
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because SSLVPN bookmark address failed.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-policy-matched"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because no policy was matched.
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-matched-deny-policy"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because a policy with action deny was matched.
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-client-cert-revoked"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the client cert has been revoked.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-denied-by-matched-tags"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the tags matched a deny policy.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Device Tags:
%%ZTNA_DEV_TAGS%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-denied-no-matched-tags"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the tags didn\'t match any policy.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Device Tags:
%%ZTNA_DEV_TAGS%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-no-dev-info"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because no device info was found.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-dev-is-offline"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the device is offline.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-dev-is-unmanageable"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the device is unknown or unmanaged.
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "ztna-auth-fail"
set buffer "
ZTNA Access Denied
ZTNA Policy Denied
Error Code:
%%ZTNA_ERROR_CODE%%
Error Message:
The page you requested has been blocked because authorization failed.
User Name:
%%ZTNA_USER_NAME%%
Certificate Information:
%%ZTNA_CERT_INFO%%
Device Information:
%%ZTNA_DEV_INFO%%
Request Time:
%%ZTNA_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "casb-block"
set buffer "
Blocked by Inline CASB Control
Blocked by Inline CASB Control
Error Message:
The page you requested has been blocked by inline CASB control.
CASB Profile:
%%CASB_PROFILE%%
CASB SaaS Application:
%%CASB_SAAS_APP%%
CASB User Activity:
%%CASB_USER_ACTIVITY%%
"
set header http
set format html
end
config system replacemsg webproxy "swp-empty-cert"
set buffer "
Secure Webproxy Access Denied
Invalid client certificate
Error Code:
%%SECURE_WEBPROXY_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the client certificate is empty.
Certificate Information:
%%SECURE_WEBPROXY_CERT_INFO%%
Request Time:
%%SECURE_WEBPROXY_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg webproxy "swp-manageable-empty-cert"
set buffer "
Secure Webproxy Access Block
Invalid client certificate
Error Code:
%%SECURE_WEBPROXY_ERROR_CODE%%
Error Message:
The page you requested has been blocked because the device is manageable but with an empty client certificate.
Certificate Information:
%%SECURE_WEBPROXY_CERT_INFO%%
Request Time:
%%SECURE_WEBPROXY_REQ_TIME%%
"
set header http
set format html
end
config system replacemsg ftp "ftp-explicit-banner"
set buffer "Welcome to the FortiGate FTP proxy."
set header none
set format text
end
config system replacemsg fortiguard-wf "ftgd-block"
set buffer "
Web Filter Violation
FortiGuard Intrusion Prevention - Access Blocked
Web Page Blocked
You have tried to access a web page that is in violation of your Internet usage policy.
"
set header http
set format html
end
config system replacemsg spam "ipblocklist"
set buffer "This message has been blocked because mail from this IP address is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-dnsbl"
set buffer "This message has been blocked because it is from a DNSBL/ORDBL IP address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-feip"
set buffer "This message has been blocked because it is from a FortiGuard AntiSpam Service blocked IP address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-helo"
set buffer "This message has been blocked because the HELO/EHLO domain is invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-to"
set buffer "This message has been blocked because mail to this email address is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-from"
set buffer "This message has been blocked because mail from this email address is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock-subject"
set buffer "This message has been blocked because the subject contains a banned phrase."
set header none
set format text
end
config system replacemsg spam "smtp-spam-mimeheader"
set buffer "This message has been blocked because it contains an invalid header."
set header none
set format text
end
config system replacemsg spam "reversedns"
set buffer "This message has been blocked because the return email domain is invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-ase"
set buffer "This message has been blocked because ASE reports it as spam."
set header none
set format text
end
config system replacemsg spam "submit"
set buffer "If this email is not spam, contact your administrator to add the signature to the FortiGuard AntiSpam Service."
set header none
set format text
end
config system replacemsg alertmail "alertmail-virus"
set buffer "Virus/Worm detected: %%VIRUS%%; Protocol: %%PROTOCOL%%; Email Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL_TO%%;
VIRUS REFERENCE URL: %%VIRUS_REF_URL%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-block"
set buffer "File Block Detected: %%FILE%%; Protocol: %%PROTOCOL%%; Email Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL_TO%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-nids-event"
set buffer "The following intrusion was observed: %%NIDS_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-crit-event"
set buffer "The following critical firewall event was detected: %%CRITICAL_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-disk-full"
set buffer "The log disk is full."
set header none
set format text
end
config system replacemsg admin "pre_admin-disclaimer-text"
set buffer "PRE WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action."
set header none
set format text
end
config system replacemsg admin "post_admin-disclaimer-text"
set buffer "POST WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action.
%%LAST_SUCCESSFUL_LOGIN%%
%%LAST_FAILED_LOGIN%%"
set header none
set format text
end
config system replacemsg auth "auth-disclaimer-page-1"
set buffer "
Firewall Disclaimer
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-2"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-3"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-proxy-reject-page"
set buffer "
Firewall Disclaimer Declined
Disclaimer Declined
Sorry, network access cannot be granted unless you agree to the disclaimer.
"
set header http
set format html
end
config system replacemsg auth "auth-reject-page"
set buffer "
Firewall Disclaimer Declined
Disclaimer Declined
"
set header http
set format html
end
config system replacemsg auth "auth-login-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-login-failed-page"
set buffer "
Firewall Authentication
Authentication Failed
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-failed-page"
set buffer "
Firewall Authentication
Authentication Failed
"
set header http
set format html
end
config system replacemsg auth "auth-success-msg"
set buffer "Welcome to Fortinet Firewall
Authentication is successful, please connect again."
set header none
set format text
end
config system replacemsg auth "auth-challenge-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-keepalive-page"
set buffer "
Firewall Authentication Keepalive Window
Authentication Keepalive
"
set header http
set format html
end
config system replacemsg auth "auth-portal-page"
set buffer "
Firewall Authentication
Firewall Authentication
Firewall authentication was successful.
You can access the network as per your protection profile.
"
set header http
set format html
end
config system replacemsg auth "auth-password-page"
set buffer "
Firewall Authentication
Password Expired
"
set header http
set format html
end
config system replacemsg auth "auth-fortitoken-page"
set buffer "
Firewall Authentication
FortiToken Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-next-fortitoken-page"
set buffer "
Firewall Authentication
FortiToken Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-email-token-page"
set buffer "
Firewall Authentication
Email Token Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-sms-token-page"
set buffer "
Firewall Authentication
SMS Token Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-email-harvesting-page"
set buffer "
Firewall Authentication
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-email-failed-page"
set buffer "
Firewall Authentication
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-cert-passwd-page"
set buffer "
Firewall Authentication
Certificate Password Required
"
set header http
set format html
end
config system replacemsg auth "auth-guest-print-page"
set buffer "Guest Access Credentials%%FOR(USERS:USER_SECTIONS)%%
%%FOR(PRINT_CREDENTIALS:USERS)%%
Network Guest Access Credentials
%%PRINT_CREDENTIALS%%
The above account may be used to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.
%%ENDFOR%%
%%ENDFOR%%"
set header http
set format html
end
config system replacemsg auth "auth-guest-email-page"
set buffer "User ID=%%USERID%%
Password=%%PASSWORD%%
Expires=%%EXPIRE%%
User Name=%%USERNAME%%
Mobile Phone=%%MOBILEPHONE%%
Sponsor=%%SPONSOR%%
Company=%%COMPANY%%
Email=%%EMAIL%%"
set header http
set format html
end
config system replacemsg auth "auth-success-page"
set buffer "
Firewall Authentication
Firewall Authentication
If JavaScript is not enabled, please click here to continue.
"
set header http
set format html
end
config system replacemsg auth "auth-block-notification-page"
set buffer "
Firewall Notification
Firewall Notification
Your access has been blocked by firewall policy %%POLICY_ID%%. If you have any questions or concerns, please contact your network administrator for more information.
"
set header http
set format html
end
config system replacemsg auth "auth-quarantine-page"
set buffer "
Firewall Quarantine Notification
Quarantine Notification
"
set header http
set format html
end
config system replacemsg auth "auth-qtn-reject-page"
set buffer "
Firewall Quarantine Declined
Quarantine Terms Not Acknowledged
"
set header http
set format html
end
config system replacemsg auth "auth-saml-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-login"
set buffer "
Please Login
%%SSL_HIDDEN%%
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-header"
set buffer "
%%SSL_STATUS_INFO%%
%%SSL_OPTIONS%%
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-limit"
set buffer "Already Logged In
Already Logged In
You already have an open SSL VPN connection. Opening multiple connections is not permitted.
If you proceed, your other connection will be disconnected.
If you have any questions or concerns, please contact your administrator for more information.
%%SSL_LOGIN_ANYWAY%%
%%SSL_LOGIN_CANCEL%%
"
set header http
set format html
end
config system replacemsg sslvpn "hostcheck-error"
set buffer "Your PC does not meet the host checking requirements set by the firewall. Please try again in a few minutes. If the issue persists check that your OS version meets the minimum requirements, that your antivirus and firewall applications are installed and running properly, and that you have the correct network interface."
set header none
set format text
end
config system replacemsg sslvpn "sslvpn-provision-user"
set buffer "
FortiClient SSL-VPN Setup Instructions
How to set up the SSL-VPN connection on %%FTCL_VPN_NAME%%
Download and install FortiClient VPN
FortiClient securely connects your computer or mobile device to your network
Configure the connection
FortiClient VPN can configure your connection automatically.
Click on this link (%%FTCL_VPN_CONFIG_URL%%), or scan the QR code below from the FortiClient VPN app.
Contact your network administrator if you require assistance.
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-provision-user-sms"
set buffer "To set up the FortiClient VPN connection \"%%FTCL_VPN_NAME%%\", install the FortiClient application and click the following link: %%FTCL_VPN_CONFIG_URL%%."
set header none
set format text
end
config system replacemsg nac-quar "nac-quar-virus"
set buffer "
Virus Quarantine
Blocked because of virus
Your computer has been blocked because of a virus detected in your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dos"
set buffer "
Attack Detected
Blocked because of DoS Attack
Your computer has been blocked because a DoS attack originating from your system was detected. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-ips"
set buffer "
Attack Detected
Blocked because of an intrusion attack
Your computer has been blocked because an intrusion attack originating from your system was detected. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dlp"
set buffer "
Data Loss Detected
Blocked because of data loss
Your computer has been blocked because of a data loss originating from your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-admin"
set buffer "
Administrative Quarantine
Blocked because of admin action
Your system administrator has blocked your computer or device. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-app"
set buffer "
Application Control
Blocked because of application
Your computer has been blocked because of an application detected in your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg traffic-quota "per-ip-shaper-block"
set buffer "
Traffic Quota Control
Traffic blocked because of exceeded session quota
Traffic has been blocked because the per IP shaper session quota has been exceeded. Please contact the system administrator.
Quota: %%QUOTA_INFO%%
"
set header http
set format html
end
config system replacemsg utm "virus-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to download the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
Reference URL
%%VIRUS_REF_URL%%
"
set header http
set format html
end
config system replacemsg utm "client-virus-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
Reference URL
%%VIRUS_REF_URL%%
"
set header http
set format html
end
config system replacemsg utm "virus-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" was infected with the \"%%VIRUS%%\" virus. It has been removed and quarantined as: \"%%QUARFILENAME%%\".\"%%VIRUS_REF_URL%%\"."
set header 8bit
set format text
end
config system replacemsg utm "dlp-html"
set buffer "
Attention
Attention
The transfer attempt has been blocked because it appears to match a data loss prevention profile.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "dlp-text"
set buffer "The transfer attempt has been blocked because it appears to match a data loss prevention profile."
set header 8bit
set format text
end
config system replacemsg utm "appblk-html"
set buffer "
Application Control Violation
FortiGate Application Control
Application Blocked
You have attempted to use an application that violates your Internet usage policy.
Application
%%APPNAME%%
Category
%%APPCAT%%
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "ipsblk-html"
set buffer "
Intrusion Prevention Violation
FortiGate Intrusion Prevention
Intrusion Prevention Triggered
Your attempt to access the Internet resource is blocked by Intrusion Prevention.
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "virpatchblk-html"
set buffer "
Virtual Patch Violation
FortiGate Virtual Patch
Virtual Patch Triggered
Your attempt to access the Internet resource is blocked by Virtual Patch.
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "ipsfail-html"
set buffer "
Intrusion Prevention Scanning Failure
FortiGate Intrusion Prevention
Intrusion Prevention Scanning Failure
Your attempt to access the Internet resource is blocked because of an Intrusion Prevention scanning failure.
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "exe-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because it is a Windows executable.
Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "waf-html"
set buffer "
Web Application Firewall
Web Application Firewall
This transfer is blocked by a Web Application Firewall.
This transfer is blocked.
URL
%%PROTOCOL%%://%%URL%%
Event ID
%%WAF_SIG_ID%%
Event Type
%%WAF_DESC%%
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by the Virus Outbreak Prevention service.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by the Virus Outbreak Prevention service. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "external-blocklist-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by an external blocklist.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "external-blocklist-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by an external blocklist. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "ems-threat-feed-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by the EMS Threat Feed.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "ems-threat-feed-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by the EMS Threat Feed. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "file-filter-html"
set buffer "
Attention
Attention
The file \"%%FILE%%\" has been blocked due to its file type and/or properties.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "file-filter-text"
set buffer "The file \"%%FILE%%\" has been blocked due to its file type and/or properties."
set header 8bit
set format text
end
config system replacemsg utm "file-size-text"
set buffer "The file \"%%FILE%%\" has been blocked because it exceeded the configured file size limit."
set header 8bit
set format text
end
config system replacemsg utm "transfer-size-text"
set buffer "The transfer has been blocked because it exceeded the configured size limit."
set header 8bit
set format text
end
config system replacemsg utm "internal-error-text"
set buffer "The file \"%%FILE%%\" has been blocked because of an internal error."
set header 8bit
set format text
end
config system replacemsg utm "archive-block-html"
set buffer "
Attention
Attention
The transfer contained an archive that has been blocked.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "archive-block-text"
set buffer "Transfer failed. Archive \"%%FILE%%\" has been blocked."
set header 8bit
set format text
end
config system replacemsg utm "file-av-fail-text"
set buffer "Transfer of file \"%%FILE%%\" failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "transfer-av-fail-text"
set buffer "Transfer failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "banned-word-html"
set buffer "
Attention
Attention
The page has been blocked because it contains a banned word.
URL
%%PROTOCOL%%://%%URL%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg utm "banned-word-text"
set buffer "This message has been blocked because it contains a banned word."
set header 8bit
set format text
end
config system replacemsg utm "block-html"
set buffer "
Attention
Attention
File blocked
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "block-text"
set buffer "Potentially dangerous file removed. The file \"%%FILE%%\" has been blocked. File quarantined as: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "decompress-limit-text"
set buffer "The file \"%%FILE%%\" has been blocked because its decompressed size is over the configured limit."
set header 8bit
set format text
end
config system replacemsg utm "dlp-subject-text"
set buffer "Data loss detected! Subject: %%SUBJECT%%"
set header 8bit
set format text
end
config system replacemsg utm "file-size-html"
set buffer "
Attention
Attention
The file \"%%FILE%%\" has been blocked. The file is larger than the configured file size limit.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "client-file-size-html"
set buffer "
Attention
Attention
The transfer has been blocked because it is larger than the configured size limit.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "inline-scan-timeout-html"
set buffer "
Scan Incomplete
Scan Incomplete
The file \"%%FILE%%\" is still being scanned and will be released once complete. Please try the transfer again in a few minutes.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "inline-scan-timeout-text"
set buffer "The file \"%%FILE%%\" is still being scanned and will be released once complete. Please try the transfer again in a few minutes."
set header 8bit
set format text
end
config system replacemsg utm "inline-scan-error-html"
set buffer "
Scan Unavailable
Scan Unavailable
The file \"%%FILE%%\" has been blocked due to an inline-scan error.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "inline-scan-error-text"
set buffer "The file \"%%FILE%%\" has been blocked due to an inline-scan error."
set header 8bit
set format text
end
config system replacemsg utm "icap-block-text"
set buffer "The file \"%%FILE%%\" has been blocked by ICAP service."
set header 8bit
set format text
end
config system replacemsg utm "icap-error-text"
set buffer "The file \"%%FILE%%\" has been blocked due to ICAP error."
set header 8bit
set format text
end
config system replacemsg utm "icap-http-error"
set buffer "
ICAP Error
ICAP Error
An ICAP error was encountered while handling the request.
%%ICAP_ERR_DESC%%
"
set header http
set format html
end
config system replacemsg icap "icap-req-resp"
set buffer "
Attention
Attention
HTTP POST action is not allowed for policy reasons.
"
set header http
set format html
end
config system replacemsg automation "automation-email"
set buffer "
"
set header http
set format html
end
config system replacemsg-group
end
config system snmp sysinfo
set status disable
set engine-id-type text
set engine-id ''
set description ''
set contact-info ''
set location ''
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
set trap-free-memory-threshold 5
set trap-freeable-memory-threshold 60
set append-index enable
end
config system snmp mib-view
end
config system snmp community
end
config system snmp user
end
config system autoupdate schedule
set status enable
set frequency automatic
end
config system autoupdate tunneling
set status disable
set address ''
set port 0
set username ''
set password ENC YGHityyLKx/iMmCVTzMdlmuzFgvFtjdVW7sSxSY23nOxTyUBPtU5b905eNBUTGDd6DfMWz1mNMamFNP0qMlTRfL7C86d4K7BSZeh/j+ZbySGpFrTnHAqqzlkOL1OlYklUl5fLMQ7TmnSgD2ZKi2FSZkwbjq8zADCA6sp9w7apBtD3SEfaIUlHWY9jUdIT/1c6wNKZFlmMjY3dkVA
end
config system alias
end
config system auto-script
end
config system central-management
set mode normal
set type fortiguard
set schedule-config-restore enable
set schedule-script-restore enable
set allow-push-configuration enable
set allow-push-firmware enable
set allow-remote-firmware-upgrade enable
set allow-monitor enable
set local-cert ''
set vdom "root"
set fmg-update-port 8890
set enc-algorithm high
end
config system sdn-proxy
end
config system sdn-connector
end
config firewall wildcard-fqdn custom
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
end
config firewall internet-service-name
edit "Google-Other"
set type default
set internet-service-id 65536
next
edit "Google-Web"
set type default
set internet-service-id 65537
next
edit "Google-ICMP"
set type default
set internet-service-id 65538
next
edit "Google-DNS"
set type default
set internet-service-id 65539
next
edit "Google-Outbound_Email"
set type default
set internet-service-id 65540
next
edit "Google-SSH"
set type default
set internet-service-id 65542
next
edit "Google-FTP"
set type default
set internet-service-id 65543
next
edit "Google-NTP"
set type default
set internet-service-id 65544
next
edit "Google-Inbound_Email"
set type default
set internet-service-id 65545
next
edit "Google-LDAP"
set type default
set internet-service-id 65550
next
edit "Google-NetBIOS.Session.Service"
set type default
set internet-service-id 65551
next
edit "Google-RTMP"
set type default
set internet-service-id 65552
next
edit "Google-NetBIOS.Name.Service"
set type default
set internet-service-id 65560
next
edit "Google-Google.Cloud"
set type default
set internet-service-id 65641
next
edit "Google-Google.Bot"
set type default
set internet-service-id 65643
next
edit "Google-Gmail"
set type default
set internet-service-id 65646
next
edit "Meta-Other"
set type default
set internet-service-id 131072
next
edit "Meta-Web"
set type default
set internet-service-id 131073
next
edit "Meta-ICMP"
set type default
set internet-service-id 131074
next
edit "Meta-DNS"
set type default
set internet-service-id 131075
next
edit "Meta-Outbound_Email"
set type default
set internet-service-id 131076
next
edit "Meta-SSH"
set type default
set internet-service-id 131078
next
edit "Meta-FTP"
set type default
set internet-service-id 131079
next
edit "Meta-NTP"
set type default
set internet-service-id 131080
next
edit "Meta-Inbound_Email"
set type default
set internet-service-id 131081
next
edit "Meta-LDAP"
set type default
set internet-service-id 131086
next
edit "Meta-NetBIOS.Session.Service"
set type default
set internet-service-id 131087
next
edit "Meta-RTMP"
set type default
set internet-service-id 131088
next
edit "Meta-NetBIOS.Name.Service"
set type default
set internet-service-id 131096
next
edit "Meta-Whatsapp"
set type default
set internet-service-id 131184
next
edit "Meta-Instagram"
set type default
set internet-service-id 131189
next
edit "Apple-Other"
set type default
set internet-service-id 196608
next
edit "Apple-Web"
set type default
set internet-service-id 196609
next
edit "Apple-ICMP"
set type default
set internet-service-id 196610
next
edit "Apple-DNS"
set type default
set internet-service-id 196611
next
edit "Apple-Outbound_Email"
set type default
set internet-service-id 196612
next
edit "Apple-SSH"
set type default
set internet-service-id 196614
next
edit "Apple-FTP"
set type default
set internet-service-id 196615
next
edit "Apple-NTP"
set type default
set internet-service-id 196616
next
edit "Apple-Inbound_Email"
set type default
set internet-service-id 196617
next
edit "Apple-LDAP"
set type default
set internet-service-id 196622
next
edit "Apple-NetBIOS.Session.Service"
set type default
set internet-service-id 196623
next
edit "Apple-RTMP"
set type default
set internet-service-id 196624
next
edit "Apple-NetBIOS.Name.Service"
set type default
set internet-service-id 196632
next
edit "Apple-App.Store"
set type default
set internet-service-id 196723
next
edit "Apple-APNs"
set type default
set internet-service-id 196747
next
edit "Yahoo-Other"
set type default
set internet-service-id 262144
next
edit "Yahoo-Web"
set type default
set internet-service-id 262145
next
edit "Yahoo-ICMP"
set type default
set internet-service-id 262146
next
edit "Yahoo-DNS"
set type default
set internet-service-id 262147
next
edit "Yahoo-Outbound_Email"
set type default
set internet-service-id 262148
next
edit "Yahoo-SSH"
set type default
set internet-service-id 262150
next
edit "Yahoo-FTP"
set type default
set internet-service-id 262151
next
edit "Yahoo-NTP"
set type default
set internet-service-id 262152
next
edit "Yahoo-Inbound_Email"
set type default
set internet-service-id 262153
next
edit "Yahoo-LDAP"
set type default
set internet-service-id 262158
next
edit "Yahoo-NetBIOS.Session.Service"
set type default
set internet-service-id 262159
next
edit "Yahoo-RTMP"
set type default
set internet-service-id 262160
next
edit "Yahoo-NetBIOS.Name.Service"
set type default
set internet-service-id 262168
next
edit "Microsoft-Other"
set type default
set internet-service-id 327680
next
edit "Microsoft-Web"
set type default
set internet-service-id 327681
next
edit "Microsoft-ICMP"
set type default
set internet-service-id 327682
next
edit "Microsoft-DNS"
set type default
set internet-service-id 327683
next
edit "Microsoft-Outbound_Email"
set type default
set internet-service-id 327684
next
edit "Microsoft-SSH"
set type default
set internet-service-id 327686
next
edit "Microsoft-FTP"
set type default
set internet-service-id 327687
next
edit "Microsoft-NTP"
set type default
set internet-service-id 327688
next
edit "Microsoft-Inbound_Email"
set type default
set internet-service-id 327689
next
edit "Microsoft-LDAP"
set type default
set internet-service-id 327694
next
edit "Microsoft-NetBIOS.Session.Service"
set type default
set internet-service-id 327695
next
edit "Microsoft-RTMP"
set type default
set internet-service-id 327696
next
edit "Microsoft-NetBIOS.Name.Service"
set type default
set internet-service-id 327704
next
edit "Microsoft-Skype_Teams"
set type default
set internet-service-id 327781
next
edit "Microsoft-Office365"
set type default
set internet-service-id 327782
next
edit "Microsoft-Azure"
set type default
set internet-service-id 327786
next
edit "Microsoft-Bing.Bot"
set type default
set internet-service-id 327788
next
edit "Microsoft-Outlook"
set type default
set internet-service-id 327791
next
edit "Microsoft-Microsoft.Update"
set type default
set internet-service-id 327793
next
edit "Microsoft-Dynamics"
set type default
set internet-service-id 327837
next
edit "Microsoft-WNS"
set type default
set internet-service-id 327839
next
edit "Microsoft-Office365.Published"
set type default
set internet-service-id 327880
next
edit "Microsoft-Intune"
set type default
set internet-service-id 327886
next
edit "Amazon-Other"
set type default
set internet-service-id 393216
next
edit "Amazon-Web"
set type default
set internet-service-id 393217
next
edit "Amazon-ICMP"
set type default
set internet-service-id 393218
next
edit "Amazon-DNS"
set type default
set internet-service-id 393219
next
edit "Amazon-Outbound_Email"
set type default
set internet-service-id 393220
next
edit "Amazon-SSH"
set type default
set internet-service-id 393222
next
edit "Amazon-FTP"
set type default
set internet-service-id 393223
next
edit "Amazon-NTP"
set type default
set internet-service-id 393224
next
edit "Amazon-Inbound_Email"
set type default
set internet-service-id 393225
next
edit "Amazon-LDAP"
set type default
set internet-service-id 393230
next
edit "Amazon-NetBIOS.Session.Service"
set type default
set internet-service-id 393231
next
edit "Amazon-RTMP"
set type default
set internet-service-id 393232
next
edit "Amazon-NetBIOS.Name.Service"
set type default
set internet-service-id 393240
next
edit "Amazon-AWS"
set type default
set internet-service-id 393320
next
edit "Amazon-AWS.WorkSpaces.Gateway"
set type default
set internet-service-id 393403
next
edit "Amazon-Twitch"
set type default
set internet-service-id 393446
next
edit "eBay-Other"
set type default
set internet-service-id 458752
next
edit "eBay-Web"
set type default
set internet-service-id 458753
next
edit "eBay-ICMP"
set type default
set internet-service-id 458754
next
edit "eBay-DNS"
set type default
set internet-service-id 458755
next
edit "eBay-Outbound_Email"
set type default
set internet-service-id 458756
next
edit "eBay-SSH"
set type default
set internet-service-id 458758
next
edit "eBay-FTP"
set type default
set internet-service-id 458759
next
edit "eBay-NTP"
set type default
set internet-service-id 458760
next
edit "eBay-Inbound_Email"
set type default
set internet-service-id 458761
next
edit "eBay-LDAP"
set type default
set internet-service-id 458766
next
edit "eBay-NetBIOS.Session.Service"
set type default
set internet-service-id 458767
next
edit "eBay-RTMP"
set type default
set internet-service-id 458768
next
edit "eBay-NetBIOS.Name.Service"
set type default
set internet-service-id 458776
next
edit "PayPal-Other"
set type default
set internet-service-id 524288
next
edit "PayPal-Web"
set type default
set internet-service-id 524289
next
edit "PayPal-ICMP"
set type default
set internet-service-id 524290
next
edit "PayPal-DNS"
set type default
set internet-service-id 524291
next
edit "PayPal-Outbound_Email"
set type default
set internet-service-id 524292
next
edit "PayPal-SSH"
set type default
set internet-service-id 524294
next
edit "PayPal-FTP"
set type default
set internet-service-id 524295
next
edit "PayPal-NTP"
set type default
set internet-service-id 524296
next
edit "PayPal-Inbound_Email"
set type default
set internet-service-id 524297
next
edit "PayPal-LDAP"
set type default
set internet-service-id 524302
next
edit "PayPal-NetBIOS.Session.Service"
set type default
set internet-service-id 524303
next
edit "PayPal-RTMP"
set type default
set internet-service-id 524304
next
edit "PayPal-NetBIOS.Name.Service"
set type default
set internet-service-id 524312
next
edit "Box-Other"
set type default
set internet-service-id 589824
next
edit "Box-Web"
set type default
set internet-service-id 589825
next
edit "Box-ICMP"
set type default
set internet-service-id 589826
next
edit "Box-DNS"
set type default
set internet-service-id 589827
next
edit "Box-Outbound_Email"
set type default
set internet-service-id 589828
next
edit "Box-SSH"
set type default
set internet-service-id 589830
next
edit "Box-FTP"
set type default
set internet-service-id 589831
next
edit "Box-NTP"
set type default
set internet-service-id 589832
next
edit "Box-Inbound_Email"
set type default
set internet-service-id 589833
next
edit "Box-LDAP"
set type default
set internet-service-id 589838
next
edit "Box-NetBIOS.Session.Service"
set type default
set internet-service-id 589839
next
edit "Box-RTMP"
set type default
set internet-service-id 589840
next
edit "Box-NetBIOS.Name.Service"
set type default
set internet-service-id 589848
next
edit "Salesforce-Other"
set type default
set internet-service-id 655360
next
edit "Salesforce-Web"
set type default
set internet-service-id 655361
next
edit "Salesforce-ICMP"
set type default
set internet-service-id 655362
next
edit "Salesforce-DNS"
set type default
set internet-service-id 655363
next
edit "Salesforce-Outbound_Email"
set type default
set internet-service-id 655364
next
edit "Salesforce-SSH"
set type default
set internet-service-id 655366
next
edit "Salesforce-FTP"
set type default
set internet-service-id 655367
next
edit "Salesforce-NTP"
set type default
set internet-service-id 655368
next
edit "Salesforce-Inbound_Email"
set type default
set internet-service-id 655369
next
edit "Salesforce-LDAP"
set type default
set internet-service-id 655374
next
edit "Salesforce-NetBIOS.Session.Service"
set type default
set internet-service-id 655375
next
edit "Salesforce-RTMP"
set type default
set internet-service-id 655376
next
edit "Salesforce-NetBIOS.Name.Service"
set type default
set internet-service-id 655384
next
edit "Salesforce-Email.Relay"
set type default
set internet-service-id 655530
next
edit "Dropbox-Other"
set type default
set internet-service-id 720896
next
edit "Dropbox-Web"
set type default
set internet-service-id 720897
next
edit "Dropbox-ICMP"
set type default
set internet-service-id 720898
next
edit "Dropbox-DNS"
set type default
set internet-service-id 720899
next
edit "Dropbox-Outbound_Email"
set type default
set internet-service-id 720900
next
edit "Dropbox-SSH"
set type default
set internet-service-id 720902
next
edit "Dropbox-FTP"
set type default
set internet-service-id 720903
next
edit "Dropbox-NTP"
set type default
set internet-service-id 720904
next
edit "Dropbox-Inbound_Email"
set type default
set internet-service-id 720905
next
edit "Dropbox-LDAP"
set type default
set internet-service-id 720910
next
edit "Dropbox-NetBIOS.Session.Service"
set type default
set internet-service-id 720911
next
edit "Dropbox-RTMP"
set type default
set internet-service-id 720912
next
edit "Dropbox-NetBIOS.Name.Service"
set type default
set internet-service-id 720920
next
edit "Netflix-Other"
set type default
set internet-service-id 786432
next
edit "Netflix-Web"
set type default
set internet-service-id 786433
next
edit "Netflix-ICMP"
set type default
set internet-service-id 786434
next
edit "Netflix-DNS"
set type default
set internet-service-id 786435
next
edit "Netflix-Outbound_Email"
set type default
set internet-service-id 786436
next
edit "Netflix-SSH"
set type default
set internet-service-id 786438
next
edit "Netflix-FTP"
set type default
set internet-service-id 786439
next
edit "Netflix-NTP"
set type default
set internet-service-id 786440
next
edit "Netflix-Inbound_Email"
set type default
set internet-service-id 786441
next
edit "Netflix-LDAP"
set type default
set internet-service-id 786446
next
edit "Netflix-NetBIOS.Session.Service"
set type default
set internet-service-id 786447
next
edit "Netflix-RTMP"
set type default
set internet-service-id 786448
next
edit "Netflix-NetBIOS.Name.Service"
set type default
set internet-service-id 786456
next
edit "LinkedIn-Other"
set type default
set internet-service-id 851968
next
edit "LinkedIn-Web"
set type default
set internet-service-id 851969
next
edit "LinkedIn-ICMP"
set type default
set internet-service-id 851970
next
edit "LinkedIn-DNS"
set type default
set internet-service-id 851971
next
edit "LinkedIn-Outbound_Email"
set type default
set internet-service-id 851972
next
edit "LinkedIn-SSH"
set type default
set internet-service-id 851974
next
edit "LinkedIn-FTP"
set type default
set internet-service-id 851975
next
edit "LinkedIn-NTP"
set type default
set internet-service-id 851976
next
edit "LinkedIn-Inbound_Email"
set type default
set internet-service-id 851977
next
edit "LinkedIn-LDAP"
set type default
set internet-service-id 851982
next
edit "LinkedIn-NetBIOS.Session.Service"
set type default
set internet-service-id 851983
next
edit "LinkedIn-RTMP"
set type default
set internet-service-id 851984
next
edit "LinkedIn-NetBIOS.Name.Service"
set type default
set internet-service-id 851992
next
edit "Adobe-Other"
set type default
set internet-service-id 917504
next
edit "Adobe-Web"
set type default
set internet-service-id 917505
next
edit "Adobe-ICMP"
set type default
set internet-service-id 917506
next
edit "Adobe-DNS"
set type default
set internet-service-id 917507
next
edit "Adobe-Outbound_Email"
set type default
set internet-service-id 917508
next
edit "Adobe-SSH"
set type default
set internet-service-id 917510
next
edit "Adobe-FTP"
set type default
set internet-service-id 917511
next
edit "Adobe-NTP"
set type default
set internet-service-id 917512
next
edit "Adobe-Inbound_Email"
set type default
set internet-service-id 917513
next
edit "Adobe-LDAP"
set type default
set internet-service-id 917518
next
edit "Adobe-NetBIOS.Session.Service"
set type default
set internet-service-id 917519
next
edit "Adobe-RTMP"
set type default
set internet-service-id 917520
next
edit "Adobe-NetBIOS.Name.Service"
set type default
set internet-service-id 917528
next
edit "Adobe-Adobe.Experience.Cloud"
set type default
set internet-service-id 917640
next
edit "Oracle-Other"
set type default
set internet-service-id 983040
next
edit "Oracle-Web"
set type default
set internet-service-id 983041
next
edit "Oracle-ICMP"
set type default
set internet-service-id 983042
next
edit "Oracle-DNS"
set type default
set internet-service-id 983043
next
edit "Oracle-Outbound_Email"
set type default
set internet-service-id 983044
next
edit "Oracle-SSH"
set type default
set internet-service-id 983046
next
edit "Oracle-FTP"
set type default
set internet-service-id 983047
next
edit "Oracle-NTP"
set type default
set internet-service-id 983048
next
edit "Oracle-Inbound_Email"
set type default
set internet-service-id 983049
next
edit "Oracle-LDAP"
set type default
set internet-service-id 983054
next
edit "Oracle-NetBIOS.Session.Service"
set type default
set internet-service-id 983055
next
edit "Oracle-RTMP"
set type default
set internet-service-id 983056
next
edit "Oracle-NetBIOS.Name.Service"
set type default
set internet-service-id 983064
next
edit "Oracle-Oracle.Cloud"
set type default
set internet-service-id 983171
next
edit "Hulu-Other"
set type default
set internet-service-id 1048576
next
edit "Hulu-Web"
set type default
set internet-service-id 1048577
next
edit "Hulu-ICMP"
set type default
set internet-service-id 1048578
next
edit "Hulu-DNS"
set type default
set internet-service-id 1048579
next
edit "Hulu-Outbound_Email"
set type default
set internet-service-id 1048580
next
edit "Hulu-SSH"
set type default
set internet-service-id 1048582
next
edit "Hulu-FTP"
set type default
set internet-service-id 1048583
next
edit "Hulu-NTP"
set type default
set internet-service-id 1048584
next
edit "Hulu-Inbound_Email"
set type default
set internet-service-id 1048585
next
edit "Hulu-LDAP"
set type default
set internet-service-id 1048590
next
edit "Hulu-NetBIOS.Session.Service"
set type default
set internet-service-id 1048591
next
edit "Hulu-RTMP"
set type default
set internet-service-id 1048592
next
edit "Hulu-NetBIOS.Name.Service"
set type default
set internet-service-id 1048600
next
edit "Pinterest-Other"
set type default
set internet-service-id 1114112
next
edit "Pinterest-Web"
set type default
set internet-service-id 1114113
next
edit "Pinterest-ICMP"
set type default
set internet-service-id 1114114
next
edit "Pinterest-DNS"
set type default
set internet-service-id 1114115
next
edit "Pinterest-Outbound_Email"
set type default
set internet-service-id 1114116
next
edit "Pinterest-SSH"
set type default
set internet-service-id 1114118
next
edit "Pinterest-FTP"
set type default
set internet-service-id 1114119
next
edit "Pinterest-NTP"
set type default
set internet-service-id 1114120
next
edit "Pinterest-Inbound_Email"
set type default
set internet-service-id 1114121
next
edit "Pinterest-LDAP"
set type default
set internet-service-id 1114126
next
edit "Pinterest-NetBIOS.Session.Service"
set type default
set internet-service-id 1114127
next
edit "Pinterest-RTMP"
set type default
set internet-service-id 1114128
next
edit "Pinterest-NetBIOS.Name.Service"
set type default
set internet-service-id 1114136
next
edit "LogMeIn-Other"
set type default
set internet-service-id 1179648
next
edit "LogMeIn-Web"
set type default
set internet-service-id 1179649
next
edit "LogMeIn-ICMP"
set type default
set internet-service-id 1179650
next
edit "LogMeIn-DNS"
set type default
set internet-service-id 1179651
next
edit "LogMeIn-Outbound_Email"
set type default
set internet-service-id 1179652
next
edit "LogMeIn-SSH"
set type default
set internet-service-id 1179654
next
edit "LogMeIn-FTP"
set type default
set internet-service-id 1179655
next
edit "LogMeIn-NTP"
set type default
set internet-service-id 1179656
next
edit "LogMeIn-Inbound_Email"
set type default
set internet-service-id 1179657
next
edit "LogMeIn-LDAP"
set type default
set internet-service-id 1179662
next
edit "LogMeIn-NetBIOS.Session.Service"
set type default
set internet-service-id 1179663
next
edit "LogMeIn-RTMP"
set type default
set internet-service-id 1179664
next
edit "LogMeIn-NetBIOS.Name.Service"
set type default
set internet-service-id 1179672
next
edit "LogMeIn-GoTo.Suite"
set type default
set internet-service-id 1179767
next
edit "Fortinet-Other"
set type default
set internet-service-id 1245184
next
edit "Fortinet-Web"
set type default
set internet-service-id 1245185
next
edit "Fortinet-ICMP"
set type default
set internet-service-id 1245186
next
edit "Fortinet-DNS"
set type default
set internet-service-id 1245187
next
edit "Fortinet-Outbound_Email"
set type default
set internet-service-id 1245188
next
edit "Fortinet-SSH"
set type default
set internet-service-id 1245190
next
edit "Fortinet-FTP"
set type default
set internet-service-id 1245191
next
edit "Fortinet-NTP"
set type default
set internet-service-id 1245192
next
edit "Fortinet-Inbound_Email"
set type default
set internet-service-id 1245193
next
edit "Fortinet-LDAP"
set type default
set internet-service-id 1245198
next
edit "Fortinet-NetBIOS.Session.Service"
set type default
set internet-service-id 1245199
next
edit "Fortinet-RTMP"
set type default
set internet-service-id 1245200
next
edit "Fortinet-NetBIOS.Name.Service"
set type default
set internet-service-id 1245208
next
edit "Fortinet-FortiGuard"
set type default
set internet-service-id 1245324
next
edit "Fortinet-FortiMail.Cloud"
set type default
set internet-service-id 1245325
next
edit "Fortinet-FortiCloud"
set type default
set internet-service-id 1245326
next
edit "Fortinet-FortiVoice.Cloud"
set type default
set internet-service-id 1245432
next
edit "Fortinet-FortiGuard.Secure.DNS"
set type default
set internet-service-id 1245454
next
edit "Kaspersky-Other"
set type default
set internet-service-id 1310720
next
edit "Kaspersky-Web"
set type default
set internet-service-id 1310721
next
edit "Kaspersky-ICMP"
set type default
set internet-service-id 1310722
next
edit "Kaspersky-DNS"
set type default
set internet-service-id 1310723
next
edit "Kaspersky-Outbound_Email"
set type default
set internet-service-id 1310724
next
edit "Kaspersky-SSH"
set type default
set internet-service-id 1310726
next
edit "Kaspersky-FTP"
set type default
set internet-service-id 1310727
next
edit "Kaspersky-NTP"
set type default
set internet-service-id 1310728
next
edit "Kaspersky-Inbound_Email"
set type default
set internet-service-id 1310729
next
edit "Kaspersky-LDAP"
set type default
set internet-service-id 1310734
next
edit "Kaspersky-NetBIOS.Session.Service"
set type default
set internet-service-id 1310735
next
edit "Kaspersky-RTMP"
set type default
set internet-service-id 1310736
next
edit "Kaspersky-NetBIOS.Name.Service"
set type default
set internet-service-id 1310744
next
edit "McAfee-Other"
set type default
set internet-service-id 1376256
next
edit "McAfee-Web"
set type default
set internet-service-id 1376257
next
edit "McAfee-ICMP"
set type default
set internet-service-id 1376258
next
edit "McAfee-DNS"
set type default
set internet-service-id 1376259
next
edit "McAfee-Outbound_Email"
set type default
set internet-service-id 1376260
next
edit "McAfee-SSH"
set type default
set internet-service-id 1376262
next
edit "McAfee-FTP"
set type default
set internet-service-id 1376263
next
edit "McAfee-NTP"
set type default
set internet-service-id 1376264
next
edit "McAfee-Inbound_Email"
set type default
set internet-service-id 1376265
next
edit "McAfee-LDAP"
set type default
set internet-service-id 1376270
next
edit "McAfee-NetBIOS.Session.Service"
set type default
set internet-service-id 1376271
next
edit "McAfee-RTMP"
set type default
set internet-service-id 1376272
next
edit "McAfee-NetBIOS.Name.Service"
set type default
set internet-service-id 1376280
next
edit "Symantec-Other"
set type default
set internet-service-id 1441792
next
edit "Symantec-Web"
set type default
set internet-service-id 1441793
next
edit "Symantec-ICMP"
set type default
set internet-service-id 1441794
next
edit "Symantec-DNS"
set type default
set internet-service-id 1441795
next
edit "Symantec-Outbound_Email"
set type default
set internet-service-id 1441796
next
edit "Symantec-SSH"
set type default
set internet-service-id 1441798
next
edit "Symantec-FTP"
set type default
set internet-service-id 1441799
next
edit "Symantec-NTP"
set type default
set internet-service-id 1441800
next
edit "Symantec-Inbound_Email"
set type default
set internet-service-id 1441801
next
edit "Symantec-LDAP"
set type default
set internet-service-id 1441806
next
edit "Symantec-NetBIOS.Session.Service"
set type default
set internet-service-id 1441807
next
edit "Symantec-RTMP"
set type default
set internet-service-id 1441808
next
edit "Symantec-NetBIOS.Name.Service"
set type default
set internet-service-id 1441816
next
edit "Symantec-Symantec.Cloud"
set type default
set internet-service-id 1441922
next
edit "VMware-Other"
set type default
set internet-service-id 1507328
next
edit "VMware-Web"
set type default
set internet-service-id 1507329
next
edit "VMware-ICMP"
set type default
set internet-service-id 1507330
next
edit "VMware-DNS"
set type default
set internet-service-id 1507331
next
edit "VMware-Outbound_Email"
set type default
set internet-service-id 1507332
next
edit "VMware-SSH"
set type default
set internet-service-id 1507334
next
edit "VMware-FTP"
set type default
set internet-service-id 1507335
next
edit "VMware-NTP"
set type default
set internet-service-id 1507336
next
edit "VMware-Inbound_Email"
set type default
set internet-service-id 1507337
next
edit "VMware-LDAP"
set type default
set internet-service-id 1507342
next
edit "VMware-NetBIOS.Session.Service"
set type default
set internet-service-id 1507343
next
edit "VMware-RTMP"
set type default
set internet-service-id 1507344
next
edit "VMware-NetBIOS.Name.Service"
set type default
set internet-service-id 1507352
next
edit "VMware-Workspace.ONE"
set type default
set internet-service-id 1507461
next
edit "AOL-Other"
set type default
set internet-service-id 1572864
next
edit "AOL-Web"
set type default
set internet-service-id 1572865
next
edit "AOL-ICMP"
set type default
set internet-service-id 1572866
next
edit "AOL-DNS"
set type default
set internet-service-id 1572867
next
edit "AOL-Outbound_Email"
set type default
set internet-service-id 1572868
next
edit "AOL-SSH"
set type default
set internet-service-id 1572870
next
edit "AOL-FTP"
set type default
set internet-service-id 1572871
next
edit "AOL-NTP"
set type default
set internet-service-id 1572872
next
edit "AOL-Inbound_Email"
set type default
set internet-service-id 1572873
next
edit "AOL-LDAP"
set type default
set internet-service-id 1572878
next
edit "AOL-NetBIOS.Session.Service"
set type default
set internet-service-id 1572879
next
edit "AOL-RTMP"
set type default
set internet-service-id 1572880
next
edit "AOL-NetBIOS.Name.Service"
set type default
set internet-service-id 1572888
next
edit "RealNetworks-Other"
set type default
set internet-service-id 1638400
next
edit "RealNetworks-Web"
set type default
set internet-service-id 1638401
next
edit "RealNetworks-ICMP"
set type default
set internet-service-id 1638402
next
edit "RealNetworks-DNS"
set type default
set internet-service-id 1638403
next
edit "RealNetworks-Outbound_Email"
set type default
set internet-service-id 1638404
next
edit "RealNetworks-SSH"
set type default
set internet-service-id 1638406
next
edit "RealNetworks-FTP"
set type default
set internet-service-id 1638407
next
edit "RealNetworks-NTP"
set type default
set internet-service-id 1638408
next
edit "RealNetworks-Inbound_Email"
set type default
set internet-service-id 1638409
next
edit "RealNetworks-LDAP"
set type default
set internet-service-id 1638414
next
edit "RealNetworks-NetBIOS.Session.Service"
set type default
set internet-service-id 1638415
next
edit "RealNetworks-RTMP"
set type default
set internet-service-id 1638416
next
edit "RealNetworks-NetBIOS.Name.Service"
set type default
set internet-service-id 1638424
next
edit "Zoho-Other"
set type default
set internet-service-id 1703936
next
edit "Zoho-Web"
set type default
set internet-service-id 1703937
next
edit "Zoho-ICMP"
set type default
set internet-service-id 1703938
next
edit "Zoho-DNS"
set type default
set internet-service-id 1703939
next
edit "Zoho-Outbound_Email"
set type default
set internet-service-id 1703940
next
edit "Zoho-SSH"
set type default
set internet-service-id 1703942
next
edit "Zoho-FTP"
set type default
set internet-service-id 1703943
next
edit "Zoho-NTP"
set type default
set internet-service-id 1703944
next
edit "Zoho-Inbound_Email"
set type default
set internet-service-id 1703945
next
edit "Zoho-LDAP"
set type default
set internet-service-id 1703950
next
edit "Zoho-NetBIOS.Session.Service"
set type default
set internet-service-id 1703951
next
edit "Zoho-RTMP"
set type default
set internet-service-id 1703952
next
edit "Zoho-NetBIOS.Name.Service"
set type default
set internet-service-id 1703960
next
edit "Zoho-Site24x7.Monitor"
set type default
set internet-service-id 1704153
next
edit "Mozilla-Other"
set type default
set internet-service-id 1769472
next
edit "Mozilla-Web"
set type default
set internet-service-id 1769473
next
edit "Mozilla-ICMP"
set type default
set internet-service-id 1769474
next
edit "Mozilla-DNS"
set type default
set internet-service-id 1769475
next
edit "Mozilla-Outbound_Email"
set type default
set internet-service-id 1769476
next
edit "Mozilla-SSH"
set type default
set internet-service-id 1769478
next
edit "Mozilla-FTP"
set type default
set internet-service-id 1769479
next
edit "Mozilla-NTP"
set type default
set internet-service-id 1769480
next
edit "Mozilla-Inbound_Email"
set type default
set internet-service-id 1769481
next
edit "Mozilla-LDAP"
set type default
set internet-service-id 1769486
next
edit "Mozilla-NetBIOS.Session.Service"
set type default
set internet-service-id 1769487
next
edit "Mozilla-RTMP"
set type default
set internet-service-id 1769488
next
edit "Mozilla-NetBIOS.Name.Service"
set type default
set internet-service-id 1769496
next
edit "TeamViewer-Other"
set type default
set internet-service-id 1835008
next
edit "TeamViewer-Web"
set type default
set internet-service-id 1835009
next
edit "TeamViewer-ICMP"
set type default
set internet-service-id 1835010
next
edit "TeamViewer-DNS"
set type default
set internet-service-id 1835011
next
edit "TeamViewer-Outbound_Email"
set type default
set internet-service-id 1835012
next
edit "TeamViewer-SSH"
set type default
set internet-service-id 1835014
next
edit "TeamViewer-FTP"
set type default
set internet-service-id 1835015
next
edit "TeamViewer-NTP"
set type default
set internet-service-id 1835016
next
edit "TeamViewer-Inbound_Email"
set type default
set internet-service-id 1835017
next
edit "TeamViewer-LDAP"
set type default
set internet-service-id 1835022
next
edit "TeamViewer-NetBIOS.Session.Service"
set type default
set internet-service-id 1835023
next
edit "TeamViewer-RTMP"
set type default
set internet-service-id 1835024
next
edit "TeamViewer-NetBIOS.Name.Service"
set type default
set internet-service-id 1835032
next
edit "TeamViewer-TeamViewer"
set type default
set internet-service-id 1835117
next
edit "HP-Other"
set type default
set internet-service-id 1900544
next
edit "HP-Web"
set type default
set internet-service-id 1900545
next
edit "HP-ICMP"
set type default
set internet-service-id 1900546
next
edit "HP-DNS"
set type default
set internet-service-id 1900547
next
edit "HP-Outbound_Email"
set type default
set internet-service-id 1900548
next
edit "HP-SSH"
set type default
set internet-service-id 1900550
next
edit "HP-FTP"
set type default
set internet-service-id 1900551
next
edit "HP-NTP"
set type default
set internet-service-id 1900552
next
edit "HP-Inbound_Email"
set type default
set internet-service-id 1900553
next
edit "HP-LDAP"
set type default
set internet-service-id 1900558
next
edit "HP-NetBIOS.Session.Service"
set type default
set internet-service-id 1900559
next
edit "HP-RTMP"
set type default
set internet-service-id 1900560
next
edit "HP-NetBIOS.Name.Service"
set type default
set internet-service-id 1900568
next
edit "HP-Aruba"
set type default
set internet-service-id 1900726
next
edit "Cisco-Other"
set type default
set internet-service-id 1966080
next
edit "Cisco-Web"
set type default
set internet-service-id 1966081
next
edit "Cisco-ICMP"
set type default
set internet-service-id 1966082
next
edit "Cisco-DNS"
set type default
set internet-service-id 1966083
next
edit "Cisco-Outbound_Email"
set type default
set internet-service-id 1966084
next
edit "Cisco-SSH"
set type default
set internet-service-id 1966086
next
edit "Cisco-FTP"
set type default
set internet-service-id 1966087
next
edit "Cisco-NTP"
set type default
set internet-service-id 1966088
next
edit "Cisco-Inbound_Email"
set type default
set internet-service-id 1966089
next
edit "Cisco-LDAP"
set type default
set internet-service-id 1966094
next
edit "Cisco-NetBIOS.Session.Service"
set type default
set internet-service-id 1966095
next
edit "Cisco-RTMP"
set type default
set internet-service-id 1966096
next
edit "Cisco-NetBIOS.Name.Service"
set type default
set internet-service-id 1966104
next
edit "Cisco-Webex"
set type default
set internet-service-id 1966183
next
edit "Cisco-Meraki.Cloud"
set type default
set internet-service-id 1966218
next
edit "Cisco-Duo.Security"
set type default
set internet-service-id 1966225
next
edit "Cisco-AppDynamic"
set type default
set internet-service-id 1966260
next
edit "Cisco-Secure.Endpoint"
set type default
set internet-service-id 1966324
next
edit "IBM-Other"
set type default
set internet-service-id 2031616
next
edit "IBM-Web"
set type default
set internet-service-id 2031617
next
edit "IBM-ICMP"
set type default
set internet-service-id 2031618
next
edit "IBM-DNS"
set type default
set internet-service-id 2031619
next
edit "IBM-Outbound_Email"
set type default
set internet-service-id 2031620
next
edit "IBM-SSH"
set type default
set internet-service-id 2031622
next
edit "IBM-FTP"
set type default
set internet-service-id 2031623
next
edit "IBM-NTP"
set type default
set internet-service-id 2031624
next
edit "IBM-Inbound_Email"
set type default
set internet-service-id 2031625
next
edit "IBM-LDAP"
set type default
set internet-service-id 2031630
next
edit "IBM-NetBIOS.Session.Service"
set type default
set internet-service-id 2031631
next
edit "IBM-RTMP"
set type default
set internet-service-id 2031632
next
edit "IBM-NetBIOS.Name.Service"
set type default
set internet-service-id 2031640
next
edit "IBM-IBM.Cloud"
set type default
set internet-service-id 2031748
next
edit "Citrix-Other"
set type default
set internet-service-id 2097152
next
edit "Citrix-Web"
set type default
set internet-service-id 2097153
next
edit "Citrix-ICMP"
set type default
set internet-service-id 2097154
next
edit "Citrix-DNS"
set type default
set internet-service-id 2097155
next
edit "Citrix-Outbound_Email"
set type default
set internet-service-id 2097156
next
edit "Citrix-SSH"
set type default
set internet-service-id 2097158
next
edit "Citrix-FTP"
set type default
set internet-service-id 2097159
next
edit "Citrix-NTP"
set type default
set internet-service-id 2097160
next
edit "Citrix-Inbound_Email"
set type default
set internet-service-id 2097161
next
edit "Citrix-LDAP"
set type default
set internet-service-id 2097166
next
edit "Citrix-NetBIOS.Session.Service"
set type default
set internet-service-id 2097167
next
edit "Citrix-RTMP"
set type default
set internet-service-id 2097168
next
edit "Citrix-NetBIOS.Name.Service"
set type default
set internet-service-id 2097176
next
edit "Twitter-Other"
set type default
set internet-service-id 2162688
next
edit "Twitter-Web"
set type default
set internet-service-id 2162689
next
edit "Twitter-ICMP"
set type default
set internet-service-id 2162690
next
edit "Twitter-DNS"
set type default
set internet-service-id 2162691
next
edit "Twitter-Outbound_Email"
set type default
set internet-service-id 2162692
next
edit "Twitter-SSH"
set type default
set internet-service-id 2162694
next
edit "Twitter-FTP"
set type default
set internet-service-id 2162695
next
edit "Twitter-NTP"
set type default
set internet-service-id 2162696
next
edit "Twitter-Inbound_Email"
set type default
set internet-service-id 2162697
next
edit "Twitter-LDAP"
set type default
set internet-service-id 2162702
next
edit "Twitter-NetBIOS.Session.Service"
set type default
set internet-service-id 2162703
next
edit "Twitter-RTMP"
set type default
set internet-service-id 2162704
next
edit "Twitter-NetBIOS.Name.Service"
set type default
set internet-service-id 2162712
next
edit "Dell-Other"
set type default
set internet-service-id 2228224
next
edit "Dell-Web"
set type default
set internet-service-id 2228225
next
edit "Dell-ICMP"
set type default
set internet-service-id 2228226
next
edit "Dell-DNS"
set type default
set internet-service-id 2228227
next
edit "Dell-Outbound_Email"
set type default
set internet-service-id 2228228
next
edit "Dell-SSH"
set type default
set internet-service-id 2228230
next
edit "Dell-FTP"
set type default
set internet-service-id 2228231
next
edit "Dell-NTP"
set type default
set internet-service-id 2228232
next
edit "Dell-Inbound_Email"
set type default
set internet-service-id 2228233
next
edit "Dell-LDAP"
set type default
set internet-service-id 2228238
next
edit "Dell-NetBIOS.Session.Service"
set type default
set internet-service-id 2228239
next
edit "Dell-RTMP"
set type default
set internet-service-id 2228240
next
edit "Dell-NetBIOS.Name.Service"
set type default
set internet-service-id 2228248
next
edit "Vimeo-Other"
set type default
set internet-service-id 2293760
next
edit "Vimeo-Web"
set type default
set internet-service-id 2293761
next
edit "Vimeo-ICMP"
set type default
set internet-service-id 2293762
next
edit "Vimeo-DNS"
set type default
set internet-service-id 2293763
next
edit "Vimeo-Outbound_Email"
set type default
set internet-service-id 2293764
next
edit "Vimeo-SSH"
set type default
set internet-service-id 2293766
next
edit "Vimeo-FTP"
set type default
set internet-service-id 2293767
next
edit "Vimeo-NTP"
set type default
set internet-service-id 2293768
next
edit "Vimeo-Inbound_Email"
set type default
set internet-service-id 2293769
next
edit "Vimeo-LDAP"
set type default
set internet-service-id 2293774
next
edit "Vimeo-NetBIOS.Session.Service"
set type default
set internet-service-id 2293775
next
edit "Vimeo-RTMP"
set type default
set internet-service-id 2293776
next
edit "Vimeo-NetBIOS.Name.Service"
set type default
set internet-service-id 2293784
next
edit "Redhat-Other"
set type default
set internet-service-id 2359296
next
edit "Redhat-Web"
set type default
set internet-service-id 2359297
next
edit "Redhat-ICMP"
set type default
set internet-service-id 2359298
next
edit "Redhat-DNS"
set type default
set internet-service-id 2359299
next
edit "Redhat-Outbound_Email"
set type default
set internet-service-id 2359300
next
edit "Redhat-SSH"
set type default
set internet-service-id 2359302
next
edit "Redhat-FTP"
set type default
set internet-service-id 2359303
next
edit "Redhat-NTP"
set type default
set internet-service-id 2359304
next
edit "Redhat-Inbound_Email"
set type default
set internet-service-id 2359305
next
edit "Redhat-LDAP"
set type default
set internet-service-id 2359310
next
edit "Redhat-NetBIOS.Session.Service"
set type default
set internet-service-id 2359311
next
edit "Redhat-RTMP"
set type default
set internet-service-id 2359312
next
edit "Redhat-NetBIOS.Name.Service"
set type default
set internet-service-id 2359320
next
edit "VK-Other"
set type default
set internet-service-id 2424832
next
edit "VK-Web"
set type default
set internet-service-id 2424833
next
edit "VK-ICMP"
set type default
set internet-service-id 2424834
next
edit "VK-DNS"
set type default
set internet-service-id 2424835
next
edit "VK-Outbound_Email"
set type default
set internet-service-id 2424836
next
edit "VK-SSH"
set type default
set internet-service-id 2424838
next
edit "VK-FTP"
set type default
set internet-service-id 2424839
next
edit "VK-NTP"
set type default
set internet-service-id 2424840
next
edit "VK-Inbound_Email"
set type default
set internet-service-id 2424841
next
edit "VK-LDAP"
set type default
set internet-service-id 2424846
next
edit "VK-NetBIOS.Session.Service"
set type default
set internet-service-id 2424847
next
edit "VK-RTMP"
set type default
set internet-service-id 2424848
next
edit "VK-NetBIOS.Name.Service"
set type default
set internet-service-id 2424856
next
edit "TrendMicro-Other"
set type default
set internet-service-id 2490368
next
edit "TrendMicro-Web"
set type default
set internet-service-id 2490369
next
edit "TrendMicro-ICMP"
set type default
set internet-service-id 2490370
next
edit "TrendMicro-DNS"
set type default
set internet-service-id 2490371
next
edit "TrendMicro-Outbound_Email"
set type default
set internet-service-id 2490372
next
edit "TrendMicro-SSH"
set type default
set internet-service-id 2490374
next
edit "TrendMicro-FTP"
set type default
set internet-service-id 2490375
next
edit "TrendMicro-NTP"
set type default
set internet-service-id 2490376
next
edit "TrendMicro-Inbound_Email"
set type default
set internet-service-id 2490377
next
edit "TrendMicro-LDAP"
set type default
set internet-service-id 2490382
next
edit "TrendMicro-NetBIOS.Session.Service"
set type default
set internet-service-id 2490383
next
edit "TrendMicro-RTMP"
set type default
set internet-service-id 2490384
next
edit "TrendMicro-NetBIOS.Name.Service"
set type default
set internet-service-id 2490392
next
edit "Tencent-Other"
set type default
set internet-service-id 2555904
next
edit "Tencent-Web"
set type default
set internet-service-id 2555905
next
edit "Tencent-ICMP"
set type default
set internet-service-id 2555906
next
edit "Tencent-DNS"
set type default
set internet-service-id 2555907
next
edit "Tencent-Outbound_Email"
set type default
set internet-service-id 2555908
next
edit "Tencent-SSH"
set type default
set internet-service-id 2555910
next
edit "Tencent-FTP"
set type default
set internet-service-id 2555911
next
edit "Tencent-NTP"
set type default
set internet-service-id 2555912
next
edit "Tencent-Inbound_Email"
set type default
set internet-service-id 2555913
next
edit "Tencent-LDAP"
set type default
set internet-service-id 2555918
next
edit "Tencent-NetBIOS.Session.Service"
set type default
set internet-service-id 2555919
next
edit "Tencent-RTMP"
set type default
set internet-service-id 2555920
next
edit "Tencent-NetBIOS.Name.Service"
set type default
set internet-service-id 2555928
next
edit "Ask-Other"
set type default
set internet-service-id 2621440
next
edit "Ask-Web"
set type default
set internet-service-id 2621441
next
edit "Ask-ICMP"
set type default
set internet-service-id 2621442
next
edit "Ask-DNS"
set type default
set internet-service-id 2621443
next
edit "Ask-Outbound_Email"
set type default
set internet-service-id 2621444
next
edit "Ask-SSH"
set type default
set internet-service-id 2621446
next
edit "Ask-FTP"
set type default
set internet-service-id 2621447
next
edit "Ask-NTP"
set type default
set internet-service-id 2621448
next
edit "Ask-Inbound_Email"
set type default
set internet-service-id 2621449
next
edit "Ask-LDAP"
set type default
set internet-service-id 2621454
next
edit "Ask-NetBIOS.Session.Service"
set type default
set internet-service-id 2621455
next
edit "Ask-RTMP"
set type default
set internet-service-id 2621456
next
edit "Ask-NetBIOS.Name.Service"
set type default
set internet-service-id 2621464
next
edit "CNN-Other"
set type default
set internet-service-id 2686976
next
edit "CNN-Web"
set type default
set internet-service-id 2686977
next
edit "CNN-ICMP"
set type default
set internet-service-id 2686978
next
edit "CNN-DNS"
set type default
set internet-service-id 2686979
next
edit "CNN-Outbound_Email"
set type default
set internet-service-id 2686980
next
edit "CNN-SSH"
set type default
set internet-service-id 2686982
next
edit "CNN-FTP"
set type default
set internet-service-id 2686983
next
edit "CNN-NTP"
set type default
set internet-service-id 2686984
next
edit "CNN-Inbound_Email"
set type default
set internet-service-id 2686985
next
edit "CNN-LDAP"
set type default
set internet-service-id 2686990
next
edit "CNN-NetBIOS.Session.Service"
set type default
set internet-service-id 2686991
next
edit "CNN-RTMP"
set type default
set internet-service-id 2686992
next
edit "CNN-NetBIOS.Name.Service"
set type default
set internet-service-id 2687000
next
edit "Myspace-Other"
set type default
set internet-service-id 2752512
next
edit "Myspace-Web"
set type default
set internet-service-id 2752513
next
edit "Myspace-ICMP"
set type default
set internet-service-id 2752514
next
edit "Myspace-DNS"
set type default
set internet-service-id 2752515
next
edit "Myspace-Outbound_Email"
set type default
set internet-service-id 2752516
next
edit "Myspace-SSH"
set type default
set internet-service-id 2752518
next
edit "Myspace-FTP"
set type default
set internet-service-id 2752519
next
edit "Myspace-NTP"
set type default
set internet-service-id 2752520
next
edit "Myspace-Inbound_Email"
set type default
set internet-service-id 2752521
next
edit "Myspace-LDAP"
set type default
set internet-service-id 2752526
next
edit "Myspace-NetBIOS.Session.Service"
set type default
set internet-service-id 2752527
next
edit "Myspace-RTMP"
set type default
set internet-service-id 2752528
next
edit "Myspace-NetBIOS.Name.Service"
set type default
set internet-service-id 2752536
next
edit "Tor-Relay.Node"
set type default
set internet-service-id 2818238
next
edit "Tor-Exit.Node"
set type default
set internet-service-id 2818243
next
edit "Baidu-Other"
set type default
set internet-service-id 2883584
next
edit "Baidu-Web"
set type default
set internet-service-id 2883585
next
edit "Baidu-ICMP"
set type default
set internet-service-id 2883586
next
edit "Baidu-DNS"
set type default
set internet-service-id 2883587
next
edit "Baidu-Outbound_Email"
set type default
set internet-service-id 2883588
next
edit "Baidu-SSH"
set type default
set internet-service-id 2883590
next
edit "Baidu-FTP"
set type default
set internet-service-id 2883591
next
edit "Baidu-NTP"
set type default
set internet-service-id 2883592
next
edit "Baidu-Inbound_Email"
set type default
set internet-service-id 2883593
next
edit "Baidu-LDAP"
set type default
set internet-service-id 2883598
next
edit "Baidu-NetBIOS.Session.Service"
set type default
set internet-service-id 2883599
next
edit "Baidu-RTMP"
set type default
set internet-service-id 2883600
next
edit "Baidu-NetBIOS.Name.Service"
set type default
set internet-service-id 2883608
next
edit "ntp.org-Other"
set type default
set internet-service-id 2949120
next
edit "ntp.org-Web"
set type default
set internet-service-id 2949121
next
edit "ntp.org-ICMP"
set type default
set internet-service-id 2949122
next
edit "ntp.org-DNS"
set type default
set internet-service-id 2949123
next
edit "ntp.org-Outbound_Email"
set type default
set internet-service-id 2949124
next
edit "ntp.org-SSH"
set type default
set internet-service-id 2949126
next
edit "ntp.org-FTP"
set type default
set internet-service-id 2949127
next
edit "ntp.org-NTP"
set type default
set internet-service-id 2949128
next
edit "ntp.org-Inbound_Email"
set type default
set internet-service-id 2949129
next
edit "ntp.org-LDAP"
set type default
set internet-service-id 2949134
next
edit "ntp.org-NetBIOS.Session.Service"
set type default
set internet-service-id 2949135
next
edit "ntp.org-RTMP"
set type default
set internet-service-id 2949136
next
edit "ntp.org-NetBIOS.Name.Service"
set type default
set internet-service-id 2949144
next
edit "Proxy-Proxy.Server"
set type default
set internet-service-id 3014850
next
edit "Botnet-C&C.Server"
set type default
set internet-service-id 3080383
next
edit "Spam-Spamming.Server"
set type default
set internet-service-id 3145920
next
edit "Phishing-Phishing.Server"
set type default
set internet-service-id 3211457
next
edit "Zendesk-Other"
set type default
set internet-service-id 3407872
next
edit "Zendesk-Web"
set type default
set internet-service-id 3407873
next
edit "Zendesk-ICMP"
set type default
set internet-service-id 3407874
next
edit "Zendesk-DNS"
set type default
set internet-service-id 3407875
next
edit "Zendesk-Outbound_Email"
set type default
set internet-service-id 3407876
next
edit "Zendesk-SSH"
set type default
set internet-service-id 3407878
next
edit "Zendesk-FTP"
set type default
set internet-service-id 3407879
next
edit "Zendesk-NTP"
set type default
set internet-service-id 3407880
next
edit "Zendesk-Inbound_Email"
set type default
set internet-service-id 3407881
next
edit "Zendesk-LDAP"
set type default
set internet-service-id 3407886
next
edit "Zendesk-NetBIOS.Session.Service"
set type default
set internet-service-id 3407887
next
edit "Zendesk-RTMP"
set type default
set internet-service-id 3407888
next
edit "Zendesk-NetBIOS.Name.Service"
set type default
set internet-service-id 3407896
next
edit "Zendesk-Zendesk.Suite"
set type default
set internet-service-id 3408047
next
edit "DocuSign-Other"
set type default
set internet-service-id 3473408
next
edit "DocuSign-Web"
set type default
set internet-service-id 3473409
next
edit "DocuSign-ICMP"
set type default
set internet-service-id 3473410
next
edit "DocuSign-DNS"
set type default
set internet-service-id 3473411
next
edit "DocuSign-Outbound_Email"
set type default
set internet-service-id 3473412
next
edit "DocuSign-SSH"
set type default
set internet-service-id 3473414
next
edit "DocuSign-FTP"
set type default
set internet-service-id 3473415
next
edit "DocuSign-NTP"
set type default
set internet-service-id 3473416
next
edit "DocuSign-Inbound_Email"
set type default
set internet-service-id 3473417
next
edit "DocuSign-LDAP"
set type default
set internet-service-id 3473422
next
edit "DocuSign-NetBIOS.Session.Service"
set type default
set internet-service-id 3473423
next
edit "DocuSign-RTMP"
set type default
set internet-service-id 3473424
next
edit "DocuSign-NetBIOS.Name.Service"
set type default
set internet-service-id 3473432
next
edit "ServiceNow-Other"
set type default
set internet-service-id 3538944
next
edit "ServiceNow-Web"
set type default
set internet-service-id 3538945
next
edit "ServiceNow-ICMP"
set type default
set internet-service-id 3538946
next
edit "ServiceNow-DNS"
set type default
set internet-service-id 3538947
next
edit "ServiceNow-Outbound_Email"
set type default
set internet-service-id 3538948
next
edit "ServiceNow-SSH"
set type default
set internet-service-id 3538950
next
edit "ServiceNow-FTP"
set type default
set internet-service-id 3538951
next
edit "ServiceNow-NTP"
set type default
set internet-service-id 3538952
next
edit "ServiceNow-Inbound_Email"
set type default
set internet-service-id 3538953
next
edit "ServiceNow-LDAP"
set type default
set internet-service-id 3538958
next
edit "ServiceNow-NetBIOS.Session.Service"
set type default
set internet-service-id 3538959
next
edit "ServiceNow-RTMP"
set type default
set internet-service-id 3538960
next
edit "ServiceNow-NetBIOS.Name.Service"
set type default
set internet-service-id 3538968
next
edit "GitHub-GitHub"
set type default
set internet-service-id 3604638
next
edit "Workday-Other"
set type default
set internet-service-id 3670016
next
edit "Workday-Web"
set type default
set internet-service-id 3670017
next
edit "Workday-ICMP"
set type default
set internet-service-id 3670018
next
edit "Workday-DNS"
set type default
set internet-service-id 3670019
next
edit "Workday-Outbound_Email"
set type default
set internet-service-id 3670020
next
edit "Workday-SSH"
set type default
set internet-service-id 3670022
next
edit "Workday-FTP"
set type default
set internet-service-id 3670023
next
edit "Workday-NTP"
set type default
set internet-service-id 3670024
next
edit "Workday-Inbound_Email"
set type default
set internet-service-id 3670025
next
edit "Workday-LDAP"
set type default
set internet-service-id 3670030
next
edit "Workday-NetBIOS.Session.Service"
set type default
set internet-service-id 3670031
next
edit "Workday-RTMP"
set type default
set internet-service-id 3670032
next
edit "Workday-NetBIOS.Name.Service"
set type default
set internet-service-id 3670040
next
edit "HubSpot-Other"
set type default
set internet-service-id 3735552
next
edit "HubSpot-Web"
set type default
set internet-service-id 3735553
next
edit "HubSpot-ICMP"
set type default
set internet-service-id 3735554
next
edit "HubSpot-DNS"
set type default
set internet-service-id 3735555
next
edit "HubSpot-Outbound_Email"
set type default
set internet-service-id 3735556
next
edit "HubSpot-SSH"
set type default
set internet-service-id 3735558
next
edit "HubSpot-FTP"
set type default
set internet-service-id 3735559
next
edit "HubSpot-NTP"
set type default
set internet-service-id 3735560
next
edit "HubSpot-Inbound_Email"
set type default
set internet-service-id 3735561
next
edit "HubSpot-LDAP"
set type default
set internet-service-id 3735566
next
edit "HubSpot-NetBIOS.Session.Service"
set type default
set internet-service-id 3735567
next
edit "HubSpot-RTMP"
set type default
set internet-service-id 3735568
next
edit "HubSpot-NetBIOS.Name.Service"
set type default
set internet-service-id 3735576
next
edit "Twilio-Other"
set type default
set internet-service-id 3801088
next
edit "Twilio-Web"
set type default
set internet-service-id 3801089
next
edit "Twilio-ICMP"
set type default
set internet-service-id 3801090
next
edit "Twilio-DNS"
set type default
set internet-service-id 3801091
next
edit "Twilio-Outbound_Email"
set type default
set internet-service-id 3801092
next
edit "Twilio-SSH"
set type default
set internet-service-id 3801094
next
edit "Twilio-FTP"
set type default
set internet-service-id 3801095
next
edit "Twilio-NTP"
set type default
set internet-service-id 3801096
next
edit "Twilio-Inbound_Email"
set type default
set internet-service-id 3801097
next
edit "Twilio-LDAP"
set type default
set internet-service-id 3801102
next
edit "Twilio-NetBIOS.Session.Service"
set type default
set internet-service-id 3801103
next
edit "Twilio-RTMP"
set type default
set internet-service-id 3801104
next
edit "Twilio-NetBIOS.Name.Service"
set type default
set internet-service-id 3801112
next
edit "Twilio-Elastic.SIP.Trunking"
set type default
set internet-service-id 3801277
next
edit "Coupa-Other"
set type default
set internet-service-id 3866624
next
edit "Coupa-Web"
set type default
set internet-service-id 3866625
next
edit "Coupa-ICMP"
set type default
set internet-service-id 3866626
next
edit "Coupa-DNS"
set type default
set internet-service-id 3866627
next
edit "Coupa-Outbound_Email"
set type default
set internet-service-id 3866628
next
edit "Coupa-SSH"
set type default
set internet-service-id 3866630
next
edit "Coupa-FTP"
set type default
set internet-service-id 3866631
next
edit "Coupa-NTP"
set type default
set internet-service-id 3866632
next
edit "Coupa-Inbound_Email"
set type default
set internet-service-id 3866633
next
edit "Coupa-LDAP"
set type default
set internet-service-id 3866638
next
edit "Coupa-NetBIOS.Session.Service"
set type default
set internet-service-id 3866639
next
edit "Coupa-RTMP"
set type default
set internet-service-id 3866640
next
edit "Coupa-NetBIOS.Name.Service"
set type default
set internet-service-id 3866648
next
edit "Atlassian-Other"
set type default
set internet-service-id 3932160
next
edit "Atlassian-Web"
set type default
set internet-service-id 3932161
next
edit "Atlassian-ICMP"
set type default
set internet-service-id 3932162
next
edit "Atlassian-DNS"
set type default
set internet-service-id 3932163
next
edit "Atlassian-Outbound_Email"
set type default
set internet-service-id 3932164
next
edit "Atlassian-SSH"
set type default
set internet-service-id 3932166
next
edit "Atlassian-FTP"
set type default
set internet-service-id 3932167
next
edit "Atlassian-NTP"
set type default
set internet-service-id 3932168
next
edit "Atlassian-Inbound_Email"
set type default
set internet-service-id 3932169
next
edit "Atlassian-LDAP"
set type default
set internet-service-id 3932174
next
edit "Atlassian-NetBIOS.Session.Service"
set type default
set internet-service-id 3932175
next
edit "Atlassian-RTMP"
set type default
set internet-service-id 3932176
next
edit "Atlassian-NetBIOS.Name.Service"
set type default
set internet-service-id 3932184
next
edit "Atlassian-Atlassian.Cloud"
set type default
set internet-service-id 3932388
next
edit "Xero-Other"
set type default
set internet-service-id 3997696
next
edit "Xero-Web"
set type default
set internet-service-id 3997697
next
edit "Xero-ICMP"
set type default
set internet-service-id 3997698
next
edit "Xero-DNS"
set type default
set internet-service-id 3997699
next
edit "Xero-Outbound_Email"
set type default
set internet-service-id 3997700
next
edit "Xero-SSH"
set type default
set internet-service-id 3997702
next
edit "Xero-FTP"
set type default
set internet-service-id 3997703
next
edit "Xero-NTP"
set type default
set internet-service-id 3997704
next
edit "Xero-Inbound_Email"
set type default
set internet-service-id 3997705
next
edit "Xero-LDAP"
set type default
set internet-service-id 3997710
next
edit "Xero-NetBIOS.Session.Service"
set type default
set internet-service-id 3997711
next
edit "Xero-RTMP"
set type default
set internet-service-id 3997712
next
edit "Xero-NetBIOS.Name.Service"
set type default
set internet-service-id 3997720
next
edit "Zuora-Other"
set type default
set internet-service-id 4063232
next
edit "Zuora-Web"
set type default
set internet-service-id 4063233
next
edit "Zuora-ICMP"
set type default
set internet-service-id 4063234
next
edit "Zuora-DNS"
set type default
set internet-service-id 4063235
next
edit "Zuora-Outbound_Email"
set type default
set internet-service-id 4063236
next
edit "Zuora-SSH"
set type default
set internet-service-id 4063238
next
edit "Zuora-FTP"
set type default
set internet-service-id 4063239
next
edit "Zuora-NTP"
set type default
set internet-service-id 4063240
next
edit "Zuora-Inbound_Email"
set type default
set internet-service-id 4063241
next
edit "Zuora-LDAP"
set type default
set internet-service-id 4063246
next
edit "Zuora-NetBIOS.Session.Service"
set type default
set internet-service-id 4063247
next
edit "Zuora-RTMP"
set type default
set internet-service-id 4063248
next
edit "Zuora-NetBIOS.Name.Service"
set type default
set internet-service-id 4063256
next
edit "AdRoll-Other"
set type default
set internet-service-id 4128768
next
edit "AdRoll-Web"
set type default
set internet-service-id 4128769
next
edit "AdRoll-ICMP"
set type default
set internet-service-id 4128770
next
edit "AdRoll-DNS"
set type default
set internet-service-id 4128771
next
edit "AdRoll-Outbound_Email"
set type default
set internet-service-id 4128772
next
edit "AdRoll-SSH"
set type default
set internet-service-id 4128774
next
edit "AdRoll-FTP"
set type default
set internet-service-id 4128775
next
edit "AdRoll-NTP"
set type default
set internet-service-id 4128776
next
edit "AdRoll-Inbound_Email"
set type default
set internet-service-id 4128777
next
edit "AdRoll-LDAP"
set type default
set internet-service-id 4128782
next
edit "AdRoll-NetBIOS.Session.Service"
set type default
set internet-service-id 4128783
next
edit "AdRoll-RTMP"
set type default
set internet-service-id 4128784
next
edit "AdRoll-NetBIOS.Name.Service"
set type default
set internet-service-id 4128792
next
edit "Xactly-Other"
set type default
set internet-service-id 4194304
next
edit "Xactly-Web"
set type default
set internet-service-id 4194305
next
edit "Xactly-ICMP"
set type default
set internet-service-id 4194306
next
edit "Xactly-DNS"
set type default
set internet-service-id 4194307
next
edit "Xactly-Outbound_Email"
set type default
set internet-service-id 4194308
next
edit "Xactly-SSH"
set type default
set internet-service-id 4194310
next
edit "Xactly-FTP"
set type default
set internet-service-id 4194311
next
edit "Xactly-NTP"
set type default
set internet-service-id 4194312
next
edit "Xactly-Inbound_Email"
set type default
set internet-service-id 4194313
next
edit "Xactly-LDAP"
set type default
set internet-service-id 4194318
next
edit "Xactly-NetBIOS.Session.Service"
set type default
set internet-service-id 4194319
next
edit "Xactly-RTMP"
set type default
set internet-service-id 4194320
next
edit "Xactly-NetBIOS.Name.Service"
set type default
set internet-service-id 4194328
next
edit "Intuit-Other"
set type default
set internet-service-id 4259840
next
edit "Intuit-Web"
set type default
set internet-service-id 4259841
next
edit "Intuit-ICMP"
set type default
set internet-service-id 4259842
next
edit "Intuit-DNS"
set type default
set internet-service-id 4259843
next
edit "Intuit-Outbound_Email"
set type default
set internet-service-id 4259844
next
edit "Intuit-SSH"
set type default
set internet-service-id 4259846
next
edit "Intuit-FTP"
set type default
set internet-service-id 4259847
next
edit "Intuit-NTP"
set type default
set internet-service-id 4259848
next
edit "Intuit-Inbound_Email"
set type default
set internet-service-id 4259849
next
edit "Intuit-LDAP"
set type default
set internet-service-id 4259854
next
edit "Intuit-NetBIOS.Session.Service"
set type default
set internet-service-id 4259855
next
edit "Intuit-RTMP"
set type default
set internet-service-id 4259856
next
edit "Intuit-NetBIOS.Name.Service"
set type default
set internet-service-id 4259864
next
edit "Marketo-Other"
set type default
set internet-service-id 4325376
next
edit "Marketo-Web"
set type default
set internet-service-id 4325377
next
edit "Marketo-ICMP"
set type default
set internet-service-id 4325378
next
edit "Marketo-DNS"
set type default
set internet-service-id 4325379
next
edit "Marketo-Outbound_Email"
set type default
set internet-service-id 4325380
next
edit "Marketo-SSH"
set type default
set internet-service-id 4325382
next
edit "Marketo-FTP"
set type default
set internet-service-id 4325383
next
edit "Marketo-NTP"
set type default
set internet-service-id 4325384
next
edit "Marketo-Inbound_Email"
set type default
set internet-service-id 4325385
next
edit "Marketo-LDAP"
set type default
set internet-service-id 4325390
next
edit "Marketo-NetBIOS.Session.Service"
set type default
set internet-service-id 4325391
next
edit "Marketo-RTMP"
set type default
set internet-service-id 4325392
next
edit "Marketo-NetBIOS.Name.Service"
set type default
set internet-service-id 4325400
next
edit "Bill-Other"
set type default
set internet-service-id 4456448
next
edit "Bill-Web"
set type default
set internet-service-id 4456449
next
edit "Bill-ICMP"
set type default
set internet-service-id 4456450
next
edit "Bill-DNS"
set type default
set internet-service-id 4456451
next
edit "Bill-Outbound_Email"
set type default
set internet-service-id 4456452
next
edit "Bill-SSH"
set type default
set internet-service-id 4456454
next
edit "Bill-FTP"
set type default
set internet-service-id 4456455
next
edit "Bill-NTP"
set type default
set internet-service-id 4456456
next
edit "Bill-Inbound_Email"
set type default
set internet-service-id 4456457
next
edit "Bill-LDAP"
set type default
set internet-service-id 4456462
next
edit "Bill-NetBIOS.Session.Service"
set type default
set internet-service-id 4456463
next
edit "Bill-RTMP"
set type default
set internet-service-id 4456464
next
edit "Bill-NetBIOS.Name.Service"
set type default
set internet-service-id 4456472
next
edit "Shopify-Other"
set type default
set internet-service-id 4521984
next
edit "Shopify-Web"
set type default
set internet-service-id 4521985
next
edit "Shopify-ICMP"
set type default
set internet-service-id 4521986
next
edit "Shopify-DNS"
set type default
set internet-service-id 4521987
next
edit "Shopify-Outbound_Email"
set type default
set internet-service-id 4521988
next
edit "Shopify-SSH"
set type default
set internet-service-id 4521990
next
edit "Shopify-FTP"
set type default
set internet-service-id 4521991
next
edit "Shopify-NTP"
set type default
set internet-service-id 4521992
next
edit "Shopify-Inbound_Email"
set type default
set internet-service-id 4521993
next
edit "Shopify-LDAP"
set type default
set internet-service-id 4521998
next
edit "Shopify-NetBIOS.Session.Service"
set type default
set internet-service-id 4521999
next
edit "Shopify-RTMP"
set type default
set internet-service-id 4522000
next
edit "Shopify-NetBIOS.Name.Service"
set type default
set internet-service-id 4522008
next
edit "Shopify-Shopify"
set type default
set internet-service-id 4522162
next
edit "MuleSoft-Other"
set type default
set internet-service-id 4587520
next
edit "MuleSoft-Web"
set type default
set internet-service-id 4587521
next
edit "MuleSoft-ICMP"
set type default
set internet-service-id 4587522
next
edit "MuleSoft-DNS"
set type default
set internet-service-id 4587523
next
edit "MuleSoft-Outbound_Email"
set type default
set internet-service-id 4587524
next
edit "MuleSoft-SSH"
set type default
set internet-service-id 4587526
next
edit "MuleSoft-FTP"
set type default
set internet-service-id 4587527
next
edit "MuleSoft-NTP"
set type default
set internet-service-id 4587528
next
edit "MuleSoft-Inbound_Email"
set type default
set internet-service-id 4587529
next
edit "MuleSoft-LDAP"
set type default
set internet-service-id 4587534
next
edit "MuleSoft-NetBIOS.Session.Service"
set type default
set internet-service-id 4587535
next
edit "MuleSoft-RTMP"
set type default
set internet-service-id 4587536
next
edit "MuleSoft-NetBIOS.Name.Service"
set type default
set internet-service-id 4587544
next
edit "Cornerstone-Other"
set type default
set internet-service-id 4653056
next
edit "Cornerstone-Web"
set type default
set internet-service-id 4653057
next
edit "Cornerstone-ICMP"
set type default
set internet-service-id 4653058
next
edit "Cornerstone-DNS"
set type default
set internet-service-id 4653059
next
edit "Cornerstone-Outbound_Email"
set type default
set internet-service-id 4653060
next
edit "Cornerstone-SSH"
set type default
set internet-service-id 4653062
next
edit "Cornerstone-FTP"
set type default
set internet-service-id 4653063
next
edit "Cornerstone-NTP"
set type default
set internet-service-id 4653064
next
edit "Cornerstone-Inbound_Email"
set type default
set internet-service-id 4653065
next
edit "Cornerstone-LDAP"
set type default
set internet-service-id 4653070
next
edit "Cornerstone-NetBIOS.Session.Service"
set type default
set internet-service-id 4653071
next
edit "Cornerstone-RTMP"
set type default
set internet-service-id 4653072
next
edit "Cornerstone-NetBIOS.Name.Service"
set type default
set internet-service-id 4653080
next
edit "Eventbrite-Other"
set type default
set internet-service-id 4718592
next
edit "Eventbrite-Web"
set type default
set internet-service-id 4718593
next
edit "Eventbrite-ICMP"
set type default
set internet-service-id 4718594
next
edit "Eventbrite-DNS"
set type default
set internet-service-id 4718595
next
edit "Eventbrite-Outbound_Email"
set type default
set internet-service-id 4718596
next
edit "Eventbrite-SSH"
set type default
set internet-service-id 4718598
next
edit "Eventbrite-FTP"
set type default
set internet-service-id 4718599
next
edit "Eventbrite-NTP"
set type default
set internet-service-id 4718600
next
edit "Eventbrite-Inbound_Email"
set type default
set internet-service-id 4718601
next
edit "Eventbrite-LDAP"
set type default
set internet-service-id 4718606
next
edit "Eventbrite-NetBIOS.Session.Service"
set type default
set internet-service-id 4718607
next
edit "Eventbrite-RTMP"
set type default
set internet-service-id 4718608
next
edit "Eventbrite-NetBIOS.Name.Service"
set type default
set internet-service-id 4718616
next
edit "Paychex-Other"
set type default
set internet-service-id 4784128
next
edit "Paychex-Web"
set type default
set internet-service-id 4784129
next
edit "Paychex-ICMP"
set type default
set internet-service-id 4784130
next
edit "Paychex-DNS"
set type default
set internet-service-id 4784131
next
edit "Paychex-Outbound_Email"
set type default
set internet-service-id 4784132
next
edit "Paychex-SSH"
set type default
set internet-service-id 4784134
next
edit "Paychex-FTP"
set type default
set internet-service-id 4784135
next
edit "Paychex-NTP"
set type default
set internet-service-id 4784136
next
edit "Paychex-Inbound_Email"
set type default
set internet-service-id 4784137
next
edit "Paychex-LDAP"
set type default
set internet-service-id 4784142
next
edit "Paychex-NetBIOS.Session.Service"
set type default
set internet-service-id 4784143
next
edit "Paychex-RTMP"
set type default
set internet-service-id 4784144
next
edit "Paychex-NetBIOS.Name.Service"
set type default
set internet-service-id 4784152
next
edit "NewRelic-Other"
set type default
set internet-service-id 4849664
next
edit "NewRelic-Web"
set type default
set internet-service-id 4849665
next
edit "NewRelic-ICMP"
set type default
set internet-service-id 4849666
next
edit "NewRelic-DNS"
set type default
set internet-service-id 4849667
next
edit "NewRelic-Outbound_Email"
set type default
set internet-service-id 4849668
next
edit "NewRelic-SSH"
set type default
set internet-service-id 4849670
next
edit "NewRelic-FTP"
set type default
set internet-service-id 4849671
next
edit "NewRelic-NTP"
set type default
set internet-service-id 4849672
next
edit "NewRelic-Inbound_Email"
set type default
set internet-service-id 4849673
next
edit "NewRelic-LDAP"
set type default
set internet-service-id 4849678
next
edit "NewRelic-NetBIOS.Session.Service"
set type default
set internet-service-id 4849679
next
edit "NewRelic-RTMP"
set type default
set internet-service-id 4849680
next
edit "NewRelic-NetBIOS.Name.Service"
set type default
set internet-service-id 4849688
next
edit "Splunk-Other"
set type default
set internet-service-id 4915200
next
edit "Splunk-Web"
set type default
set internet-service-id 4915201
next
edit "Splunk-ICMP"
set type default
set internet-service-id 4915202
next
edit "Splunk-DNS"
set type default
set internet-service-id 4915203
next
edit "Splunk-Outbound_Email"
set type default
set internet-service-id 4915204
next
edit "Splunk-SSH"
set type default
set internet-service-id 4915206
next
edit "Splunk-FTP"
set type default
set internet-service-id 4915207
next
edit "Splunk-NTP"
set type default
set internet-service-id 4915208
next
edit "Splunk-Inbound_Email"
set type default
set internet-service-id 4915209
next
edit "Splunk-LDAP"
set type default
set internet-service-id 4915214
next
edit "Splunk-NetBIOS.Session.Service"
set type default
set internet-service-id 4915215
next
edit "Splunk-RTMP"
set type default
set internet-service-id 4915216
next
edit "Splunk-NetBIOS.Name.Service"
set type default
set internet-service-id 4915224
next
edit "Domo-Other"
set type default
set internet-service-id 4980736
next
edit "Domo-Web"
set type default
set internet-service-id 4980737
next
edit "Domo-ICMP"
set type default
set internet-service-id 4980738
next
edit "Domo-DNS"
set type default
set internet-service-id 4980739
next
edit "Domo-Outbound_Email"
set type default
set internet-service-id 4980740
next
edit "Domo-SSH"
set type default
set internet-service-id 4980742
next
edit "Domo-FTP"
set type default
set internet-service-id 4980743
next
edit "Domo-NTP"
set type default
set internet-service-id 4980744
next
edit "Domo-Inbound_Email"
set type default
set internet-service-id 4980745
next
edit "Domo-LDAP"
set type default
set internet-service-id 4980750
next
edit "Domo-NetBIOS.Session.Service"
set type default
set internet-service-id 4980751
next
edit "Domo-RTMP"
set type default
set internet-service-id 4980752
next
edit "Domo-NetBIOS.Name.Service"
set type default
set internet-service-id 4980760
next
edit "FreshBooks-Other"
set type default
set internet-service-id 5046272
next
edit "FreshBooks-Web"
set type default
set internet-service-id 5046273
next
edit "FreshBooks-ICMP"
set type default
set internet-service-id 5046274
next
edit "FreshBooks-DNS"
set type default
set internet-service-id 5046275
next
edit "FreshBooks-Outbound_Email"
set type default
set internet-service-id 5046276
next
edit "FreshBooks-SSH"
set type default
set internet-service-id 5046278
next
edit "FreshBooks-FTP"
set type default
set internet-service-id 5046279
next
edit "FreshBooks-NTP"
set type default
set internet-service-id 5046280
next
edit "FreshBooks-Inbound_Email"
set type default
set internet-service-id 5046281
next
edit "FreshBooks-LDAP"
set type default
set internet-service-id 5046286
next
edit "FreshBooks-NetBIOS.Session.Service"
set type default
set internet-service-id 5046287
next
edit "FreshBooks-RTMP"
set type default
set internet-service-id 5046288
next
edit "FreshBooks-NetBIOS.Name.Service"
set type default
set internet-service-id 5046296
next
edit "Tableau-Other"
set type default
set internet-service-id 5111808
next
edit "Tableau-Web"
set type default
set internet-service-id 5111809
next
edit "Tableau-ICMP"
set type default
set internet-service-id 5111810
next
edit "Tableau-DNS"
set type default
set internet-service-id 5111811
next
edit "Tableau-Outbound_Email"
set type default
set internet-service-id 5111812
next
edit "Tableau-SSH"
set type default
set internet-service-id 5111814
next
edit "Tableau-FTP"
set type default
set internet-service-id 5111815
next
edit "Tableau-NTP"
set type default
set internet-service-id 5111816
next
edit "Tableau-Inbound_Email"
set type default
set internet-service-id 5111817
next
edit "Tableau-LDAP"
set type default
set internet-service-id 5111822
next
edit "Tableau-NetBIOS.Session.Service"
set type default
set internet-service-id 5111823
next
edit "Tableau-RTMP"
set type default
set internet-service-id 5111824
next
edit "Tableau-NetBIOS.Name.Service"
set type default
set internet-service-id 5111832
next
edit "Druva-Other"
set type default
set internet-service-id 5177344
next
edit "Druva-Web"
set type default
set internet-service-id 5177345
next
edit "Druva-ICMP"
set type default
set internet-service-id 5177346
next
edit "Druva-DNS"
set type default
set internet-service-id 5177347
next
edit "Druva-Outbound_Email"
set type default
set internet-service-id 5177348
next
edit "Druva-SSH"
set type default
set internet-service-id 5177350
next
edit "Druva-FTP"
set type default
set internet-service-id 5177351
next
edit "Druva-NTP"
set type default
set internet-service-id 5177352
next
edit "Druva-Inbound_Email"
set type default
set internet-service-id 5177353
next
edit "Druva-LDAP"
set type default
set internet-service-id 5177358
next
edit "Druva-NetBIOS.Session.Service"
set type default
set internet-service-id 5177359
next
edit "Druva-RTMP"
set type default
set internet-service-id 5177360
next
edit "Druva-NetBIOS.Name.Service"
set type default
set internet-service-id 5177368
next
edit "Act-on-Other"
set type default
set internet-service-id 5242880
next
edit "Act-on-Web"
set type default
set internet-service-id 5242881
next
edit "Act-on-ICMP"
set type default
set internet-service-id 5242882
next
edit "Act-on-DNS"
set type default
set internet-service-id 5242883
next
edit "Act-on-Outbound_Email"
set type default
set internet-service-id 5242884
next
edit "Act-on-SSH"
set type default
set internet-service-id 5242886
next
edit "Act-on-FTP"
set type default
set internet-service-id 5242887
next
edit "Act-on-NTP"
set type default
set internet-service-id 5242888
next
edit "Act-on-Inbound_Email"
set type default
set internet-service-id 5242889
next
edit "Act-on-LDAP"
set type default
set internet-service-id 5242894
next
edit "Act-on-NetBIOS.Session.Service"
set type default
set internet-service-id 5242895
next
edit "Act-on-RTMP"
set type default
set internet-service-id 5242896
next
edit "Act-on-NetBIOS.Name.Service"
set type default
set internet-service-id 5242904
next
edit "GoodData-Other"
set type default
set internet-service-id 5308416
next
edit "GoodData-Web"
set type default
set internet-service-id 5308417
next
edit "GoodData-ICMP"
set type default
set internet-service-id 5308418
next
edit "GoodData-DNS"
set type default
set internet-service-id 5308419
next
edit "GoodData-Outbound_Email"
set type default
set internet-service-id 5308420
next
edit "GoodData-SSH"
set type default
set internet-service-id 5308422
next
edit "GoodData-FTP"
set type default
set internet-service-id 5308423
next
edit "GoodData-NTP"
set type default
set internet-service-id 5308424
next
edit "GoodData-Inbound_Email"
set type default
set internet-service-id 5308425
next
edit "GoodData-LDAP"
set type default
set internet-service-id 5308430
next
edit "GoodData-NetBIOS.Session.Service"
set type default
set internet-service-id 5308431
next
edit "GoodData-RTMP"
set type default
set internet-service-id 5308432
next
edit "GoodData-NetBIOS.Name.Service"
set type default
set internet-service-id 5308440
next
edit "SurveyMonkey-Other"
set type default
set internet-service-id 5373952
next
edit "SurveyMonkey-Web"
set type default
set internet-service-id 5373953
next
edit "SurveyMonkey-ICMP"
set type default
set internet-service-id 5373954
next
edit "SurveyMonkey-DNS"
set type default
set internet-service-id 5373955
next
edit "SurveyMonkey-Outbound_Email"
set type default
set internet-service-id 5373956
next
edit "SurveyMonkey-SSH"
set type default
set internet-service-id 5373958
next
edit "SurveyMonkey-FTP"
set type default
set internet-service-id 5373959
next
edit "SurveyMonkey-NTP"
set type default
set internet-service-id 5373960
next
edit "SurveyMonkey-Inbound_Email"
set type default
set internet-service-id 5373961
next
edit "SurveyMonkey-LDAP"
set type default
set internet-service-id 5373966
next
edit "SurveyMonkey-NetBIOS.Session.Service"
set type default
set internet-service-id 5373967
next
edit "SurveyMonkey-RTMP"
set type default
set internet-service-id 5373968
next
edit "SurveyMonkey-NetBIOS.Name.Service"
set type default
set internet-service-id 5373976
next
edit "Cvent-Other"
set type default
set internet-service-id 5439488
next
edit "Cvent-Web"
set type default
set internet-service-id 5439489
next
edit "Cvent-ICMP"
set type default
set internet-service-id 5439490
next
edit "Cvent-DNS"
set type default
set internet-service-id 5439491
next
edit "Cvent-Outbound_Email"
set type default
set internet-service-id 5439492
next
edit "Cvent-SSH"
set type default
set internet-service-id 5439494
next
edit "Cvent-FTP"
set type default
set internet-service-id 5439495
next
edit "Cvent-NTP"
set type default
set internet-service-id 5439496
next
edit "Cvent-Inbound_Email"
set type default
set internet-service-id 5439497
next
edit "Cvent-LDAP"
set type default
set internet-service-id 5439502
next
edit "Cvent-NetBIOS.Session.Service"
set type default
set internet-service-id 5439503
next
edit "Cvent-RTMP"
set type default
set internet-service-id 5439504
next
edit "Cvent-NetBIOS.Name.Service"
set type default
set internet-service-id 5439512
next
edit "Blackbaud-Other"
set type default
set internet-service-id 5505024
next
edit "Blackbaud-Web"
set type default
set internet-service-id 5505025
next
edit "Blackbaud-ICMP"
set type default
set internet-service-id 5505026
next
edit "Blackbaud-DNS"
set type default
set internet-service-id 5505027
next
edit "Blackbaud-Outbound_Email"
set type default
set internet-service-id 5505028
next
edit "Blackbaud-SSH"
set type default
set internet-service-id 5505030
next
edit "Blackbaud-FTP"
set type default
set internet-service-id 5505031
next
edit "Blackbaud-NTP"
set type default
set internet-service-id 5505032
next
edit "Blackbaud-Inbound_Email"
set type default
set internet-service-id 5505033
next
edit "Blackbaud-LDAP"
set type default
set internet-service-id 5505038
next
edit "Blackbaud-NetBIOS.Session.Service"
set type default
set internet-service-id 5505039
next
edit "Blackbaud-RTMP"
set type default
set internet-service-id 5505040
next
edit "Blackbaud-NetBIOS.Name.Service"
set type default
set internet-service-id 5505048
next
edit "InsideSales-Other"
set type default
set internet-service-id 5570560
next
edit "InsideSales-Web"
set type default
set internet-service-id 5570561
next
edit "InsideSales-ICMP"
set type default
set internet-service-id 5570562
next
edit "InsideSales-DNS"
set type default
set internet-service-id 5570563
next
edit "InsideSales-Outbound_Email"
set type default
set internet-service-id 5570564
next
edit "InsideSales-SSH"
set type default
set internet-service-id 5570566
next
edit "InsideSales-FTP"
set type default
set internet-service-id 5570567
next
edit "InsideSales-NTP"
set type default
set internet-service-id 5570568
next
edit "InsideSales-Inbound_Email"
set type default
set internet-service-id 5570569
next
edit "InsideSales-LDAP"
set type default
set internet-service-id 5570574
next
edit "InsideSales-NetBIOS.Session.Service"
set type default
set internet-service-id 5570575
next
edit "InsideSales-RTMP"
set type default
set internet-service-id 5570576
next
edit "InsideSales-NetBIOS.Name.Service"
set type default
set internet-service-id 5570584
next
edit "ServiceMax-Other"
set type default
set internet-service-id 5636096
next
edit "ServiceMax-Web"
set type default
set internet-service-id 5636097
next
edit "ServiceMax-ICMP"
set type default
set internet-service-id 5636098
next
edit "ServiceMax-DNS"
set type default
set internet-service-id 5636099
next
edit "ServiceMax-Outbound_Email"
set type default
set internet-service-id 5636100
next
edit "ServiceMax-SSH"
set type default
set internet-service-id 5636102
next
edit "ServiceMax-FTP"
set type default
set internet-service-id 5636103
next
edit "ServiceMax-NTP"
set type default
set internet-service-id 5636104
next
edit "ServiceMax-Inbound_Email"
set type default
set internet-service-id 5636105
next
edit "ServiceMax-LDAP"
set type default
set internet-service-id 5636110
next
edit "ServiceMax-NetBIOS.Session.Service"
set type default
set internet-service-id 5636111
next
edit "ServiceMax-RTMP"
set type default
set internet-service-id 5636112
next
edit "ServiceMax-NetBIOS.Name.Service"
set type default
set internet-service-id 5636120
next
edit "Apptio-Other"
set type default
set internet-service-id 5701632
next
edit "Apptio-Web"
set type default
set internet-service-id 5701633
next
edit "Apptio-ICMP"
set type default
set internet-service-id 5701634
next
edit "Apptio-DNS"
set type default
set internet-service-id 5701635
next
edit "Apptio-Outbound_Email"
set type default
set internet-service-id 5701636
next
edit "Apptio-SSH"
set type default
set internet-service-id 5701638
next
edit "Apptio-FTP"
set type default
set internet-service-id 5701639
next
edit "Apptio-NTP"
set type default
set internet-service-id 5701640
next
edit "Apptio-Inbound_Email"
set type default
set internet-service-id 5701641
next
edit "Apptio-LDAP"
set type default
set internet-service-id 5701646
next
edit "Apptio-NetBIOS.Session.Service"
set type default
set internet-service-id 5701647
next
edit "Apptio-RTMP"
set type default
set internet-service-id 5701648
next
edit "Apptio-NetBIOS.Name.Service"
set type default
set internet-service-id 5701656
next
edit "Veracode-Other"
set type default
set internet-service-id 5767168
next
edit "Veracode-Web"
set type default
set internet-service-id 5767169
next
edit "Veracode-ICMP"
set type default
set internet-service-id 5767170
next
edit "Veracode-DNS"
set type default
set internet-service-id 5767171
next
edit "Veracode-Outbound_Email"
set type default
set internet-service-id 5767172
next
edit "Veracode-SSH"
set type default
set internet-service-id 5767174
next
edit "Veracode-FTP"
set type default
set internet-service-id 5767175
next
edit "Veracode-NTP"
set type default
set internet-service-id 5767176
next
edit "Veracode-Inbound_Email"
set type default
set internet-service-id 5767177
next
edit "Veracode-LDAP"
set type default
set internet-service-id 5767182
next
edit "Veracode-NetBIOS.Session.Service"
set type default
set internet-service-id 5767183
next
edit "Veracode-RTMP"
set type default
set internet-service-id 5767184
next
edit "Veracode-NetBIOS.Name.Service"
set type default
set internet-service-id 5767192
next
edit "Anaplan-Other"
set type default
set internet-service-id 5832704
next
edit "Anaplan-Web"
set type default
set internet-service-id 5832705
next
edit "Anaplan-ICMP"
set type default
set internet-service-id 5832706
next
edit "Anaplan-DNS"
set type default
set internet-service-id 5832707
next
edit "Anaplan-Outbound_Email"
set type default
set internet-service-id 5832708
next
edit "Anaplan-SSH"
set type default
set internet-service-id 5832710
next
edit "Anaplan-FTP"
set type default
set internet-service-id 5832711
next
edit "Anaplan-NTP"
set type default
set internet-service-id 5832712
next
edit "Anaplan-Inbound_Email"
set type default
set internet-service-id 5832713
next
edit "Anaplan-LDAP"
set type default
set internet-service-id 5832718
next
edit "Anaplan-NetBIOS.Session.Service"
set type default
set internet-service-id 5832719
next
edit "Anaplan-RTMP"
set type default
set internet-service-id 5832720
next
edit "Anaplan-NetBIOS.Name.Service"
set type default
set internet-service-id 5832728
next
edit "Rapid7-Other"
set type default
set internet-service-id 5898240
next
edit "Rapid7-Web"
set type default
set internet-service-id 5898241
next
edit "Rapid7-ICMP"
set type default
set internet-service-id 5898242
next
edit "Rapid7-DNS"
set type default
set internet-service-id 5898243
next
edit "Rapid7-Outbound_Email"
set type default
set internet-service-id 5898244
next
edit "Rapid7-SSH"
set type default
set internet-service-id 5898246
next
edit "Rapid7-FTP"
set type default
set internet-service-id 5898247
next
edit "Rapid7-NTP"
set type default
set internet-service-id 5898248
next
edit "Rapid7-Inbound_Email"
set type default
set internet-service-id 5898249
next
edit "Rapid7-LDAP"
set type default
set internet-service-id 5898254
next
edit "Rapid7-NetBIOS.Session.Service"
set type default
set internet-service-id 5898255
next
edit "Rapid7-RTMP"
set type default
set internet-service-id 5898256
next
edit "Rapid7-NetBIOS.Name.Service"
set type default
set internet-service-id 5898264
next
edit "AnyDesk-AnyDesk"
set type default
set internet-service-id 5963927
next
edit "ESET-Eset.Service"
set type default
set internet-service-id 6029426
next
edit "Slack-Other"
set type default
set internet-service-id 6094848
next
edit "Slack-Web"
set type default
set internet-service-id 6094849
next
edit "Slack-ICMP"
set type default
set internet-service-id 6094850
next
edit "Slack-DNS"
set type default
set internet-service-id 6094851
next
edit "Slack-Outbound_Email"
set type default
set internet-service-id 6094852
next
edit "Slack-SSH"
set type default
set internet-service-id 6094854
next
edit "Slack-FTP"
set type default
set internet-service-id 6094855
next
edit "Slack-NTP"
set type default
set internet-service-id 6094856
next
edit "Slack-Inbound_Email"
set type default
set internet-service-id 6094857
next
edit "Slack-LDAP"
set type default
set internet-service-id 6094862
next
edit "Slack-NetBIOS.Session.Service"
set type default
set internet-service-id 6094863
next
edit "Slack-RTMP"
set type default
set internet-service-id 6094864
next
edit "Slack-NetBIOS.Name.Service"
set type default
set internet-service-id 6094872
next
edit "Slack-Slack"
set type default
set internet-service-id 6095024
next
edit "ADP-Other"
set type default
set internet-service-id 6160384
next
edit "ADP-Web"
set type default
set internet-service-id 6160385
next
edit "ADP-ICMP"
set type default
set internet-service-id 6160386
next
edit "ADP-DNS"
set type default
set internet-service-id 6160387
next
edit "ADP-Outbound_Email"
set type default
set internet-service-id 6160388
next
edit "ADP-SSH"
set type default
set internet-service-id 6160390
next
edit "ADP-FTP"
set type default
set internet-service-id 6160391
next
edit "ADP-NTP"
set type default
set internet-service-id 6160392
next
edit "ADP-Inbound_Email"
set type default
set internet-service-id 6160393
next
edit "ADP-LDAP"
set type default
set internet-service-id 6160398
next
edit "ADP-NetBIOS.Session.Service"
set type default
set internet-service-id 6160399
next
edit "ADP-RTMP"
set type default
set internet-service-id 6160400
next
edit "ADP-NetBIOS.Name.Service"
set type default
set internet-service-id 6160408
next
edit "Blackboard-Other"
set type default
set internet-service-id 6225920
next
edit "Blackboard-Web"
set type default
set internet-service-id 6225921
next
edit "Blackboard-ICMP"
set type default
set internet-service-id 6225922
next
edit "Blackboard-DNS"
set type default
set internet-service-id 6225923
next
edit "Blackboard-Outbound_Email"
set type default
set internet-service-id 6225924
next
edit "Blackboard-SSH"
set type default
set internet-service-id 6225926
next
edit "Blackboard-FTP"
set type default
set internet-service-id 6225927
next
edit "Blackboard-NTP"
set type default
set internet-service-id 6225928
next
edit "Blackboard-Inbound_Email"
set type default
set internet-service-id 6225929
next
edit "Blackboard-LDAP"
set type default
set internet-service-id 6225934
next
edit "Blackboard-NetBIOS.Session.Service"
set type default
set internet-service-id 6225935
next
edit "Blackboard-RTMP"
set type default
set internet-service-id 6225936
next
edit "Blackboard-NetBIOS.Name.Service"
set type default
set internet-service-id 6225944
next
edit "SAP-Other"
set type default
set internet-service-id 6291456
next
edit "SAP-Web"
set type default
set internet-service-id 6291457
next
edit "SAP-ICMP"
set type default
set internet-service-id 6291458
next
edit "SAP-DNS"
set type default
set internet-service-id 6291459
next
edit "SAP-Outbound_Email"
set type default
set internet-service-id 6291460
next
edit "SAP-SSH"
set type default
set internet-service-id 6291462
next
edit "SAP-FTP"
set type default
set internet-service-id 6291463
next
edit "SAP-NTP"
set type default
set internet-service-id 6291464
next
edit "SAP-Inbound_Email"
set type default
set internet-service-id 6291465
next
edit "SAP-LDAP"
set type default
set internet-service-id 6291470
next
edit "SAP-NetBIOS.Session.Service"
set type default
set internet-service-id 6291471
next
edit "SAP-RTMP"
set type default
set internet-service-id 6291472
next
edit "SAP-NetBIOS.Name.Service"
set type default
set internet-service-id 6291480
next
edit "SAP-HANA"
set type default
set internet-service-id 6291612
next
edit "SAP-SuccessFactors"
set type default
set internet-service-id 6291618
next
edit "Snap-Snapchat"
set type default
set internet-service-id 6357108
next
edit "Zoom.us-Zoom.Meeting"
set type default
set internet-service-id 6422646
next
edit "Sophos-Other"
set type default
set internet-service-id 6488064
next
edit "Sophos-Web"
set type default
set internet-service-id 6488065
next
edit "Sophos-ICMP"
set type default
set internet-service-id 6488066
next
edit "Sophos-DNS"
set type default
set internet-service-id 6488067
next
edit "Sophos-Outbound_Email"
set type default
set internet-service-id 6488068
next
edit "Sophos-SSH"
set type default
set internet-service-id 6488070
next
edit "Sophos-FTP"
set type default
set internet-service-id 6488071
next
edit "Sophos-NTP"
set type default
set internet-service-id 6488072
next
edit "Sophos-Inbound_Email"
set type default
set internet-service-id 6488073
next
edit "Sophos-LDAP"
set type default
set internet-service-id 6488078
next
edit "Sophos-NetBIOS.Session.Service"
set type default
set internet-service-id 6488079
next
edit "Sophos-RTMP"
set type default
set internet-service-id 6488080
next
edit "Sophos-NetBIOS.Name.Service"
set type default
set internet-service-id 6488088
next
edit "Cloudflare-Other"
set type default
set internet-service-id 6553600
next
edit "Cloudflare-Web"
set type default
set internet-service-id 6553601
next
edit "Cloudflare-ICMP"
set type default
set internet-service-id 6553602
next
edit "Cloudflare-DNS"
set type default
set internet-service-id 6553603
next
edit "Cloudflare-Outbound_Email"
set type default
set internet-service-id 6553604
next
edit "Cloudflare-SSH"
set type default
set internet-service-id 6553606
next
edit "Cloudflare-FTP"
set type default
set internet-service-id 6553607
next
edit "Cloudflare-NTP"
set type default
set internet-service-id 6553608
next
edit "Cloudflare-Inbound_Email"
set type default
set internet-service-id 6553609
next
edit "Cloudflare-LDAP"
set type default
set internet-service-id 6553614
next
edit "Cloudflare-NetBIOS.Session.Service"
set type default
set internet-service-id 6553615
next
edit "Cloudflare-RTMP"
set type default
set internet-service-id 6553616
next
edit "Cloudflare-NetBIOS.Name.Service"
set type default
set internet-service-id 6553624
next
edit "Cloudflare-CDN"
set type default
set internet-service-id 6553737
next
edit "Pexip-Pexip.Meeting"
set type default
set internet-service-id 6619256
next
edit "Zscaler-Other"
set type default
set internet-service-id 6684672
next
edit "Zscaler-Web"
set type default
set internet-service-id 6684673
next
edit "Zscaler-ICMP"
set type default
set internet-service-id 6684674
next
edit "Zscaler-DNS"
set type default
set internet-service-id 6684675
next
edit "Zscaler-Outbound_Email"
set type default
set internet-service-id 6684676
next
edit "Zscaler-SSH"
set type default
set internet-service-id 6684678
next
edit "Zscaler-FTP"
set type default
set internet-service-id 6684679
next
edit "Zscaler-NTP"
set type default
set internet-service-id 6684680
next
edit "Zscaler-Inbound_Email"
set type default
set internet-service-id 6684681
next
edit "Zscaler-LDAP"
set type default
set internet-service-id 6684686
next
edit "Zscaler-NetBIOS.Session.Service"
set type default
set internet-service-id 6684687
next
edit "Zscaler-RTMP"
set type default
set internet-service-id 6684688
next
edit "Zscaler-NetBIOS.Name.Service"
set type default
set internet-service-id 6684696
next
edit "Zscaler-Zscaler.Cloud"
set type default
set internet-service-id 6684793
next
edit "Yandex-Other"
set type default
set internet-service-id 6750208
next
edit "Yandex-Web"
set type default
set internet-service-id 6750209
next
edit "Yandex-ICMP"
set type default
set internet-service-id 6750210
next
edit "Yandex-DNS"
set type default
set internet-service-id 6750211
next
edit "Yandex-Outbound_Email"
set type default
set internet-service-id 6750212
next
edit "Yandex-SSH"
set type default
set internet-service-id 6750214
next
edit "Yandex-FTP"
set type default
set internet-service-id 6750215
next
edit "Yandex-NTP"
set type default
set internet-service-id 6750216
next
edit "Yandex-Inbound_Email"
set type default
set internet-service-id 6750217
next
edit "Yandex-LDAP"
set type default
set internet-service-id 6750222
next
edit "Yandex-NetBIOS.Session.Service"
set type default
set internet-service-id 6750223
next
edit "Yandex-RTMP"
set type default
set internet-service-id 6750224
next
edit "Yandex-NetBIOS.Name.Service"
set type default
set internet-service-id 6750232
next
edit "mail.ru-Other"
set type default
set internet-service-id 6815744
next
edit "mail.ru-Web"
set type default
set internet-service-id 6815745
next
edit "mail.ru-ICMP"
set type default
set internet-service-id 6815746
next
edit "mail.ru-DNS"
set type default
set internet-service-id 6815747
next
edit "mail.ru-Outbound_Email"
set type default
set internet-service-id 6815748
next
edit "mail.ru-SSH"
set type default
set internet-service-id 6815750
next
edit "mail.ru-FTP"
set type default
set internet-service-id 6815751
next
edit "mail.ru-NTP"
set type default
set internet-service-id 6815752
next
edit "mail.ru-Inbound_Email"
set type default
set internet-service-id 6815753
next
edit "mail.ru-LDAP"
set type default
set internet-service-id 6815758
next
edit "mail.ru-NetBIOS.Session.Service"
set type default
set internet-service-id 6815759
next
edit "mail.ru-RTMP"
set type default
set internet-service-id 6815760
next
edit "mail.ru-NetBIOS.Name.Service"
set type default
set internet-service-id 6815768
next
edit "Alibaba-Other"
set type default
set internet-service-id 6881280
next
edit "Alibaba-Web"
set type default
set internet-service-id 6881281
next
edit "Alibaba-ICMP"
set type default
set internet-service-id 6881282
next
edit "Alibaba-DNS"
set type default
set internet-service-id 6881283
next
edit "Alibaba-Outbound_Email"
set type default
set internet-service-id 6881284
next
edit "Alibaba-SSH"
set type default
set internet-service-id 6881286
next
edit "Alibaba-FTP"
set type default
set internet-service-id 6881287
next
edit "Alibaba-NTP"
set type default
set internet-service-id 6881288
next
edit "Alibaba-Inbound_Email"
set type default
set internet-service-id 6881289
next
edit "Alibaba-LDAP"
set type default
set internet-service-id 6881294
next
edit "Alibaba-NetBIOS.Session.Service"
set type default
set internet-service-id 6881295
next
edit "Alibaba-RTMP"
set type default
set internet-service-id 6881296
next
edit "Alibaba-NetBIOS.Name.Service"
set type default
set internet-service-id 6881304
next
edit "Alibaba-Alibaba.Cloud"
set type default
set internet-service-id 6881402
next
edit "GoDaddy-Other"
set type default
set internet-service-id 6946816
next
edit "GoDaddy-Web"
set type default
set internet-service-id 6946817
next
edit "GoDaddy-ICMP"
set type default
set internet-service-id 6946818
next
edit "GoDaddy-DNS"
set type default
set internet-service-id 6946819
next
edit "GoDaddy-Outbound_Email"
set type default
set internet-service-id 6946820
next
edit "GoDaddy-SSH"
set type default
set internet-service-id 6946822
next
edit "GoDaddy-FTP"
set type default
set internet-service-id 6946823
next
edit "GoDaddy-NTP"
set type default
set internet-service-id 6946824
next
edit "GoDaddy-Inbound_Email"
set type default
set internet-service-id 6946825
next
edit "GoDaddy-LDAP"
set type default
set internet-service-id 6946830
next
edit "GoDaddy-NetBIOS.Session.Service"
set type default
set internet-service-id 6946831
next
edit "GoDaddy-RTMP"
set type default
set internet-service-id 6946832
next
edit "GoDaddy-NetBIOS.Name.Service"
set type default
set internet-service-id 6946840
next
edit "GoDaddy-GoDaddy.Email"
set type default
set internet-service-id 6946939
next
edit "Webroot-Webroot.SecureAnywhere"
set type default
set internet-service-id 7078013
next
edit "Avast-Other"
set type default
set internet-service-id 7143424
next
edit "Avast-Web"
set type default
set internet-service-id 7143425
next
edit "Avast-ICMP"
set type default
set internet-service-id 7143426
next
edit "Avast-DNS"
set type default
set internet-service-id 7143427
next
edit "Avast-Outbound_Email"
set type default
set internet-service-id 7143428
next
edit "Avast-SSH"
set type default
set internet-service-id 7143430
next
edit "Avast-FTP"
set type default
set internet-service-id 7143431
next
edit "Avast-NTP"
set type default
set internet-service-id 7143432
next
edit "Avast-Inbound_Email"
set type default
set internet-service-id 7143433
next
edit "Avast-LDAP"
set type default
set internet-service-id 7143438
next
edit "Avast-NetBIOS.Session.Service"
set type default
set internet-service-id 7143439
next
edit "Avast-RTMP"
set type default
set internet-service-id 7143440
next
edit "Avast-NetBIOS.Name.Service"
set type default
set internet-service-id 7143448
next
edit "Avast-Avast.Security"
set type default
set internet-service-id 7143550
next
edit "Wetransfer-Other"
set type default
set internet-service-id 7208960
next
edit "Wetransfer-Web"
set type default
set internet-service-id 7208961
next
edit "Wetransfer-ICMP"
set type default
set internet-service-id 7208962
next
edit "Wetransfer-DNS"
set type default
set internet-service-id 7208963
next
edit "Wetransfer-Outbound_Email"
set type default
set internet-service-id 7208964
next
edit "Wetransfer-SSH"
set type default
set internet-service-id 7208966
next
edit "Wetransfer-FTP"
set type default
set internet-service-id 7208967
next
edit "Wetransfer-NTP"
set type default
set internet-service-id 7208968
next
edit "Wetransfer-Inbound_Email"
set type default
set internet-service-id 7208969
next
edit "Wetransfer-LDAP"
set type default
set internet-service-id 7208974
next
edit "Wetransfer-NetBIOS.Session.Service"
set type default
set internet-service-id 7208975
next
edit "Wetransfer-RTMP"
set type default
set internet-service-id 7208976
next
edit "Wetransfer-NetBIOS.Name.Service"
set type default
set internet-service-id 7208984
next
edit "Sendgrid-Sendgrid.Email"
set type default
set internet-service-id 7274623
next
edit "Ubiquiti-UniFi"
set type default
set internet-service-id 7340160
next
edit "Lifesize-Lifesize.Cloud"
set type default
set internet-service-id 7405697
next
edit "Okta-Other"
set type default
set internet-service-id 7471104
next
edit "Okta-Web"
set type default
set internet-service-id 7471105
next
edit "Okta-ICMP"
set type default
set internet-service-id 7471106
next
edit "Okta-DNS"
set type default
set internet-service-id 7471107
next
edit "Okta-Outbound_Email"
set type default
set internet-service-id 7471108
next
edit "Okta-SSH"
set type default
set internet-service-id 7471110
next
edit "Okta-FTP"
set type default
set internet-service-id 7471111
next
edit "Okta-NTP"
set type default
set internet-service-id 7471112
next
edit "Okta-Inbound_Email"
set type default
set internet-service-id 7471113
next
edit "Okta-LDAP"
set type default
set internet-service-id 7471118
next
edit "Okta-NetBIOS.Session.Service"
set type default
set internet-service-id 7471119
next
edit "Okta-RTMP"
set type default
set internet-service-id 7471120
next
edit "Okta-NetBIOS.Name.Service"
set type default
set internet-service-id 7471128
next
edit "Okta-Okta"
set type default
set internet-service-id 7471307
next
edit "Cybozu-Other"
set type default
set internet-service-id 7536640
next
edit "Cybozu-Web"
set type default
set internet-service-id 7536641
next
edit "Cybozu-ICMP"
set type default
set internet-service-id 7536642
next
edit "Cybozu-DNS"
set type default
set internet-service-id 7536643
next
edit "Cybozu-Outbound_Email"
set type default
set internet-service-id 7536644
next
edit "Cybozu-SSH"
set type default
set internet-service-id 7536646
next
edit "Cybozu-FTP"
set type default
set internet-service-id 7536647
next
edit "Cybozu-NTP"
set type default
set internet-service-id 7536648
next
edit "Cybozu-Inbound_Email"
set type default
set internet-service-id 7536649
next
edit "Cybozu-LDAP"
set type default
set internet-service-id 7536654
next
edit "Cybozu-NetBIOS.Session.Service"
set type default
set internet-service-id 7536655
next
edit "Cybozu-RTMP"
set type default
set internet-service-id 7536656
next
edit "Cybozu-NetBIOS.Name.Service"
set type default
set internet-service-id 7536664
next
edit "VNC-Other"
set type default
set internet-service-id 7602176
next
edit "VNC-Web"
set type default
set internet-service-id 7602177
next
edit "VNC-ICMP"
set type default
set internet-service-id 7602178
next
edit "VNC-DNS"
set type default
set internet-service-id 7602179
next
edit "VNC-Outbound_Email"
set type default
set internet-service-id 7602180
next
edit "VNC-SSH"
set type default
set internet-service-id 7602182
next
edit "VNC-FTP"
set type default
set internet-service-id 7602183
next
edit "VNC-NTP"
set type default
set internet-service-id 7602184
next
edit "VNC-Inbound_Email"
set type default
set internet-service-id 7602185
next
edit "VNC-LDAP"
set type default
set internet-service-id 7602190
next
edit "VNC-NetBIOS.Session.Service"
set type default
set internet-service-id 7602191
next
edit "VNC-RTMP"
set type default
set internet-service-id 7602192
next
edit "VNC-NetBIOS.Name.Service"
set type default
set internet-service-id 7602200
next
edit "Egnyte-Egnyte"
set type default
set internet-service-id 7667846
next
edit "CrowdStrike-CrowdStrike.Falcon.Cloud"
set type default
set internet-service-id 7733383
next
edit "Aruba.it-Other"
set type default
set internet-service-id 7798784
next
edit "Aruba.it-Web"
set type default
set internet-service-id 7798785
next
edit "Aruba.it-ICMP"
set type default
set internet-service-id 7798786
next
edit "Aruba.it-DNS"
set type default
set internet-service-id 7798787
next
edit "Aruba.it-Outbound_Email"
set type default
set internet-service-id 7798788
next
edit "Aruba.it-SSH"
set type default
set internet-service-id 7798790
next
edit "Aruba.it-FTP"
set type default
set internet-service-id 7798791
next
edit "Aruba.it-NTP"
set type default
set internet-service-id 7798792
next
edit "Aruba.it-Inbound_Email"
set type default
set internet-service-id 7798793
next
edit "Aruba.it-LDAP"
set type default
set internet-service-id 7798798
next
edit "Aruba.it-NetBIOS.Session.Service"
set type default
set internet-service-id 7798799
next
edit "Aruba.it-RTMP"
set type default
set internet-service-id 7798800
next
edit "Aruba.it-NetBIOS.Name.Service"
set type default
set internet-service-id 7798808
next
edit "ISLOnline-Other"
set type default
set internet-service-id 7864320
next
edit "ISLOnline-Web"
set type default
set internet-service-id 7864321
next
edit "ISLOnline-ICMP"
set type default
set internet-service-id 7864322
next
edit "ISLOnline-DNS"
set type default
set internet-service-id 7864323
next
edit "ISLOnline-Outbound_Email"
set type default
set internet-service-id 7864324
next
edit "ISLOnline-SSH"
set type default
set internet-service-id 7864326
next
edit "ISLOnline-FTP"
set type default
set internet-service-id 7864327
next
edit "ISLOnline-NTP"
set type default
set internet-service-id 7864328
next
edit "ISLOnline-Inbound_Email"
set type default
set internet-service-id 7864329
next
edit "ISLOnline-LDAP"
set type default
set internet-service-id 7864334
next
edit "ISLOnline-NetBIOS.Session.Service"
set type default
set internet-service-id 7864335
next
edit "ISLOnline-RTMP"
set type default
set internet-service-id 7864336
next
edit "ISLOnline-NetBIOS.Name.Service"
set type default
set internet-service-id 7864344
next
edit "Akamai-CDN"
set type default
set internet-service-id 7929993
next
edit "Rackspace-CDN"
set type default
set internet-service-id 7995529
next
edit "Instart-CDN"
set type default
set internet-service-id 8061065
next
edit "Bitdefender-Other"
set type default
set internet-service-id 8126464
next
edit "Bitdefender-Web"
set type default
set internet-service-id 8126465
next
edit "Bitdefender-ICMP"
set type default
set internet-service-id 8126466
next
edit "Bitdefender-DNS"
set type default
set internet-service-id 8126467
next
edit "Bitdefender-Outbound_Email"
set type default
set internet-service-id 8126468
next
edit "Bitdefender-SSH"
set type default
set internet-service-id 8126470
next
edit "Bitdefender-FTP"
set type default
set internet-service-id 8126471
next
edit "Bitdefender-NTP"
set type default
set internet-service-id 8126472
next
edit "Bitdefender-Inbound_Email"
set type default
set internet-service-id 8126473
next
edit "Bitdefender-LDAP"
set type default
set internet-service-id 8126478
next
edit "Bitdefender-NetBIOS.Session.Service"
set type default
set internet-service-id 8126479
next
edit "Bitdefender-RTMP"
set type default
set internet-service-id 8126480
next
edit "Bitdefender-NetBIOS.Name.Service"
set type default
set internet-service-id 8126488
next
edit "Pingdom-Other"
set type default
set internet-service-id 8192000
next
edit "Pingdom-Web"
set type default
set internet-service-id 8192001
next
edit "Pingdom-ICMP"
set type default
set internet-service-id 8192002
next
edit "Pingdom-DNS"
set type default
set internet-service-id 8192003
next
edit "Pingdom-Outbound_Email"
set type default
set internet-service-id 8192004
next
edit "Pingdom-SSH"
set type default
set internet-service-id 8192006
next
edit "Pingdom-FTP"
set type default
set internet-service-id 8192007
next
edit "Pingdom-NTP"
set type default
set internet-service-id 8192008
next
edit "Pingdom-Inbound_Email"
set type default
set internet-service-id 8192009
next
edit "Pingdom-LDAP"
set type default
set internet-service-id 8192014
next
edit "Pingdom-NetBIOS.Session.Service"
set type default
set internet-service-id 8192015
next
edit "Pingdom-RTMP"
set type default
set internet-service-id 8192016
next
edit "Pingdom-NetBIOS.Name.Service"
set type default
set internet-service-id 8192024
next
edit "UptimeRobot-Other"
set type default
set internet-service-id 8257536
next
edit "UptimeRobot-Web"
set type default
set internet-service-id 8257537
next
edit "UptimeRobot-ICMP"
set type default
set internet-service-id 8257538
next
edit "UptimeRobot-DNS"
set type default
set internet-service-id 8257539
next
edit "UptimeRobot-Outbound_Email"
set type default
set internet-service-id 8257540
next
edit "UptimeRobot-SSH"
set type default
set internet-service-id 8257542
next
edit "UptimeRobot-FTP"
set type default
set internet-service-id 8257543
next
edit "UptimeRobot-NTP"
set type default
set internet-service-id 8257544
next
edit "UptimeRobot-Inbound_Email"
set type default
set internet-service-id 8257545
next
edit "UptimeRobot-LDAP"
set type default
set internet-service-id 8257550
next
edit "UptimeRobot-NetBIOS.Session.Service"
set type default
set internet-service-id 8257551
next
edit "UptimeRobot-RTMP"
set type default
set internet-service-id 8257552
next
edit "UptimeRobot-NetBIOS.Name.Service"
set type default
set internet-service-id 8257560
next
edit "UptimeRobot-UptimeRobot.Monitor"
set type default
set internet-service-id 8257709
next
edit "Quovadisglobal-Other"
set type default
set internet-service-id 8323072
next
edit "Quovadisglobal-Web"
set type default
set internet-service-id 8323073
next
edit "Quovadisglobal-ICMP"
set type default
set internet-service-id 8323074
next
edit "Quovadisglobal-DNS"
set type default
set internet-service-id 8323075
next
edit "Quovadisglobal-Outbound_Email"
set type default
set internet-service-id 8323076
next
edit "Quovadisglobal-SSH"
set type default
set internet-service-id 8323078
next
edit "Quovadisglobal-FTP"
set type default
set internet-service-id 8323079
next
edit "Quovadisglobal-NTP"
set type default
set internet-service-id 8323080
next
edit "Quovadisglobal-Inbound_Email"
set type default
set internet-service-id 8323081
next
edit "Quovadisglobal-LDAP"
set type default
set internet-service-id 8323086
next
edit "Quovadisglobal-NetBIOS.Session.Service"
set type default
set internet-service-id 8323087
next
edit "Quovadisglobal-RTMP"
set type default
set internet-service-id 8323088
next
edit "Quovadisglobal-NetBIOS.Name.Service"
set type default
set internet-service-id 8323096
next
edit "Splashtop-Splashtop"
set type default
set internet-service-id 8388751
next
edit "Zoox-Other"
set type default
set internet-service-id 8454144
next
edit "Zoox-Web"
set type default
set internet-service-id 8454145
next
edit "Zoox-ICMP"
set type default
set internet-service-id 8454146
next
edit "Zoox-DNS"
set type default
set internet-service-id 8454147
next
edit "Zoox-Outbound_Email"
set type default
set internet-service-id 8454148
next
edit "Zoox-SSH"
set type default
set internet-service-id 8454150
next
edit "Zoox-FTP"
set type default
set internet-service-id 8454151
next
edit "Zoox-NTP"
set type default
set internet-service-id 8454152
next
edit "Zoox-Inbound_Email"
set type default
set internet-service-id 8454153
next
edit "Zoox-LDAP"
set type default
set internet-service-id 8454158
next
edit "Zoox-NetBIOS.Session.Service"
set type default
set internet-service-id 8454159
next
edit "Zoox-RTMP"
set type default
set internet-service-id 8454160
next
edit "Zoox-NetBIOS.Name.Service"
set type default
set internet-service-id 8454168
next
edit "Skyfii-Other"
set type default
set internet-service-id 8519680
next
edit "Skyfii-Web"
set type default
set internet-service-id 8519681
next
edit "Skyfii-ICMP"
set type default
set internet-service-id 8519682
next
edit "Skyfii-DNS"
set type default
set internet-service-id 8519683
next
edit "Skyfii-Outbound_Email"
set type default
set internet-service-id 8519684
next
edit "Skyfii-SSH"
set type default
set internet-service-id 8519686
next
edit "Skyfii-FTP"
set type default
set internet-service-id 8519687
next
edit "Skyfii-NTP"
set type default
set internet-service-id 8519688
next
edit "Skyfii-Inbound_Email"
set type default
set internet-service-id 8519689
next
edit "Skyfii-LDAP"
set type default
set internet-service-id 8519694
next
edit "Skyfii-NetBIOS.Session.Service"
set type default
set internet-service-id 8519695
next
edit "Skyfii-RTMP"
set type default
set internet-service-id 8519696
next
edit "Skyfii-NetBIOS.Name.Service"
set type default
set internet-service-id 8519704
next
edit "CoffeeBean-Other"
set type default
set internet-service-id 8585216
next
edit "CoffeeBean-Web"
set type default
set internet-service-id 8585217
next
edit "CoffeeBean-ICMP"
set type default
set internet-service-id 8585218
next
edit "CoffeeBean-DNS"
set type default
set internet-service-id 8585219
next
edit "CoffeeBean-Outbound_Email"
set type default
set internet-service-id 8585220
next
edit "CoffeeBean-SSH"
set type default
set internet-service-id 8585222
next
edit "CoffeeBean-FTP"
set type default
set internet-service-id 8585223
next
edit "CoffeeBean-NTP"
set type default
set internet-service-id 8585224
next
edit "CoffeeBean-Inbound_Email"
set type default
set internet-service-id 8585225
next
edit "CoffeeBean-LDAP"
set type default
set internet-service-id 8585230
next
edit "CoffeeBean-NetBIOS.Session.Service"
set type default
set internet-service-id 8585231
next
edit "CoffeeBean-RTMP"
set type default
set internet-service-id 8585232
next
edit "CoffeeBean-NetBIOS.Name.Service"
set type default
set internet-service-id 8585240
next
edit "Cloud4Wi-Other"
set type default
set internet-service-id 8650752
next
edit "Cloud4Wi-Web"
set type default
set internet-service-id 8650753
next
edit "Cloud4Wi-ICMP"
set type default
set internet-service-id 8650754
next
edit "Cloud4Wi-DNS"
set type default
set internet-service-id 8650755
next
edit "Cloud4Wi-Outbound_Email"
set type default
set internet-service-id 8650756
next
edit "Cloud4Wi-SSH"
set type default
set internet-service-id 8650758
next
edit "Cloud4Wi-FTP"
set type default
set internet-service-id 8650759
next
edit "Cloud4Wi-NTP"
set type default
set internet-service-id 8650760
next
edit "Cloud4Wi-Inbound_Email"
set type default
set internet-service-id 8650761
next
edit "Cloud4Wi-LDAP"
set type default
set internet-service-id 8650766
next
edit "Cloud4Wi-NetBIOS.Session.Service"
set type default
set internet-service-id 8650767
next
edit "Cloud4Wi-RTMP"
set type default
set internet-service-id 8650768
next
edit "Cloud4Wi-NetBIOS.Name.Service"
set type default
set internet-service-id 8650776
next
edit "Panda-Panda.Security"
set type default
set internet-service-id 8716432
next
edit "Ewon-Talk2M"
set type default
set internet-service-id 8781970
next
edit "Nutanix-Nutanix.Cloud"
set type default
set internet-service-id 8847507
next
edit "Backblaze-Other"
set type default
set internet-service-id 8912896
next
edit "Backblaze-Web"
set type default
set internet-service-id 8912897
next
edit "Backblaze-ICMP"
set type default
set internet-service-id 8912898
next
edit "Backblaze-DNS"
set type default
set internet-service-id 8912899
next
edit "Backblaze-Outbound_Email"
set type default
set internet-service-id 8912900
next
edit "Backblaze-SSH"
set type default
set internet-service-id 8912902
next
edit "Backblaze-FTP"
set type default
set internet-service-id 8912903
next
edit "Backblaze-NTP"
set type default
set internet-service-id 8912904
next
edit "Backblaze-Inbound_Email"
set type default
set internet-service-id 8912905
next
edit "Backblaze-LDAP"
set type default
set internet-service-id 8912910
next
edit "Backblaze-NetBIOS.Session.Service"
set type default
set internet-service-id 8912911
next
edit "Backblaze-RTMP"
set type default
set internet-service-id 8912912
next
edit "Backblaze-NetBIOS.Name.Service"
set type default
set internet-service-id 8912920
next
edit "Extreme-Extreme.Cloud"
set type default
set internet-service-id 8978580
next
edit "XING-Other"
set type default
set internet-service-id 9043968
next
edit "XING-Web"
set type default
set internet-service-id 9043969
next
edit "XING-ICMP"
set type default
set internet-service-id 9043970
next
edit "XING-DNS"
set type default
set internet-service-id 9043971
next
edit "XING-Outbound_Email"
set type default
set internet-service-id 9043972
next
edit "XING-SSH"
set type default
set internet-service-id 9043974
next
edit "XING-FTP"
set type default
set internet-service-id 9043975
next
edit "XING-NTP"
set type default
set internet-service-id 9043976
next
edit "XING-Inbound_Email"
set type default
set internet-service-id 9043977
next
edit "XING-LDAP"
set type default
set internet-service-id 9043982
next
edit "XING-NetBIOS.Session.Service"
set type default
set internet-service-id 9043983
next
edit "XING-RTMP"
set type default
set internet-service-id 9043984
next
edit "XING-NetBIOS.Name.Service"
set type default
set internet-service-id 9043992
next
edit "Genesys-PureCloud"
set type default
set internet-service-id 9109653
next
edit "BlackBerry-Cylance"
set type default
set internet-service-id 9175190
next
edit "DigiCert-OCSP"
set type default
set internet-service-id 9240728
next
edit "Infomaniak-SwissTransfer"
set type default
set internet-service-id 9306265
next
edit "Fuze-Fuze"
set type default
set internet-service-id 9371802
next
edit "Truecaller-Truecaller"
set type default
set internet-service-id 9437339
next
edit "GlobalSign-OCSP"
set type default
set internet-service-id 9502872
next
edit "VeriSign-OCSP"
set type default
set internet-service-id 9568408
next
edit "Sony-PlayStation.Network"
set type default
set internet-service-id 9633952
next
edit "Acronis-Cyber.Cloud"
set type default
set internet-service-id 9699489
next
edit "RingCentral-RingCentral"
set type default
set internet-service-id 9765027
next
edit "FSecure-FSecure"
set type default
set internet-service-id 9830564
next
edit "Kaseya-Kaseya.Cloud"
set type default
set internet-service-id 9896101
next
edit "Shodan-Scanner"
set type default
set internet-service-id 9961638
next
edit "Censys-Scanner"
set type default
set internet-service-id 10027174
next
edit "Valve-Steam"
set type default
set internet-service-id 10092711
next
edit "YouSeeU-Bongo"
set type default
set internet-service-id 10158248
next
edit "Cato-Cato.Cloud"
set type default
set internet-service-id 10223785
next
edit "SolarWinds-SpamExperts"
set type default
set internet-service-id 10289323
next
edit "SolarWinds-Pingdom.Probe"
set type default
set internet-service-id 10289326
next
edit "SolarWinds-SolarWinds.RMM"
set type default
set internet-service-id 10289379
next
edit "8X8-8X8.Cloud"
set type default
set internet-service-id 10354860
next
edit "Zattoo-Zattoo.TV"
set type default
set internet-service-id 10420401
next
edit "Datto-Datto.RMM"
set type default
set internet-service-id 10485939
next
edit "Barracuda-Barracuda.Cloud"
set type default
set internet-service-id 10551477
next
edit "Naver-Line"
set type default
set internet-service-id 10617015
next
edit "Disney-Disney+"
set type default
set internet-service-id 10682552
next
edit "DNS-DoH_DoT"
set type default
set internet-service-id 10748089
next
edit "DNS-Root.Name.Servers"
set type default
set internet-service-id 10748156
next
edit "Quad9-Quad9.Standard.DNS"
set type default
set internet-service-id 10813626
next
edit "Stretchoid-Scanner"
set type default
set internet-service-id 10879142
next
edit "Poly-RealConnect.Service"
set type default
set internet-service-id 10944700
next
edit "Telegram-Telegram"
set type default
set internet-service-id 11010249
next
edit "Spotify-Spotify"
set type default
set internet-service-id 11075786
next
edit "NextDNS-NextDNS"
set type default
set internet-service-id 11141324
next
edit "Fastly-CDN"
set type default
set internet-service-id 11206793
next
edit "Neustar-UltraDNS.Probes"
set type default
set internet-service-id 11272397
next
edit "Malicious-Malicious.Server"
set type default
set internet-service-id 11337935
next
edit "NIST-ITS"
set type default
set internet-service-id 11403472
next
edit "Jamf-Jamf.Cloud"
set type default
set internet-service-id 11469009
next
edit "Alcatel.Lucent-Rainbow"
set type default
set internet-service-id 11534546
next
edit "Forcepoint-Forcepoint.Cloud"
set type default
set internet-service-id 11600083
next
edit "Datadog-Datadog"
set type default
set internet-service-id 11665620
next
edit "Mimecast-Mimecast"
set type default
set internet-service-id 11731157
next
edit "MediaFire-Other"
set type default
set internet-service-id 11796480
next
edit "MediaFire-Web"
set type default
set internet-service-id 11796481
next
edit "MediaFire-ICMP"
set type default
set internet-service-id 11796482
next
edit "MediaFire-DNS"
set type default
set internet-service-id 11796483
next
edit "MediaFire-Outbound_Email"
set type default
set internet-service-id 11796484
next
edit "MediaFire-SSH"
set type default
set internet-service-id 11796486
next
edit "MediaFire-FTP"
set type default
set internet-service-id 11796487
next
edit "MediaFire-NTP"
set type default
set internet-service-id 11796488
next
edit "MediaFire-Inbound_Email"
set type default
set internet-service-id 11796489
next
edit "MediaFire-LDAP"
set type default
set internet-service-id 11796494
next
edit "MediaFire-NetBIOS.Session.Service"
set type default
set internet-service-id 11796495
next
edit "MediaFire-RTMP"
set type default
set internet-service-id 11796496
next
edit "MediaFire-NetBIOS.Name.Service"
set type default
set internet-service-id 11796504
next
edit "Pandora-Pandora"
set type default
set internet-service-id 11862230
next
edit "SiriusXM-SiriusXM"
set type default
set internet-service-id 11927767
next
edit "Hopin-Hopin"
set type default
set internet-service-id 11993304
next
edit "RedShield-RedShield.Cloud"
set type default
set internet-service-id 12058842
next
edit "InterneTTL-Scanner"
set type default
set internet-service-id 12124326
next
edit "VadeSecure-VadeSecure.Cloud"
set type default
set internet-service-id 12189915
next
edit "Netskope-Netskope.Cloud"
set type default
set internet-service-id 12255452
next
edit "ClickMeeting-ClickMeeting"
set type default
set internet-service-id 12320989
next
edit "Tenable-Tenable.io.Cloud.Scanner"
set type default
set internet-service-id 12386528
next
edit "Vidyo-VidyoCloud"
set type default
set internet-service-id 12452065
next
edit "OpenNIC-OpenNIC.DNS"
set type default
set internet-service-id 12517602
next
edit "Sectigo-Sectigo"
set type default
set internet-service-id 12583141
next
edit "DigitalOcean-DigitalOcean.Platform"
set type default
set internet-service-id 12648679
next
edit "Pitney.Bowes-Pitney.Bowes.Data.Center"
set type default
set internet-service-id 12714216
next
edit "VPN-Anonymous.VPN"
set type default
set internet-service-id 12779753
next
edit "Blockchain-Crypto.Mining.Pool"
set type default
set internet-service-id 12845290
next
edit "FactSet-FactSet"
set type default
set internet-service-id 12910830
next
edit "Bloomberg-Bloomberg"
set type default
set internet-service-id 12976367
next
edit "Five9-Five9"
set type default
set internet-service-id 13041904
next
edit "Gigas-Gigas.Cloud"
set type default
set internet-service-id 13107441
next
edit "Imperva-Imperva.Cloud.WAF"
set type default
set internet-service-id 13172978
next
edit "HorizonIQ-HorizonIQ"
set type default
set internet-service-id 13238515
next
edit "Azion-Azion.Platform"
set type default
set internet-service-id 13304053
next
edit "Hurricane.Electric-Hurricane.Electric.Internet.Services"
set type default
set internet-service-id 13369590
next
edit "NodePing-NodePing.Probe"
set type default
set internet-service-id 13435127
next
edit "Frontline-Frontline"
set type default
set internet-service-id 13500665
next
edit "Tally-Tally.ERP"
set type default
set internet-service-id 13566202
next
edit "Hosting-Bulletproof.Hosting"
set type default
set internet-service-id 13631739
next
edit "Okko-Okko.TV"
set type default
set internet-service-id 13697277
next
edit "Voximplant-Voximplant.Platform"
set type default
set internet-service-id 13762829
next
edit "OVHcloud-OVHcloud"
set type default
set internet-service-id 13828367
next
edit "Microsoft-Office365.Published.Optimize"
set type default
set internet-service-id 327902
next
edit "Microsoft-Office365.Published.Allow"
set type default
set internet-service-id 327903
next
edit "Microsoft-Office365.Published.USGOV"
set type default
set internet-service-id 327917
next
edit "Amazon-AWS.GovCloud.US"
set type default
set internet-service-id 393452
next
edit "Cisco-Webex.FedRAMP"
set type default
set internet-service-id 1966315
next
edit "Adobe-Adobe.Sign"
set type default
set internet-service-id 917776
next
edit "SentinelOne-SentinelOne.Cloud"
set type default
set internet-service-id 13893905
next
edit "Kakao-Kakao.Services"
set type default
set internet-service-id 13959442
next
edit "Stripe-Stripe"
set type default
set internet-service-id 14024979
next
edit "NetScout-Scanner"
set type default
set internet-service-id 14090406
next
edit "Recyber-Scanner"
set type default
set internet-service-id 14155942
next
edit "Cyber.Casa-Scanner"
set type default
set internet-service-id 14221478
next
edit "Atlassian-Atlassian.Notification"
set type default
set internet-service-id 3932436
next
edit "Amazon-Amazon.SES"
set type default
set internet-service-id 393493
next
edit "GTHost-Dedicated.Instant.Servers"
set type default
set internet-service-id 14287132
next
edit "ivi-ivi.Streaming"
set type default
set internet-service-id 14352669
next
edit "BinaryEdge-Scanner"
set type default
set internet-service-id 14418086
next
edit "Fintech-MarketMap.Terminal"
set type default
set internet-service-id 14483742
next
edit "xMatters-xMatters.Platform"
set type default
set internet-service-id 14549279
next
edit "Blizzard-Battle.Net"
set type default
set internet-service-id 14614816
next
edit "Axon-Evidence"
set type default
set internet-service-id 14680353
next
edit "CDN77-CDN"
set type default
set internet-service-id 14745737
next
edit "GCore.Labs-CDN"
set type default
set internet-service-id 14811273
next
edit "Matrix42-FastViewer"
set type default
set internet-service-id 14876962
next
edit "Fortinet-FortiEDR"
set type default
set internet-service-id 1245475
next
edit "Bunny.net-CDN"
set type default
set internet-service-id 14942345
next
edit "Akamai-Linode.Cloud"
set type default
set internet-service-id 7930148
next
edit "StackPath-CDN"
set type default
set internet-service-id 15007881
next
edit "Edgio-CDN"
set type default
set internet-service-id 15073417
next
edit "CacheFly-CDN"
set type default
set internet-service-id 15138953
next
edit "Fortinet-FortiClient.EMS"
set type default
set internet-service-id 1245477
next
edit "Paylocity-Paylocity"
set type default
set internet-service-id 15204646
next
edit "Qualys-Qualys.Cloud.Platform"
set type default
set internet-service-id 15270183
next
edit "Dailymotion-Other"
set type default
set internet-service-id 15335424
next
edit "Dailymotion-Web"
set type default
set internet-service-id 15335425
next
edit "Dailymotion-ICMP"
set type default
set internet-service-id 15335426
next
edit "Dailymotion-DNS"
set type default
set internet-service-id 15335427
next
edit "Dailymotion-Outbound_Email"
set type default
set internet-service-id 15335428
next
edit "Dailymotion-SSH"
set type default
set internet-service-id 15335430
next
edit "Dailymotion-FTP"
set type default
set internet-service-id 15335431
next
edit "Dailymotion-NTP"
set type default
set internet-service-id 15335432
next
edit "Dailymotion-Inbound_Email"
set type default
set internet-service-id 15335433
next
edit "Dailymotion-LDAP"
set type default
set internet-service-id 15335438
next
edit "Dailymotion-NetBIOS.Session.Service"
set type default
set internet-service-id 15335439
next
edit "Dailymotion-RTMP"
set type default
set internet-service-id 15335440
next
edit "Dailymotion-NetBIOS.Name.Service"
set type default
set internet-service-id 15335448
next
edit "Fortinet-FortiWeb.Cloud"
set type default
set internet-service-id 1245480
next
edit "Fortinet-FortiSASE"
set type default
set internet-service-id 1245481
next
edit "LaunchDarkly-LaunchDarkly.Platform"
set type default
set internet-service-id 15401258
next
edit "Medianova-CDN"
set type default
set internet-service-id 15466633
next
edit "NetDocuments-NetDocuments.Platform"
set type default
set internet-service-id 15532331
next
edit "Vonage-Vonage.Contact.Center"
set type default
set internet-service-id 15597869
next
edit "DNS-ARPA.Name.Servers"
set type default
set internet-service-id 10748206
next
edit "Veritas-Enterprise.Vault.Cloud"
set type default
set internet-service-id 15663407
next
edit "UK.NCSC-Scanner"
set type default
set internet-service-id 15728806
next
edit "Vonage-Vonage.Video.API"
set type default
set internet-service-id 15597872
next
edit "Restream-Restream.Platform"
set type default
set internet-service-id 15794481
next
edit "NewRelic-Synthetic.Monitor"
set type default
set internet-service-id 4849970
next
edit "ArcticWolf-ArcticWolf.Cloud"
set type default
set internet-service-id 15860019
next
edit "CounterPath-Bria"
set type default
set internet-service-id 15925556
next
edit "CriminalIP-Scanner"
set type default
set internet-service-id 15990950
next
edit "IPFS-IPFS.Gateway"
set type default
set internet-service-id 16056629
next
edit "Internet.Census.Group-Scanner"
set type default
set internet-service-id 16122022
next
edit "SAP-SAP.Ariba"
set type default
set internet-service-id 6291766
next
edit "Microsoft-Teams.Published.Worldwide.Optimize"
set type default
set internet-service-id 327991
next
edit "Microsoft-Teams.Published.Worldwide.Allow"
set type default
set internet-service-id 327992
next
edit "Performive-Performive.Cloud"
set type default
set internet-service-id 16187706
next
edit "Microsoft-Azure.Monitor"
set type default
set internet-service-id 327958
next
edit "Microsoft-Azure.SQL"
set type default
set internet-service-id 327959
next
edit "Microsoft-Azure.AD"
set type default
set internet-service-id 327960
next
edit "Microsoft-Azure.Data.Factory"
set type default
set internet-service-id 327961
next
edit "Microsoft-Azure.Virtual.Desktop"
set type default
set internet-service-id 327962
next
edit "Microsoft-Azure.Power.BI"
set type default
set internet-service-id 327963
next
edit "Tencent-VooV.Meeting"
set type default
set internet-service-id 2556219
next
edit "OneLogin-OneLogin"
set type default
set internet-service-id 16253244
next
edit "Shadowserver-Scanner"
set type default
set internet-service-id 16318630
next
edit "Turkcell-Suit.Conference"
set type default
set internet-service-id 16384317
next
edit "LeakIX-Scanner"
set type default
set internet-service-id 16449702
next
edit "Infoblox-BloxOne"
set type default
set internet-service-id 16515390
next
edit "Nice-CXone"
set type default
set internet-service-id 16580927
next
edit "Hetzner-Hetzner.Hosting.Service"
set type default
set internet-service-id 16646464
next
edit "ThreatLocker-ThreatLocker"
set type default
set internet-service-id 16712001
next
edit "ZPE-ZPE.Cloud"
set type default
set internet-service-id 16777538
next
edit "Datto-Datto.BCDR"
set type default
set internet-service-id 10486083
next
edit "ColoCrossing-ColoCrossing.Hosting.Service"
set type default
set internet-service-id 16843076
next
edit "Sinch-Mailgun"
set type default
set internet-service-id 16908613
next
edit "SpaceX-Starlink"
set type default
set internet-service-id 16974150
next
edit "Ingenuity-Ingenuity.Cloud.Service"
set type default
set internet-service-id 17039688
next
edit "Fortinet-FortiGuard.SOCaaS"
set type default
set internet-service-id 1245514
next
edit "Skyhigh.Security-Secure.Web.Gateway"
set type default
set internet-service-id 17105227
next
edit "THE.Hosting-THE.Hosting.Hosting.Service"
set type default
set internet-service-id 17170764
next
edit "StatusCake-StatusCake.Monitor"
set type default
set internet-service-id 17236307
next
edit "NAP-NAPLAN"
set type default
set internet-service-id 17301844
next
edit "Elastic-Elastic.Cloud"
set type default
set internet-service-id 17367382
next
edit "Alibaba-DingTalk"
set type default
set internet-service-id 6881623
next
edit "Zoom-phones"
set type location
set internet-service-id 6422646
set country-id 840
set region-id 1280
set city-id 65535
next
edit "NFON-NFON"
set type default
set internet-service-id 17432920
next
edit "SERVERD-SERVERD.Hosting.Service"
set type default
set internet-service-id 17498457
next
edit "MEGA-MEGA.Cloud"
set type default
set internet-service-id 17563994
next
edit "Hadrian-Scanner"
set type default
set internet-service-id 17629350
next
edit "ISLOnline-ISLOnline"
set type default
set internet-service-id 7864667
next
edit "Dotcom.Monitor-Dotcom.Monitor"
set type default
set internet-service-id 17695068
next
edit "Ahrefs-AhrefsBot"
set type default
set internet-service-id 17760605
next
edit "Semrush-SemrushBot"
set type default
set internet-service-id 17826142
next
edit "Vultr-Vultr.Cloud"
set type default
set internet-service-id 17957216
next
edit "Rapid7-Scanner"
set type default
set internet-service-id 5898406
next
edit "Lookout-Lookout.Cloud"
set type default
set internet-service-id 18219365
next
edit "Fortinet-FortiDLP.Cloud"
set type default
set internet-service-id 1245546
next
edit "Fortinet-FortiSandbox"
set type default
set internet-service-id 1245560
next
edit "Fortinet-FortiSandbox.Cloud"
set type default
set internet-service-id 1245561
next
edit "Bluejeans-Bluejeans.Meeting"
set type default
set internet-service-id 7012476
next
edit "DNS-Generic.TLD.Name.Servers"
set type default
set internet-service-id 10748284
next
edit "Microsoft-Azure.Front.Door.MicrosoftSecurity"
set type default
set internet-service-id 328080
next
edit "Microsoft-Azure.Connectors"
set type default
set internet-service-id 327980
next
edit "Microsoft-Azure.Front.Door"
set type default
set internet-service-id 327993
next
edit "Microsoft-Azure.Service.Bus"
set type default
set internet-service-id 328007
next
edit "Microsoft-Azure.Microsoft.Defender"
set type default
set internet-service-id 328009
next
edit "Microsoft-Azure.Resource.Manager"
set type default
set internet-service-id 328013
next
edit "Microsoft-Azure.Arc.Infrastructure"
set type default
set internet-service-id 328014
next
edit "Microsoft-Azure.Storage"
set type default
set internet-service-id 328015
next
edit "Microsoft-Azure.ATP"
set type default
set internet-service-id 328016
next
edit "Microsoft-Azure.Traffic.Manager"
set type default
set internet-service-id 328017
next
edit "Microsoft-Azure.Windows.Admin.Center"
set type default
set internet-service-id 328018
next
edit "Microsoft-Azure.KeyVault"
set type default
set internet-service-id 328021
next
edit "Microsoft-Azure.Databricks"
set type default
set internet-service-id 328034
next
edit "Microsoft-Azure.Event.Hub"
set type default
set internet-service-id 328035
next
edit "Microsoft-Azure.Power.Platform"
set type default
set internet-service-id 328043
next
edit "Amazon-AWS.EBS"
set type default
set internet-service-id 393470
next
edit "Amazon-AWS.Cloud9"
set type default
set internet-service-id 393471
next
edit "Amazon-AWS.DynamoDB"
set type default
set internet-service-id 393472
next
edit "Amazon-AWS.Route53"
set type default
set internet-service-id 393473
next
edit "Amazon-AWS.S3"
set type default
set internet-service-id 393474
next
edit "Amazon-AWS.Kinesis.Video.Streams"
set type default
set internet-service-id 393475
next
edit "Amazon-AWS.Global.Accelerator"
set type default
set internet-service-id 393476
next
edit "Amazon-AWS.EC2"
set type default
set internet-service-id 393477
next
edit "Amazon-AWS.API.Gateway"
set type default
set internet-service-id 393478
next
edit "Amazon-AWS.Chime.Voice.Connector"
set type default
set internet-service-id 393479
next
edit "Amazon-AWS.Connect"
set type default
set internet-service-id 393480
next
edit "Amazon-AWS.CloudFront"
set type default
set internet-service-id 393481
next
edit "Amazon-AWS.CodeBuild"
set type default
set internet-service-id 393482
next
edit "Amazon-AWS.Chime.Meetings"
set type default
set internet-service-id 393483
next
edit "Amazon-AWS.AppFlow"
set type default
set internet-service-id 393484
next
edit "Salesforce-Hyperforce"
set type default
set internet-service-id 655738
next
edit "Fortinet-FortiMonitor"
set type default
set internet-service-id 1245558
next
edit "Tor-Tor.Node"
set type default
set internet-service-id 2818432
next
edit "OVHcloud-OVH.Telecom"
set type default
set internet-service-id 13828461
next
edit "Zero.Networks-Zero.Networks"
set type default
set internet-service-id 17891679
next
edit "EGI-EGI.Hosting.Service"
set type default
set internet-service-id 18022753
next
edit "ONYPHE-Scanner"
set type default
set internet-service-id 18088102
next
edit "Proofpoint-Proofpoint"
set type default
set internet-service-id 18153828
next
edit "Heimdal-Heimdal.Security"
set type default
set internet-service-id 18284902
next
edit "Yealink-Yealink.Meeting"
set type default
set internet-service-id 18350439
next
edit "Secomea-Secomea"
set type default
set internet-service-id 18415976
next
edit "CallTower-CT.Cloud"
set type default
set internet-service-id 18481513
next
edit "OpenAI-OpenAI.Bot"
set type default
set internet-service-id 18547052
next
edit "OpenAI-GPT.Actions"
set type default
set internet-service-id 18547073
next
edit "Alpemix-Alpemix"
set type default
set internet-service-id 18612590
next
edit "M247-M247.Hosting.Service"
set type default
set internet-service-id 18678127
next
edit "Quintex-Quintex.Hosting.Service"
set type default
set internet-service-id 18743664
next
edit "Aeza-Aeza.Hosting.Service"
set type default
set internet-service-id 18809201
next
edit "Amanah-Amanah.Hosting.Service"
set type default
set internet-service-id 18874738
next
edit "ByteDance-Lark"
set type default
set internet-service-id 18940275
next
edit "KnowBe4-KnowBe4"
set type default
set internet-service-id 19005812
next
edit "Keeper-Keeper.Security"
set type default
set internet-service-id 19071349
next
edit "NinjaOne-NinjaOne"
set type default
set internet-service-id 19136887
next
edit "Modat-Scanner"
set type default
set internet-service-id 19202214
next
edit "Make-Make.Platform"
set type default
set internet-service-id 19267963
next
edit "Cloudzy-Cloudzy.Hosting.Service"
set type default
set internet-service-id 19333501
next
edit "Nokia-Deepfield.Genome.Crawler"
set type default
set internet-service-id 19399038
next
edit "Neat-Neat.Cloud"
set type default
set internet-service-id 19464575
next
edit "Brightree-Brightree"
set type default
set internet-service-id 19530114
next
edit "PagerDuty-PagerDuty"
set type default
set internet-service-id 19595651
next
edit "JFrog-JFrog"
set type default
set internet-service-id 19661188
next
edit "Tailscale-Tailscale"
set type default
set internet-service-id 19726725
next
edit "Gamma-Horizon"
set type default
set internet-service-id 19792265
next
edit "Automox-Automox"
set type default
set internet-service-id 19857802
next
edit "Pulseway-Pulseway.RMM"
set type default
set internet-service-id 19923339
next
edit "3xK-3xK.Hosting.Service"
set type default
set internet-service-id 19988876
next
edit "ASEM-UBIQUITY"
set type default
set internet-service-id 20054413
next
edit "Dialpad-Dialpad"
set type default
set internet-service-id 20119950
next
edit "iboss-iboss.Cloud"
set type default
set internet-service-id 20185487
next
edit "Redstor-Redstor"
set type default
set internet-service-id 20251025
next
edit "Anthropic-Claude"
set type default
set internet-service-id 20382099
next
edit "NETLOCK-NETLOCK"
set type default
set internet-service-id 20578711
next
edit "Aircall-Aircall"
set type default
set internet-service-id 20906400
next
edit "Mendix-Mendix.Cloud"
set type default
set internet-service-id 20971937
next
edit "Palo.Alto.Networks-Cortex.Xpanse.Scanner"
set type default
set internet-service-id 21365159
next
edit "Microsoft-Azure.OneDsCollector"
set type default
set internet-service-id 328104
next
end
config firewall internet-service-addition
end
config firewall internet-service-append
set addr-mode ipv4
set match-port 0
set append-port 0
end
config firewall internet-service-definition
end
config system external-resource
end
config certificate ca
end
config certificate remote
end
config certificate local
edit "Fortinet_CA_SSL"
set password ENC JN6938dLlVWjgMaBz31fPHxFWkFvM79TXTqQ9/d+VdFjiwiNSsXdQdavvKLNKPqR/lNhVXRaTzWlzkW/CXNKDzQ1v47M7Yq8T8SjQ3up8XaD1CCxweF07nH/yOn1rj3ZZ3gSAiqduNF1n1NTT7/KqVRaXqh/mR9x8i1NL+pQy4u7hNt5w9vaxcNpyO1hxE1VTajmaFlmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQP8ujL+/Xn5Ebnx9H
0McmDQICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI4nANOZCw18oEggTI
DSawPNxPTXG3XZCOQA+1UH+dCikdCERnmoajJEr6GRUA0mJGVatFkiSuZ61u/IlT
Ph2pY1NRv2cxfay/xTK3YvMjfgSJRe23dum2Grqt2+2XCaY415O0fKpMhHxbJOXm
c+n2cLFe+pWX43k51SpgnGvJvkdKHh3r577Q2WtOKnFpNbAyp2ElzBi4cTm80WgL
30sIEudf5iQmyNuX+umTsyjpUL8olpvimZSwbq0LqHtiYPNTMRQ7o9jZyRmNCOYU
8+sGv35Blds2Y7IPuEr+UiUD2pgMVXGgITLLkxzPsdql3vFv2bI0XkoAZt+0e68p
afkRMTuymLea640rsWiQsN0YneH3jAVmNldMMgJr8iN5La2N7r62KYYtZkK21iz6
5NUQU4VKT0dWkT5OMSmrCRy3fxjbO1uquex6XCIE/UN1X7PRH46DfQgG3O6jaV1m
7QQrabc23wl/seP62FK9HzZbL3M7ekkWyNMWswAHZMAxjnP5VSgtvwmx06MkazoT
lQyhMa7mILP9K3v6gWEBWAhNcYa0DMOo0ybrKMIconqB0CcqeALFUBooo13BYtWn
UNYLKLxy8bDZNvdGfu0qEDuw99D06QdOpsI8ikVpSLZbS4M7qIYQc9D5nRVF0kTr
o0bH2X6Em2/HhUOotv7D0J+5+nGNbBUkKo6QbcA1A8cKi/A2ofTDdNBWjJj7MeAs
yF2PD2TolmRVORg/A76qHqDMKXP2p5AddpuwGobrukdFoVWIffIB7kuxHfap9gwo
OtueRAGuCS0xlDjjMeOxAbPkC3rdLaXd/l6BJx1ZzoXsZejFjuoooz9IkEjIMtEL
jD04Hb3U26Hjh8Kqhcphv1QWtRKQbgWvsNUKNQ1lyBRlDK7UnIxLM78DJbluOhdy
lxAfoQ5kZuPjRQIEVs+Y+UQDqOWq7tVpBXP58W/wa9g5bVkhYil21pS0mwdRGzbp
V+F/4KvoHdH/ZbhRPhQRdG4vW8/lmTE5hKnoTrT5WkfmRnwZaXYYhIOvfgQeqSnW
ZhQpXBwwHKe/lvInIxR5QAraxVwwGL1lQOW66V0d8sOGDzwU9KVUWkUxXhAxcZzb
oBsxTY3yx8rD1lJ8OR1Gxz3rgWhfUDmiUaAiL4jE7vDUt3Tzx5G0tPBlrxmsj9x5
ternkFl1V4t09N10ZWjKhFbMT2GaORLTUozLhDTGrrO6Anqu7qd8M3FOR6XJhkSm
Qq7jwLRpoygg+UaB7vDT1bfI9bz//ER+YV/AqtJNQI8LDKnpHhiPr7hi/1MLQDRT
BSda95Ivc/9LZIn7It6Nz/Noee6QYYDURgUaQAg6Npw9gngf/6m3Cqe/YEYZtis4
2TXNzZYi2KYHdw0sUs0xA49Ksnqh902WFcF3H8/qbA9n0S7CL93nnq+YHwz1ybzh
36qBZ+cVLqJqV7npLOONnN1e2ORXENq3q6b93jw6KLGy9QEuHSaRhlSTGLm3tBhv
VJeV18xWKWZrTn2gip9LquEx20t1s+oKMQP/YAk4KcbHfqkxPbiHnRq1fxNVk2iP
BHVCj/Wo03EmWJILpXNcPQ/BQw5ZPzhE59xsA/4175gBSsWYU2nqYdbk+dHW3PMs
PY5m8CtCtVQpDTJHPrvWzvpH1fBO6Aiz
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIIB7EKemWPvOQwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTIyMDEyMTEzMTczMVoXDTMyMDEyMjEzMTcz
MVowgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH
DAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQxIzAhBgkq
hkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA8lh2I1oUF0PTeVN14j/cvF3Q+1VH1KkIOwPvr3Pi/edV
AcZ0Z0lvk/5v5i5Nk8x4c693Vju17p/nr5soKua1Sti41NUhwC+sKs3fIwDW0aOt
JET0GnKqCEXLGhzppSErYQDS90LQw64tSf7o0PolJBZNBDFJWrziJ52A+AaijF3X
8LfD1UW3SSA8onjKvt1EMc+w39rwsZVV/u7pBCj90zQGx/Z/U67gfYxPqjUxLPzK
S9bg0TbXQcF8vf+XU/FqdV+1TboiV+WZXXFX0zr+tqfDSKQS2VV85CiGgW6VZzwg
qGAOSGtGR/2kyq18FfZsCJCFisPSKqcfmiBt1F44pwIDAQABoxAwDjAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBkRSNYYDZA/nn5sl57DA3MnRcezWS0
+NUVOLXpJXzQ3hB1yXMcKm3sgA2IyXInoZAr8kQCWHwwM8Y9igSRyZExPgp+Tm8m
iuU6T3Fn5GisEKdjkKSmrL+D9ibYqFEPNfBzNAj9aTR1Os9702fX+nE7ypLZlulz
ilF1S2XaOLVEiWK7zF7s0Gaq9bihZtkZP8VNnIJSr/5KzFrjDBV0euhpCsnsUTeg
ayKPsODLnp7grKizkKKA8Rk9OgnsEkCy7628Y1XLNTU7qB+7ZXjixmcfMdNS1PKY
xXZbFhu6d5a9mB1ykfdnxwlXwL44T273UzikwDl6YJNpJ+F8++WYJmhS
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set password ENC mfJBCO0+PpPwtVQyJPbxaeRY/VIeopG3IotkPraJ8Ug6bmai2m7RcVxMPNBtaNfbJOAUV8s8PFv9xERS7Bndv8YG+3rzDdX4FGw356ndDXWhh0dlfv/nAe/8fiO3G9bfIvzI62D+LR5SwjYFc1SqaISTt0wEISG1JABoAz47sci+ucKub/4lB379EwtX/782pXN/bllmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQBcFpHY9s0+gHRRcJ
WEAzLAICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIntHvQglSeEsEggTI
5XI7e9UdEQfyRjBc+jkfaQxNw1wGQDvfsUtu9xbFAx1OgwUy+AAdetRjBrTAUBdp
zXKjlsBL9OxOlBkTm/AlAcABW2DoR/kgFJbJ6Z13vpCKVILOQDaWWJXvQhuzs7OK
k1+ZkfEFR4ZhRvZxm+o0isTXtK3XSl/O63ivqSF3PIosbBLOvOg8qRU8kVjID5s/
82oIGMnrCeGR1kSa2tND5fPtqQ3nDXm1ajSt1NquAP2uEiM0LCBoftjJDpiCF7cy
dneg1brmKGmsb+ktkHSEZAjp9d0i7l+9dd4U65crYgyEX3Sm5wAWpwnG3C7Jkdxw
N/5vAPSP8HZcLmxdiH9H9yYzog3U6zJd4QJF4FE6t2zIRiBBrKKF+9rbsdZFiVbh
I5EOawHp550TDZvUL5aYyo0vQkloNI2N0UEaEQXTfoHr1z3pORMnCONSd7fAlByM
Z/90V6c8QlQX0bQnYoYgDHfgJ0x2+h9+iSXsLeQ4gIz6E0QYAk22n94ySfrW9Ztb
7vA6qDBO2Iy+PUa6Ynvd3Zr24y6h3Sq9Ie1O3HDZ851TWF/ThrY2/l3Jwp8Gervr
sl7SILbLD3CbjKpDJumOhuYpxjEcX5efCQd7mgNh2SbfgiiodYfHywPnqJYDl69P
LyuQ3Ncqz6PMuVxRxJiYI9QFO8174fbujJIipZa8GTZ8VKBAaOAQK3JJVzDiaUOb
7iUgF+7TFAxtM9+6FrBkVBB89UCBv08lNlSSXZP8zM5fBhDzhvnYzt9k+dUPPUoQ
KN6ydwA3Z5hsxs2s717qjFy27GzghQIwyq9nzj9biXyn1ybcwJ0p1FIZ1PDznSl0
qTScnItQ4LlEcpwjnsGp/qmCvoSbhWK+0v/rl/y5Ls7zWsdubRrpr8RVOwVR9yiK
u54t1doLOvIO36iX12PMhqiTgOeJhcCGmjn2VodebulUB7xmZyX5q0O4L3CMeRRN
47n7J4eEk979KpKyDIFLbWau+VuWG1FBDQgvWv2ldxiZiTan66gEeLiWtRc8YKe7
p3jUFMeljcTV5vhj8ZCdoy/OxGQHlBfI9aHzpIQNnuSB1XcIzp9OAJPe53iOZa/0
6m6RiDOsA2mi+ymCX2bBLnZY0ifho8GRW9DVjKXwxvqyBNF5xpq2btI7xfMrRBzJ
4iHkIKtOs7iTGLg1SGj61b7b3TyGxv1KhUvVvYm3JCFtbp6eKZbXHyYUSv8KZtUI
67aFYQgGddcQ/r6ap/rhVPsVRmjXrVhjb4LqreT85I2G4oZz0WQSSv1FtcwaA0Ev
qjqAEyi5gDVgzqLUIJVzYRGaNkV7AKBxQh/W2Ct7d6NL3s7TvWzWMY7oV7KZW/gm
PgUdMF4KtnB/IMHdEGXo+nr5EuLBXdk4PlIIbCjkhmLVpMmI7rtb0G9spnjaNuON
nlQ1tgGcAJrEG81gR3RWcgRMXNa0Ds1AYxIqZplHmEHmNymPONCKqaowJtInrDzG
oYaAvrJW2K6qsPPUk2TF2KQiTClD218xoGW5+ZO8ODwwaMrYffocvUGcqdemtZod
pRAniTAzsiXt33ag76vXvbPMEVeySvtoXIDCnvl6cBjyLPUkUl7GYTuksMWevisj
oPRPUsDAbBvbrA3CVBs2rVrA0M4jDBq+
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIIJJ5p1RsocBEwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxHjAcBgNVBAMMFUZvcnRpbmV0IFVudHJ1c3RlZCBDQTEjMCEGCSqGSIb3DQEJ
ARYUc3VwcG9ydEBmb3J0aW5ldC5jb20wHhcNMjIwMTIxMTMxNzMxWhcNMzIwMTIy
MTMxNzMxWjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQ
BgNVBAcMCVN1bm55dmFsZTERMA8GA1UECgwIRm9ydGluZXQxHjAcBgNVBAsMFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAwwVRm9ydGluZXQgVW50cnVzdGVk
IENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3MDfGYnRXUFwDTMvLYyQJKsggiGavE
I6S33xoF7k3vK8LDozySJP/JzyYlIH1HJNJCp5AQVbwVjZPGu05bgeFsytC8f8Ox
K6hqb+vgcQOcao+5fTYhjbkQwarPcDwasH/G0q1ye8aKLgLxskD0Zw7AzwqBWEkg
yRzAawTaZyZLqAhh/8zXpKFZ3ET4/1uWkLmWB/VHZQfue64AczjRnCrbtkGulARo
2Sz0eY3uYtS3IJ0ExyIgvVWa6ga/bF/wEayGKjAYOI11D81jgqYVi/yDHKKkP0oC
X5qBu56YSr3WladesKH2RAFflk1lPxPPFvNU7ZxGZYvJEzog6cdBCsUCAwEAAaMQ
MA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsV/3cOb31gHxJDMY
kiaq0BilhXcKg/QWmu6TeIzID0XxKuWPpnmDDODwHy0/3w4y8fkLo9m4pJh981i1
1lP8nSTN/o2ke7coqhWZ0QeqPbkMOk+pKx1c4CK/7GTvi5QYlWfI/WVu/uLPwplU
d8d1y6uNh3JaBThoA+a8gtFgRkxmgOQ6esZUGMWHRVfyI/uWWLm79THqBqvoPEUm
/7X0XRP+n/cWieOa/6MQv5d/iHJI7BpurysCEcySdS9fx3RHxwdAMCqn9UO3dEWv
q0ik2r7sts/s3V+z8yMore1n8FcMX7ADoGjCSNHe5gOq/kThWWVR2EHwkDTnraYp
0C14eA==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set password ENC YKRYdOBRLsRzYz5Aow2qbJlUlc5naLVlnwfAlmrRN/VwK4eyvXJW4j6mDqjbrep9oaZC3fey7AelXGlGDWdmNLz6XL2ubeyMmtY9rVtzsPt9hLoKvIHE3PaFljPFkjL0CiY8xCGbNoxpAE8ebSJJ76UcXucPCNgJ5N0EhmkBA+Jm7cU+a2hMp9rLeCqTpt9Qj07471lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQjmEYx1XDK+uxk/Ou
3kXMugICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIUfj1ml4xufMEggTI
nxuf4D8RFTGbPQGhex65ldyCt18BY/oTc9elb1nP9kUeNdmbQk+XewQ0y+0cCKtl
UdJcck0xMgJb2zpnvcRcRxDr2wsyW9MAMZ5WZP7PyD5EXH47oyvkgptHO0Obrceu
RLmwsoHvddb/VAX3Qj5Qz9Pm8VbHRz/jB8aHY2u/FRXewFGxV26RfP2eVb4dA2aC
s/9vBelogVQtGgAOT+RZ2h0ynRiAU/19BxgPN2ZL1jqWepWDHXnYJGnakCCyoTlc
KsN2qbx2swPZDZyp2z4a6nBQmM941l2XRF1l6+HtWWz4FVFZRzymYYIQabeuFw9s
98OAemLC+YNu9Hm6vz/it/QitJ3TBNclbpQ32CsOoOHSeSnA7/YYf5DPcmLt5wPZ
CKoQOllrqbnt7VBITUiLNHvG6COnDxSvhz7QkwHFR9/3A8v/sQOnb9rLmvQuvLQq
BlSJ0bRt6HbEwxKhuGi7S/3caChAMWkT4mcgXElN3Z5dIKk5WLrdqW9ghonvzJ6r
aieENkjSNvoK97mFF45yjpd0IHdudY9wzCh+TjcnwF++wKQGXNBoD+2Jw9GyQ5/1
rkbnayYQy55Ak7BiRJuuXYdrK4enOprgf/vBFYF4m3F+syOHKfF5DlRng5eMl2x1
tjXFdpY7+2UkPX0fF2+BeA5OZqoiVpXShK2HlOLzMsCznGUJwBgLktUMaejcw0VI
h93DslTKoN88o1mnPJ2V9GrYFpURQT1vp7FO2TKC5iXbk30RNTK0lRqZDHDEPvJp
tMSciFU+h9+OVabbZYjih4jdT1FRXtvSW+vtaiHfoQB5M8SpfEEfN8/SoxLJKEEW
Gh4XvWazlFZMiOmu7Ni4qCTs8KHD0UQe1LGeM3w4m5/k/s3byvBxRy6s83kCFes4
oe2/fMjS+EyXr/iZ5f6ZVBFeL0p6wVCOkEJ2lYJpA7pEBXSvounf+iGHdi2wqVB6
BaLkMvlc0zgfq+3FZunQtn28WdDCHjnlwU5ejnEVULgZM5lKt4mupPu2GZM+Jtci
nBZVJlAwrtqCqYmcr9bwq8KBaUG0KVRsGil1g/BmDaF3uxtUrpZv1CUu5cOyjVNm
EUW8eYHLKocFe0nYmgsgxlq6Y+QL7If7zMf9+P5I0WKg+xz20+PzblFGaNXhSTcR
wDFH88ignbBWK7DnEBTLSCmvEK/5SZfpG1h/e5UCQNKK9bn0DT3zvw/s3HeWymSA
+o2FzAt08AyqhsZ1HobUYLPOK74gGClqOXsLjU9ehOsAbtgD2jubxQCDnaVLGw+q
TH+37PuwLqmuVNU35o2UgeSbzgZs1omkl4RmnFzcYu+OAFwxOxZW+Ehst547wZf3
AU9bcx/k6rPF+lIpuoeJHG2NYbf4f2j6Cw9I5i9N6HJkq9L7tFqytf2f3veYz9gB
8FPVwGTXwUzMKlWcrSj/tAxwYN/ruHFKP5AvCFb1bcPSrdUL9hl6GmG/Y38O6fEm
7GEOuYR9mi+DUiLMQ2BNX5jJYMxnUAuSFUNgRKBGUph0aJET0WoaSvXqNJXbE99t
asBuVRfc/1qD6BsiT9Gy19rS1a4734WO+UGHtKVnZjvhO2JE2yKdFUf9JvrwjuET
1GKErmygQVlTlM2qs7+/fF2ONf/DuLlH
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIIDpscz/0cckAwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI0MDUxNDExMzIxNVoXDTI2MDgxNzExMzIxNVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM3oe6MYMMKx
n+pOxZF6/GApkcOBVgomZUnak7EVNvhuGLEoRHsaagdnGghpr7/1fjTjq9pwcy50
ulQZaDpd4iolIiIM6DZuLNy3g0S6tBZSDZzLzP44YZiaXxUCq3V7ofbNApb70b5n
DmuI3YeOdCa6OTlR7hP+qXgnXIU7/oMqeZbjwFeL02cHeTEZZCRMfj34aoGasMSP
1xSbuhIy0SF673a0KTwwvqCQcL1gGRgQK8N6iC5U7/LB8qofcrQETl0+gKq29awk
2ZifS8L4j2vzaRW7Wk9v2JE1gv1nv24P5R+zRNfwkMui9IuG8qMsmLy9tC0Zvqqs
on9t57/B1wIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQBOaVMulzoqWefpYr6weX7dhuNl/AHU6141oxNw
EcNkP12sVRU/vOEh2OwWhGSQcYikM14Ix8n6uXWPvCaEoL9hWvxdYesLhk8LESaX
kyse8RHOaRShEpYLBTwD7Famppo7l0AB0GQy32VXMHSDIt4il4kxOxHtsFZVnt81
zduGY8rnqquEvsW2Er2gC9jSfqwdlenThRnUvoYIonCGwRmPNdYwOOFD/akJymMl
WZNQxgu2iagy+QnUmgprFMAHLe0F1Pd76u4xbViX/q95DPF9B4QYHCjL467iulQj
GIkjH1RQNZqgIWm9oqyVE6p2U5ZWpVghjAgxibuofpuddUTG
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_GUI_Server"
set password ENC vNWo583Uxywj57nRRXz1fGYmfGOwx8cvXw/Rfcw2X2zT49HxT6e1q2pFcDdAglKgicvzOGJeQSj/7QcTleCd4RnqN5Di5Tt7iXZgegTb3Dj7IVKTgxBDoqVR5WqII2lrUPofOP13lJ75E0cui2Bx7RXW2Z2+O7N7eiUkgU0aJO60w4RZHPNpiF8qjSOa7+N6TvxrpVlmMjY3dkVA
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJpDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQlu6xwuuijrKwtchh
Fvl22QICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI/Ci0H/vNmKoEgglI
4G8RsEkZh8Ar1B9KLQR4+J5p9kaT2nPGx9ibKEshkiclT8npnkXFPswVIy343YOy
E3+vXPJnIGdZIyhn5iGPgopz315OGoUIPgIUOTNKg7lOyPOsGeHsQXKm2vZ65fnY
dxbu91AVQXHh5JthMEW8f/GWTLfIi75uJLu7YDNpHGfJsl3kHxL4tf7yrKdksB0H
kt8EjmJ2Chux5UD79HDM2umyKxAL7dVs5bt2XysvP+Jx6oCB4gOZUWEogQdSmBHx
9XpITz/kujiat/+pZjB+h/tCAP+SqcbSt6pZhTYnmlqyWlKmJ0p8FJPhyrNuQVeP
wz6n3ZwOLA0CjY84UQ6GBBWe86xHoq62VLdO1kE/6qoaO1tIRnF9tO9IF/qInpo/
80413mlafc8GrinkXVzSU2a5uODA880519MPpZW6YvTmb7GGdSqUzwDhDofxetEf
erhp4in0Ju6hiFf35PhZkjzbE5HzQqtYSTRihws+YL8KmzWNaxxTqCopebFsVbmu
9oYIGpONmhXgF7j4hpBDutbTanq1zo7ZoHMc2yRmECGBG56PkBssf1nRLfHoD0cr
P2aXXSZLWKIeu6vHeZ5wxEES3+IKds4swkDIBxAoTg4cWCW5MUTLAFOW3sDvQPb0
h3LBhXQgsAiace7AVtpQ5/iHApH8iZIO5gFK+0vcrqci/Xj3lqV/ZH8AyIK2GKUe
9iyUVm5aRtNER3ocP/L5nnvUpg6V0f0lnuaXqiM15Ql/SRMv0DGHUfIUsoLdJGLD
PXLGhz5iurJgHLo0Dl1mnT35sFfpTmz8WdlwAxKliKHhfxFxCUsnNaJrzi6/orfe
ztsoQy8ycaac3JnUIg3n+y1oyGhoMtuDR45O1g+lk88EmI3v79JkGhfsLHV78//T
OrW0thhJqHPhtcIb4or36ouJqjhMWv+lDGSytXiynE58pqIhJiWC4IS66DEc0684
VRf7diJ02I2LceYrpd40y9c3aOgU/9luTlJ8LZmXf7IpRRlw6ZmmNhVJR4Wh0Mp2
EXSxYbj4jjesoY20ZjUSo6DQTrHNWgcpZUfXFLDsvhyjcvi5laQCWE5Wh3fxJZYi
GnHno9d0hl8yFMkxcMByHG1jpjaver7tv7+5gU3P7DANIKpcx8eVEZhT+ixNnQJJ
GBNvXm1nsjk0JIw9DtRKaABlagl/Qkf9v9R8S6XhbQVyxWMVc3wxnNnXnRa0sM89
C9iI9bXKV6E4sU6wiilBzHnsU+a82o0CsNbsFrD9DRcgeDd9yXw+NkrmJeQ9AnG3
MBGaD9fgz1/sxGMnznmIQvxMqBNpPQFtUQwx3dL6CmyyXtWyxaLeky/wNsAKTAq1
aEuGnsX2CivaYrEECxEKwtvFNaiX3Wikaeij17KhDMh5Aswvbqkr480nJiYfRlQd
o6i+MMkrQg/4tEZ/H/hos0eO0/X2K9pA7fY+ShyXkkAojg/pS/TDlPp/r4+fBT7O
66cHAZFFeMGOrD3sIn/3hcdhMT2tZJbmB8kw/IbAawno6fiZRt6tuk04MtFbtA/Z
RYldszOpamgdysDLu2F8RdZOT1zIm6JgIccz2hK5wrlhr97IAu5IMI+G5KyY9kbH
biF2Nitt/REsQ/mkJIuAwP0JnY5BXMUrdp5VIHfBb8clY/cNlvPTUgAxLZvA27Nn
B6uK2NmeLHuETCz/AaTSoNv4oJEzQ4Nq5IbwMGlkt18bjxeMYJueOWrAFy4oQuin
ETiK+eF/rqc4KB/HAYkyVWioK7ZO/ABvITEN0go9dlfezOkUqhKaB/RGsmDPYybz
ComPqX6kkSAqN9MDaiO64X7FgmdsNKSxav965+g0ZRgdekYMKRv6mfgdpc5pgIAT
cuVo70aX0zWsPs+ondcvwCIPBYvaqhuHpO8MIPmik5ejqAFtlBfq9wmpTEWffsxC
bS7adXryr60mAVAnbNVoIIIrOjIopSPAfdS0O0+rjQB6hdkXjdjEwZNUqxsQhB1V
2YrRgTz6zMxWqu/wUBeYlq4PWDgJZFhHgRqhngb0Tq1XfAbjlL8S2cThtY7jD75O
PJCyft9JH2MULp1QKv8EJnOiOeA3Ms8iYcXQLs88eXy9f3OL62KW5wWu37PEJhul
J+1MNTOvrHYCyEpgtooxEQtGmU+7c/0240sjsmXJM3sz0f+3nEfBLDtbeaBRLL2X
+PTU46CVWqeMzsdlwju34EosXcb8ImdL3E3yE71jeu7dkr6fx1z1TDpSzFGZazqe
WMSr8WyDSj1EGGrJ+22gexNNNz7/lQd+IKhMGLyuxn48EvXEa6c+dSovw1Cu+uxh
dHR7+tujctXYC1jbR6TYThd7bnfiXOWomdGWdt1CVQu9Ok8FDt0NJu2wIuZeoGab
2ewp5IwU0HGOD+k6e+2/ymIBm563Eys+1UAQeYx/L++h+JZMibAsxZ6ljHSKFipc
rGrk0Koj1L+5mahy1Vf65BchXWa8ycEDwi/4xs/GYpo1Cw2/f3CfXtMmj4jqAwHx
WM9GPmJhjE6Ds8Pvk+t/kAR3owCQKM9r2nlzau8K56H6orRW2d5ANzT+5btedLcX
qW4/3m+8Vgb1qKoxbo7GcNbu+fHzoN9gllw8IOl1j2G4SxBGm5HSbSoedff8D3VS
WCRtzHIQiG5lXUGCl49TGH8HxmWzPMX53zxcTcdZ5wpIkTT0ff/Hemj0xrwyw61A
doShLuvcqviUaeU1tP/ZW7tpy9IgT6kEVAJHk8tGkEPF02trhE3+nCMLzCy9O0my
5nyps8iUUawplFFExi041r1YWfDDIVcv+tMtRMJNEw+PyaZwA1NikYmqFuUlp4mE
eQm0TIN8fa77Kse4vTO4L9D1mNUnaGptdnk8qpJC9wBdxXU0gavnBvYFA+pnG0N+
aTJkQnKguW422EGG/Ew8CuAhktBwwgkz64nmRXJX7AAE7JyUVuOCXikobZu5CTfs
uFfTzdV/DY8FPhT36HIhCsBBCtGS2R1tzKpnCYXwJedmYAmPqH9RfW2mhobowywG
TwIaExVTkP4m+qPTSa0COvOe0S27RRSzGVE+cMqyqamQ9R/jphFUYQQeHvNHta68
/h3TrBX0nFbaUuISFDUxdiKFOK4BMufjDfMD2LPUj5DFnglmkNIkHx1+umwwwfWc
xCCrTMVmfzoPxzzk8VA170IJtUlS2K2X
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIIJLn0LcCD9NkwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTI1MTExNDAxMTM0MVoXDTI4MDIxNzAxMTM0
MVowdjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQBgNVBAcM
CVN1bm55dmFsZTEWMBQGA1UECgwNRm9ydGluZXQgTHRkLjESMBAGA1UECwwJRm9y
dGlHYXRlMRIwEAYDVQQDDAlGb3J0aUdhdGUwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQDVH0R8Epzt94v4RQuzrMxCHn/p12MUDeBKw2F0oi7T526SiEBa
+xVCro8wVP+BLujYwN3HMWzUs5emKnOU5j814QW91yq1UVxpmmO4WoSAhYBbPZ5a
6qQaQ/1RKVp8QedF6axtiB710Za1OXPTLpDYFvt1fYxrIWbYQ3QWb4La5xTjLLHE
5qCslcE6d25SAzE4VWSLBTBi/hNAkO8yLK23b93XraSpDO5xyAu93yBiq2AP6EoH
Mi9w1+xSyBd6gq6Pn7Lb+DIwpI1G5cTR+4eWyKEciWr7neKvP98H0eRmYaEOhGts
B+/v4+99iCqdMy+X+n1HG6cOWorod4Ck8lfttQA9JjvZ9S6LJSaFJfazttkaJ6+d
VVfD8JnHTQIRUIwT0GYpCpmsNjvhFCywyjzS51tY+UF+qdogpnJZb1oh5beGi5L0
cszV+1tmmmFYDfaU6OdN0LoLazkLLqBTjDTgZm4GZCUlwVMqRCCcYgrhr6JH3Url
kBNrFEi2Bcp2bw18iiyGgsMkWlkHZTeQe3bZg5yxxoTxGp14vVxxz0wwfmoPvuaT
kC4eLNFMFG+VRzBy70CedC1QmSgNvAUw2EUSSrlumMZcXVyK8dBNG/TTpJ0h1qf2
HYDqIkQAbNis2ImNQDQ4Xic8qaXOqXWOIN+celx2OTHX2qS2JkSnsFB7XwIDAQAB
o4IBNzCCATMwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATALBgNVHQ8E
BAMCB4AwHQYDVR0OBBYEFHQC3INjDa3Sw6SsBNc/zCyBfIhqMIHHBgNVHSMEgb8w
gbyhga+kgawwgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIw
EAYDVQQHDAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVD
ZXJ0aWZpY2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQx
IzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tgggHsQp6ZY+85DAb
BgNVHREEFDAShwTAqJMBhwTAqAHxhwTAqMgBMA0GCSqGSIb3DQEBCwUAA4IBAQCI
RnebU56CiT1j9AS/7/wXYY2aZMIwLwCZmF3W7lL2zfYj9u0QAnf3Uk5kH7mAP5nl
BKoQGRIxNvWWLPEeqeJnt3qvakdsF2wbaiodHOUIJoAYzlnfIhWDbeyaun7Ae4z7
4O8azQzox/x1i+/gKxILmNjpx++MnxsY7D/CdEnjrOZyf26gnPn5GJB5/+4PnwI9
DCOoRcujP7glPQIfNo/JugP9gN6lqZGHnyHCgAP5cNShv0ZSDmhgb733vFLgwk4F
gT/QClZfXSltNMNP98dlVgNUyZDw8+5HwmNgXBvjZ78gJI92FYB72RIq69vKhh79
i4KlcjmY2jcCt0bIeK+6
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set password ENC kG58/YotioLFszHsSzvutPbI+jam62nQkq8KtdQK4B7weSfMTTIZ4zjWfM5GaEIecFV8Ddc/JQmZxAbmwwmiWABAG05PnEV6kxRl9O3GuHhYA2y+Qr7VZA7SYoKoCB647n5elnU+CG+d25nnt7bfUoX/h2z2wnRT3yoz3JGKadSSS0J2ZfhlNWLr+ckttLEvvP3pBVlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIC3DBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQqRjBpackorTp8ckv
YUgc6AICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIBTk8jyI8T18EggKA
/reoJOQgH+aAc/Y3XVnz8S7FKkV21YMImlqZGg+7Xx4JJX0KpLR55hqH5zgsPOg1
BIQ/r8+drq0LJXIlnHl6ye0EdZLokWCwC8KKmxbBDs/qAyfMZWLy2dsnt7LFTTBM
F72D8L6hmcNgzAeR1kZO91/KwlLjCHIabtgGHLGrsjM2GVd0KSPZGdX7Hm6ZC8tF
6WM9Wk0kiM2UDdEnPYYQWUqcmqYClPxM4u21ft0I3nCHfWvM67fLgn4vK8p8jefa
vDNcTwrLUAZ9jr0lTkhQuXu67pkKmZH4cU6k6w42utO5qkwaVc/Pb72Z3fIwCijP
yRVEociebQ7EM3k3XyU0jadwvsz7/FNwwpUZy/KeYs5w7l+umvyppV5vONxZAwAo
/IeQqczDXuBHychLkr5gtjhmD9yCESBcqtTJDamse5WtOJYci/ziPGWT7THqIldO
ju7UnzpuoU7Qu9PjSLUUU5TNJh/KwW9b3Vm+k/xKTb8FN6koR4qe6RWjwkgYUJsC
ny3UykpHs5CyREmSqlBSi1NCohC0l/pnNj9T36eSP0EIlYZxECcOv/2ICFm2/QzQ
139fGQbdQtrurztvuLnfyJ79jLG6rOnGFpO2wUohNVthDjJ34cef4nzoAe5Hsfez
wQNgi/Ard551gVo2oRw8YW2o7PxtZelBdw/Qvt5arN0f6BKhE0pzpMN9fT1ZCkTP
KV5okI4tltD7Yjj6mmusPRqlO6bIdGM2BsJj+oB37TzESm41ASvOB2E+qOqUZ9Nw
64zR/Khjoier57vXIvHr2vSb60CObvfCDXBjkXiGH15c54oXHLUQ0AT0koW8YUeB
QmosULCRAUwSHIjBQ+konA==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAkSgAwIBAgIIOvputoR7mCowDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MTExNDAxMzA0MFoXDTI4MDIxNzAxMzA0MFowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4DufhwMPNciCpCyId
g+byBe65dO8hY+jfZCPyuO8EltMQKwyaAtr7q1OysM6P5utngPkpuOsBTxeU77U/
bvNaa80BkztryUayFA4v6S9owDvrk+O3N6oP1tHYHn1mZN/5+dDk0LMMhATCU5hk
Rm1eemzMGPKLDNG7FTvPZOxOtwIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4GBAFEu1fCpsOzp/MSwgVKNZrft
AQmEluumGDHmRi1g93RLttGAqhMg6uScKgXybIWOGJkZIqrriucuwTT2qy8JEc0m
nK8/OnuYiDrbTYNd3a+OQpBRjqGMtxhsr44gJwng5t9ivEx1sLDwDYkHZyFJn1v4
RJjU97CJwyzxePdHuZqC
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set password ENC VG5MTvcr68wkPfbwXT+73P4FqMKYOGhgLKFqwbpeu3JlQFrK5xpAG9p0Wq1s8I6d4Sh10CpiUmTk2UbSX3gNXtu/0G0EbMzBP/gIa2g5L6/ks5agdiZodhDk9zksTtE49n6dGOH1fIV8oCk0AdXqjvZME4xFXmo6bSkC4yiOnzzM9T7SvL98udQgGrNA5CNdOF1BsFlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFJDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQoUpCl9Rjit1hO4hs
s32kDwICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIosqhEKGJI5gEggTI
MDe1LZ/GSJFJMz1BTs8aeG0WKgl41VnhqK+SeGVQSYwxGgKZsQFstvdWEOtxiq0/
EtsRTgON3kC05PqcBYjp0PfcSnxxQZv45jWoWN8AoN16l63OrkA4dlkPCsHwUhkx
rHM7QMwukzr2TeM7S1TfYRpBOuTcQwh/p90p/9Y0+FOeWauba574FH7bptqTRUF0
ALANCZxMMq3Mr39Qq6d4DSizrtlYw6e4Nl1UQ3+D16pWMEnsfHdMWVAbrgt2prAx
hUnUKWaZMop2TkEHW90+RpjVgkHTGBZNNAwFPrVIETD8MsN3jKt+kkQGRiutAGPb
vcC1k2fK204CbBqJMgnldUiyH2yx2p3cMthIum3RJTg4h2mrGdC0zAvdGAW1DhPb
2z7bLqUhQ7bLPng5+57GApZraoghYN+E9o9XGcYVh1uQBUr3y7MYjuEuUFYOQBUU
iwtUH0ryAZsrmMjvpAv+tIXBCEGJv0OFoJRlh+KCE24NVHg6ItKqTLah1mZ5ZDFN
8ULXLhplWPKWdyj2HyvWvpGTYTWVFdmBwRqqe84lubecEQXs2VGf+0H1a1ZWzFAN
e5VQl5k5nm9ivr5HIpb4c85BcuB4OjjmyQq3dHaqjX/0WQ/QxAZpvynI1lOVyHo8
+W5r405buU7cBWxgVJ6B7UpmjaOoPX5Tlp3XFmvCaBgG34TRb3wHYXQMfJ7NWvF8
hvZqwHGEt8nDu5olq6/jFrgI58rKpVcahnttiUJKD6w8lsDsxQlUsRh1RR+gMke8
Q0REldD9OeK3BD4Rz7m9cgG1z6xyCqGdqF4BDNanDE1P1Me7NSIwLSCG/7bgxytP
Pkp3bq9aAe+zqh8hKsTxOSUchL0j9bwc0XCqyIewKEWZV7DSXfGrd5UWGa3HMoY3
T4IhwC+OYAWFNkuDfCq3+Ge0szgPjOzq+eEvgi0VFa4a+A93PY3jNLlVbZnG/sni
OYW5GXtReqZ4cWrmMQ6HFQ8lsYWQn5ojl8JRq6mC3lGvgxED1JYbRBIRfy12K14F
NsPVg5FcDoIS2wO34Vp1th+XEs8r7xEvqPGUevnvjxAvtua4vs36Euq0bFQfy1Ys
TnP1RYgW0ACTEINglBOCNyq49PpCAkUPcfG3aanLWa1StOezsuegaT043HphJXyA
injm44MZ6vUX0zruktNQ1t42z+CzxPIKREJxc/0TFSp2Q2CH7teJa+/dU/ZsXgRY
qkibzjf502d1e8MdqAxAaODPzB+06OMSmUT0R5eemIswmqmqvXF6u8d4sUfeIfKh
Lq3zcGyagGMBK04OCWBcE+gSF1ctgyi7lBg6ifTKUWjNIlsjMrvRuFxU3l7J3pbc
UdCvgtfFm9eTqHVGmyPhzd+DnBOpWC/kbzHJf3K3t6id56o2LXXasl3EWwfweZyr
cKqWj7c7qPOHjtHUUYDV66eH6a1dB1f5c5iGGPZFYTq4vnw81WP2yfq7N9g2ABiu
e0gPl9jLL9hugzp8d1BJy6u0EpOOaZGshZJuUw4eP8mxNsg/xYhxJ/4MYQzhJVNS
YJgDkgJ2/7cbidffAgsx5g/PuHDAJswxjOOwtxXD0G5GjZZ4LQ7zeCMS4wlVsK2S
7GuPNWgHTQd2BxQa1XMrIS8CMJUf6+uE
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIIVrvfpsp0uRkwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MTExNDAxMzA0MFoXDTI4MDIxNzAxMzA0MFowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztV+HX1vzb2X
Av2mddZO8Ll1bWCxZDPowechHX/FBzT56/V/qxvOAK1nTYUivsScaUTjsrJOpZec
6xoEzkMZdhv5riDcIUhJqCt537YQOooRo1kgPHG6fof3ab7atBZYMugu829RSl7/
kRiQhtGDzSHjzJEANsa26yOQjhhCugrTsxenY6tePM+JgbpnpYm5W1795wsQx7qA
4z8f9p/rbrEfWLeH88Wjn0eGtSPc9E9CI/mKJkQx3n+FxUndGnjhF/c3h4ziUaE7
R5a0+8Z0GKq8wf14/Q4MAbKKN30ZK+BSMkhroEvl8p1Iv6q2fsAgbnvH6b9N6CFe
Sq21HXZmgQIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQCbBI8tJElTU4xoxzyYNgzJ+BeBIKVvYCI64mZb
ETeMHt701b5ueayGEuFjuETA4+/9EhysQSMs8GEQDMpXirWgAzAZUFOXHXF0Vqpc
nhT1Aj+77lzJbyb+fz/fNZKSNCi6nNtBX+woexJsZCOe2dkCzdNHGVhfOe2oIDPZ
0ADgxg3TV90caz4znujl8EL7SHqo04ss6FKQf4rrU8h3lfRDFDutgRBA7CGN9dN0
mTNgmfUsxEowLJP/CFBpvLNVQZwQjhlk8p0bx52j9CC2FgwbIQerdYl+rRFQXdyD
1KsVhHkP3OPGyDsZcnV585pek3MvDm6w67z/q4LtccXbNpQQ
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set password ENC KWuySaWaYZLNzf7PBQeVYEtqVIFGXaSeRwFDIcWo5WHQ/i9uoBXKlrYx+2AagfnpF0zHtwcPGh4vTq5l5VCNb42hpoQ631UvnL06eecszT4eiv3foAhSGenP1eqGnJoTKc3v9z9USotKyDTPNPILyFIvrqNFjmrA/EC6qxdJ2NJ/LQ+aNef6X0bkg28hKXcsFOfSRVlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJpDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQP+DfEDcGcD6vmNBf
/ZDzsQICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIlhtH1qGvLmQEgglI
qRuLFCCTuAxSAgY7jlZ+hlXxY2wNWR3G/SSvNeFpqj8V3fdDBO9JKVLPTrjsCJvj
KL/eQiLYmUmdPw5WUr12zKCHF1TkEXdj5yjqNFx6E0jBZm5sr4k0uTcv4uLPlZjh
Ty6RSE9+/ZSTt6GCi6voNSb82pqwUYRPZ8krBYWUipHkPeRaUmjS5T70h0+yvBrG
w0cl504pgrgC9kyk1PZwGjdmlb0zCdBT0K0ACDZ9/Uh+lERw8zZ6Is9wq4KuHias
7srqZJ2AcpvsQ4J7xSNeKjbOtHMeBlL6XMB7HLdy5arpd+OC3/5TUE2AdZ9QDuVJ
wqwICm9noRfq2xPYTLCKVnRLqT8jFZVVAVvbJxT/svODJQAXASfo7TF9fdsPq59j
Ydqpoyp8KREsG16t33r5l9AEyY0klWN5HWjKgNvz0boIGzRjeQFRpjEPoEhVZLt/
D7T42Jgri8Qy5of1+de+blv4IhepvCfjftu9lWV1jYtQdFZUl4z6YP9JSGJfJ8KE
8C+G59TunRgVa7kCX9u0eZVProJxleyuFrC2EG9Ofd8WrXjAYU2UOd4/HOSULh+j
wjajdpL3v2sACKsQqgXleQlOPDFjLj2ByE+9U635f72biS4AxO4hJcScoYjjyKpI
+q0J538rbslbKiHyl8KB+kp3OV/HX8MXHOFmAVq/nNhHyW299jUstS0/c5L9qEA4
UdK3BkCrWyYgVH1dtTpGhtuBbn97r5RyM1OfVmkAR5pB/5hJ+UQhR37AtW/6xCkN
6MpWUs8sc87QeuIOLZtMBzs9Ip1UBFw9paTctaMCTflQy7au4tN/3/URn6mGBq+B
thZMaz11CYAb/0NditZJbrKfYSvnB861liOIn5TNMCReJtWa+JRde0MgedvIp3mF
Dl+NeHU6+C0uAdH2phipMaKwxwy2GUhsfVODOwXCahaXmB8rPGtC42mkK8ziwhdc
XNdHN/M7cc2mrWwsD4OY5AfKeJVNNiWl52n06s0Kmnr5Eli5hgJukh03AOZr6EER
inx+uRNhEN7pj41hb/WJXwLr8BAmCIByGRUzHX36T4fblbPZZupYY7buOO/bg6oJ
Tgud+zDiLCjA0IYi+Q7XnzOLmri3v3Ak6RZ2AVDWxHg4Vqmo2jj7SNqq1zOmVtNr
vJmj3CdoJkYikWtDk2Cop3q2C3umlxhK1aXyUPecROx07itpRxWeMDdkqPYE8byc
hbr5inbZuW6SHFG8UbdsSrOV2SIkq1xdDTGDrh9rqIoUHapUU+a9o9rC6oU2XrSU
C/JM2fBiWYFtOHRT3vfktikxwlD+3a37Kwere9t8dG4345D70KXH6te8jeNRiNkO
d4I/6Ihz9aY80YedRecKK8IvszJ2hUkuIqmjVGhvwuIz+gl75PI9cTFvARd5Ab7u
FmVX8x1pqZ1Jm+mVrfATz8c6qm+agjKFIUIxVBTvPEcIaORplwvlYgLj2sBkCC4t
CnXmbuBu8GwD+/RQPfHBoxH9GdoaBrDtNmSi0DGqcT6TSxWtH6J5c4T5AbEMU4uB
JhbJ4acw/6ZhGGhptBc6gJbnakAUtaIbu1wExhUoTHmyUKgc56qDzHgPBOebkvCl
cDjYdyOlPHFyZgMyvRB7AFagBrnYpJ3ZvZICsr3o/8cdu99shGAVZPER080FvFZh
mpC21+Rcjy3WfcUb3nH8cGKzC67iSqSW0aKrM+kv3outj5ZUeTlDt9IqgAaRLRoo
DIwWs/PcERVZRIcC68BJY5RckaPP9o6h6Npai+t79JZWNvXMFBrbNnqkQtSS5TLL
KVPMPNmF3G/Z2FPjtKxGVT2CLLy4ODFqg/xXZ0Kt20/J56Wt836ao7flUYGnREtZ
QpWNpTRRqFUpQ9EVWLP0FvZXCdrraT/NzgVH+BbZwzFLeVce6k1mrHA9C0XcvFmk
PV6rGYjjw04S5B33c8buevQkunQ0ta3np2t2/8uxlJEPnoTFLAuiHHitjbasiSyO
L11oJ5bdaaoU6BL3n9FsM4LJzPqlo9lPgPzdDEUfy0GQ3tuvEzDTHTvc2jaOMjS7
lsqiQPHTLws5AKpEDBoSk1LicTdhCekAOXxvaaTd14k1Iibhw6VuMqoV4riMW/hz
OhPb7zkldpMqp+p1+Y/lPN6mf0BkfZ3QJgjgUX7q/gbhn0W3ewaQ7dNyYkjXvnSZ
LBdFuAcg/fmLE1RQS4m+ryVIjn1kwa5fC4Sc/uwyKxAEz040I+2/7vw5BBYPwaYs
acBKVOe6ZMUjKV71g8RzOb1fqHl+eIBtATios59U6ZEqhwQo2b81xOxJSNtXOkOh
0M5dZb9hcV9tHSFGWeGQRG2jyDFOSSsfGhOVZDR+eejjXvzdxu05s5MGZRVPbNlj
8T96c1GZnyYIegptWScjSayJL+QzY1B7VYUwAbOoooFlmpYtIY9EAVI3fqOkecKC
aeycEiEuJLSqRmjMoS6UBUoN54kCHL7z9In8jPEt8F/hRHNLWY0lCG16sthQJwhM
fUMIKeoV2sNHOROCR1Z2V9/xPpF/ZQY/I6wZEzVf+OIxIBPTGFwOzSimmOk/XEoo
HWgPsuy7ISP9KpAJj1eoWuXCJ6VA8+nvg/fS3hPT/8BA17du8QcTJpzmyqczxT3M
nOSyMIgwm6meyodkBP+Om0U2jyU0C0wihocUhrS0fnikJQeRm7ZObPI+KoGxZe+N
+m/ZMTN24OagzdpWGtJN9qbLiXN919oTZI3XwNVi8ZfI5zySzYXBB8zT5lCC4jB9
UFsn1JbWKWEdJizVSJEXfjonIBxE+h1lESuH6x3RNFxHb1HRR2qgodlu+lA0t5x6
9VhcVTDm2oD6k5jEsDxmWDvtNlYk5Xxhj58qYm4zBmX2PKXp7zkcuily0RzzyMI+
b3NnQghkz6DvSmF8fLa08jKfa/g0kW8o8lmT1tuN2cnLYAX6WRsgKNmc2kMpJtkm
staMajr9n4TPR6DXb/6LkwiflOOe79AQIeVgFyk9rlbaXyawvKVa15xrJLk5AgIb
Z5MqUNq9+6AkZbsyNAaEJG8ZnKUV9C2yruHYrctvWYPiZjjmfK1GG/qc6gAQAfEp
uRM8wZUO5jDIcf9WJHADyvp/8uxBSc+9hLUqPhhVVzMaZyHjsOC7iISTHOqu3sTE
sx5AxxEqeLyHGOOxjb/nkye+KY0+JQ2l
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIF4DCCA8igAwIBAgIIMT3E/XqnRLowDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI1MTExNDAxMzA0MVoXDTI4MDIxNzAxMzA0MVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAl1oVndfr3v4n
W1ztkYnsv4fds/VLTpdCdPFx1docGZq2mZfv3JJp/1ARdaW07ir6FAFWpVjHp3be
DGc+bziEGwj08mYj+ZgPVzDC9Pq1b06+xj+cxvDpne9S1M/1SH87b1OE/Xxd967X
HD3W2EJg6SVZTWwhzQUi+VzoSVClyAvFrZ5dlUl5NQfR6NiCTj7Tb5quq5pYo17u
1TBehWBG6O2f0WqUmphhpTdgvqu+jFnvw3QjBYoeKLSz7rfoqgs6YOaWDbgrWS2o
AqhaebPKco/aPrO9NL+5xSwEpowuO0Z+3NA443CuaBzb9R/VWIhOfkUe3WMqzae+
0dGsNX5wGNwiB4/x4Y6hI3KvH5spNwiWVhbcUNU3jfUuF+JLI00G3Iy2O7XM27qZ
lN/6jB2RMiFJSNnKMkbFAyqMvlvshIxR5lZ4aaLoQ3ILlTKtkuKBbGGhJXTCWQYV
TdvnK1UwHq3TearynPigoDQwj45Z8SckFomkQpG5eL6Ypq3hj4AFU9Kv5aj3kzTf
wdN0BnxM3UABfrFk6dUZTrgI1csJbowHIBfCuzcsarfIbhEZhg+zvDVW7cfzjTk9
I4e5/dx4Wz4IGPKN/8iDSdzavLwG4508GBtnx1yM/gPAZaBmStyGDWlDC//mjDtm
z+jqpZj4kEhLuIdaGoQg69gic7LU3ncCAwEAAaMiMCAwCQYDVR0TBAIwADATBgNV
HSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAJRDqh3Cc66e9a236
ERPQW1c+hnI7vBHFXKR+M1NVwE4pX6cRn1gmch5wVDXJYaYBsQnHbYrZBWfvtOq8
bNweryhoLf3dwhl7ZgIYiofH5TaO+Ju2sevuV4zrI15ussXfp0cHOrJp6AXWtLBU
+nK7uZwsrxONqzf3XA8T35cW8piIT9SHWxv6GUzRoMtx9B8Siw9cuHaokgmJLcgA
CVnU6bKZL5RXQLVIGTalRePhFA62W7bk8tA9fsSkDRCeD87KqP8DQvEVbXLaZLrS
bflIntmbgKFf0LSSoIVsmTEXvdhr+/eQf+LLo3m2pPTQjB5sCJ3Z9KeuEF1YdgH1
ZC/+pVTjOYZ+PZl/clabxYiYZOHODsfrzrHfAPwD6uv4qZ7LPx8/tnSGFRWAM1S8
cyot2aQ78bNdHkoN7LO+C3Jcy5WKg9eX/9ctcFbtlMBgqwmjzG1tMrfWm3bXWx2o
047hcsKnqoi2hcOWGtUMkLSSbqo094Pf6/zVRuSU3WKiQ4SRyQmKnnyLFLWlvQQ5
xuOz4eyEAZX4c6Vf0YBQ7L9KndKJqXLfIFGWDCAiQ60PAzam+aTnqsFzRRZt6Tpu
7B32NgpcSoFauyKreHQG2qgt+/e0YrEE3v2Ufcb0jKd9rIIcLBcrJpoaPbnaAI6B
tvItQ3It73aapJ31L6iNgZ1WLN4=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set password ENC 7DsFjeSm1V6Oiuzhw0EdSQC6FT0IHXlphBhOXIcXfgFv7TgD25uQGcXy2vbAdDNPLIOByE/DcJ6hpIv3dtMqgBAME4jpDe/zGrllaACLFGPfiK2rNW/gFoIM2Qax5N3+T6WD41suV1FVCuGpcRkf/v+AMU0p3sGGAIXsYpKx6ZLPOb3x5kI9WN4FTlsSX7RgHN9261lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBrDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQmH4XoA1x/zzIh/2Z
goVeAAICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQITG1M+KjgKzMEggFQ
dMzqwqaob9YduAs7hTdq/By63HpduOyy/hu5t3OmX94fVQZP94ofrU8hs+q6Lmet
so1kXp/XE7TAG4XsIRI2vJx7oxbNKDc2xTjeYFBxgJiMsox5BNFFiFDAxYn3eiR8
Ti+PDdUQF5k9ndsP9lJUtksgeozRhDvO/XcGaCaAn4bfkGNr9gxxD6xltNzQxKR/
0RhOz/fQn4Fqz5dJ2y3RRqSJCoWBLRg9XVEGceZ5ED+Og2TAz3hUA1i66mcess9K
9yYUXBFvIatZvffjmzOOmz6pGZpRcz0a9QuAtcp5tCmtBhVWz+BUOFHIPnRybze4
RrUUVG56Nof/V2spWPzLo8ypaNWtPmWUgTkszF4mTY1TtNlUXepPtpHWKzhOKS8d
3l81tdU1maYIGwIiPMVr6qv/Gk5ZClUl0Nyr7mxfuGzganq8Xv2+/1kVQVv/1QG+
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIDnDCCA1qgAwIBAgIITu8tuSZ16aUwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yNTExMTQwMTMwNDFaFw0yODAyMTcwMTMwNDFaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQDxE4oFTS0ubKpRxTB5sHlo72Ak
G9eMqhJ2P1/x+oGmD6dx+YWDtaBLGDRhRVHmW8Ig/lJpvngPBoKZ9NwlOedsbVWc
rm4dm351kvYBJfg9UjRP+OTGbJPlF3MrZZcW5QFemfkmI11KIzgQuBdqr31APbxk
OKT60riXJnpapJFTKQIVAPX1JgkZKORHzQT1mtBHGOVtPMixAoGAK1uLf8nex7Nb
ssr717lOU6EC/W1ZaPxdatAGygbsoaqvL9X3i02h5GFEcvmI4X2iSlvHOB1vAyPk
Pu8ef14jnekk5z7VJCRdHQskavJwJ1QR1B69kVIJFFW26l+TKqT6n8qmxPNuX658
3VErZUeZZtBNDb0TarCxw1O0Juswfp4DgYQAAoGAEXnWNsjzqQo39skoERX1qVx9
xI6ZUe2avRKEuDpDn/wUib5Frjrlqx3YkfsJ2pM2+1+morLS4Kzad0V8ahWfHEQ2
j3g6VzDs4ejalbcJmrR+N5PKQrTVidNBajuBNupMxghSQ0eG1QA0Lw8UADmHJx+w
yN0Poz7YDlrH1A59dP+jIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUH
AwEwCwYJYIZIAWUDBAMCAy8AMCwCFEXRd3P0r8/zL2q1F8hBvBtefLYaAhRe3+6n
RZpMszcHuz00adaSCeumXg==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set password ENC lJ+Fo/Fcz++LPxu6HP/egRNIxuRjV8ixk8LDlbuLipzV6/awZEOetqhCxNBHHl9gQm6z2FG9vYGfqM3hHn6FnCbkiJdgHKiNhIeWFIYZv5cQjyxLz8FjDRS2uuW8/IB7uW7P0yi17qGRnSb877Kdk90ugnqsZokf/JStIYoiRh0OxhHyMHfvg/Um+e6NcH+OA0UJd1lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICzDBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQAkg8MtZyZYL2shUK
vCZirgICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIshJa0u5PdsEEggJw
hRbYa4DuUoYTv3YfdvZUmUi7Dv9NeE3qm6eeGFmDSvpLdllKktY8ZZnuK0CE4wkN
BXvG5/KkK5I9amsVNYx0G4/3yJoijwpXUM34G+Qxyx2nOywY9fe+Tp3ZaLa6Z5XR
BmH3TsrPHSlfI0DAuUrXec97FFXsl1elEvNkjpRqfxLCSrWuYVrVJR+yqx+utGft
Dyv17+9gBlJs5yJU+jBJlOp5GA0lEkbw9Ut9CEkKkH2MiqHaTC0ASTEyfc7mzjql
FRK+ZwU3Ub/vyzgOD0bO+XpdAfCIvYRiVA7TywbfDq1tso9S7G3OVQPUvlMtMMxS
jLeunxnA2Bvw+2GMIeq7F65h1g+7Zu7+Gg6NyTAQoYXeW7a5D/H2AqzRDAzlo++Q
anC8TKXC6d4L4yq8dPygC/ilis6ePalGeN6kZBW+9RWw/eDPuF69HvF5K6uGogjX
uoE79btIMgXKU8IKLVqQKoytgW1ZokKgIYgQehFXhfVAm+/oSd7K1A+2DKLe8b8t
AezHhKpCLaUumABM/5QIcwrQUq83UPfS0/QTwFdLKPZwzx1S4BApLTlidDyXPeOv
evB7tDYwRJWMY2XKUIOKGCDwtG2yMV6jYY4R6UMZeAaBb553X2/cN0FKc4gAX1de
b40Flnq2mFytQEcOi2Buo2Z6cQSwnaMOoxBge/tbpVOWfYsXLckpkPhSZnSubUOc
bpJa8PYfeJ7thECIJ+9wYihJABY4zy3XMpD5G/C3W/+MfNMY6ccaazDxzDuz6bQm
MzVqDAywwbIr6+enYTZ6fC6leb00Wmf+VVuh8HmJMXLHpqRiUxLVyW3tERY6Z1i1
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIFSDCCBOygAwIBAgIIG0E2Mj+F5a4wCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yNTExMTQwMTMwNDFaFw0yODAyMTcwMTMwNDFaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCA0gwggI6BgcqhkjOOAQBMIICLQKCAQEA61WmKkADZ3KCao4L/AZjFz58
tC1q2W0NaI+6VfpDy2bBd+/sqwGLPBdtNro3mkjLH/ItrAaaW4gafK96ZBShmMUf
F73xrL+wT/Mtb0HSuDvfYFof3iePiS5REoMWQ7KVOhbrIQIjgxP3kHXlxHd14E11
TN9mVM3gKlLrHawieALVROgsEC4ImBOCbDIAe3pmaZ9dP42itTKHWxjsXbbaveJN
ZTuF+4pzeuZSVsoKzQfQgQ7AH0iQQPqTVgIMxAtsQHX61oqA+BuLSnnalX+FUmlt
e9itHNB56cBrEL1Qiew8XQw3Avbcjf9jYY/cvCOZluw8E3AqCXNkPrK0+Np9fQIh
AP4dA29px4MxDjXiowNUMQ2tx9dyKjTlF/B0fJJidshZAoIBAQDFBpiWHOOJBR5E
i343f4GMs4yW1yZH4+8EY8s+P5USrQ6IfNuziVzVcnDUeBWsxS2mfG7p+BlBJvGy
t1SqTSNyCgqMxZevFx8SeHLa8vwF3t8YSl8gSEprSN4U+KRPKoxTgc/zhzSJAFNw
Qif6ysthDfBaqGA4hYA0O4Tex0Ue8fVmFgqj9TzEx0imSP0wyeyj7r530Gw5u7Nk
6M2Iv6B1lRDnL7VWlNTWQ3usG93HLyFUrDtHbR6UIA/Mnkb3esPzfiqiI2naThVS
iV3BOPD2gVKKPRxK5YGWnv8u4y5q5r1DG2onrCPj3vWOwpWbEgBhQ5LNDri5vd8C
CyQsP6+UA4IBBgACggEBAIWjSG8VQHRXnnrMuHLOGc5NMiJIUs+YNLS07EjH41D8
BDW2EwLW15k08ncXLCYmiK6bHfODFcQ0mSiY+XKefhsf+YAjMyKywOVt49Pn8b+x
qBFvw5Ri6/bl9YAx4gOjrIWAEYjX/CgCjEEhVkMSxjiYrPN/5ObuaC2LWTZNFQsY
WRZig4MFivfPQzXFsEAkTjLe/s5fe8ocVr6vtpjq527AP3R/TX9Oz2vbbFKAVIoP
AUnkmGgBNNwpliY9hBWiHi0o5w2XLnesRZMKh2WTpuZ3YYf07SHO42hfpfTMRyab
TQnOHa//dpjk9+m2gIKE72KQSq8vWtl3RxY6/GAA7ZSjIjAgMAkGA1UdEwQCMAAw
EwYDVR0lBAwwCgYIKwYBBQUHAwEwCwYJYIZIAWUDBAMCA0kAMEYCIQCqxHciNf7/
axdCbb0hhowr/qBaszLxahN1+s3/oaLymgIhANqPdNoihVt71wGs/+5/wHBYI/TA
XZduYvFaQP26BoR6
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set password ENC x9gVCqAiweS+7vDuNc5qkBxworqVgkK1zaslAuxknOJBkuSLOShgHAB4znnaW3/nsqhyyDDGmxHYnoM0GrjaTZQbjigAs9VmYj9+gv0QIU/mcmz32DU2pkrq+X8BMG61GiIjfWxz2ji9+BMwokVFaIuwoucJW9Lo5Aa4DidE197oqgvyd7b8UV3nBxZXdSqBDFGtWVlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIHrMFYGCSqGSIb3DQEFDTBJMDEGCSqGSIb3DQEFDDAkBBA0uI+85Xc6exuhL4Lz
rnLHAgIIADAMBggqhkiG9w0CCQUAMBQGCCqGSIb3DQMHBAgqxRrn4Ux51ASBkMbp
IR4lTbqRZPk+PsFNCtezogFBVApNt9NJQK+ZfGW6MMg1hkzS4kVCNbon0n5cwTpA
H5c81Yw+XZbZIyFO1UijUaRAN3oiPxf+kMCKYMVtxmsW2oVQ2O98cdS3h7pEUick
mPl2+9OYxm7pWKa3OXkaaDCZcfA8gn8hYnb5LYJSxgTkIcKEWSHekycg6B40FA==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICVTCCAfqgAwIBAgIILNW6raUlg+YwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MTExNDAxMzA0MVoXDTI4MDIxNzAxMzA0MVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXxZ/MH6nzGJ8Fe4edYEVjs48
WceypkDVTxMqxP8U6TRk3YjJMfncX1IsaIfFY3+s31nHBkYn2rjif6NJAK7HMaMi
MCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNJ
ADBGAiEA+Tq+595Ky67PA4Z5H145qNL2oBuS0WWqKkD6Qswge3ACIQCe0jlkjdGl
gH6+9449jDcfsbFryxjwxlCWl9mx/3s/PQ==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set password ENC 1yheySJunufVgyx/E30GciFN4PRX90a5MBMtxFlnLKpHmmrZsCtbZXGOKx+CIR1FDIjI0JJxjoDg0pDoTJ2BPbu58cS0GIoZyGkPpxDRMMVs4SPEqf0S7CyFnODlpwuSnRUOqrt8FCqRRnYY5aWZ47tndO0pv21pMe0K/EbBjqXL6mTYYnxscsjpOXgsyvqcWDF111lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBGzBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQuNApMq8kuUSi54f0
BURh1QICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIENYTPeaOc/8EgcDa
pus40mErO+zkb6oEDmi1T649CzmB9MgwPnU4hjlG6ULpUb/VS0Ru2f+k1Ve7KUCq
Qj+NTy6W7Gvk8KQy3VSIls6r1IXK07EyITOeEWdAw+oMabYXFArPu/oFjHQN4d5g
aVltgBA+yWPOOnVAlPT5nRI/8qqlymjZyNluXSUUsNhAVC1x/ViyqyPnFc54NUhM
LMikEG5VHwLcAJVkbJmBQs7ObDU/95suvuClpM8Mu+uQoqCFs7olkbKkEfE9C1I=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICkjCCAhegAwIBAgIIG5QXpCktDM4wCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MTExNDAxMzA0MVoXDTI4MDIxNzAxMzA0MVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEVW+7K239Jc4XxkQBOEwxhPgjnXE6
Rcq4GTx5wmpsOLvGqKrCaVhVT6Z9lktEDYTMnC6OKk+cCyvp/fMoSUzXyYqyF+XU
NhTkZXLCrnBD58Hwfc/RviA9I5Plr+B7zRqHoyIwIDAJBgNVHRMEAjAAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kAMGYCMQDP7ndKMvBDNfWc+LFt
uPP9CfFbSkpVEEvLE62ZwP2BeXdA1csWm0vekFbFSh2/iUECMQC5Rj/cpwHCECCw
GwB0oPXBYv0bs6Hpioo+Dy4nEB91ikwjFUhojQ25TmTHw1IuXrY=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set password ENC YBW80g+D0sG/9zgU0VFXDJQ92M6jpW9TW9bsRTMD/XeooOgm8I4yk66zd7uTe0EiHvYztdyDPjNskOmCNXy5uESXfC5aYk/iuuQZvcYf+P6zvr8Ocw0/GnhDZbGNjf3dA6ASZ+FeS+poKUcDvTFQGHEnuMF1b2tUYfsxOdTeGcxcEWroYtL34zgc3B+L9QiPlrgS1VlmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBUzBWBgkqhkiG9w0BBQ0wSTAxBgkqhkiG9w0BBQwwJAQQ0zBuKzIb65v5TW2X
B7XB7gICCAAwDAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIpRU/5YcYlfYEgfi0
D1X9ByH15fy6EU7GRUSI4+Z4/ymhriHL2brtcQzlVkNzZblyYeJt9DJ4cWuRxDpO
PrUtYk+IBEkENiZCkPoMhBsSumu5XUJjcjp1vtQq1cz7Jlwp4YDOSATM6Z5KvZ9K
zy7tw1Y+PNbOwYU/mELZaJ1CnuMw5MN2mz0MfIBaqYh77osp0M99olacphha8zab
6m5Lcxg9J6WOJlZ1ZqRU+Gbhfbhpbvk3+XS8nKTx9o6oX6NKFgumkrzjib6o4CVw
L2rjNBh8wxcBk96TqFCnzrSSB/2yKlTybaeAYU1gHqUBPIchkErryt/lYXKk8sQt
RgH6nPGntg==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAj2gAwIBAgIIUhWueGMt38AwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTI1MTExNDAxMzA0MVoXDTI4MDIxNzAxMzA0MVowgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBWqFY/hXIuA6B3fE3Q0AINVCk
vkxEY3t9HpxMOqjeMxheL1c6HJf9K2QnC4qUGvCNYaQAr28Df43EDD58mQyXJMoA
WjUtO9toaW6WPeaK9/vcRabISf5cPv1n5tUEKakmYd7rV8YYThGZEJFvlShdTlFr
0bukZ8z+Y1H9YZFbdAmU2d+jIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwCgYIKoZIzj0EAwIDgYsAMIGHAkFLvKG8jXen3dXGnWJhz8rAes/Clp3w
MIkVFEisioof2RjQUooxsjXqgFxAJLSGKk39GE9+DpQEXzbNn3NtAt1DvwJCASGT
RTQYKsLZj2Abo40BunNKX88KPo7zkO+OuLfBxRaBc3VGRdu4qlDSg/LjaXOnAuO5
KmZtc8Ln0iqVyIJn0Xyp
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set password ENC B/JJbbMkSqQB2lLljrOUr2ghHfrwo9F56OxVxIjcHTotRQAYul1cGK/TFNyCC90ZL4Lc8zV6vj4X06HyY0uS6F57qbKcWC62CzRDy8RFJ08CYRF43a3Q1zGTn5UxkLDYaxINkXPm77+HU6icBJVhYRY6ae/BaFWzL8p3oksEMutrZuM293unRKfldaSw9kvzkLsT11lmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGSMFYGCSqGSIb3DQEFDTBJMDEGCSqGSIb3DQEFDDAkBBCuBO08DntXkKMZW9/f
LtgiAgIIADAMBggqhkiG9w0CCQUAMBQGCCqGSIb3DQMHBAjgIs9ktILlhQQ4aPkE
T4vr7fC0smyr3LTaU5xbcfNqxuHe1eUWkIppNPRLNrgiA1HDKezgFxwzxTLwUiYF
s2o3F0c=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICFDCCAcagAwIBAgIITBDvv7P69TMwBQYDK2VwMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yNTExMTQwMTMwNDFaFw0yODAyMTcwMTMwNDFaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAq
MAUGAytlcAMhAOEIJR0IxVpfDEnTkVHVFHWB2dR5y7YWirilObrB3wA9oyIwIDAJ
BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAUGAytlcANBALBY0q7ljU62
aGS4USbjVm27TNYyp5kLKKTxLKaUL1QRbR1i+yMl8BhWXPa1p/f2Se6owVtESFvT
VCBi0GLZOgw=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set password ENC WS0jMkqktbfSJPhqWTEuO6kNbFLDwUBHrwSez+3OZvCjJaKlXjQQOk9mx1bOeslolp5Zlq62z2D4k/+KHSTrm5WB9YrdiLne4/P/JAjSG+Ltzn2JmbMD3mxn2+/KKV2LrIxxdxARp3MdbKq+RrsEzM5Nsne5u2B1inIObJjGZ1WDcJfLC8EtfIZom+FGsZJ5Eg/L8llmMjY3dkVA
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGqMFYGCSqGSIb3DQEFDTBJMDEGCSqGSIb3DQEFDDAkBBB3+7vEcJVTnUVcQ1Lr
V3f9AgIIADAMBggqhkiG9w0CCQUAMBQGCCqGSIb3DQMHBAgcfQNDtGxt0wRQXC99
Ft4YrZMqCNaQzka/nCWMkdQz09S7MuAsUSxIDQKR5PiI2ugJJ7Jc4i7I0ie2kgtM
eEZjweMMQ5Q19nswdOZRna5JbqiEhZpff4vxmYg=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICXzCCAd+gAwIBAgIIUqB2V4LUdhEwBQYDK2VxMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yNTExMTQwMTMwNDFaFw0yODAyMTcwMTMwNDFaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBD
MAUGAytlcQM6AAn6asaIw/7cIyfljXliVKnU3VnxEDZEh9KIbyjEQd6yVnBOs0Ow
ZouU6IZyNgACdgHwjrDrtvWLAKMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggr
BgEFBQcDATAFBgMrZXEDcwCqpxarhVT445RMmBoADOCGxmrRGmvaO48HCXtYJOvs
+EWF9/UZ9i/4hp6oXlDLApSfsfbfxCA+IQBShUUavyPENIKqTos8Wzwy8UG/O0zD
1CcB0l2Yd63XwzGbI2q1duj5Mq7IlVHCZMJaJNePEhdzJgA=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config certificate crl
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set default-action all
set default-status all
unset last-modified
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config diameter-filter profile
end
config application list
edit "g-default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config dlp data-type
edit "g-edm-keyword"
set pattern ".+"
set verify ''
set match-around ''
set transform "/\\b\\0\\b/i"
set comment ''
next
edit "g-keyword"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "g-regex"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "g-hex"
set pattern "built-in"
set verify ''
set match-around ''
set transform ''
set comment ''
next
edit "g-mip-label"
set pattern "^[[:xdigit:]]{8}-[[:xdigit:]]{4}-[[:xdigit:]]{4}-[[:xdigit:]]{4}-[[:xdigit:]]{12}$"
set verify ''
set match-around ''
set transform "built-in"
set comment ''
next
edit "g-credit-card"
set pattern "\\b([2-6]{1}\\d{3})[- ]?(\\d{4})[- ]?(\\d{2})[- ]?(\\d{2})[- ]?(\\d{2,4})\\b"
set verify "builtin)credit-card"
set verify2 ''
set match-around ''
set look-back 20
set look-ahead 1
set transform "\\b\\1[- ]?\\2[- ]?\\3[- ]?\\4[- ]?\\5\\b"
set verify-transformed-pattern disable
set comment ''
next
edit "g-ssn-us"
set pattern "\\b(\\d{3})-(\\d{2})-(\\d{4})\\b"
set verify "(?RAP"
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set qkd-profile ''
set transport udp-fallback-tcp
set fortinet-esp disable
set fallback-tcp-threshold 15
set remote-gw 24.105.188.54
set add-gw-route disable
set psksecret ENC W09iMxxtKfSmX/+3a0ik8NkAJTj0N3lVxjBDVbce92jqDP9N9jAOsRdtlDgib7VoeuTN6s33GezY86uBf8E1sZv5WEblEsm0DChtRX94QdpuOc6RAm3dsz5/WjZsnAF41NLJJbyDLsZWucMjjUjaklXo01qcb7ul4vcG4+M8t8I/tuBROPzSbq38R8uZoJ1Rd1qSA1lmMjY3dkVA
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "CNYWorks"
set type dynamic
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype one
set monitor-min 0
set net-device disable
set exchange-interface-ip disable
set aggregate-member disable
set packet-redistribution disable
set mode-cfg disable
set proposal aes128-sha256 aes256-sha256 aes128gcm-prfsha256 aes256gcm-prfsha384 chacha20poly1305-prfsha256
set add-route enable
set localid ''
set localid-type auto
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-idle
set comments ''
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set group-authentication disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set azure-ad-autoconnect disable
set client-resume disable
set rekey enable
set enforce-unique-id disable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set dev-id-notification disable
set link-cost 0
set kms ''
set exchange-fgt-device-id disable
set ems-sn-check disable
set qkd disable
set transport udp
set remote-gw-match any
set peerid "cnyworks.scsd.us"
set default-gw 0.0.0.0
set default-gw-priority 0
set psksecret ENC 4KAFWFdiiQBgIVFaX8EYZrgmVVEkBeWT8mTOgO6iuim187bLVZuONcpCyCPcznTUcwgyfEH5yZBFiTVKX3LNk+cu32g+kOMwUuK16GLxRCobdphjeTZfPwI0PlgbQfwG1e7BlsQGHwNsp2K+mPet/+VR67Qasit5gmGDWaixoxpYk6rESV9jA1gwXwWImvnKCvmpjllmMjY3dkVA
set keepalive 10
set distance 15
set priority 1
set dpd-retrycount 3
set dpd-retryinterval 60
next
end
config vpn ipsec phase2-interface
edit "SRIC_BOCES"
set phase1name "SRIC_BOCES"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type ip
set src-port 0
set dst-addr-type ip
set dst-port 0
set keylifeseconds 28800
set src-start-ip 198.36.24.68
set dst-start-ip 170.161.52.27
next
edit "vpn-042e9903"
set phase1name "vpn-042e9903"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 16
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.48.0 255.255.255.0
set dst-subnet 10.222.0.0 255.255.0.0
next
edit "SCHC"
set phase1name "SCHC"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type name
set src-port 0
set dst-addr-type name
set dst-port 0
set keylifeseconds 28800
set src-name "SCHC_Local_Subnets_Group"
set dst-name "SCHC_Remote_Subnets_Group"
next
edit "vpn-0fc50345"
set phase1name "vpn-0fc50345"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set diffserv disable
set protocol 0
set src-addr-type name
set src-port 0
set dst-addr-type name
set dst-port 0
set keylifeseconds 3600
set src-name "SchoolTool_Cloud_Internal"
set dst-name "SchoolTool_External_Range"
next
edit "vpn-0403e61"
set phase1name "vpn-0403e61"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 16
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.48.0 255.255.255.0
set dst-subnet 10.11.0.0 255.255.240.0
next
edit "Highstreet"
set phase1name "Highstreet"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.0.0 255.255.192.0
set dst-subnet 10.51.62.0 255.255.255.0
next
edit "Highstreet_2"
set phase1name "Highstreet_2"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.0.0 255.255.0.0
set dst-subnet 10.51.62.32 255.255.255.240
next
edit "DPS"
set phase1name "DPS"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments "VPN: DPS"
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 43200
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
edit "RAP"
set phase1name "RAP"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 43200
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
edit "CNYWorks"
set phase1name "CNYWorks"
set proposal aes128-sha1 aes256-sha1 aes128-sha256 aes256-sha256 aes128gcm aes256gcm chacha20poly1305
set pfs enable
set ipv4-df disable
set dhgrp 14 5
set replay enable
set keepalive disable
set add-route phase1
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set single-source disable
set route-overlap use-new
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set dhcp-ipsec disable
set keylifeseconds 43200
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config vpn ipsec forticlient
end
config system evpn
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set strip-ech enable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
edit "DNS_Profile"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
set options error-allow
config filters
edit 1
set category 12
set action monitor
next
edit 2
set category 2
set action monitor
next
edit 3
set category 7
set action monitor
next
edit 4
set category 8
set action monitor
next
edit 5
set category 9
set action monitor
next
edit 6
set category 11
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 57
set action monitor
next
edit 12
set category 63
set action monitor
next
edit 13
set category 64
set action monitor
next
edit 14
set category 65
set action monitor
next
edit 15
set category 66
set action monitor
next
edit 16
set category 67
set action monitor
next
edit 17
set category 26
set action monitor
next
edit 18
set category 61
set action monitor
next
edit 19
set category 86
set action monitor
next
edit 20
set category 88
set action monitor
next
edit 21
set category 90
set action monitor
next
edit 22
set category 91
set action monitor
next
edit 23
set category 0
set action monitor
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet disable
set safe-search disable
set strip-ech enable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set use-extreme-db disable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set agelimit 0
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
set lowspace ovrw-old
set destination disk
end
config antivirus exempt-list
end
config ssh-filter profile
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
set web-flow-log-encoding utf-8
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
set blocklist disable
unset allowlist
unset safe-search
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
end
config webfilter override
end
config webfilter ftgd-local-rating
end
config webfilter search-engine
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
set safesearch-str "regex::(?:\\?|&)u=([^&]+)::\\1"
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
set safesearch-str "case::google-translate"
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
set safesearch-str "regex::%22screen_name%22:%22([A-Za-z0-9_]{4,15})%22::twitter.com/\\1"
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((|yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "yt-video"
set hostname ''
set url "www.youtube.com/watch"
set query ''
set safesearch yt-video
next
end
config emailfilter profile
edit "default"
set comment "Malware and phishing URL filtering."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-iptrust-table
next
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-iptrust-table
next
end
config virtual-patch profile
edit "g-default"
set comment ''
set severity info low medium high critical
set action block
set log enable
next
end
config wanopt settings
set host-id "default-id"
set tunnel-ssl-algorithm high
set auto-detect-algorithm simple
set tunnel-optimization balanced
end
config wanopt peer
end
config wanopt auth-group
end
config wanopt profile
edit "default"
set transparent enable
set comments "Default WANopt profile."
set auth-group ''
config http
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
end
config cifs
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
end
config mapi
set status disable
set secure-tunnel disable
set byte-caching enable
set tunnel-sharing private
end
config ftp
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
end
config tcp
set status disable
end
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log disk setting
set status disable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
set web-svc enable
set webproxy enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
set forti-switch enable
end
config log disk filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
set forti-switch enable
end
config log fortiguard override-setting
set override disable
set access-config enable
end
config log tacacs+accounting setting
set status disable
set source-ip ''
set interface-select-method auto
end
config log tacacs+accounting2 setting
set status disable
set source-ip ''
set interface-select-method auto
end
config log tacacs+accounting3 setting
set status disable
set source-ip ''
set interface-select-method auto
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit disable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
set forti-switch enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set extended-log disable
set local-in-allow enable
set local-in-deny-unicast enable
set local-in-deny-broadcast enable
set local-out enable
set local-out-ioc-detection enable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set fortiview-weekly-data disable
set expolicy-implicit-log disable
set log-policy-comment disable
set faz-override disable
set syslog-override disable
set rest-api-set disable
set rest-api-get disable
set rest-api-performance disable
set long-live-session-stat enable
set web-svc-perf disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config system pcp-server
set status disable
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
edit "ippool-198.36.23.251"
set type overload
set startip 198.36.23.251
set endip 198.36.23.251
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.252"
set type overload
set startip 198.36.23.252
set endip 198.36.23.252
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.253"
set type overload
set startip 198.36.23.253
set endip 198.36.23.253
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.254"
set type overload
set startip 198.36.23.254
set endip 198.36.23.254
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "NTSS_Outside"
set type overload
set startip 198.36.24.68
set endip 198.36.24.68
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "Nighttime_Outside"
set type overload
set startip 198.36.24.191
set endip 198.36.24.191
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "MailOut_Outside"
set type overload
set startip 198.36.22.227
set endip 198.36.22.227
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "SBC-NOC-Outside"
set type overload
set startip 198.36.26.37
set endip 198.36.26.37
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
edit "SBC-DAN-Outside"
set type overload
set startip 198.36.26.38
set endip 198.36.26.38
set arp-reply enable
set arp-intf ''
set associated-interface ''
set comments ''
set nat64 disable
next
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
edit "vip-ntss"
set id 0
set uuid 019d266e-8aea-51ec-5a6d-3ce1e812fbc7
set comment "SRIC BOCES Tunnel
170.161.52.27 (SRIC Server) - This is the source address needed for the tunnel
170.161.52.25 (SRIC Firewall)
description Eastern Suffolk BOCES access to NTSS.scsd.ad"
set type static-nat
set src-filter "170.161.52.27-170.161.52.27"
set src-vip-filter disable
set extip 198.36.24.68
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.48.68"
set extintf "SRIC_BOCES"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-scsdess"
set id 0
set uuid 4cc237c2-3814-51ef-0f22-8f9cbd1f5422
set comment "ESS"
set type static-nat
set extip 198.36.24.100
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.140.14"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-applecaching"
set id 0
set uuid 4cc32e34-3814-51ef-54ec-fece8f0e63ff
set comment "Apple caching server for managing Apple device updates"
set type static-nat
set extip 198.36.24.57
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.107"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-DC01"
set id 0
set uuid 4cc42b40-3814-51ef-cbf3-ca98747ea836
set comment "Domain Controller for LDAP"
set type static-nat
set extip 198.36.25.45
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.95"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 14
next
edit "vip-tableau"
set id 0
set uuid 4cc52bc6-3814-51ef-cf97-1d0d949ddbfa
set comment "Tableau"
set type static-nat
set extip 198.36.24.61
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.140.12"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-ns1"
set id 0
set uuid 4cc618ce-3814-51ef-c89b-024f2f4a81a1
set comment "DNS External"
set type static-nat
set extip 198.36.22.245
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.48.45"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-ns2"
set id 0
set uuid 4cc706b2-3814-51ef-18c4-e5899f7e11f9
set comment "DNS External"
set type static-nat
set extip 198.36.22.19
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.41"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-webhelpdesk"
set id 0
set uuid 4cc7f892-3814-51ef-7018-37ffd3853699
set comment "Web Help Desk"
set type static-nat
set extip 198.36.25.20
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.140.6"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Airwatchapp"
set id 0
set uuid 4cc8cf60-3814-51ef-1af9-2acefc11dd3d
set comment "Airwatch (Workspace One) MDM"
set type static-nat
set extip 198.36.24.56
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.140.9"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Webosphere"
set id 0
set uuid 4cc9ccbc-3814-51ef-91cd-a46609fda116
set comment "SCSD Website"
set type static-nat
set extip 198.36.24.16
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.140.11"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Neutrons"
set id 0
set uuid 4ccddf5a-3814-51ef-3e3d-ff4174850fb8
set comment "Address Lookup"
set type static-nat
set extip 198.36.24.210
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.210"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Barracuda-Archive-2"
set id 0
set uuid 4ccec60e-3814-51ef-cc48-1f1992586cfc
set comment "Barracuda Email"
set type static-nat
set extip 198.36.22.229
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.17"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Barracuda-Archive-1"
set id 0
set uuid 4ccfca7c-3814-51ef-5463-b9aabcab7272
set comment "Barracuda Email"
set type static-nat
set extip 198.36.22.228
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.16"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-hybrid-email"
set id 0
set uuid 4cd2bade-3814-51ef-b000-fcd64653853f
set comment "Email"
set type static-nat
set extip 198.36.22.143
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.48.49"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-sbc-noc"
set id 0
set uuid 4cd3887e-3814-51ef-dd48-07aa68d5f442
set comment "Ribbon ITC NOC"
set type static-nat
set extip 198.36.26.37
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.150.21"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-sbc-dan"
set id 0
set uuid 4cd45ae2-3814-51ef-0822-d90db6ed1249
set comment "Ribbon Shea-NOC"
set type static-nat
set extip 198.36.26.38
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.150.22"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-PrintOC"
set id 0
set uuid 4cd61d78-3814-51ef-8af3-e31c8d493648
set comment "Oracle Printer"
set type static-nat
set extip 198.36.26.119
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.219"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-EMS"
set id 0
set uuid 14ab8176-bcb3-51ef-1b1c-bed2b8e8c1c7
set comment "FortiClient EMS"
set type static-nat
set extip 198.36.24.202
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.22"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "VIP-411SQL"
set id 0
set uuid 70cb9d36-004d-51f1-609a-db361556f6fb
set comment ''
set type static-nat
set extip 198.36.24.225
config quic
set max-idle-timeout 30000
set max-udp-payload-size 1500
set active-connection-id-limit 2
set ack-delay-exponent 3
set max-ack-delay 25
set max-datagram-frame-size 1500
set active-migration disable
set grease-quic-bit enable
end
set nat44 enable
set nat46 disable
set mappedip "10.1.40.225"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
end
config firewall vip6
end
config firewall vipgrp
edit "vip-grp-barracuda_Archivers"
set uuid 78e4ebf6-3814-51ef-da75-f835efea27dd
set interface "outside lag"
set color 0
set comments ''
set member "vip-Barracuda-Archive-1" "vip-Barracuda-Archive-2"
next
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set password ENC o3a+0Od2zxKhur7LEKzG72jfiRF9QjR2TPnSAWxl7HRrn/D95SjrMhLT031+aqDBuTTkN8ssnBiV1nXtS1or5WHOCHvwAxNr1luSryEY6wztzUmynxqgB63D7BL5wlhMJZWXnrZYAcTyBk6KDULY/SntQPGTp7ZdqMRMNaxgBM+y7tPDn6ssBWK+IhmdBMSGyKMGEllmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBypmbjTc
a0J+ZF6cvCHMf+AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgPcq5MxNbzOxndxJS
12bc0rXsPf9EAsfSDsXa8lqcgjzIoa07Kv+NyVj6O10RiUedESmKZ87ZJ9sKZRitei902Q
JzO2awy+vx1sbi91P+EmOucuFCYnqMXmZf3bzFakYIJajshSQ8X3rnz4rW4tS8dLb8mlNO
N8QSLQtbIbOupMenxyvgms/8++sWnNW5Yp62f56WLMNjIiANEoAx/vXrnprknsuzvE+J30
aN+SDYXmk3XtUK4fxV57bD/kyUZFU3MWQ8wxhvI18nV9N96kDTe3iXDWddiNP/kyGa5IB+
UOcWOfdbQjKHyNPmEcoRcLsxCaj4/f5mRo+eYuMQwPuPipTPWpl8R6dybVtQzIb4RAT4b2
WoaCaCFdlp60hJqTc8izWTrrFdRH0/qibev4qHjWxSJyqpVK9P/dDbYoAOD4YunFVTLx2W
vob6ZgH/cOQR62ckJZ/L2vHN5HY6iA0efxK/Q4YqZg/eV9qba/V3gxKYXt8KDenedgAQWE
1/QS3xB4el1jqPoh9UvcUOBxKPPrGJC2q8Gj7XyHZaQRgmvNBC+1kJMMEHehyepYAcM/ZQ
gdryAMrMLLplBl90qNJhnHen75PqMLjWuRPLG3RXg/KoDad8x+SsB7HD6dr7gvVW
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC NsZ+6EbCLAKdDw3rgBS4oBM6yrqOcp1rCz4VztF44dqZCHMnxg/g8yxXb0ha292/p3kaeNisUwV07yXVugyHqj0IPCLKyBF97sZ/bvFhT7QegBDzhjdXR55UDfzZ+SW8r+JjK5/cIZ/b4cKwdidNwm/IQsPL6YZ/OtF9bM0+/BKoAZeA6Se7uxeE7rSKc61w1jQhC1lmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAJnnHX+2
4NGSH8grshZ3NHAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgw+Ym/FKhTLBOP0BSgxrBpSIkhJuSdqFT8tGA
6YZ7mbXHUq83wdo8rXXX94lXz6F2MpRWj1Qz3oYeef0+KMdA9bxA/tTF6Y2q8iAaxvVogr
OjVqE8ZPdKaacnYoGJfyrm7ykBOtYLNMHA7m3E0VRWqDO+kf1mfAB2CkVt8FRyRuIIWD2k
khT3/QlDuEzZOw5X8oeUpRvsg2uIirnHXzo0kg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC 3NltSXo1wvEyyk85lDtrdZggoCsZQgZ2SLCgNz7MtvvWwmYviP8uOex8IvJvomYgrzAjAdmdubI9wdfyHd8hT4okmOOEotKiSAcpUKQe8BLQGLFId/QB2kaHvGe3lAgkMPxOCwFOKTVqtzpeNtWpgnyJVLStwoFMWd9HcNQiDGyKWexryjAfcm9cYrr/L02f3gNS1FlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABC+zQ8kPT
o09zCx4x+reDCxAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANDyZkFO6hxgRI1mHP0dNYvR8NjZ37kxPAU7t92H2SPcUeNxKotupBwT+eQOgaABuM
F27Wq/rSNDj9lYf/1YGdLwrNHTOq0dhfkuXxYjA6bnV796Wjxy23qlPfOOTqGi2WRp08T4
rBKqJCWaKB0uAw0wHfboZusq8s5TNv02rFuDi7pdYyuieXH8uAm9v/Qqap8O5KFQWBMtta
oThBjC6chG/BPBWJITnv0xp1IzQvGzAoqw6LrarFab2sNg8ZUQ8H/zSDQMl/IkmaqcTCcQ
w0FQ
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC m8BynV62iP7zMOpGfjbt4BoURE24GXH/sxuHtVsikcL/rQZfqpE0SL3ofEOeSJQq9bJOJ0iHGgdw8++MVxyRPNPDptAo7G5cZfR7Ky1bbKpSULzdqJXO+GUGuVXnqu2pihqb6ns645E7OJyeCCSBFQr7o1xCSDeHOjkpWstMiIrr4QNigA7fz/jfZeg/+CyrqycyV1lmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDS8kak8L
1rwlvEOdvQWLQYAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC1iI1DEoCwhBhdTL
b5xCqUFFMecy2kCF5w7lvDzAP/UaYkdy5GhG/LQkchMv/mpG5XfwxjK2Y+5ukA8BRZkhGP
pzaw/XDfQkC4scFvgcZp6WJWNeAtA0lh4b0Z9HxSSvW14n8KQnPFitbhiSQi05gx17Cl3I
aoROyH1Gu5nvuzm8l/4XqLYEh+1RzoLci79uLNElmmLRbYaW8+JitBbhaUYaQvUyNVgjh7
2QoWZ9nlCyNNtwb1VOpGhEuIgkwALFFJ0T3kN3lASQvxD/9PSOBYw6S5XlZgCUE+S/0KT7
aYcp1Zejcx4Y4zKiLI/qnePIdNgODN4AfryRjOr82Bqvtj
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC j/TGhlhA+SKDX6MDZzGxKObs4ZC9Pa1dRzHSRg4TOjfPDi2evqJGhJ/rtNi9yRmKtn+ZmW1Ve2yyoplqz0nmFN6zqtcgnOjfGVxi7jZoE9QPbK/zC3ydZIFrVkwlOKH8QlpNbnPWWL6pwEiAQ6GrGu3bscsPY5j/KNXa62ZwoGfyOF/iuaOE8kOqnlJkEZiwxpfXellmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAftWLmq6
/OF1c+PfoL/4sXAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkFPoYrXMatI9ZH99ZAjPIKVIpT5cjdOwJeijI/
OPYCqBNvKXpdRm7585HKL0726V5IVP+flQmxNPn6HrM+ywQzk8XF44XPX075Y3tBWxlp+d
DNxjyNBDTbr6KT3amRi1XPELaGgRa8q8ny3jlV87HVg7s51xPOpX2+7DmlVUj2XGbRN3PF
R/9DUU0xm5FQSx9Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set password ENC o8SXDCjDv5bhZQ7qSALyjblTBnCsXeHSIv4IC2xMTk5iuX9Q0070enlFDkWaXAsISSwIhENsUNEan7lQsZJ1eqv9i98CgnfeloBfsN3YDB3RFh/k1tw6BGGvIUUzo66nqR8Q/PQtOdyq/82p4UiLv9kQXW/UGYkxBbvpM7hbWKtOVvQVpJy3Gbaby8lT4D8K5RenIFlmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBo/gd4oL
kgSUkBq3ej5qfBAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwG8Hn7+wcx+2g/
DBd+w/BFTUw6hpXLaiqN9Pn/zjfGf0cFhksyEbKWSizkmYIIDsZxEdd4xjU3MGXxz+TZOw
oLJlKBrbXo48XNKKaPnUiklSJO9nIBaeSzE3Ktzefwhgjxqtv8Xr9+Wt8mX0Bwva7uc5qD
Uk56UddxKbLDUGZxKAVQd2x7D1NeQeOXY3MOLMquQVz46mpm27zXG68eA1cavL9/0APY6L
BFyopmg+O0V9xQ6hAl+n+3Iv6hemZPD4UwtFueRmDGbWON9pZs3qc+/K1yVLbSWkE9e5la
v1LsXUhCu8nh1tQJhyzzszalzCZJt/o4hOq7+Sj53/Hh0EhS75QDF5VcZS0UbN8EJKv8B8
qSrbgGLGu+yy07HAiKdGsDSvGZ20LtHMLa3J2pnn2YIySsm7i3KivlWUmtmCHLXakLRGd8
1n8rbtnPpB20hFkfdVvoltYponuFgqTmGgTIB0Tk2TqPeo339BWVI2VN8MliPEljAWHLwv
A1RVgwUMR0lPzhArBx8Nr+Yuui8srsJb9NiI1OrjDS3LohdwcpM+6RLHQI+Q8u8vdvm1q+
mbB53HQoXD6gNIpsgLPzX2Yz01EFGU/gSq2CmgtbdwUwrX4Eugk7FI+kdbxAD1R0hJ5/f4
/2Oa2/sMEbAM8WzZplSILXLiHyiNXjUiiX7sXXZHrm3+7KmGhduaG788TR5Xn8mwq6aFQn
lDIMDKFFyvHMDaSd8JKJJ0xeve1NujnkySfuWoVWs641N1wKA49Jx2Tv5GkrbACDXAsB5j
Uzrwc03Vm/ueKN+Hr0yMaNXGYsPeJA4EQ1JPO7h0Eaz7GuZr45Yddy4QI++NssOPUFEttn
r6LDHqtIGUhLMte3nkpaMSgOpTYDp6RfQwSvdhqRZEjJV9j+uORyPZ9p5RbzK/aQ03KmtI
rBOXENdynU2AZ+mWGqx+Ba+glQ0VUyx9qMSFrpmuaxOMk2qLiQRYfcNTJKomEGqKfR01gK
TCe/PwV424rYU59+b/1VjzlerBBA9ZKQsgd9doWnRj7Vaho0LXD4TYP/1X00lSPHPxo7sQ
kx2L4GOhlmjW/EuNcAuH4JVx2EukeYXilURBqT5ynqmMT5Fn/Lh6lFXrBI6AtTrYKppDkH
bxzeQyDmqH/+37uRMfOTbMw8H1j8UgjYz4w87cL9OpBtxvGT5tKGxv342W1maVg9V/zyoX
XAklV0exTBtdVLtZ9oznPeXZYan2G1N2+GVRfIkD/46eVBDh+gKdtM3tBPfSLy5/CkocyJ
uVkyzf5Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC GGk+RBiB8iqvCjU/2+pjX8dragRiTYibzMghC7VFNbIntQqxMuEQzBu1N7BQYCDlRhxvrWmdnh/9QDlhCbdRMDWFLTbhNnZxVMQmliQJ2ZgRT2Fo34PBAvhFCKTSM2cTDcslC2/lm+kFnW7oJj2G/wutjuKbna5MQ1W7eXFFSCf81+fpvAgaEo7nzi8TNjTP14+l2llmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCe9OkyqK
bHnEspFw92ylsIAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNLbXIbIIXxPwP
HidV6hinRBnghAfhYWpHcrFlcYmNmaUPth6NjMdXaNf9cspDtBaqqGZioNKoF5fYq6R3Ij
kRUVQKfOBGdmUCbIDjg8TTKVTNRPg0AEcmf2q92is0kKNFuuD+t1MjtEfKn6iSZG28AmKt
vYVCUxZgWBEQfnEEkXbKtrnf9G6ZBPOicb1Rz2fCvMHoLdrGPY3snJUxerrtiutsN1vKaU
UTgajUeGxX/QLAffmZY67igQHSilUNC5Fm8rOwbOecA7tX+UFmrw5uFUKsPWCYundenMlv
yQoqqj4bZwOBQGR8bExzKKD9JZPz49Ssh1Mq7mujRQj/x8tg5UAHE1npU1ru4ttyTzwYXN
3XPrztPBNnGCZgXIFfe+WPyf+9qNm9LGeoW+zFAXEz5mzuT13bLxbR2NdO+tSZ2cZy9pLe
mi9wv3ockj4MFXwfc+mku0fL/KOxeMe1Yx1btco8Yuep8DGGfL14U8EztxUyFiv8j1whTt
521GBEn4q89/RBPObQc1jd7nXYX087soSxgHKoxglf29T7YK1NEmnPRBGzC+aKeeZBYQPZ
IqKQPveVlWvWT9pbGsVZ+yub2nDw84F2Qiu+L66XCg5pq2w6OjJL4AyubFxNp7rphAi8Fw
VwFvfQ6qoavhY6aJKUUrRpfyV+HWixgI+OIXgxrSUcTr+PgVK4eZoHL3ZzBCMsJhs+8AbM
QQbuoGO4XDJ4D724ob/dctUSH024i7Mv6GXJQyXrKSNyvR5AtET2vilHR0obX+Rd2Q1zgH
mu44udQXI9G8FkiObRXMSGMV6xMzBOnWTmuPLqK1JqBglZAWBocksGtOadkFoZmNmTg+os
KxW9HfD74A/CbsxrLq3rDttEVKzlvMK9PRq6nMWz+8w5gqCKT2X0hYji0RE5XRDzHuuKnp
unwwKHmHSCvPv4jdfF+QO2dOW7uzrkElDK1QvNPmX1UJ00r+prLK6WbAPdiIpU92/8A8q8
pwkT6c8vbIE0xeRK2nlXUKGfbnNA1YjKX+32o/X49rBF3ZCVpcFU7YcMUPN6KCmT5IM1Xr
PVHBllTXN3ZfDzaqctKQOvgbMh9WlVxrdguDuYG0VODtu0lqXuMumhEB9NsWhn/aytsOGZ
B5y1cAkYzdKDqQ9/7STY9bGQdI02frmeJkkE1tp679zf9D0+5QlsQoZUCrE6Kc3o8lCkN0
PECIwXLHQF46kFqHJqIb4grsZmwFCaag04taOUNLc2XquI8FR4QwfxhF9e2asPOimEX+HH
z5pBOEFg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC 2pHx8p82Qg94gAngncsBnDkGM+uKBOY4SrYO6lH+DAb1Kavt1WjxjpvJXVkk3+JqCNG+VQUj0vanh4NgyOtplq3BgzNMkBjs8QXZmwna4MsEo1DJ10/zRAKfA+lKJn6BDqAeodqorKLknzxnkaf9Ke8ITVAnAmXXDeZscf14Fla1DMkP537uL3JaFRIeDBy1sKCLM1lmMjY3dkVA
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA8lX3o5y
IRRJVeYT/K67DKAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwBltk9S5Kr4OWl
m0gmDKx88sf9Rxff/zIaP4hMK/Q7VFCAaR6C7Vg5M83XewcX8K4x89Ji96WyWN5ceT/I0p
0n4n8ZheTgDqOLAaxxlp6iKLbeIirhyV4gelhpejzbL2qWE5BaNwI5CB4dX+1/P6+W4KWo
2+c46NDgAwJRb1SzOEY4vFDnoT5+PrbP1Sq8kJt2C4fPtxu+t0aUx7etoJWpY9Ox5MOMxS
xLPg26vQG87tfjjiuorqIIAVF4udvNN/vlbcLyC0j5fuLBw366GSXjpiZ0rreacILTQWj8
I/CG9XNbSPbrSHkBEORmFFDKU+CUoCnJEfkIy8XmTcczMM1kcG+jrSKW2tihyFPBIp2BPv
fYfohyy3U/RLVlxCQ+nU2Nw+8weZGhiGa6iSSCT1Rm7So/M57TMzx/R4pX7SkQT1AosGlI
ix2oO/q7wCzFu400JpPOAFlr/gBXa3X4WMsxNMdMMMoFc0Rjp+BecSUAwKU+8Doc8zlPeu
dh+jXjd2aiZY+i7T+4YFrQqIdJh8ITIHdgs2yJte63n5ZpV33wa2f2pvnwMY6rBUy7S6oA
GruPSkFBw85c1TlfgCjYzAaMLAbVvbvfG54mU3fj4+3wOKs1F3OmnJJrkJtiqlqjH7d3Sj
gCELuFGoLMoub4TIY9y2eOcWXknFcm1+zC4ALA3/6ppm4LeUaVpEGsWzRMHYzM8A+zs2m1
ihKVcx4NS6/0kup6aSxsczmvpmMe11HrWSSgIJzycbXPBL+q5Lgs7WDAOrdje9ZUJcWimQ
oIjfRZ+3fqBUuLyCDvkYV7aJHc9jGIz13KUgVWR9fJZVtqn4xYrePc2Wnt8xv6M8vsQVtG
H/Fu+2V/NtH3MPe8J/Cap9Dzmng8zcG4Qy+13/9ceIlrsP19+ZMAMp2m0soZZpRoqNBd2r
9vfAblefXbZLF+9YVM9Zaoj6aufOATqcKzaV7L5QXibI7a3TZA9bIWm8Yuu6NlagezFI9P
X9dkbLiKhClKwX//9uvgFhtDOuQuRuesVfUsMzTSXiNC9fPt3fvaXDtbLekpIEWb4d25nC
P3CKJBkqobAMe1+vzBdZhXmtHqYkSWZqjBpBe6w/drAztDf6U63BN8NiP+pyl+v5im8mhI
Dc6TloAR5Cv2MCEPnGcMib5Wc/eYQdRYfBb8xWOyz1RH/orsFnAbp4AMCmN+s1tE+E/rnp
gX5ViYVkWP9e/9P0MpNR4Dkf9rrdqTH1GE0tkK0EzC8Aq37YzQku74X5I2ZhDHyhAfpSY1
mZKazIyQ==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssh setting
set caname "g-Fortinet_SSH_CA"
set untrusted-caname "g-Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "g-Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "g-Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "g-Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "g-Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "g-Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "g-Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set tunnel-non-http enable
set h2c disable
set unknown-content-encoding block
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set verify-dns-for-policy-matching enable
set block-page-status-code 403
set retry-count 0
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status certificate-inspection
set quic inspect
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set encrypted-client-hello block
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status deep-inspection
set quic inspect
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status deep-inspection
set quic inspect
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 2
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 29
set type fortiguard-category
set fortiguard-category 31
next
edit 30
set type fortiguard-category
set fortiguard-category 33
next
edit 31
set type fortiguard-category
set fortiguard-category 25
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 33
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set status disable
set quic bypass
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic bypass
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "custom-cert-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status certificate-inspection
set quic inspect
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set encrypted-client-hello block
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "SCSD custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
end
config https
set ports 443
set status deep-inspection
set quic inspect
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set quic inspect
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 2
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 29
set type fortiguard-category
set fortiguard-category 31
next
edit 30
set type fortiguard-category
set fortiguard-category 33
next
edit 31
set type fortiguard-category
set fortiguard-category 25
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log enable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log enable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log enable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log enable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log enable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log enable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log enable
set severity high
end
config main-class 90000000
set status enable
set action block
set log enable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall ssl-server
end
config casb saas-application
end
config casb user-activity
end
config casb profile
edit "default"
set comment ''
next
end
config firewall profile-group
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
set proxy-auth disable
end
config firewall policy
edit 89
set status disable
set name "Country Allow In->Out"
set uuid 05771906-3813-51ef-9ae4-5b1b9f3b263b
set srcintf "inside"
set dstintf "outside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "Country Allow"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 90
set status disable
set name "Country Allow Out->In"
set uuid 1e43f706-3813-51ef-b6bc-56506e6e3955
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Country Allow"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of NVIDEA_LICENSING) (Reverse of NVIDEA_LICENSING)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 107
set status enable
set name "NOCTI In->Out"
set uuid d3d9d38a-d9b9-51f0-7be3-c41f10630784
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "NOCTI_Inside"
set dstaddr "NOCTI"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow nocti.org"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 121
set status enable
set name "NOCTI Out->In"
set uuid 73a15794-d9ba-51f0-b3ff-a11dfaf6bf75
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "NOCTI"
set dstaddr "NOCTI_Inside"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow nocti.org (Reverse of NOCTI_In->Out) (Copy of )"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 109
set status enable
set name "Block Countries Out -> In"
set uuid 1e46053c-3813-51ef-a099-ee00ad8666fc
set srcintf "outside"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "Country Block"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block specific countries"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 110
set status enable
set name "Block Countries In -> Out"
set uuid 1e4783d0-3813-51ef-c29f-57c919281f23
set srcintf "inside"
set dstintf "outside"
set action deny
set ztna-status disable
set srcaddr "all"
set dstaddr "Country Block"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block specific countries"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 10020
set status enable
set name "Deny_List_In"
set uuid 1e493afe-3813-51ef-31cc-c7c59e4d9320
set srcintf "outside"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "Block_List_Group"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block Known Attachers"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 10022
set status enable
set name "Deny_List_Out"
set uuid 1e4d29ca-3813-51ef-9c3a-2b6c867c6ef9
set srcintf "inside"
set dstintf "outside"
set action deny
set ztna-status disable
set srcaddr "all"
set dstaddr "Block_List_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block Known Attachers"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 112
set status enable
set name "SSL_VPN_FULL"
set uuid 1e5363e4-3813-51ef-ed9e-10d784be3c77
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "IPv4-Private-All-RFC1918"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "SSL_VPN_Full_Access" "FortiGateAccess"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Full Access"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 59
set status enable
set name "VPN_Security_VLAN_70"
set uuid 1e559150-3813-51ef-fb50-64b54c81411a
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Security_VLAN_70_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Security_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Security VLAN 70"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 78
set status enable
set name "VPN_Access_Control_VLAN_72"
set uuid 1e589026-3813-51ef-e0b9-2cd69f4e1347
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Access_Control_VLAN_72_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Access_Control_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Access Control VLAN 72"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 63
set status enable
set name "VPN_Hyperion_Servers"
set uuid 1e5af000-3813-51ef-0521-99dbeebf21a6
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Hyperion_Server_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389" "HTTP" "HTTPS" "TCP-19000"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Hyperion_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Hyperion Servers"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 57
set status enable
set name "VPN_Website_Server"
set uuid 1e5d760e-3813-51ef-992d-b1002a280d18
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Webosphere_Inside"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389" "FTP" "FTP_GET" "FTP_PUT" "TFTP" "Webosphere_Data" "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Web_Servers_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - SCSD Website"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 58
set status enable
set name "VPN_DayAutomation_Servers"
set uuid 1e5fd476-3813-51ef-9dc2-dcf2d76f7fc9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Day_Server_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389" "HTTPS" "TCP-6502-6510"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_DayAuto_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Day Automation Servers"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 80
set status enable
set name "VPN_Auditors"
set uuid 1e622596-3813-51ef-dafa-742edb3c77c9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "psprdfin" "psprdhcm"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS" "UDP-3389"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Auditor_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Auditors"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 66
set status enable
set name "VPN_WebCRD_Server"
set uuid 1e66bbec-3813-51ef-6224-b4486eb2d0fd
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "WebCRD"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_WebCRD_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - webCRD"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 69
set status enable
set name "VPN_DocHolliday"
set uuid 1e68d99a-3813-51ef-f506-85c179825d09
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "DocHolliday"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389" "SMB" "HTTP" "HTTPS" "PING"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_DocHolliday_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - DocHolliday for Katapult User"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 105
set status enable
set name "DNS_FOR_SSL_VPN"
set uuid cba12b4a-b660-51f0-96eb-7251706c8087
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Domain_Controller_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_DocHolliday_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - DocHolliday for Katapult User (Copy of VPN_DocHolliday)"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 120
set status enable
set name "VPN411-Web-Portal"
set uuid f7898382-c566-51f0-4476-dc6d9bcb9737
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set ztna-status disable
set srcaddr "all"
set dstaddr "411app" "411sql"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "Web Access"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve disable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Access411_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 68
set status enable
set name "VPN_Access411_Servers"
set uuid 1e6b1a0c-3813-51ef-fc38-aa2d138e683f
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "411_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389" "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Access411_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Access411 RDP"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 91
set status enable
set name "VPN_Peoplesoft_Audit"
set uuid 1e6d5baa-3813-51ef-d2bf-10a73778218f
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_Audit_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS" "TCP_UDP-8100"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft Auditors"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 64
set status enable
set name "VPN_Peoplesoft_RDP"
set uuid 1e6fbbfc-3813-51ef-6daf-b4c34aa0e0d9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_RDP_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "RDP" "UDP-3389"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft RDP"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 65
set status enable
set name "VPN_Peoplesoft_SSH"
set uuid 1e725740-3813-51ef-6fff-a75b3554ba2b
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_SSH_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft SSH"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 10009
set status enable
set name "Nimble_Sup_Out"
set uuid 1e77a52e-3813-51ef-8c30-560acbd80bf3
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Nimble_Inside_Grp"
set dstaddr "Nimble_Support"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Nimble Support"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10010
set status enable
set name "Nimble_Sup_In"
set uuid 1e79f5e0-3813-51ef-d2db-d7b36bd66919
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Nimble_Support"
set dstaddr "Nimble_Inside_Grp"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Nimble Support"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10026
set status enable
set name "Barracuda In->Out"
set uuid 1e85b04c-3813-51ef-6bf7-3a31d600c61d
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Barracuda_Internal"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "MailOut_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Barracuda Internal Email"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 67
set status enable
set name "Nighttime In->Out"
set uuid 1e9170d0-3813-51ef-9616-0feaa296fbcf
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Nighttime_Inside"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "FTP" "SSH" "TFTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "Nighttime_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Forces nighttime to use specific external IP"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10070
set status enable
set name "Reverse_Proxy"
set uuid 1ea33266-3813-51ef-99ab-bce3f219ac75
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "ReverseProxy"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Need to examine - Reverse Proxy"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 94
set status enable
set name "SBC_NOC_In->Out"
set uuid 1eaae63c-3813-51ef-331a-6873c1713df5
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "SBC-NOC"
set dstaddr "MS_Teams_External_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "SBC-NOC-Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 100
set status enable
set name "SBC_DAN_In->Out"
set uuid 1ead08cc-3813-51ef-54d4-e5349e6869af
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "SBC-DAN"
set dstaddr "MS_Teams_External_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "SBC-DAN-Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10046
set status enable
set name "SRIC_BOCES_Allow"
set uuid 1eaf29ae-3813-51ef-6f21-ac90af29aaa7
set srcintf "SRIC_BOCES"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SRICBOCES-OUTSIDE"
set dstaddr "vip-ntss"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL_ICMP" "HTTP" "HTTPS" "TCP-1521" "TCP-9000-9100"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SRIC BOCES NTSS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10174
set status enable
set name "NTSS In->Out"
set uuid 1eb15832-3813-51ef-d5ba-d3f89d1ebe57
set srcintf "inside"
set dstintf "SRIC_BOCES"
set action accept
set ztna-status disable
set srcaddr "ntss-inside"
set dstaddr "SRICBOCES-OUTSIDE"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "NTSS_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SRIC BOCES NTSS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 72
set status enable
set name "SCHC_In->Out"
set uuid 1eb3b500-3813-51ef-8d25-e84757b6e80f
set srcintf "inside"
set dstintf "SCHC"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SCHC_Local_Subnets_Group"
set dstaddr "SCHC_Remote_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SCHC"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 73
set status enable
set name "SCHC_Out->In"
set uuid 1eb5e37a-3813-51ef-0d54-a0f86f9c413d
set srcintf "SCHC"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SCHC_Remote_Subnets_Group"
set dstaddr "SCHC_Local_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SCHC"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 102
set status enable
set name "eScholar In->Out"
set uuid ee1a30d4-615e-51ef-2b32-6e61482f80f4
set srcintf "inside"
set dstintf "vpn-0403e61"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS eScholar"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 108
set status disable
set name "eScholar Out->In"
set uuid 3f39ba48-8d5b-51ef-a5d4-56bbe4a36ed5
set srcintf "vpn-0403e61"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS eScholar"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 101
set status enable
set name "testing highstreet"
set uuid f827dd26-da5b-51ef-87ba-f81639e668c9
set srcintf "inside"
set dstintf "Highstreet"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - Highstreet (Copy of Highstreet_Tunnel_In->Out)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 111
set status enable
set name "Highstreet_Tunnel_In->Out"
set uuid 7814df68-9202-51ef-0bbd-c924fa190f40
set srcintf "inside"
set dstintf "Highstreet"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Server_40" "Server_48"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - Highstreet"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 113
set status enable
set name "Highstreet_2_Tunnel_In->Out"
set uuid 02c82414-9553-51ef-5d42-ebdfea1cb3e0
set srcintf "inside"
set dstintf "Highstreet_2"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Server_40" "Server_48"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "VPN - Highstreet 2"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 61
set status enable
set name "AWS_VPN_In->Out"
set uuid 1eb80808-3813-51ef-57e9-eba2d42f35c6
set srcintf "inside"
set dstintf "vpn-042e9903"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 96
set status enable
set name "SchoolTool_AWS_In->Out"
set uuid 1eba0392-3813-51ef-da4b-c7f8b6d4754f
set srcintf "inside"
set dstintf "vpn-0fc50345"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SchoolTool Tunnel In -> Out"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 97
set status enable
set name "SchoolTool_AWS_Out->In"
set uuid 1ebc057a-3813-51ef-5e4e-7fbfad04b371
set srcintf "vpn-0fc50345"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Reverse of SchoolTool_AWS_In->Out"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 62
set status disable
set name "Test Cert Decrypt"
set uuid 1ebdf772-3813-51ef-d34b-3956a214ee8c
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Tim PC"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "SCSD custom-deep-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Internet Access (Copy of Internet Access)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set decrypted-traffic-mirror ''
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 98
set status enable
set name "AW_Scanner_Allow"
set uuid 5385d71e-c142-51ef-d666-e78958f9556b
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "AW_Scanner_MerryChristmas" "AW_Scanner _HappyHalloween" "AW_Scanner_DiaDeLosMuertos" "AW_Scanner_HappyNewYear" "AW_Scanner_LaborDay"
set dstaddr "AW_device-activation.us-global-prod.arcticwolf.net" "AW_drs.us-global-prod.arcticwolf.net" "AW_inbound.us002-prod.arcticwolf.net"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 116
set status enable
set name "POS Test"
set uuid a1e4afc0-1eb7-51f0-4ebd-d1105cd4ed77
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "POS_Machines"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Test Point of Sale"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 119
set status enable
set name "IoT>Open VPN"
set uuid ff3f1cfc-b66d-51f0-e853-77cbf609a9f5
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "IoT - Core"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list "IoT"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 106
set status enable
set name "Internet Access"
set uuid a07c4df0-7eb0-51ec-6ebd-522652ce242b
set srcintf "inside" "RAP"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "IPv4-Private-All-RFC1918" "VPN-Range"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Internet Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 71
set status enable
set name "County->Peoplesoft"
set uuid 1ec347ae-3813-51ef-1efd-957736793cf0
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "County_Network"
set dstaddr "psprdfin"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 82
set status enable
set name "Peoplesoft -> County"
set uuid 1ec4d6c8-3813-51ef-ac28-17b59421f677
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "psprdfin"
set dstaddr "County_Network"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of County->Peoplesoft) (Reverse of County->Peoplesoft)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 81
set status enable
set name "County -> DNS"
set uuid 1ec69580-3813-51ef-70aa-d0c556abef94
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "County_Network"
set dstaddr "Domain_Controller_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of County->Peoplesoft)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 76
set status enable
set name "City_CGRs_Out->In"
set uuid 1ec85960-3813-51ef-bbd7-2a8905689144
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_CGR_01" "City_Side_CGR_02"
set dstaddr "City_CGRs_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ESP" "IKE" "PING" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Lights - CGR - Allow Ping and SSH from City-Side Subnets"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 77
set status enable
set name "City_CGRs_In->Out"
set uuid 1eca734e-3813-51ef-87b1-5ee84780d2e3
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_CGRs_Group"
set dstaddr "City_Side_CGR_01" "City_Side_CGR_02"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ESP" "IKE" "PING" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow City Lights CGR to City Side Subnets"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 85
set status enable
set name "City_VoIP_Out->In"
set uuid 1ecc7ec8-3813-51ef-b6b3-ce34580ba6e8
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_VoIP_Group"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 86
set status enable
set name "City_VoIP_In->Out"
set uuid 1ece4596-3813-51ef-e6fc-e121d064849b
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_VoIP_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_VoIP_Out->In) (Reverse of City_VoIP_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 84
set status enable
set name "City_Water_DPW_Recorder_Out->In"
set uuid 1ed02d2a-3813-51ef-b5b5-5d483ed50082
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_VoIP_Water_DPW_Recorder"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_Parks_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 88
set status enable
set name "City_Water_DPW_Recorder_In->Out"
set uuid 1ed1fa06-3813-51ef-b94f-4fc985cecc67
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_VoIP_Water_DPW_Recorder"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_Parks_Phones_Out->In) (Copy of City_Water_DPW_Recorder_Out->In) (Reverse of City_Water_DPW_Recorder_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 60
set status enable
set name "City_Parks_Phones_Out->In"
set uuid 1ed3ebc2-3813-51ef-1e7f-278d09aa39e5
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_Parks_Phone_Subnet" "City_Side_VoIP_Water_DPW_Recorder"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 79
set status enable
set name "City_Parks_Phones_In->Out"
set uuid 1ed5bfc4-3813-51ef-1ec9-12e8ee90dbee
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_Parks_Phone_Subnet" "City_Side_VoIP_Water_DPW_Recorder"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From Us to Them (Copy of City_Phones_In->Out)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 70
set status disable
set name "Block SPD DNS ACCESS"
set uuid 1ed761e4-3813-51ef-854c-443e75bbd182
set srcintf "city_phones"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "SPD_Network"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set logtraffic disable
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Deny SPD DNS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 55
set status enable
set name "SPD_Out->In"
set uuid 1ed88ccc-3813-51ef-ce40-66f91cac1e76
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Network"
set dstaddr "SPD_Firewalls_Our_Side"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ESP" "IKE" "SNMP" "SSH" "ALL_ICMP" "HTTPS" "HTTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 87
set status enable
set name "SPD_In->Out"
set uuid 1eda7712-3813-51ef-3c63-e2ec1558101f
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Firewalls_Our_Side"
set dstaddr "SPD_Network"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ESP" "IKE" "SNMP" "SSH" "ALL_ICMP" "HTTPS" "HTTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access (Copy of SPD_Out->In) (Reverse of SPD_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 83
set status enable
set name "SPD_ Genetec_Out->In"
set uuid 1edc7242-3813-51ef-7f2c-b3136231a789
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Side_Genetec"
set dstaddr "Genetec_Inside_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "Genetec Federation"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access for Genetec Federation"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 92
set status enable
set name "SPD_ Genetec_In->Out"
set uuid 1edea1ac-3813-51ef-57bb-512cdbf9dd3f
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Genetec_Inside_Group"
set dstaddr "SPD_Side_Genetec"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "Genetec Federation"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access for Genetec Federation"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 54
set status enable
set name "City_Phones_Out->In"
set uuid 1ee0c5ae-3813-51ef-cd42-b18ff9cc744e
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Subnets_Group"
set dstaddr "City_Permited_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 75
set status enable
set name "City_Phones_In->Out"
set uuid 1ee253a6-3813-51ef-2f01-6a3bba8948c4
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Permited_Subnets_Group"
set dstaddr "City_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From Us to Them"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10024
set status enable
set name "Email_Hybrid_Allow"
set uuid 81a5da3e-3814-51ef-1983-581a79abcbe4
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-hybrid-email"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS" "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Hybrid Email - Robert Johnson"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10027
set status enable
set name "Barracuda_Archivers"
set uuid 81a9ac68-3814-51ef-197d-0a3afe0e87fd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set dstaddr "vip-grp-barracuda_Archivers"
set internet-service disable
set internet-service-src enable
set internet-service-src-group "Microsoft_ISDB_Both"
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS" "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Barracuda Archivers from Microsoft"
set block-notification disable
set replacemsg-override-group ''
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set internet-service-src-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 115
set status enable
set name "Nutanix_Remote_Support"
set uuid 1900c2ca-108e-51f0-95ec-850dcb4dec46
set srcintf "inside"
set dstintf "outside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Nutanix_CVM"
set dstaddr "Nutanix_Remote_Support"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10076
set status disable
set name "Apple_Cache"
set uuid 81ab9d98-3814-51ef-b8cb-8f477b83a491
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-applecaching"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL_TCP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Apple Caching Server Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10094
set status enable
set name "DNS_ns1"
set uuid 81ad75dc-3814-51ef-f09d-c2b8f787df67
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-ns1"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "DNS - External"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10092
set status enable
set name "DNS_ns2"
set uuid 81af4632-3814-51ef-448f-03cf7baa0fcd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-ns2"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "DNS - External"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10108
set status enable
set name "LDAP_Access"
set uuid 81b1158e-3814-51ef-e736-4ff0961ed5e0
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Safeschools_Group"
set dstaddr "vip-DC01"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "LDAP" "LDAP_UDP" "TCP-636"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "LDAP"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10130
set status enable
set name "Airwatch"
set uuid 81b4f8d4-3814-51ef-470c-24615314b6bd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-Airwatchapp"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "Airwatch_Services_Group"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Airwatch Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10054
set status enable
set name "SCSD_Website"
set uuid 81b6d604-3814-51ef-6668-0efb18da8bc4
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-Webosphere"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Website - scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10138
set status enable
set name "WebHelpDesk"
set uuid 81b8bcbc-3814-51ef-3a27-c1f21f5d717f
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-webhelpdesk"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Webpage - helpdesk.scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 117
set status enable
set name "RAP>Inside>DCs"
set uuid fd182646-56ad-51f0-29cf-aeb9b387ba3b
set srcintf "RAP"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "RAP_10.67.0.0/16" "RAP-MGMT"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 124
set status enable
set name "CNYWorks>SCSD"
set uuid ef5ec554-f6cc-51f0-cd1a-ce68ddafecc7
set srcintf "CNYWorks"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CNYWorks_10.68.0.0/16" "CNYWorks_MGMT"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of RAP>Inside>DCs) (Copy of )"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10150
set status enable
set name "Tableau"
set uuid 81ba96fe-3814-51ef-6921-9f35497b8f80
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-tableau"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Webpage - tableau.scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 99
set status enable
set name "PrintOC"
set uuid 81c226ee-3814-51ef-987c-d26a0604f4f0
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-PrintOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Oracle Web Printer"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 122
set status enable
set name "Print-OC_SFTP"
set uuid eed95dc4-f21c-51f0-847a-e5c011f0b4dc
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Oracle Cloud IP"
set dstaddr "vip-PrintOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Oracle Web Printer (Copy of PrintOC) (Copy of )"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10184
set status enable
set name "ESS"
set uuid 81c5a1b6-3814-51ef-5bd9-deeadac2e8b2
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-scsdess"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Employee Self Service"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10182
set status enable
set name "Address_Lookup"
set uuid 81c77f5e-3814-51ef-24cf-937273f467c6
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-Neutrons"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Address Lookup for parents"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 126
set status enable
set name "Centro->411SQL Out->In"
set uuid c1c0cb3e-004e-51f1-8dd0-32e715da6cf4
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Centro"
set dstaddr "VIP-411SQL"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow Centro to SFTP to Access 411 SQL Server"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 93
set status enable
set name "SBC_Ribbon_Out->In"
set uuid 81c9586a-3814-51ef-76b4-4b2f00d4ef7b
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "MS_Teams_External_Group"
set dstaddr "vip-sbc-noc" "vip-sbc-dan"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 114
set status enable
set name "EMS_Out->In"
set uuid 57ea5a20-bcb3-51ef-3a9b-8209a3aa0052
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-EMS"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "HTTP" "HTTPS" "TCP-8443" "TCP-8013"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "EMS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 118
set status enable
set name "Servers->RAP"
set uuid a7519eb8-5b67-51f0-81ee-bcd251f393c6
set srcintf "inside"
set dstintf "RAP"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "RAP_10.67.0.0/16" "RAP-MGMT" "RAP-FW-Inside"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of RAP>Inside>DCs) (Reverse of RAP>Inside>DCs)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 123
set status enable
set name "Servers>CNYWorks"
set uuid 5676ed4e-f6cc-51f0-2df3-4946ad8cca66
set srcintf "inside"
set dstintf "CNYWorks"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "CNYWorks_10.68.0.0/16" "CNYWorks_MGMT"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow traffic from internal network to remote network at CNYWorks"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 95
set status enable
set name "SCSD -> DPS"
set uuid a19c7908-a391-51f0-832c-2db07d1b76ba
set srcintf "inside"
set dstintf "DPS"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "DPS_10.46.0.0/16" "DPS_Mgmt" "DPS_192.168.146.0/24"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 103
set status enable
set name "DPS-> SCSD"
set uuid 86078cfe-a392-51f0-c08c-e8a016eaf556
set srcintf "DPS"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "DPS_10.46.0.0/16" "DPS_192.168.146.0/24" "DPS_Mgmt"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set pcp-inbound disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 104
set status enable
set name "DPS-> Outside"
set uuid 0545722a-a397-51f0-e7c5-fe7e645b19b6
set srcintf "DPS"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "DPS_10.46.0.0/16"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.253"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 125
set status enable
set name "CNYWorks Internet Access"
set uuid 26c87c46-f6ce-51f0-0fdc-3428990ed050
set srcintf "CNYWorks" "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "IPv4-Private-All-RFC1918" "VPN-Range"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set internet-service6 disable
set internet-service6-src disable
unset reputation-minimum6
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set policy-expiry disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-profile ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set ips-voip-filter ''
set sctp-filter-profile ''
set diameter-filter-profile ''
set virtual-patch-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set pcp-outbound disable
set pcp-inbound disable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set port-preserve enable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.252" "ippool-198.36.23.253" "ippool-198.36.23.254"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-copy disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set srcaddr6-negate disable
set dstaddr-negate disable
set dstaddr6-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall proxy-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
edit 1
set status enable
set name "Country_Block_DOS"
set comments "Thresholds set to 1 to block all traffic from specific countries."
set interface "outside"
set srcaddr "Country Block"
set dstaddr "all"
set service "ALL"
config anomaly
edit "tcp_syn_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_port_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_sweep"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "ip_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "ip_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
end
next
edit 3
set status enable
set name "Zoom-bypass"
set comments ''
set interface "outside"
set srcaddr "all"
set dstaddr "all"
set service "Zoom UDP Ports"
config anomaly
edit "tcp_syn_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "tcp_port_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "tcp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "tcp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_flood"
set status enable
set log enable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "icmp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 250
next
edit "icmp_sweep"
set status disable
set log disable
set action pass
set quarantine none
set threshold 100
next
edit "icmp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 300
next
edit "icmp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "ip_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "ip_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "sctp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "sctp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
end
next
edit 2
set status enable
set name "DoS_Default"
set comments ''
set interface "outside"
set srcaddr "all"
set dstaddr "all"
set service "ALL"
config anomaly
edit "tcp_syn_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "tcp_port_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "tcp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "tcp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "udp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 20000
next
edit "udp_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "udp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "udp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "icmp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 250
next
edit "icmp_sweep"
set status enable
set log enable
set action block
set quarantine none
set threshold 100
next
edit "icmp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 300
next
edit "icmp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "ip_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "ip_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "sctp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "sctp_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "sctp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "sctp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
end
next
end
config firewall DoS-policy6
end
config firewall sniffer
edit 8
set uuid 36fa8310-c0f6-51f0-af3f-cf024bc5cd86
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "vpn-0fc50345"
set host "172.30.45.35"
set port "3389"
set protocol ''
set vlan ''
set dsri disable
next
edit 4
set uuid 36fa8db0-c0f6-51f0-6346-78d55fc36abd
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host "10.250.229.0/24"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 6
set uuid 36fa97e2-c0f6-51f0-1f91-602bb9d08d10
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host "10.1.150.20"
set port "8445"
set protocol ''
set vlan ''
set dsri disable
next
edit 5
set uuid 36faa2f0-c0f6-51f0-d0a3-a5b6aa82d820
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "vpn-0403e61"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 7
set uuid 36faa958-c0f6-51f0-f06c-44f6e557b95a
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "outside lag"
set host "3.20.191.182"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 9
set uuid 36fab1f0-c0f6-51f0-a43f-71f4623d82eb
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "Highstreet"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 10
set uuid 36fab84e-c0f6-51f0-515c-1e42d3f07a15
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "inside lag"
set host "192.168.79.2"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 11
set uuid 36fac0c8-c0f6-51f0-e9e7-ad190564024f
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "inside lag"
set host "10.46.1.1"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 12
set uuid 36fac938-c0f6-51f0-3e0a-9e48923f6653
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "DPS"
set host "10.46.1.1"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 13
set uuid 36fad0c2-c0f6-51f0-cc14-10d54ecdbbb9
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "port17"
set host "192.168.146.5"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 14
set uuid 36fadb9e-c0f6-51f0-dd8e-fdcc0d853ca2
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "port19"
set host "192.168.146.5"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 15
set uuid 36fae666-c0f6-51f0-dc3f-12317d604f06
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "RAP"
set host "192.168.79.2"
set port ''
set protocol ''
set vlan ''
set dsri disable
next
edit 16
set uuid 36faeeae-c0f6-51f0-9ee8-abe6590ce728
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
next
end
config firewall on-demand-sniffer
edit "outside lag_scsd"
set interface "outside lag"
set max-packet-count 100
set hosts "24.105.188.54"
set protocols 17
set non-ip-packet disable
set advanced-filter ''
next
edit "RAP_scsd"
set interface "RAP"
set max-packet-count 10000
set non-ip-packet disable
set advanced-filter ''
next
edit "SSL VPN"
set interface "outside lag"
set max-packet-count 10000
set hosts "174.197.201.25"
set non-ip-packet disable
set advanced-filter ''
next
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set update-time 0000-00-00 00:00:00
set persistent-cookie enable
set ip-auth-cookie disable
set cookie-max-age 480
set cookie-refresh-div 2
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
set mab-reauth disable
set mac-username-delimiter hyphen
set mac-password-delimiter hyphen
set mac-calling-station-delimiter hyphen
set mac-called-station-delimiter hyphen
set mac-case lowercase
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
set dacl disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
set auto-isl-auth legacy
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
set auto-isl-auth legacy
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "pse"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
set login enable
set revision-backup-on-logout disable
set revision-backup-on-upgrade disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp profile
edit "default"
set description ''
set mode transparent-e2e
next
end
config switch-controller ptp interface-policy
edit "default"
set description ''
set vlan ''
set vlan-pri 4
next
end
config switch-controller vlan-policy
end
config switch-controller acl ingress
end
config switch-controller acl group
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization enable
set vlan-identity name
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set dhcp-option82-format ascii
set dhcp-option82-circuit-id intfname vlan mode
set dhcp-option82-remote-id mac
set dhcp-snoop-client-req drop-untrusted
set dhcp-snoop-client-db-exp 86400
set dhcp-snoop-db-per-port-learn-limit 64
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
set switch-on-deauth no-op
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set level ip
set max-export-pkt-size 512
set template-export-period 5
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set rolling-wtp-upgrade disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
set wtp-fips-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 0
set weight-dfs-channel 0
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel enable
set include-dfs-channel enable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
set scan-type active
set scan-threshold "-90"
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extension-controller dataplan
end
config extension-controller extender-vap
end
config extension-controller extender-profile
end
config extension-controller extender
end
config extension-controller fortigate-profile
end
config extension-controller fortigate
end
config system ips
set signature-hold-time 0h
end
config endpoint-control settings
set override disable
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set ips-packet-quota 0
set proxy-inline-ips disable
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set IPsec-errors-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set log-disk-usage-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
set local-disk-usage 75
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router extcommunity-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
edit 1
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 198.36.24.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "outside lag"
set comment "Outgoing traffic"
set blackhole disable
set dynamic-gateway disable
set dstaddr ''
unset internet-service
set internet-service-custom ''
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 2
set status enable
set dst 10.0.0.0 255.0.0.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Internal traffic"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 3
set status enable
set dst 10.250.201.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 1"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 4
set status enable
set dst 10.250.202.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 2"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 5
set status enable
set dst 10.250.203.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 3"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 6
set status enable
set dst 10.250.204.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 4"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 7
set status enable
set dst 10.250.205.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 5"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 8
set status enable
set dst 10.250.206.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 6"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 9
set status enable
set dst 10.250.207.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 7"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 10
set status enable
set dst 10.250.208.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 8"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 11
set status enable
set dst 172.17.0.0 255.255.0.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 01 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 12
set status enable
set dst 172.18.0.0 255.255.0.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 02 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 13
set status enable
set dst 172.19.0.0 255.255.0.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 03 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 14
set status enable
set dst 192.168.0.0 255.255.0.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Management Internal"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 15
set status enable
set dst 10.212.134.0 255.255.255.0
set gateway 10.251.1.1
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Fortinet VPN"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 16
set status enable
set dst 170.161.52.27 255.255.255.255
set preferred-source 0.0.0.0
set distance 1
set weight 0
set priority 1
set device "SRIC_BOCES"
set comment "SRIC BOCES Site-to-Site VPN Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 17
set status enable
set dst 10.222.0.0 255.255.0.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "vpn-042e9903"
set comment "eScholar AWS Site-to-Site VPN"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 18
set status enable
set dst 10.250.0.0 255.255.0.0
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "Route to City Phones"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 19
set status enable
set dst 10.107.49.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 20
set status enable
set dst 10.107.100.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 21
set status enable
set dst 10.107.50.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 22
set status enable
set dst 10.253.17.0 255.255.255.0
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City CGRs"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 23
set status enable
set dst 10.253.18.0 255.255.255.0
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City CGRs"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 24
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City Side Park Place VoIP Route"
set blackhole disable
set dynamic-gateway disable
set dstaddr "City_Side_VoIP_Park_Place_Group"
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 25
set status enable
set dst 10.249.0.46 255.255.255.255
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City Water/DPW Recording"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 26
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 10.250.100.92
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "SPD Genetec"
set blackhole disable
set dynamic-gateway disable
set dstaddr "SPD_Side_Genetec"
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 34
set status enable
set dst 172.30.44.0 255.255.254.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "vpn-0fc50345"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 28
set status disable
set dst 172.30.45.35 255.255.255.255
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "vpn-0fc50345"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 29
set status enable
set dst 172.30.44.0 255.255.254.0
set distance 253
set weight 0
set priority 1
set comment ''
set blackhole enable
set link-monitor-exempt disable
set tag 0
set vrf 0
next
edit 30
set status enable
set dst 10.11.0.0 255.255.240.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "vpn-0403e61"
set comment "eScholar AWS 2024"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 31
set status disable
set dst 10.46.0.0 255.255.0.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 32
set status disable
set dst 192.168.46.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 33
set status enable
set dst 10.51.62.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "Highstreet"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 37
set status disable
set dst 192.168.146.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 35
set status enable
set dst 192.168.67.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "RAP"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 36
set status enable
set dst 10.67.0.0 255.255.0.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "RAP"
set comment "RAP Users"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 38
set status enable
set dst 192.168.167.0 255.255.255.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "RAP"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 39
set status enable
set dst 10.68.0.0 255.255.0.0
set gateway 0.0.0.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "CNYWorks"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
edit 40
set status enable
set dst 192.168.68.0 255.255.255.0
set gateway 0.0.0.0
set preferred-source 0.0.0.0
set distance 10
set weight 0
set priority 1
set device "CNYWorks"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set tag 0
set bfd disable
next
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set restart-mode none
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
unset as
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set recursive-inherit-priority disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
set cross-family-conditional-adv disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC SfpxH8WyuW9g6kgdID5LQ8WK24ui/oS4O9PLTJgz307C4CrG/E8aHG92A3twYX/TE5dfZz/f9QHzpo0rHaibsKPiPUxt0QEVmuZHzrC+6ajTGkd7kUq/wovqtD/G7a+1PRrkGoSLcUQ/nKvuGRInrPypadX2EjEwrykg52/gQUL79RosrVTvnMWpEyL2gjT/tesXDFlmMjY3dkVA
set auth-password-l2 ENC wBseV0xg/krqPIBdFk56Ikgy0xUCCE8zuUn+pGA0UjuXa1cwd/aZNY906iDtjXVLad4k30d1H2qN3LHxy5wq4s5r4anjbY7wjeDcRY3Dfpykwia1mxhp74VSgV7uBoB1GaQrsgFO/6CFujvVvC1WoCz6P2sx3FDrBO/6Fx6cCpveanYmLwXDZPMAwWDlRxczk0XFe1lmMjY3dkVA
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-register-checksum disable
set cisco-crp-prefix disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set pim-use-sdwan disable
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
edit "1"
set addr-mode ipv4
set srcintf "vpn-0fc50345"
set server-config default
set server-type static
set server "169.254.54.77"
set protocol ping
set gateway-ip 0.0.0.0
set source-ip 0.0.0.0
set interval 20
set probe-timeout 500
set failtime 5
set recoverytime 5
set probe-count 30
set ha-priority 1
set update-cascade-interface enable
set update-static-route enable
set update-policy-route enable
set status disable
set diffservcode 000000
unset class-id
set service-detection disable
next
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-tunnel
set status disable
end
end
![\"Fortinet](\"https://filestore.fortinet.com/fortiguard/logo_v3_fguard_app.png\"){kind=logo}