full-configuration
#config-version=F2K61F-7.0.17-FW-build0682-250113:opmode=0:vdom=1:user=jpoland
#conf_file_ver=55523232681638414
#buildno=0682
#global_vdom=1
config vdom
edit root
next
edit Policy
next
edit TEST
next
edit scsd
next
end
config global
config system global
set admin-concurrent enable
set admin-console-timeout 0
set admin-forticloud-sso-login disable
set admin-host ''
set admin-hsts-max-age 15552000
set admin-https-pki-required disable
set admin-https-redirect enable
unset admin-https-ssl-banned-ciphers
set admin-https-ssl-ciphersuites TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set admin-https-ssl-versions tlsv1-2 tlsv1-3
set admin-lockout-duration 60
set admin-lockout-threshold 3
set admin-login-max 100
set admin-maintainer enable
set admin-port 80
set admin-restrict-local disable
set admin-scp disable
set admin-server-cert "Fortinet_Factory"
set admin-sport 443
set admin-ssh-grace-time 120
set admin-ssh-password enable
set admin-ssh-port 22
set admin-ssh-v1 disable
set admin-telnet enable
set admin-telnet-port 23
set admintimeout 59
set alias "FortiGate-2601F"
set allow-traffic-redirect enable
set anti-replay strict
set arp-max-entry 131072
set auth-cert "Fortinet_Factory"
set auth-http-port 1000
set auth-https-port 1003
set auth-keepalive disable
set auth-session-limit block-new
set auto-auth-extension-device enable
set autorun-log-fsck disable
set av-affinity "0"
set av-failopen pass
set av-failopen-session disable
set batch-cmdb enable
set block-session-timer 30
set br-fdb-max-entry 8192
set cert-chain-max 8
set cfg-save automatic
set check-protocol-header loose
set check-reset-range disable
set cli-audit-log disable
set cloud-communication enable
set clt-cert-req disable
set cmdbsvr-affinity "0"
set cpu-use-threshold 90
set csr-ca-attribute enable
set daily-restart disable
set default-service-source-port 1-65535
set device-idle-timeout 300
set dh-params 2048
set dnsproxy-worker-count 1
set dst enable
set early-tcp-npu-session disable
set extender-controller-reserved-network 10.252.0.1 255.255.0.0
set faz-disk-buffer-size 0
set fds-statistics enable
unset fgd-alert-subscription
set fortiextender disable
set fortiextender-data-port 25246
set fortiextender-discovery-lockdown disable
set fortiextender-vlan-mode disable
set fortiservice-port 8013
set fortitoken-cloud enable
set gui-allow-default-hostname disable
set gui-cdn-usage disable
set gui-certificates enable
set gui-custom-language disable
set gui-date-format yyyy/MM/dd
set gui-date-time-source system
set gui-device-latitude "43.02974913459805"
set gui-device-longitude "-76.14486694335938"
set gui-display-hostname disable
set gui-firmware-upgrade-warning enable
set gui-forticare-registration-setup-warning enable
set gui-fortigate-cloud-sandbox disable
set gui-fortiguard-resource-fetch enable
set gui-ipv6 disable
set gui-local-out disable
set gui-replacement-message-groups disable
set gui-rest-api-cache enable
set gui-theme jade
set gui-wireless-opensecurity disable
set ha-affinity "0"
set honor-df enable
set hostname "noc-fortigate-b"
set hyper-scale-vdom-num 250
set igmp-state-limit 3200
set internet-service-database full
set ip-fragment-mem-thresholds 32
set ip-src-port-range 1024-25000
set ipsec-asic-offload enable
set ipsec-ha-seqjump-rate 10
set ipsec-hmac-offload enable
set ipsec-soft-dec-async disable
set ipv6-accept-dad 1
set ipv6-allow-anycast-probe disable
set ipv6-allow-local-in-slient-drop enable
set ipv6-allow-multicast-probe disable
set ipv6-allow-traffic-redirect enable
set language english
set ldapconntimeout 500
set lldp-reception disable
set lldp-transmission disable
set log-ssl-connection disable
set log-uuid-address disable
set login-timestamp disable
set management-ip ''
set management-port 443
set management-port-use-admin-sport disable
set management-vdom "root"
set max-route-cache-size 0
set memory-use-threshold-extreme 95
set memory-use-threshold-green 82
set memory-use-threshold-red 88
set miglog-affinity "0"
set miglogd-children 0
set multi-factor-authentication optional
set ndp-max-entry 0
set npu-neighbor-update disable
set per-user-bal disable
set pmtu-discovery disable
set policy-auth-concurrent 0
set post-login-banner disable
set pre-login-banner disable
set private-data-encryption disable
set proxy-auth-lifetime disable
set proxy-auth-timeout 10
set proxy-cert-use-mgmt-vdom disable
set proxy-hardware-acceleration enable
set proxy-re-authentication-mode session
set proxy-resource-mode disable
set proxy-worker-count 0
set radius-port 1812
set reboot-upon-config-restore enable
set refresh 0
set remoteauthtimeout 120
set reset-sessionless-tcp disable
set revision-backup-on-logout enable
set revision-image-auto-backup disable
set scanunit-count 0
set security-rating-result-submission enable
set security-rating-run-on-schedule enable
set send-pmtu-icmp enable
set snat-route-change disable
set special-file-23-support disable
set speedtest-server disable
set split-port ''
set ssd-trim-freq weekly
set ssd-trim-hour 1
set ssd-trim-min 60
set ssd-trim-weekday sunday
set ssh-enc-algo chacha20-poly1305@openssh.com aes256-ctr aes256-gcm@openssh.com
set ssh-kex-algo diffie-hellman-group-exchange-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521
set ssh-mac-algo hmac-sha2-256 hmac-sha2-256-etm@openssh.com hmac-sha2-512 hmac-sha2-512-etm@openssh.com
set ssl-min-proto-version TLSv1-2
set ssl-static-key-ciphers enable
set sslvpn-cipher-hardware-acceleration disable
set sslvpn-ems-sn-check disable
set sslvpn-kxp-hardware-acceleration disable
set sslvpn-max-worker-count 0
set sslvpn-plugin-version-check enable
set strict-dirty-session-check enable
set strong-crypto enable
set switch-controller enable
set switch-controller-reserved-network 10.255.0.0 255.255.0.0
set sys-perf-log-interval 5
set tcp-halfclose-timer 120
set tcp-halfopen-timer 10
set tcp-option enable
set tcp-rst-timer 5
set tcp-timewait-timer 1
set timezone 12
set traffic-priority tos
set traffic-priority-level medium
set two-factor-email-expiry 60
set two-factor-fac-expiry 60
set two-factor-ftk-expiry 60
set two-factor-ftm-expiry 72
set two-factor-sms-expiry 60
set udp-idle-timer 180
set url-filter-affinity "0"
set url-filter-count 1
set user-device-store-max-devices 507278
set user-device-store-max-unified-mem 2536393932
set user-device-store-max-users 507278
set user-server-cert "Fortinet_Factory"
set vdom-mode multi-vdom
set vip-arp-range restricted
set virtual-switch-vlan disable
set wad-affinity "0"
set wad-csvc-cs-count 1
set wad-csvc-db-count 0
set wad-memory-change-granularity 10
set wad-source-affinity enable
set wad-worker-count 0
set wifi-ca-certificate "Fortinet_Wifi_CA"
set wifi-certificate "Fortinet_Wifi"
set wimax-4g-usb disable
set wireless-controller enable
set wireless-controller-port 5246
set edit-vdom-prompt disable
set fds-statistics-period 60
set long-vdom-name disable
end
config system accprofile
edit "prof_admin"
set scope vdom
set comments ''
set secfabgrp read-write
set ftviewgrp read-write
set authgrp read-write
set sysgrp read-write
set netgrp read-write
set loggrp read-write
set fwgrp read-write
set vpngrp read-write
set utmgrp read-write
set wanoptgrp read-write
set wifi read-write
set admintimeout-override disable
set system-diagnostics enable
next
edit "NOC_Dashboard"
set scope vdom
set comments "For displaying info in Operations area"
set secfabgrp read
set ftviewgrp read
set authgrp read
set sysgrp read
set netgrp read
set loggrp read
set fwgrp read
set vpngrp read
set utmgrp read
set wanoptgrp read
set wifi read
set admintimeout-override enable
set system-diagnostics disable
set admintimeout 0
next
edit "Read_Only"
set scope vdom
set comments ''
set secfabgrp read
set ftviewgrp read
set authgrp read
set sysgrp read
set netgrp read
set loggrp read
set fwgrp read
set vpngrp read
set utmgrp read
set wanoptgrp read
set wifi read
set admintimeout-override disable
set system-diagnostics enable
next
end
config system npu
set dedicated-management-cpu disable
set ipsec-ob-np-sel rr
config dos-options
set npu-dos-meter-mode global
set npu-dos-tpe-mode enable
end
set policy-offload-level disable
set napi-break-interval 0
config hpe
set all-protocol 400000
set tcpsyn-max 40000
set tcpsyn-ack-max 40000
set tcpfin-rst-max 40000
set tcp-max 40000
set udp-max 40000
set icmp-max 5000
set sctp-max 5000
set esp-max 5000
set ip-frag-max 5000
set ip-others-max 5000
set arp-max 5000
set l2-others-max 5000
set high-priority 400000
set enable-shaper disable
end
set capwap-offload enable
set default-qos-type shaping
set gtp-support disable
set per-session-accounting traffic-log-only
set session-acct-interval 5
set per-policy-accounting disable
set max-session-timeout 40
config fp-anomaly
set tcp-syn-fin allow
set tcp-fin-noack trap-to-host
set tcp-fin-only trap-to-host
set tcp-no-flag allow
set tcp-syn-data allow
set tcp-winnuke trap-to-host
set tcp-land trap-to-host
set udp-land trap-to-host
set icmp-land trap-to-host
set icmp-frag allow
set ipv4-land trap-to-host
set ipv4-proto-err trap-to-host
set ipv4-unknopt trap-to-host
set ipv4-optrr trap-to-host
set ipv4-optssrr trap-to-host
set ipv4-optlsrr trap-to-host
set ipv4-optstream trap-to-host
set ipv4-optsecurity trap-to-host
set ipv4-opttimestamp trap-to-host
set ipv4-csum-err drop
set tcp-csum-err drop
set udp-csum-err drop
set icmp-csum-err drop
set ipv6-land trap-to-host
set ipv6-proto-err trap-to-host
set ipv6-unknopt trap-to-host
set ipv6-saddr-err trap-to-host
set ipv6-daddr-err trap-to-host
set ipv6-optralert trap-to-host
set ipv6-optjumbo trap-to-host
set ipv6-opttunnel trap-to-host
set ipv6-opthomeaddr trap-to-host
set ipv6-optnsap trap-to-host
set ipv6-optendpid trap-to-host
set ipv6-optinvld trap-to-host
end
config ip-reassembly
set min-timeout 64
set max-timeout 200000
set status disable
end
set hash-tbl-spread enable
set vlan-lookup-cache enable
set ip-fragment-offload enable
set htx-icmp-csum-chk drop
set htab-msg-queue data
set htab-dedi-queue-nr 2
config np-queues
config ethernet-type
edit "ARP"
set type 806
set queue 9
set weight 15
next
edit "HA-SESSYNC"
set type 8892
set queue 11
set weight 15
next
edit "HA-DEF"
set type 8890
set queue 11
set weight 15
next
edit "HC-DEF"
set type 8891
set queue 11
set weight 15
next
edit "L2EP-DEF"
set type 8893
set queue 11
set weight 15
next
edit "LACP"
set type 8809
set queue 9
set weight 15
next
end
config ip-protocol
edit "OSPF"
set protocol 89
set queue 11
set weight 14
next
edit "IGMP"
set protocol 2
set queue 11
set weight 14
next
edit "ICMP"
set protocol 1
set queue 3
set weight 14
next
end
config ip-service
edit "IKE"
set protocol 17
set sport 500
set dport 500
set queue 11
set weight 13
next
edit "BGP"
set protocol 6
set sport 179
set dport 179
set queue 9
set weight 13
next
edit "BFD-single-hop"
set protocol 17
set sport 3784
set dport 3784
set queue 11
set weight 13
next
edit "BFD-multiple-hop"
set protocol 17
set sport 4784
set dport 4784
set queue 11
set weight 13
next
edit "SLBC-management"
set protocol 17
set sport 0
set dport 720
set queue 11
set weight 13
next
edit "SLBC-1"
set protocol 17
set sport 11133
set dport 11133
set queue 11
set weight 13
next
edit "SLBC-2"
set protocol 17
set sport 65435
set dport 65435
set queue 11
set weight 13
next
end
end
set double-level-mcast-offload disable
set qtm-buf-mode 6ch
end
config system npu-vlink
end
config system vdom-link
end
config wireless-controller inter-controller
set inter-controller-mode disable
set inter-controller-key ENC eHQAZvmBSb+BVm46O44w3RrLvudhWg/ytjhRqbzNqlhgdjNSc098MMNm7i0IFeCtVmQJAm1WRETFtSDQFVTphqIesoMPi2XtF8AleVGD9Jdy0l/Z8H/vLJKCo16JSq28GTbf1mr8dG5n1RN5F6snNLdHPc4ThRK4eklyfmYePLDovtTlr3QmKlexcyQLgjPbx/9dBw==
set inter-controller-pri primary
set fast-failover-max 10
set fast-failover-wait 10
end
config wireless-controller global
set name ''
set location ''
set image-download enable
set max-retransmit 3
set control-message-offload ebp-frame aeroscout-tag ap-list sta-list sta-cap-list stats aeroscout-mu sta-health spectral-analysis
set data-ethernet-II enable
set link-aggregation disable
set mesh-eth-type 8755
set fiapp-eth-type 5252
set discovery-mc-addr 224.0.1.140
set max-clients 0
set rogue-scan-mac-adjacency 7
set ipsec-base-ip 169.254.0.1
set wtp-share disable
set tunnel-mode compatible
set nac-interval 120
set ap-log-server disable
end
config system switch-interface
end
config system lte-modem
set status disable
set extra-init ''
set authtype none
set apn ''
set modem-port 255
end
config system interface
edit "port1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "HA Port 1"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 1
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port2"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "HA Port 2"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 2
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port3"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 3
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port4"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 4
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port5"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 5
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
next
edit "port6"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 6
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
next
edit "port7"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 7
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port8"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 8
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port9"
set vdom "TEST"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "LAN_Test"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 9
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port10"
set vdom "TEST"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "WAN_Test"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 10
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port11"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 11
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port12"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 12
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port13"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 13
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port14"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 14
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port15"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 15
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port16"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 16
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port17"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 17
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port18"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 18
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port19"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 19
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port20"
set vdom "scsd"
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-classless-route-addition disable
set status up
set type physical
set src-check enable
set mediatype sr
set disconnect-threshold 0
set trunk disable
set description ''
set alias ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 20
set preserve-session-route disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
next
edit "port21"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 21
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port22"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 22
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port23"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 23
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port24"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 24
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 25000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port25"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 25
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port26"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 26
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port27"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 27
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port28"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 28
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port29"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 29
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port30"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 30
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port31"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 31
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port32"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 32
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port33"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 33
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port34"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 34
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port35"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 35
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "port36"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr4
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 36
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set forward-error-correction disable
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 100Gfull
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "mgmt1"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.1.241 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set dedicated-to management
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 37
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
end
set dhcp-relay-request-all-server disable
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set trust-ip-1 0.0.0.0 0.0.0.0
set trust-ip-2 0.0.0.0 0.0.0.0
set trust-ip-3 0.0.0.0 0.0.0.0
set trust-ip6-1 ::/0
set trust-ip6-2 ::/0
set trust-ip6-3 ::/0
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "mgmt2"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set dhcp-classless-route-addition disable
set management-ip 0.0.0.0 0.0.0.0
set ip 192.168.200.1 255.255.255.0
set allowaccess ping https ssh http
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set dedicated-to management
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role lan
set snmp-index 38
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
end
set dhcp-relay-request-all-server disable
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set trust-ip-1 0.0.0.0 0.0.0.0
set trust-ip-2 0.0.0.0 0.0.0.0
set trust-ip-3 0.0.0.0 0.0.0.0
set trust-ip6-1 ::/0
set trust-ip6-2 ::/0
set trust-ip6-3 ::/0
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "ha1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 39
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "ha2"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set mediatype sr
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 40
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed 10000full
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "modem"
set vdom "root"
set vrf 0
set fortilink disable
set mode pppoe
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 41
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set ipunnumbered 0.0.0.0
set username ''
set password ENC jfcJ49RLEY/+sPwPrCvBkE9geLa/UfoHwQubi9ysVbhsLZ7b7KU2ctUbCXARUTXNitsV3AnXT4ShkFMHRLs2r4iXamX+vAmRO1cnkGTWb4jnQScZ7HPwQFhpFv31AzrHws6J8+s7djRrGR1BHX2e/mdH7v6Bx83FuCce8Yx/9ABiyVtgZbZz8+GBwW5O3b2u/CaVgQ==
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set service-name ''
set ac-name ''
set lcp-echo-interval 5
set lcp-max-echo-fails 3
set defaultgw enable
set dns-server-override enable
set dns-server-protocol cleartext
set auth-type auto
set speed auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "naf.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 51
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set ip6-delegated-prefix-iaid 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 52
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.root"
set vdom "root"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 42
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 53
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set ip6-delegated-prefix-iaid 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 54
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.Policy"
set vdom "Policy"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 50
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 55
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set ip6-delegated-prefix-iaid 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 56
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.TEST"
set vdom "TEST"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 47
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "naf.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check disable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 57
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set nd-mode basic
set ip6-address ::/0
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set ip6-prefix-mode dhcp6
set ip6-delegated-prefix-iaid 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "l2t.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 58
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "ssl.scsd"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias "SSL VPN interface"
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 45
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set wccp disable
next
edit "npu0_vlink0"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 43
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "npu0_vlink1"
set vdom "root"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set subst disable
set substitute-dst-mac 00:00:00:00:00:00
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type physical
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set disconnect-threshold 0
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set description ''
set alias ''
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission vdom
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 44
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set speed auto
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
next
edit "SRIC_BOCES"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 46
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set interface "outside lag"
next
edit "vpn-042e9903"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.69.218 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.69.217 255.255.255.252
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 48
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override enable
set mtu 1427
set wccp disable
set interface "outside lag"
next
edit "SCHC"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 49
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set interface "outside lag"
next
edit "vpn-0fc50345"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.54.78 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.54.77 255.255.255.252
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 59
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override enable
set mtu 1427
set wccp disable
set interface "outside lag"
next
edit "inside lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.251.1.5 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port17" "port19"
set description ''
set alias "Inside"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 60
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set lacp-mode active
set lacp-ha-slave enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
next
edit "outside lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 198.36.24.5 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port18" "port20"
set description ''
set alias "Outside"
set security-mode none
set device-identification disable
set lldp-reception enable
set lldp-transmission enable
set lldp-network-policy ''
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 61
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set lacp-mode active
set lacp-ha-slave enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
next
edit "city_phones lag"
set vdom "scsd"
set vrf 0
set fortilink disable
set mode static
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set management-ip 0.0.0.0 0.0.0.0
set ip 10.250.100.94 255.255.255.0
set allowaccess ping
set fail-detect disable
set arpforward enable
set broadcast-forward disable
set bfd global
set l2forward disable
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set vlanforward disable
set stpforward disable
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type aggregate
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set member "port6" "port5"
set description "City Phones"
set alias "City_Phones"
set security-mode none
set device-identification disable
set lldp-reception vdom
set lldp-transmission enable
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth enable
set vrrp-virtual-mac disable
set role undefined
set snmp-index 62
set secondary-IP disable
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-mgmt-vlan 4094
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
set swc-first-create 0
set np-qos-profile 0
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set vrrp-virtual-mac6 disable
set vrip6_link_local ::
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set priority 1
set dhcp-relay-request-all-server disable
set dhcp-client-identifier ''
set dhcp-renew-time 0
set idle-timeout 0
set disc-retry-timeout 1
set padt-retry-timeout 1
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set drop-overlapped-fragment disable
set drop-fragment disable
set lacp-mode active
set lacp-ha-slave enable
set system-id-type auto
set lacp-speed slow
set min-links 1
set min-links-down operational
set algorithm L4
set link-up-delay 50
next
edit "vpn-0403e61"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.242.194 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.242.193 255.255.255.252
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 63
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override enable
set mtu 1427
set wccp disable
set interface "outside lag"
next
edit "Highstreet"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.117.222 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.117.221 255.255.255.252
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 65
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override enable
set mtu 1427
set wccp disable
set interface "outside lag"
next
edit "Highstreet_2"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 169.254.13.86 255.255.255.255
set allowaccess ping
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status down
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 1379
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 169.254.13.85 255.255.255.252
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 66
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override enable
set mtu 1427
set wccp disable
set interface "outside lag"
next
edit "DPS"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 192.168.147.1 255.255.255.255
set allowaccess ping https ssh http
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 192.168.147.2 255.255.255.255
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 67
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set interface "outside lag"
next
edit "RAP"
set vdom "scsd"
set vrf 0
set distance 5
set priority 1
set dhcp-relay-interface-select-method auto
set dhcp-relay-service disable
set ip 0.0.0.0 0.0.0.0
unset allowaccess
set arpforward enable
set broadcast-forward disable
set bfd global
set icmp-send-redirect enable
set icmp-accept-redirect enable
set reachable-time 30000
set ips-sniffer-mode disable
set ident-accept disable
set ipmac disable
set status up
set netbios-forward disable
set wins-ip 0.0.0.0
set type tunnel
set netflow-sampler disable
set sflow-sampler disable
set src-check enable
set sample-rate 2000
set polling-interval 20
set sample-direction both
set explicit-web-proxy disable
set explicit-ftp-proxy disable
set proxy-captive-portal disable
set tcp-mss 0
set inbandwidth 0
set outbandwidth 0
set egress-shaping-profile ''
set ingress-shaping-profile ''
set spillover-threshold 0
set ingress-spillover-threshold 0
set weight 0
set external disable
set trunk disable
set remote-ip 0.0.0.0 0.0.0.0
set description ''
set alias ''
set security-mode none
set estimated-upstream-bandwidth 0
set estimated-downstream-bandwidth 0
set measured-upstream-bandwidth 0
set measured-downstream-bandwidth 0
set bandwidth-measure-time 0
set monitor-bandwidth disable
set role undefined
set snmp-index 68
set preserve-session-route disable
set auto-auth-extension-device disable
set ap-discover enable
set ip-managed-by-fortiipam disable
set switch-controller-igmp-snooping-proxy disable
set switch-controller-igmp-snooping-fast-leave disable
config ipv6
set ip6-mode static
set nd-mode basic
set ip6-address ::/0
unset ip6-allowaccess
set icmp6-send-redirect enable
set ra-send-mtu enable
set ip6-reachable-time 0
set ip6-retrans-time 0
set ip6-hop-limit 0
set dhcp6-prefix-delegation disable
set dhcp6-information-request disable
set ip6-send-adv disable
set autoconf disable
set dhcp6-relay-service disable
end
set dhcp-relay-request-all-server disable
set dns-server-override enable
set dns-server-protocol cleartext
set mtu-override disable
set wccp disable
set interface "outside lag"
next
end
config system physical-switch
edit "sw0"
set age-enable disable
set age-val 0
next
end
config system virtual-switch
end
config system password-policy
set status disable
end
config system password-policy-guest-admin
set status disable
end
config system sms-server
end
config system custom-language
edit "en"
set filename "en"
set comments ''
next
edit "fr"
set filename "fr"
set comments ''
next
edit "sp"
set filename "sp"
set comments ''
next
edit "pg"
set filename "pg"
set comments ''
next
edit "x-sjis"
set filename "x-sjis"
set comments ''
next
edit "big5"
set filename "big5"
set comments ''
next
edit "GB2312"
set filename "GB2312"
set comments ''
next
edit "euc-kr"
set filename "euc-kr"
set comments ''
next
end
config system admin
edit "admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.20 255.255.255.255
set trusthost2 10.1.6.32 255.255.255.255
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH27mnuv1gJYMtqYwkXQMK0fKkxOk/ua/uym7IxoVjpilZGJd3ioSlMijI0lPM=
set allow-remove-admin-session enable
next
edit "tmarri81.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.34 255.255.255.255
set trusthost2 10.1.6.20 255.255.255.255
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2zy/WiotMJ0n4+r/7vyrxrarJG6TLkSozobqY+Ul5Fmxpqm54w9J0gzwcqAg=
set allow-remove-admin-session enable
next
edit "nocview"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.0 255.255.255.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "NOC_Dashboard"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2PgEvhec+ujfr1KsSHU0jmyvM7tEiL8xF7+dUC0Xf+Mkpa+59VE1MDmIgVWA=
next
edit "josoto.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 10.1.6.126 255.255.255.255
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root" "scsd"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2ZE8v7FYF+FY3qSmhiMQbj0gqJd4MYGXeG8MxD75NGJFgUMy3sPbs96686gc=
set allow-remove-admin-session enable
next
edit "jpoland"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2MDEFNFDa99Ek1hpleBgiK/Y4kqbUFUwJAsBe8xloCdaOTzZxl3FBk2fFPqo=
set allow-remove-admin-session enable
next
edit "jkafta72.admin"
set remote-auth disable
set peer-auth disable
set trusthost1 0.0.0.0 0.0.0.0
set trusthost2 0.0.0.0 0.0.0.0
set trusthost3 0.0.0.0 0.0.0.0
set trusthost4 0.0.0.0 0.0.0.0
set trusthost5 0.0.0.0 0.0.0.0
set trusthost6 0.0.0.0 0.0.0.0
set trusthost7 0.0.0.0 0.0.0.0
set trusthost8 0.0.0.0 0.0.0.0
set trusthost9 0.0.0.0 0.0.0.0
set trusthost10 0.0.0.0 0.0.0.0
set ip6-trusthost1 ::/0
set ip6-trusthost2 ::/0
set ip6-trusthost3 ::/0
set ip6-trusthost4 ::/0
set ip6-trusthost5 ::/0
set ip6-trusthost6 ::/0
set ip6-trusthost7 ::/0
set ip6-trusthost8 ::/0
set ip6-trusthost9 ::/0
set ip6-trusthost10 ::/0
set accprofile "super_admin"
set comments ''
set vdom "root"
unset ssh-public-key1
unset ssh-public-key2
unset ssh-public-key3
set ssh-certificate ''
set schedule ''
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set guest-auth disable
set password ENC SH2+WrS1YeN2wN1qqkANtIzxrsLUfFr9LiJpDb6HCiJyT4X4CBY5YkYHLg5LrY=
set allow-remove-admin-session enable
next
end
config system api-user
end
config system sso-admin
end
config system sso-forticloud-admin
edit "FortiGateCloud"
set vdom "root"
next
edit "4fc9e93dd975@fortigatecloud.com"
set vdom "root"
next
end
config system fsso-polling
set status enable
set listening-port 8000
set authentication disable
end
config system ha
set group-id 0
set group-name "SCSD_Fortigate"
set mode a-p
set sync-packet-balance disable
set password ENC Bgy4VdmThUZ8NLkBRKM7IUif+/gFwpftxGrBI7HivH5j/lQDL2/27K2mcsyNXDm/zmz3KazqTD3whXqVa45Fi6RTGbdbRlrHa5VXxrSwiLeFA+l0S6nbWi2F9+2D33HkorHM56tmSPeXRbjm1aTHO3u8JU9irw0t3w+FD4ur0tiKZ/u7yyN5zB4vLIw6wVKIjNCftQ==
set hbdev "port1" 50 "port2" 50
unset session-sync-dev
set route-ttl 10
set route-wait 0
set route-hold 10
set multicast-ttl 600
set sync-config enable
set encryption disable
set authentication disable
set hb-interval 2
set hb-interval-in-milliseconds 100ms
set hb-lost-threshold 6
set hello-holddown 20
set gratuitous-arps enable
set arps 5
set arps-interval 8
set session-pickup disable
set link-failed-signal disable
set uninterruptible-upgrade enable
set uninterruptible-primary-wait 30
set ha-mgmt-status disable
set ha-eth-type "8890"
set hc-eth-type "8891"
set l2ep-eth-type "8893"
set ha-uptime-diff-margin 300
set override disable
set priority 100
unset monitor
unset pingserver-monitor-interface
unset vdom
set vcluster2 disable
set ssd-failover disable
set memory-compatible-mode disable
set memory-based-failover disable
set failover-hold-time 0
set logical-sn disable
end
config system ha-monitor
set monitor-vlan disable
end
config system storage
edit "SSD1"
set status enable
set media-status enable
set order 1
set partition "LOGUSEDX4300F88D"
set device "/dev/nvme0n1p1"
set size 937875
set usage log
next
edit "SSD2"
set status enable
set media-status enable
set order 2
set partition "WANOPTXXFFCD85F8"
set device "/dev/nvme1n1p1"
set size 266562
set usage wanopt
set wanopt-mode mix
next
end
config system dedicated-mgmt
set status disable
end
config system dns
set primary 10.1.40.10
set secondary 96.45.45.45
set protocol cleartext
set ssl-certificate "Fortinet_Factory"
set ip6-primary ::
set ip6-secondary ::
set timeout 5
set retry 2
set dns-cache-limit 5000
set dns-cache-ttl 1800
set cache-notfound-responses disable
set source-ip 0.0.0.0
set interface-select-method auto
set server-select-method least-rtt
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
set log disable
end
config system ddns
end
config system sflow
set collector-ip 0.0.0.0
set collector-port 6343
set source-ip 0.0.0.0
set interface-select-method auto
end
config system netflow
set collector-ip 0.0.0.0
set collector-port 2055
set source-ip 0.0.0.0
set active-flow-timeout 1800
set inactive-flow-timeout 15
set template-tx-timeout 1800
set template-tx-counter 20
set interface-select-method auto
end
config system replacemsg-image
edit "logo_fnet"
set image-type gif
set image-base64 ''
next
edit "logo_fguard_wf"
set image-type gif
set image-base64 ''
next
edit "logo_v3_fguard_app"
set image-type png
set image-base64 ''
next
edit "logo_fw_auth"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAPoAAAAeCAYAAAAFOQOpAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAPYQAAD2EBqD+naQAAAAd0SU1FB9oJDw4aKksK+ckAAAYdSURBVHja7Z1tiBVVGMd/z91d3faORtEbmfhJi4rSLAnDCnonsQ+9R2AJkW1F+UGiIDIMCokw05DoQwuaZIUlQkWQSZQia9KLWqGVkBVEljRX21zn6cOZda93Z+bO3Dszd+7u+cOwew9nznnmnPN/nuec85wZAW6nNRBgE3B4KEEdEBc8hzkCD6jSHXSTCltKLqv8e+YB96kyWLdCoUdc5lbVt0GVowH5QNmssAb4p1QJLXIWMCXDNuoAtgOdwA918l4NnJ5xn3UBb1b9ng1MCpF7C/BbTfqtQClD+QaBXTHaaghTgUsAL4fxXgK+Bvb4vycAN+bAse/8etEWXiNIog7PqIOqg+f/HXF5ZfqG8nsOi8PyBV01dYXnLeN5Zb6t05B9GbePV/X/JuDiCFk+yanPqvFuRL65ATIO5Di27oihVB7Lebw/VVX3tJzqXEbG2jURtAzqsARlSZU2GpkvzTo1UheKCBdomX6vHCxLTl7PEG4GdgIrsKjbtcBbwG7bFMPuROt7xQGpgMITeVJKYtSlwkwRphWozx4F7rZDN5aCPBfYb5ujIEQX11hzYeScPMrE5ThiPi7QANaaebJFNCYDz1uiF8fXWpCyZ56mbJPVYWrBrNU8y+HY7XW/JXo48lqJRB26BSbGMdi5zdGrR4pZ1piaTDdkPgedU5M2IaE8RVKqmnE5Z5JshTurtjmp6v+OBrjXCCd7wGzbRJFQcupmVWGH+ELF6IJ9VSm/Av1Qf3sNKNfM0b8E/otpQ48ktCK3ABubbJmVwMMh5c+qSbsspIzbgLdDyng1pPxWWN0ngReaLGczZpsxaNQ8C3yYQJ7ngKczfOY9EfzStDnZWQjfqsIAcE2Se7yyWUwTl7XA2tg6xd+r99cGZmb4WD0plLEmgojHUpBjXIGsencKZTyEWWmXAOIOJixr/Ghy3TvbVfCIIJZopeLaNZRRjD999zbILZ4ylhumEETXMh0qzIsjj6+q94vL9qbrdbhLY1pGga3i8kvOTTPDctciD6LPr53XNondwKcBLBonJsChKxZBlXXAPSnIsy72hEe5E1ifoOzrgFMbkGnQf7ajwBV2iLYMM4AHiV40C0MfUGknor+Rcn2vBxLd4EhcovskyBvHEuZf4F+ZOEEkWxy0SI5r/asRvFc0ohcjMk7jb3W1YnutgBBfaVpYtM8cXWRs1ZsCDgIb7PC1aCuLntSUjXEcBa63zWCRFtHVNk9Tc+isyhHfolsUv//awnUXYDnpBg58HjFfHh/rNFmKUw7VBO67JPJ+BHMQZm8T4g0Aj4f02Y+AQ8EWfEYRBHMk+IsGvd5KOxEdYFEu6lP5F+HSuI0q8FdKVU+Pq701+XHH14B3mpSvC+gNmbHclEL5FuH4CBOWO+oten7zhwoKdd/mkkW9XxW8bfsID4E9y3IxU3SMpocpRmScU3e9oNbdVnGNJfbKCJLAA3eHTwCpk8gt81oQPttl+WYxeogO3QK7UZxYsydlPfCI/7tXYCka69DCBE48KngQjXF6zdSzAPPeNouxgUFL9JQhxpqfhkSeqT6uFfTEs9c9wCkN7rudHOs+cx79bzv2xxTmY468prWj2wGs8qdjY5ToLoe1zCHAQaIbViT/iDYVEHI/0GLRWpztX2liUg5yd2PO0U/HvOZ5I7C1OAEzwrJ6JB8yrqkRWGPzHHH52Y59i4KjB3D9KeYOTLxFB7C0SJFxKyHmfDkt3RLPKROF8+0YsmgDXAWcA1wEfANsA64EJhaG6OKiqiyOMZ/PG7tE+d6OIYs2wOXA75gw6XuBhZgv/WwuVKx7qcIK4OUCibRXXC5EQl/KJxnrpDTKz1LGpGXnoafD6igVwG5kXV+//3cc8CImsvIGYGIn8FKEv58rPAdQFiEsIST6TYcfZAgN7zWHhcD66b2qrPacyNdPfQD8EZDexfA3tprBAeAVgs/f74zrkWC+7hK0XbStSfneB34Kef59AenLCQ5EKWHCTZvFEX88B5H6UEDaDt+wHMtheJcStPdqqr5JmICTn2HCb2f791cwn81a2LaHwbzycS8g8X1x70mS18KiIDgPE015hq/ADgBL/wdzAzk3USNrQQAAAABJRU5ErkJggg=="
next
edit "logo_v2_fnet"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAPMAAAHCCAMAAAANeQ+xAAADAFBMVEV/AAB6AACLAAOVAAIkIB8AKD6FCACiAAOsAgC5AADDAABJIT/OAATRAADbAAIAOVs0MC/nAAC+DA3pAA3wAACjFhpnLRB4KQyXHxxjLEIbQ10ASnWQLxflFhXaGR6ULi+ONgl5OxdnQBxMR0bOJSB8OzmLPAfGKSmgOA4JXJHkKCy3NjGMSgZVVlSCUg8WZox8UiezRQhwVyEAcH2/PkJuWi8AcZAQcHKuRkMObKp9WhaQUF3iPDp5WVqyURbcQESfWQelUk+XXglHan7wQDZuYHgQd7ypVzdlZ2SwXAIAfcfjTSV/ajUGgbrZTk2rZAN3bUQAh6STaiUahJbWWwcFjI/yTkauYkoHhtQqgKwRhcmRbUu1bQS4Y190dnPLX1+8bgGRcHCfcUDDbQHWXl5cf5MPkeMAl++tcmrfaEITluHTa13QdgLKeQTWa2+Bg4AAn/3qalmNhWERob/aegDldwAdoqYCpP/UdXTHhBosn92+fnxXmbXuei33exO4hW3jhADbhwGOkI9Loa5PncvtgwCxjFrQgH6Zko+blW8drf7viwDUiXF/na3RiYoAvuW8j42cm4Gam5gos/77jgHyjx7Rj47ylALJmk+6nWi5mpT7lQX1kjzsk1VLuMOgo6CjqJBGuf/PnJuoqqf9ogKlrZzupCXmpTjhnZxLwP+Gtb/PpJWtrpi2qqrLpaCItda/sIywsq7Tq41bxP2us7XKrKtpxvq1t7T+sRv7si61vKCWwNipvMilvsLLtbG5u7jRtqf8vAXBvLv+uiW8wcO/wb180P/uv3KbzObOw7zdwpvExsPUxKzFx8T+ygD+xELDyMvhwbrHyca9zdrLzcrdyb/+y1DazLbuzJT+zl3M0dTQ0s/U08rS1NHV19TH2+fk1tbY2tfW2t3a3Nnv2rXd39ze4N3h5ODX5+3w5NTl5+T74+Dk6ezn6ebw5+Dq7en/6OXx7d3q7/Ly7+bv8e788eTy9PH+8fH39ezw9vj2+PT2+/75+/j8/PP7/fr9//uXHhBNAAAAAXRSTlMAQObYZgAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB+AJGxYjIiP66ooAACAASURBVHja7Z0LYBNVvv9puxfabtsVlMdFC4ooCgZYEQSWtYguhmcFhAUtpUpFYVvKIgILrEJQeQl2C1IW1FgCCnXL3cgj9fKIxmZ3NTdrSYf9r8nt2CSbpNRmc7fmBpvObf6/85jJTJK2YANtaX7QNpk588v5zPd3zpyZnEcPQ/ezHpbuZz1iOsd0jukc0zmmc0znmM4xnWM6x3SO6RzTOaZzTOeYzjGdYzrHdI7pHNM5pnNM55jOMZ1jOsd07kidjd3PYjrHdI7pHNM5pnMX07m6+1lM55jOMZ1jOsd0jukc0zmmc0znmM4xnWM6x3Rup87a7mc9vN3Peni6n3VL5rruZz3c3c96uLqfxXTuJjp3xzrM2v2sh7P7WQ+WWLfS2dH9jNe5O1lM55jOMZ1vLp276/U5Vp5v8vKMn352M527Y2xrup91z36Apm5n3bI8G40xnbuDzrFxN7HxVTGdYzrHdI7pHNM5pnNM55jOMZ1jOsd0jukc0zmmc0znmM7dS2ej0cRIzGQim0wmE32P3xnRI9KQZNJj6XPFyOlMTEhKaZIbq3M166yrC/aGrKtz2VmrE7a4HOi32+V0uGCzk2VZu0tICcmcVhYlFG1x2J0uFyR0SNI5WLZavAm2Oe2SJODphupsNLGyu6VWZHFsWwDGHkO/Fxyrwb+rmert4lSyAqbaYpEcu90qv/tueUg6eRnLmFjJprvlbJnkvfZGCt0DZK77UYgVWI49DrbAiP88vr8G/znGOrdL092isbOSDXL2btiqZwuk6bJZ1pUtPdIkdaU03VidGdctIczZugWYWb0Hw278Av+ZrWcVIQnvNlmkzAbErGZCmH+0nbGHMKulzNu1hhursxuYb5GLbLsOx3SGmsT2RvJ2QRlmlvGp0JlSswXZ+AU90ISZsc58Mhk+N85s0Sa5PFtTli2X/0j4XKW+A3S+W6Xhhx9p1BojoysD0+jQn4NlevK2jEHM29UkmQFRFBlMej3iVKk1GrVaw+DXWOciNf6yV6snpyEb7dDwn6DWGIx6A/5cfKC6I3S+W8PwX+dAxVRzDBtjYVDVYmLJW5MDMxtwqhqHHL+xVDtkCMeArjkWV1DnIj2+DFkcsOlHKsJsoh+AtltYFn+ukVyuOqI83yJYNmO5iAvwAp3BiP4xl/Dbxy+Q8syno+WQcWJmPboIM86gztu1RmHTj5RMdvBIOWOEU2lkrIhZjQ+8we0worPIZAaWVNQLynBtWm2twVXa46erQ+swmcpgYeswsxGlZOtEOhsswqYfqapFddjdegbvcWKdTTe+HWYMq7fvVpuozmVa0tKiOh80hTIXgEpEZ5JUqrMhVGf+A2hQiHS+wfNK0Xq7QDCFhqnZth5sWxkpf9aaPeStBTHLSartBXdjxaqvSucyrHM2OXA71B2ogxbVGeqP6g7ROVhvQ1ULqKjI6fUMW1NTgzrx47dazKxQa4R6+5Zr0vkWFa2dIZxNYp1Ji/yG63y32mjhW/wWFjc2F/xa0vZcsOALXG8rcH0M1XUBromvSeftgqH4oTqjSMJXixuus7hcMaTSWmCgbc8vaDVOrs9EP5MVMSu1VGdVmM5F4fW2yLQGE6+zybR9e5npRutMKi7hTENJ24YhNcdo2xOfgm3qatRg3K6naRBzmbGaxddklbG6NZ2VltC2JwSIg+pcVpC9nbmBZRrpbL37FijP2uCJMFnYXHF7Gze/f7VdzWyHq/J2DdGZLYBLLehsYuXkBd4ou+WWu1UmSHdLEY0HtOmWImM2HBq8PuAAscDnylR6pgxinSS+YfMZsFZGoyqD+jNoULxOHzx4UPMF+n2wTHcR/qo0RpbVq5VqaHqRbrF6VZkaTg9r0apUcJnFGxn0mmF1qmA62KRUMxa9WiUypDMLn6vSMixTVrbdyNzYeStMJj2qh8WnwmQyQA0O1SyuovVGlEBvgK169JdPosdH4bRafiN2JU0X3CQyA92DvBr1er3hhs9bgYue1MgmWsItfAJJQuGNeCt5GZoukm/ph8TmJ4nNTxLTOaZzTOeYzjGdYzrHdI7pHNM5Nk9cbJ642DxxsXniYvPExeaJi80fFpsnrtPorJXhPzJte894trLD54nTy2Sy7Oq2KwG9DP+R6etCj5YVSFOhH1W2TCZXRnRUoOzweeI0MpM1u6DtCbg0MvxHprGGHh0hlUZWZLUWZUd0lF3U4fPEaWWMUyl3gi7ZrKIAbVFmO5WgksEpU8kVWrlMpnKi3zKcXAYJVYxMC8ex9Ggn2i1XwXFKpLpcK3MWKIhzudLJyBgVbFXg3UwBvFR2yDw0IUpZ5IoiucUiL1LJrYpsa0GRXq63KgqsMpBfrrTCVnmRoHORtQhSKdB/fDSYBnYr5ZYiuQangh+cXoaPM+FIUMrw7iK5qaN0Fk/QokXSsAqFw1GkYGXqbIVKrldhvRwyrYNBr2SgFaTDyWEbaKuVo034aPiDX8uYomwHTgU/BeDOoZI75EVopwpFCd6NPia7qMPnldLIUD+oIjnDyIvYArlSK5ezWrkW7ZJpWFauRK9gV5GMpdsUcpbNlheIjka75QCF3jPww6pkCuSTzVbAcQa5AjYY0G76MR0935CWCIbLswOy6ZAjyVEJRJo6UEmWO0B4OdUZFViHQ432CUfj8uxAQrJyVJ6RxpCuCAWRHBQmv+lueVEXnT8MidbN5pVi5OrYPHGdX+duPI9rbJ642LyPsXniYvPExeaJ6yLj6EyxeeK6RXmO6dw9dA60YZzfB+b3c7z5yQYu0F774Z57tNPazhaHMtGM84Ty14y2c+3Fbpfn68fc7Pd5fVxzM+fzevCYXmRoAK+HbobMNf8g4PZ6vl7MkB8435zP4474XNztAZVQ1q+duv2erw9zMxICslXXytcBdZC5a6eOhufrwuz3eP1+b53L2ep3IE6XGyXz+K8BOSqerwMzBx/m97ic4nw5HTZiDslWp8vj93m8V1ubRfDsdNbwJt3ciufoMyMpUL6IuVwOm9ms050+WIjs4GmdjjHbHK5gAu9VSx3q2VnDMpUV58+XIjt/vqKSYWucV+E56sxej89bJ3ysw2YsXDygb4LY+o5/8bTZ5hTyVucDQa4COcQzW1n63tZ5c8aNGnU/tlHjxs3bWnoeuNvyHGVmzuPxuYUnRzZT4Xjg7ZWYmJhEDV72SohPGLD4tNkupPP4PJ624lvq2cqUrp03btQEZFOJwSsEPm/reaamdc/RZebgEuniF4+w6Tb2RbxAmiw2BJ4QHz+4sNJKUzpccKFtHVriGSSeP2eUQDt9qmDAPWrcS6WmmtY8R5UZMuZx0ozVEGIMnJo2KGP2yvXwLzdjUHoa4kZqDyjktXY4Pa1Diz3bgRgkJrgvrFq3c28J2N51q15YiOgR9bxSXutInqPJ7Hd73OQxmdPBFGJiwEubtH7/BTScVQf/0J/D2zIwdq/4+PGnzZAWm7s1aInn0pfGYYmnL1xXcvJPYjtZsvOF6dMx9dbzrK0lz1Fk5uo8dfTRYI1uPCFOHbTtNLDqLohMB7YfYSdBhG802mvahBZ5tp5/bx7WePqqkjN/imAn1y0k1KWV1HGY5+gxc9D0pR/CgsiYOGM/4J4ONwA/kds7ORnK9XidjR4FDWauhcAWPFefXzsOE+9ECp8JN7R17zJEPW5rBRvZc/SYIWN2ZA4H8yIWOWX4ft2FEy3Zad2J2WkowAccrHbgA+1wmxCRmfdc4zCXzlsEyNPXnYwIzGOf2Qla3z9q3nk2oueoMXtcJGN2h24xFjlt/YXTJw6faMUu7B+UkpQYH19ottGsuTwRkAXPNSaIa1RvlbQMTLGPrwKpIb4t9gieo8XsoxmrsUNRRsjDD58+3JadODE7NRmgNwahfWHIvGe7rfK9eUTkMyfbsjNnduL4FkH7os3MuVx2K3ZuRMhJqbNPHN7fth0+vbI3QPfcaMbHWu0uV2iRDno2E+SdZ9pGRtQly6YjaDbcc5SY3dAWRP1L7AwK7KS03BP7r85ObEtD0HClRoezDmdokQ56fm/erKlTF+69KmIEffwFCh3qOTrMPqeTTMthexEjLzm852rt8LZ0gB5w2mxFUzGwTqc0ugXPllIe+ThYyzEtRMHxkwgaVWRW1ibxHBVmjs8YW4gDO3f/tqu3/dsgvHsO0NHFOZ1O8a0+77mGPT9/EQT2XkwcyU6e/NM3DY1gtX8h2McRNFRk8ypCPUeF2eOwE7+6vr2SklNnC8iHW4YP7tqzMi25V89HzcSF3SGuuwXPlWvn4KtyS8jHz3wjHNT0l9fOIObjJ0sWToXrNBPiORrMHJ8xBuqv5ORJeNoZNPPMiYB/4/qItq1QtGvP7NSkBCjSxInDEazGgp5R/TV93XHUsi6JpPKZRnGJ+Oa1DYi55PheuE5DkZZ6jgaz20p82lBkJ6dvW0lsfSHsu7JxycpwC9m1bRKObgptDQrNe2ZLUWS/0CJySRC5qamZQuO061CRrmQlnqPAzFEtcGRDlU04clcW4g+48uKSJSHY4bvWQ3THLeaZBaEFzyYU2Qvx/VMkbBHy7scee+ws/K16bcMGnPSF6RDdrMRzFJg91KN5I47slbnYlhTSXFxZnLtkSa7YRLuWkF0rIbrj4y5QaJZ/tsF7ri6dPwsiuyQILeYuOV4ilOXdAweOGjVqN7wCZgyNohvqbrHnKDA7xDLfSpFzC4UAvbL4ITHxbMkuunHloOTEOL4aY510t0Ms8wsle5FFwC4500QPqMTIo0bBOfhmFmKG9KumTxi31SL23H5mn0TmjNzZyERcGHp20EJ25ZIDZqeJhSZP7njPLJZ5515qJVI7fnzDX3h3zw8ctQgZCN28CUGjgyRC+6PC7ObFQDL3pmDbJA0LEXTG7ELJrv8ZT8/EcBCaL9EsaTLxnpm180DmvSKTUm+oFZhHjVoEQb1oE7w+C8x7ETMWmhV5bj8zrWeqTyCZh8/OwLbyihT60RGYNyNj9n5p0/LZ8eh0ZEyalJ6c1HOAib9I4318DXZ+7SIozXt3UguD3iDUYBUYecOsKlSLzZq1YgVKD7dYo+ZXVgc9t5vZT0eLmh9NgEo7g7cl/xMCPQxtnZQRgvzzwSMeyhiU3js1OSkpOSGu0EwnLEIhyHtm3wOZF+4UmVTtDRsaeHeNzy8CdTe8hk5C1ahZK5a9sAw/ILx/TCkb9NxuZjed9cbcF1qd6SAYsoxhwx6VQv8Pgp6UsTEUue+wZMSLjNRiZE4ddCHlPTOoBltFaNetE0MTcBFzoH7TolmzXmtoBjt3//0ThMehENwWwXO7mZ2kM435BGqPDJ9EbVg49Phhg8KQB4gffSeh4KZ9c1D9Sj1bSGgjXmIhcmPmJsFn7Te1Tc2Y+SciaGiXBD23l7mZzgJtXpyQlJxGiYcPHzpsWN9waCly8z3xPenzbyp0QtxpM3HHwm7i2Wx5D2rthetCTMS9YQN/eSawzc1NTU1c824x8/1jzrOC5/Yy++npY0agWns4b4MGDR3ad7AU+ttCTorcs2e8GDkJ2mIvUmYLFxA841qbkK5atSoce8WsTSLgJtrTouGx2yXMpazgub3MXjprrAmKc/KtwyXQvUKgpXZPXAhyUhIUaBrcjC/Ae67kmVdhW7fqBSn2ihWzoLEp5kUyc7t/cvv9E8QFulLw3F5mN83Zp+hKlS62QYP6JLYCHQE5KSluwKcWrDTjCfCeK6AKm75KZC+A8dArwJ7+S0AA5lXmGgZKmOFqVUGZPe1mdpF57c0fQRWWImFOT0HQ314LclL8gI/IlJmmugD1bDmLqrAQZMEEZAG4iWA//xNxaKNK7CzDe24vs4MyvwpX59T0W8WWnpKS3BJ0ZOSkhLhXKbMzQD1bcMMzIvALK5YtA2QicZOgMlA37f6JVOapo8aUMrzn9jKzYuZbpZaWlpKcFBG6BWSouF81k5xZA9SzZTdmfiHcli1b9vTTU//STGCbgho31T8/MERmqMR2W3jPUWXuHWppkZW+Jy4uErKYmZUyR0ReOP3pqWebCSb8M9c3cY3wr/7UwJ9g5MjMbLuZq1tl7p2Wmpw4IASa+zkgJ0RAljJTz+zutVPDmUHjhQunT596tqmJV1n5bwOfP1VZ8fxjAyMgT73/4d1stJgtrTOD0omJ0jupQGFcXM+IyGLm6oCFZ56PmJcR44F5ZCox528E5J/wBsQhyIjZwnu+zsxpacnJj14JhDY543tFQm6JGWIbEJeJbOFChDz9L0TiRn+jX/lvgErt/nBkkc5RYCZrXmPm5LRwS05dHF6FPdu3FWay/gswE8+W0rXAvDDMcGCjogzEGJmwEpsQiowaYgzvud3lWcKcGmrJqUsiXaqeTWyD2QDlmXhm0CNP0BSwp0uQp5+lEjeiwA4ii/vVSK9VvOd219sGwozbYVeLDGW6Dw+djP/Tn/ienwrM1DNzbv4czBxqZzlCDIYaXbdT2kjAYOPGnIsas53krBIzh1nKkpaangQ6JHlS3B2fkpzpHQHq2XRuPrS3IyHjoG70Nfp8oQ3NSMzzzpl4z+1ue+qJq0vxiZGQW+7AWjg0IvMlmjNoe1LPVfPnTw9jhhq7EREj5MaGhoEhLZBQmz51zLwqwXN7mT0kZ5WXBvRqU+XCEKXDoBPjfnmJlGK9J0A9G83z14bpDMg0rBu9DQ2YecKs1pgnjNlqFjy3l9lH55RnxyeEqpYcovI9cT8Pg5YegKow4k7vD1DPleattBKTquz3NWKJkXkRc0sKo1/ToQpjBc/tZeYMBpKzjfFJbSHHtQXdM+5TwmwwNgeoZyNbOn/O01OlyKgYE4nrkbkGtlyaySGoChM8t/t5GEPkMF0ILdBLpL0k0FOR+L7PtgYNxZmtJGJYYC/vGQq0hBmQeeIGL2ppDhzYYg3GHzJmntkkeG43s4NOpM8OSGgDOSGhV0KvEOhBSdLibCPMWvQMkHrWsfPXzno6SIxUhsuTl4T1Y6hxffv9LepMDlr08CYa2tooPAMMeOhCHeYXxcGdGoYcj7v39gqDFjHHQ2gTZ1r0XRr1rIM76JdEzGehHFPghvqGx0hjpHWZcWgHPbebmdPrsbPKC/GimntSIAwZN72AOgQ6NUkS2tiX3oDHDVHPxiqR0FOnNjbywGDkSd+ENpBnQWgbg57b/91NNRXaNj4hOYUYXKa+DUMmbEmJvSSXrEeTk+hRqajWpmKweB/vmd0KQlPoqRNExGCP3d5W9YVlLmVFnqPwHR3NWeVH8YlCmzO5z7cSZNzhNSU1BXXn7SuCfjRRaLImQ4OkkuaM9AfgPZvOz18bZK4XiG0VFRWjgo0RHAXii5RI5iqTyHP7mfkQrGAHJwgt7uTExG9DkFPwjhQJ9D0JvfgdSGZWRzJmIFc53rNYaMxMNX7+38gToGD1NjX4I6rox0ENZhB5jsJ37qzGoEeGhKZ3kKkpSYl9KfQ98fG4j28q2ZMqgr4nAd+ZkJtOJDP2o9fY6SnhPTMg9IYVBHoCIT71/G7hoZf4Oka1Dm5ZuBDLLPYcBWafljjUm8fH87fQQEahCXJKqnBHHYS+B5dyuic+7lUb9aPlB8sInpHQK1asQHeQE86eA9uNHorcLlFZrLYYeeGYMbtZiedo9BtiNMQj3GgkpPVOQ09HBGgkJeWiD04E6OAu2J4Y9wTLy1wtFHfeM1TdCHrZQtwL//bb8TMRconCYNNbsoULl815eJzZKPEcDWafhhf6zZ6JwYd/AP3szyhXyHNBtOueXqJdyXFwbdbRnAV7P/KeK6ABCtG9jELzDweQosFnCBGIly1bNmvMmHO8zNRzVPoB8nLo2Sfik4QnYVBdoW9ak1PS0kIfkoXuQpFtpz7UFtGljPesQ9EtQNMnAyR0xQ/IpBKjXRvGjNlUE+I5Ksw+DS14cEsZnyLSE91QpqZFfAQs2ZUQjGytRjz0TfBsrJonQIsCFz0Kxf8JtsTQU9IV8x6eYzPqpJ6j06+XVdMYNJ+OT0gVCZqWFoE4bFcvqLPNvBh2STuN9wx197z5byHoZQLSMukDbx58WfC5MCCPq2JCPUeHmdPSGNSaP+qZkNr72iwx7o5PzVRPjV7aUA96ZksBGn0PiWV9IbKhHcGdCPkcG+Y5Sn3WPWrsuUKvt73aMyHt1qsHvhUhf2SrIDnTqkNHZFDPep0eQ29Y8cJV216MrA/zHK3xGKyKzryOoONDv61rxdISEDK/IJeKDXtwFvSMoN8ruWroDQi5RhfuOVrMzXo1P9+87aOe8Um3pl8VcXpKPAS2jT9UbYgwsj3oGUGvPbmubdxV8O+l+TiwI3iO2lgjv0bImvnTO3r2Sr8qS4qLe+KSWciYJtJwZcFzhY49B9Bv7V3Vtu196eExc6pYbUUEz9EbU+YJLgFtvvREz/jktolTEuJ6PlcTRFZ7Ij4WFnlmbPPGAPXONoh3IpE32RhdRM9RHC/pCmatsubVnnEJKenDWwEenpIYF3fHxzWVwmLZKncLz8JFnnW20nkPz3/v5M5Widc+PGbcWYehBc/RHBfrDGZNb770S6BOTh8eEXv4cEL8KiuIrFWrXC1+ASDyrGOrNo15eO3at0rWReJdt67kLUS8ycbqWvIc1fHPDpVQprWVtk+f6BkXn5QyaHi4DerTC4ifu+ioFCE7W+lYJfZsdJybN+bh+WvfA+zQnnIlb2GNN1XVGDQteo7uOHeXKGuI+pd3xMUlJPYZJOYeNKhPQhzSWEzcqsqhnnWMvWrTOIS99q23TpbsRb0id+4tOfnWW2vnP4yJbabWPEeXOeBWqYJZ01TaLn38xB09cb+CPtgSE+PjEPATH7NALEihVbVQfUX2rNGa7LbSOePGYG7eEC8A/4etxqRr1XOUmeE2Xxn8PI2mwlxz6eNXn7gDgWPreccdT7z66aUac4VGlE6p9bU5bYXUM7RQHLazm+aMA/AxCBZwx83ZdNbmYHW6NjxHmznAmZRqRCtYhdnmqLl08cuPkX158VJNjQ0Ba/g0UKsqmauZlSXUs1bP1DhsVefO/geys1VV8DlwdRIlaMFz1Jmh6Kkhb9KpEisqKs3EKisqpLu0kNp1lfPQhHuGEmQiw+QYk06rvTrP14E54DcpVVc9c6RKabr6icSi4/l6MKOvXZQq9VVkS61Saj2Ba7FoeL4+zIFAnVapbCtvaqVSW3fN84e13/P1YoaLi17ZmiQghNLg/kHzxLXX8/VjRmPCNJC5CLlTqyBbGtYX+KHWPs9RZG5uppMver0ej4esh8MaIMxQ9iCDyFQoT2Bqg7UOJ4CUXi+dvrG5pR43UfYcFeZmPAMfZMbldDjsVmtwLkyr3c5ajFo1zRAWR2u0sHa7OJHV7nA4XXgOQz+Zv1GgvR6eo8HcTPNVBxkTf2Iwd3grWbmefxeaBrJWR/MmRr4enqMU28009nDo4dkn6bRO1ND0NNIXDjrZmwtlCAciicPQ+L4OnqNdh5GREXiaUTytKraQxQqF7X4/Pw1rc9uzP0bP8/Wstzur9YhZzGIWs5h1S7M6r9dyjm0tcenzRVrINuTyHdxBN1xzNpz2UGS7L3Czm79Oisx6Aze/+Vgps78bMAfsMeY2mJvxXaHH5YD7PtaOZkHnmm9i5mZE67Yb1cqioiKlCj3QUKIXGqPd7Ytw79jlmdHCDW6LRlmk1LJu0Zz+nNddrYWtapOTrHJx8zA3+1x6ZZHKRGibGmtrv6mq+qaqtrahCU+i4q9WK4qYLsvcHMk4Vqmvx3RNtVW6soNvvHHgwHPPPffqs89u336q6hu0q6m+yNfcReyqmJv15kBjU1Oj++LHBz788PPPP/vss/LyI0f27Xvlt79d/ssXn92+u6K+QeG5qZg5w6lG2yXg/fzzvxID6CNHEDVwv/Lb5U/oGpw3G7NJ1XT2uSOf/fWvEuR9b1N75Z3/bazf7r25mC3KprMH/vrXrygwDu19GPkdZG+/+7+NZsXNVZ45q7Kp6o3Pvvrqs88IcDkv8jvE3nVX7b7JmJudysaqNz7/+itMi6MaSjExAH73t7+uOhfCXCQTrEDdzjyqZTL3tR2hlcm0V8ts5yKbSwHMX30NwG9/eenLL3/78cWLly59vBx+ffnuO+/OSM2oOneqyCc+QsQsk8kNXHsMmOuu7QjE3PLeq2Ou2974jeLDrwH5YmNDk3v5pSawi080wIX54oyUlNSMc1WnlP4QZvqpdqWs1Rx0Vma3osGm+Prrfa+829jgabwMzFd8wOwNNDc2ZKSmpD3UCjPHWeQymaXLMXsU9bXbv/76lVc+RgJ7sc6Bi7/0B+DvtrQ0wsy1xIyyIO9yzF5gVr777iuvvPnRsWOH35zx5kcfffTpx8v37N+z//BszGw7pWqZmcuWyWiRNqCCLld78WfLZOREGWSybE7YUieTqTmDAtV+hhBm8dE4glC5kWWr+VPiVUNIydR1UWFWOupVbwLzjBkzhg6dgWz5jPR01CNwKBpnNB6Y1a0wQ64V+EUBX6vhWJdTVJRzL01nwcx8OrWEWXo0xymEWpKcHLuc7ldGhdlWf+rNd2fMeNN7+bK7ZsGM5ctn3Np7GFpVzL0emB8F5lOtMFtpcEOmiwBOKye5VFJUCAMZQyAgWR2+wFlBVblM7hUxhxyNtqNk6C9O54Udijp6zWg3s09pbjj15vIZqR+h8uxevmBBeu/eaSMamhobm/ak9gbm+lOaVpg5Gc62mg/mOkJjIJn3CorKUTggZgVfLNVB5tCj4VTJvXwYMeQUFvHvo8LciJiTP2q6cqXpyq+HoyFVwOzzeoEZ6dyg0rfGDApY0W95sJJRY1glKc4FmNKKt9bJeBa6nzKHHs3xp4Zj8Lnzyvnj0Me1n1kFzOt/nZ5yGGrqgHcSIu6dOr4RqQ7MaT+ralQZ2mBmEBtfuXtJfgtwgVZDLYR51PjM1AkscFiRwBx+dEg1bQhuVUaHuQmYH09/aMmS9Uty8fjnMc1jNgAAGy9JREFU1JTER5ENI8xKU5vMaqH25kVT4wKtkCmtmBYXZ8RcJKRSCMzhR9P2klpNZFXSAhKla5VfbQ5UrP/18PSM2bm5s4elZKCZtof1GfEQ2NDU1PSfn2tSWtpgrkPbrKKrFwlmA9ppwD/wS0mY1cJhBQJz+NFwacrmK24truL4k8JEg1lbEajalvs4xDbXxH074iLn9zefGPwtmqJxT3LqDMTMtsKMaim8zcVvKSC5RpQs2pxNXqBMu2QylYRZhY8LP9qAaYtUqiKemYkms1EdqN2YOyl5Y6CpsenbwZdQsT4x2I2mtFuZnDLjF1VNCmcrzCxudIhzTaOzCKBU6KUSEqjIpesqmPHR4JQm1IbqbIgGM6sMNBbmZqSPqAk0Bb4d/AVh9sKbmmHJg0b8orZR4WmFWYVzpwwK4aUtLwNkXoEKLeTSqyDbWmAOO1ohMBJmRfA4VRSYOXcR11SWOzs9+dEat7tm8GnUYevwYBZej09KnjH4+UazytcKsxznWhvMFEMrYcg9m422wguGFOeWmMOODlZkBFEVrLcV18DM+lqsuK0B27bH09KS+g4ePCBhwGCwvgnoV1LS0Bk/PhdQMf6WmSE3BQRQHtzN0NoIdrL4RRHVrQXmsKODzAX4w1zB67o8Gsx+kyrQdGJ4eloKGsxPDU+L12fo8sEDbQ0Kd8vMIIvcRTcSGhc5CZiHZh21ueVcK8xhRyv4Aq6lzS4FfwVXyqLBzHmKGmvPLUlPSU7qkyiiBls+48e7G09pfS0xu5TCPYAHzr/Sg1vMcpdQu5GINAgtzpaYQ4+GI+QgN9yByckRLvhb5IGsyqKiM+c3KKvOl01KBeagDQVbvvzfR9kcCpcUOeTZEF/5uOShWziaX1Et3BJz2NH8ZxSwcnwt5FiaINsQHWaPoqKq6uAgPGkD4A5CvEOHDVv+zuCfnGtQ6kMPFDErxHfWKtSKyBZtUZDijOHZ1pnDjjagt0UGEiQ4kFRkPxMVZs5nV9hsVScGpeHJowaBDZ00aRJBrlB6/FzXsVBmf4vmMylqbd+cntQ7jY6IBeQFywG5vkrhauW4zmdXz+z3GhS1tbaK3FtvuxVDPz5pwYJ/v/1cg03Bdinka2H2+yoVtvrab05k3AbUwPz44B8/X9toVli7FvI1Mfu9rKKioaG26nBG+m23De/741+ca2rUFDm6GPK1Mft9dSqFrbHWZruYO/jHj51raLIpVHVdDfkamf0+r0WptNVDDb67qqGpXqVgvF0O+VqZgdpjUigrbLaGBrNSoXd3PeIfwAzUbkapOKVSKE1uX1dE/iHMKMIder3T2yWBfyhzF7cQZm+M+aY0Xwizuxswe9iQoQnum71E+zxhgxNYq/3mNisbG3QTs5jFLGYxi1lXMTwm0+dvLQlq0oRv7aiGRnvbGV6y9Az8uD3eiCncHg+Z/N/j8XSKYXj+9jG76+ptpzcuBtt4wuIC7LAUdZCi4tS5c6dO6cz1dXXuLs9cX19TOD4xsc+wEcMSE/tu/MLlcoekcLqqds/Ba0zNWrRJaah3uYL7qsOYOa/LbrWJh6FdF+bqdiC76i+MTxy65PAF3Re60/tnJ/YttDmlw4Wdtt2Lnl5RcvLMn84c3/D0rE1Kh9Mp7LRImN2MWqXSVJpt5kqtWqU2uq4fs6U9yCf69sk9oTt9AtmFC/uH9drIiph69HCcnzdrBQJG9qczJU8v2s3aHRGYPVqV3tEYaLCxl77QmWy1jY3OCiXb+ZgdrtN9+6w/sX/Pnv3I9uw5fHh24kabLQhtPT/n6ZKT1I4fP37y5IZZAG0XmMWj0LjLX6IRWZ8fefvtd9597tWDtgb1dRpU4vvhzM4vRiSt3LPt8J7128DWw4ttezISTtiEGoI1v/R0yXFqf6ptrD1z8viGRUo7aw1jNlZWfkgGoH1GRty98ttLtZpOx2yzLU7KWL/yIndxZe7Klbm5h6/UbFu5vs9gkwDNls7aUEKgS/4UCNRXNZ4pKVkxr8zBhjFbKrSff4WGYuGBWK+gAUmXK/ixMKQ7QIG9TRi5sqU9Bpk9GsyOC337zM49BuXjRO7s2bP3eAOBS0tyMxILeWa2ct6KvXtLkB0vaQzUPz9qd8OGkp2zdltYNpSZ1VR++FV5+Ycfvv3uu2g40jvvzLiwu4JHUcAvd4HM0NHMZtvGpOEZGcfQSriHM4ZuA2Tu9ENDByWNZ3gZS2et2LmTUJ8BmTfNei3w2ooV0+cdtJGLhSXYTcFxynygfN/Fxpo3G5suftTk/1VKStl5vpuenHSWkbc5SEOubGkPMIv6QPxQZpYZnzxp0qBhSN/AsW3fQnVYOAD1hkq4UE2QqrdOx1MnA/ZeYA58c7Y2sGjC1KmjymyWUOY6le3AvncagLmp6dJHTU170lLKTpmkzGrU6cNeAFFexxXJ6Umok6m9MrUCNnoJM03AcdpsmUyupf3yi6LCbPtiRCrqNdEHKYzGcvsL43qh5TJ7FZoZlIAxz1u2bt0qPD/2itcCeBKz+tuBeUKpMYzZo7R9/Mpvf/WrXy/41Zu/zliyJKN3yqlTFimzRVbE1cnVHFcg91pkFngvq+O0MosXdeytQ4mAmU/A2VEPZwWkUMsNaNhCNJjNp/um3db71t69k7fhxZu8hXEJeOXbxBcpc9WcZfzq8xtqm9GMDv7H0LpTE7aeNptCmL3K2o9nLK+pubhgRnra+pqabWmDKipYKbNdpuAUBTSGAU0rBxlBcC/p8ibH24UEatJx3YBSIq2jojNmRj3w+5xAzF8MTiCr/Ca+aCHMFXMWkkVKFm6o5Zpsu83KgWRBtXkHw5h9yvo3ZyxvCvgXpPVOPdzUdCJtUFWFVcpsBWYMgMAKCriigoIiTl4AzKgYK+X8uSAJaBcsA4N7TTLBztzt0nlEClmbLLcGNx03kmWOkc6YyFQxh664BMh+20C09BRGnhCRueHNxyft2b8eORy/cWNu2rCqCqeUmUFFF9drimyIWMBTy6E4S5iDCbxFUIwVMoMB01qjw3xhRHIK6vGWi6ovKNP+bWSNQSjPlZi5ag5Zh2jDN82NgYHBRbgnbC0zG0KYOWXjnsczjh1bP/vYsW1Ljh1bkjqi6pQ7tA5jqIwgcp1MK2PgLEAER9AZEhTIrTi2ic6G6DDrxiPEPhi58MUaDI1XvD1dqUMJjJXzyPJ/33CNXu72CcHFekt1ptA6jFM1HZ40ojFQsxGu8oWBwJ7U8VVCd2fRtapAgfvhquBdtpxzyeCXlFlIgA9SofKswt1Y2SgwGyo3IuaVcH3mCgfEL3YD9J4+ySlJ43VGI05RuXUWQW6of/75+4OrP46jMkuYtQ0XM1IWXzq8+NKl/YsvnUhM+VmtcLHF2XcVIMEY3MNeTrvsk4E2EmYhQbbchbq3GjgVqbejwQwFelhKavIeuFDBdTk5EUGfGJacllhYaaBnpRSCe+o3Vxqu2EaJVoOcOq+sUh/G7NI3ze6d3KtXr4RevRJ7JSaP+IVNL+rXirum8n02FS7cI1mFwLUhzEICF7pOY1aVTJatjQ5zpXFxcu/UYcfcBwckQmWbuNh1YXCf3qkDdJVakkB//qWnp09ouFJ/6rH70cqPdGXARbsZfTgzp6o9mCL0Ah4649+rlL7r1YHzhzNrK8tGpN2WOnRx3yRyyRo/AF70Kqys4FNUlM5ZNn3RYwNvvz+4DOLCpwWZpcwuZe1GiJtBg4YOHTZp+T27K41c52PuUVF5cGjv23onp/ZG1+nbeqek3HZb0osGg8Csr9i6Ydn0CVPxQoB4sTy0BqLSpNdGYOYMp2r3p/dOHzR80qQF9+y2qbjOyAzQhcN633Ybv/QYvEparOcjG0Of2rpBusLUijm7dTwyMEu+3jacaqqZfett6cOH/fycTXkdv0f3toNZB0o/lNz7VrKAz629U/q+qA9GNk5xfutLK3ADdBX8XrUKIWuFkxLC7GeVtQ0Xc4f9bHdthdrfSZl7aCoqy14c0SclJT09JSWp7y8PVlSckpZ5XUXpSxt2kqWI1m2Ys1UpQg5j9vs0yqraqtpKJevvtMwQvZWGssLF4x96aPziFw9qKyv0YTWd5nzpS8TmbTqlr9Bogvss4d2OPBqlSmm5zn1E2sncQ1VRWanXlZXptIbKEJFpLOg0lRXnSneXntIaK06JkSMx3xBrL3OPHkWqUxXI1KqWSgBeBQbCXqPWSHZU+7oqMzZ567vJdP9hBYP1dYhZjR34haYeLQNww43Vx75KjlnMurv9X1tfKXCkw4XoiRfZwLX5BUwXZebQ6h1oXY5mupoHWaWjGZH7/NzNx0yB8ZI1eDWiujphMRY/1za2tO8GOh5+OjUzR1Zg8QFtXbgBOd7bWoyLvtN3uT31Nhtrq3e7xX0yOhczlGIfAoYsEkjRzPT8BjfCboVahOz6w+q5E+fOnThztd7Z8dCRmf1eL9AIwBJk8UYU5ZC0VWaXy/GHmZn5Wz4A25I/ZeYfHB1NHYmZQ/W0p47CUdAa3sTg8MeD6nGuZWaXy/JM5pav/vY1tr99tWXKansHQ/9fRJF9HrGuNdUmg1ZzlJhGazCxNeK1ILy+yFKTfhtO5rmcD/4msk+yZlok/XM6nhmVZBTV/LIS1YajO1bPnDl25oMzJ06cOBNejZ25+qhGzO32RSzVpBMDIH/ylcTKc56stncmZs7rEYlsNR1dPfPBkVOQZWZlIoNXIydOfPDJ1RomSA3HhMc37nDEPpNT/jm2T/7xjw/Iq/Kc1Q5r52H2w8VXqLBYw9GxE0ci2qwcsPwcalmZiPvB1UeNAnUdXML94cxW6x+mFFPQPwcCByj0kSl/sHcaZkAWRLYbj44dPRKAgXbLruLiI0fK0bS9xcW7NgN91uSRIx988mhQa08YNGZ+Lg8dh2TmAoHLH8Ar5GTzc9XWTsIsQnYyR58kxHmbi8v5apfWveVHduUvxdSrNaytJWjErJ9cjCc3Li//B5qh/gC8LC7evCZvyh/YzsEMyHzlZT26YyYm3hICTLH/9knxmrysyVMmjg0GeCh0jx7V1meWFh/adwhIP/z++y+/5C7nb0ExkpWVuaO6ujMwB5GdlqNjCfGRCMC82ke25GVNmTh6tZbl628pNDDbRuftO4Ss+O+By5k53wd+n0OYs56xdAZmDiGjdR9rUFzPnZKVk1/8SUvE2L46sjkvc8rEJ4+yTrwmJFrvkxMzW5gH1iDgXbu2QGGetub7wPeZOYT5OcbS8cycFy1wipkNO0aPzMzJ24Wj+m8tGdK6vBikfnDsUYudhxZdsoDZ9MCWXWCb11wG5sz85kDzHzOzsI3uDMw+t5ss72kz7EBxnVcc0pSIZCjAs1ChttDVP91un4iZMT2Qt2bzmjVrDkAF9s8pmfD7u7mU2cR0OLPf7XLgxUvtzI6Rk0lJ/upqrHzL0skAzZL1Tx0ut1/EzNyVk5+Xl5d/GXc8Q70rA3+c3FmYObilIKOBmR2jAXnNka+u1sp3YehqBx5xC9U3JzCbzKNzloIhmQPfjZyLO5rPxdH9jMnU0cw+uDwhs1uO8siowRQG+AlpSJG9OPg/R9BTHnxSw9qtNvDgcvmCzJbt0wA551+I9Z8jp2Dm/we149LM7R3O7KfINezRsXNRYH8ebp988uGHH36AoGkD+vPyTz5B8ACdA9Balpw1l4sT2iRG7b3A/HsyLOXyZTKg4LmspXkPqDsOmTJ7XA6cYVb/5ANQY0dE/vDv//v9PwC6vFxyIpDq5ZuzpoxebcIurA6XJ8hsemZp/tJ/SEdRvJGVv/QZxtjBzH6KbMX1V96h8jDickBG/XkB+oPysN3QgM4a+eDRauLE5fLzzHp92TRor70hscn5a+7VduRXTf+HKzA7yS17dDQUtuLyiIH9PQ7Q3//mA3SrIYpwDF2clznxST2JbqvdI9xL6g3PLN2ct3Ta0ry8pbzlbZ72O2NHM/tJYbZaDSiy1xyJLDNZxevygS0fRDgn5bvyp4xc/d98kfYLzwz0pmde3rxm8+uvb8a2Bn52LX1G36HfKCJmD0WuPnrX5ByI7AjQVGaAxkKHIZcf2ZIzcuZRHtobZNYansk7tEtkh6Y9YxD1RekYZk6QeSzIvIusbCOJ3PLyD/l6qPlfByJAQwqIbiQ0gcZVN/kArVa/+pFdh3g78vKdv9N3LDJi9gmlGct8hFq5OLT/LCw61/wlKdHln+P/1CD95pwpQaH9wWe9Wq1BM+SRNa8f2rdv3+svPzL6Dx2sMmLm+NA2PQl3FpuPiKycV/ED0eXmexD6iIiVWvEuJDRDqzGP+Jm+VmtUrX7muecmP/fMdpWxo4kxs0tUaeftOyKBJvbBn0XjW0HoLeI0xcjg3mlzHlyvtJZgcIs+RaPRgNwGLeqF0xm+r/KxxKp3jEaVdpgh5sviMb3+A/nFQeBdqDbGjwezsqYMef+/q7EzFNySz9FQ6xTf0XEeymzCNRhBOXRITC2RGQyELia2ZTP/MBTfLE2GWsxCvHk683exnIt0wrFoaGijugYsSF38wb8QM/pm1ocH/V45kL8FybslP5+nJZY5cazeQtxBcHdiZjvOo9my465pOWv2iQxfWhAylvm7ifjR/n/hW6OsnHxkiFjMnDVyyFHaj8nemZl9tGsXDu3XBdogdvEH/4s4L6OHJ1mZX+IW6IFMRJ0jVRnsgbve5/tu+Tsxs5cGo2HsvdDUppzAjLAxcvGfcSH+1xS44crL/xIX7cvwhgotwZ5812oDLSq+Tszsocza0ffCHZXIiovR7127SKuz+Z9TMpfmrcn/ktwL/35KVr4AHaTOHDlWS5k9nZjZxViwaVEVJkYmxJu3/J02RaZk5q3ZnE8bJ0h10RdYwQI9Vkv8Me4uwPz+XZOz8oMao2YGekq7mb+58IPOa9bwzCB0ZigvLtD93qfMrk7MbKfMv+s/LSf/EL3uItzXMTIPGeBQbOfxb5u/m4u/vQtBBubfEXeMvaswb6b3e68jQ5fgvA/5mwtu7uSlefm/EU7BH/F3tFktMls7MTNLmNnf3ZuZlb+ZGr3FX7NGYETMOcB8mX/vmztlcmYk5uouxHyXiBlzw0/+gWYRM8RyltDybv6vkVMyW9GZ7QrMENt5oKwYOz//sogZI/5L2OCPJHRQ507NbGKQWd6/d1oOVMxiy8sX3Vxwb8yFpudcX/BW4/9FEBrV29hMXYCZef+uKVlLoZUBqALyb/4luqEivXrFG94Ig84MMnfm8mynzJoh92YtXZofNED+e+tTYV0OZ753iKYLMDsIswkx55AH0BQ65zffS6cE+97nuyLZEiZ05r1jNcSfoTO3SVwGwmwacue0nBzhwftSqKO/FMvMrR49ceTIiRLoyxOnZIqhczL7jzVR5s7c9vRQZmbsnZlZEubfSGZC42aORPZPyXn4vUTonKUP9FvNUObOfI/hM5iQVTKr+0/OWipizpJ+tQbMD0DFLa7VcAuUXK9I2xuY36/G7kyGznwv6TcZcSbZo3dBcIuQD3BS5rkjp0wOYYYWKBUaEy9diqow7M3IdOpnQxY9UcY4RMoc8g0q6DwlVOdA4AoRmlQEOZn9xpqozGynZnYRZp1l7J3TgqEdKnOA2zFx7twpc69ItzYTocm5ypncbwcNbX2nfgbY7NEbkemgVfKISObLYdNXhrZJgi1QGh7TUGhjZ0a9t1OPu/EbCLTJODoodE6ozC3af42cnEkPmtbvScZEkE3+Ts3MsYTZWL26/0+F0P7H1c436ZsoMN8LtTaV2cp1bmY3ZTapoRaDRhiovDTry2tlzs+f1n+skchs0Hs6+ZgyPriNFix0HjQ7w6uwlgyuVogZNVXv7bfDYgyGdqdm5qxaox4Zox5y39I1ebitnXng8nffeb8D++d3keyf2L67/MeRD0xGj33z8qb1A5mxH73WwXX2sYM+klO9AQn9Mr6LROMPRrZqE+lfVG2jO9Cl/fv9rpo60vs6/XhJzqIlWTUZRvd/as3Lm9csRdCTH0A2ZTIy8pu8fEBsk/G3OHCa7oP2iJHKzHKdf4yolzJXVL9/133o8dCavLycnGmZmfCfb1Yuxb/R/SK2aeQPaoLlo+dJ0/oP0fAya31dYFysILTOsvquR9bgJ555+RgUCioO9rw8VGaR5YgNbUTpIbJ31FBkDZG5s48F9mr56DY+edcjr+OOXBgw+ExwDenctRk25YmMJFhzb7+ZFpOOqExl7uzMnFVDRWLUY/s/hR9v42diL7/8Onra/fpmqaFdoqfCL9/bb6yB4WV2cF1jzLdfz0NXHx1751Mvv/6y8HRfYpKn38R2YeSj1TRSNAZ/Vxnn7tGQPOv0lvdH3/nUZvJtVShyEJ38oO95incBMtRf5HitxtNlxvZzVrWWGECP7f9I8S76zWSrhr7OW4OQa3T0aLWV6zrzGfgNGgH66Ni7Hnl7X3Gbdqj40Oan7kSBrafHakxcV5rDwaelSlfoLJon77rvqdf3HWrL9r3+0/79Zhqq9RUUWevrUvNWcB61oDTDPNnvjvueapP4qfv6PbjDwgiBrZGOKev0zM2cS4DW6qBQ97vjkbcP7WuVuD/EtdXIH6RRu7muNj+JBLrauGNIvzt/+tSufZGw9+3bhYhB5GpeZK1a7eK63pwsAM3X3lq9yap5cki//vc9grD3HQp2lYP/u576KSY21ggihyF3lXloxNBaHcMadjzYr/+d9/30qafeLj506PVXXj90qPjtp5766R39+yFim0nfMnKXmXuHc6tVQnyD1qzl/ZkPgtr973zkp9juu69///79hjy44z8tNSadkFSjklRfXWu+Ic6rF0FDg7Ta+t9Hd8wc++CQIf369bur35AhY8fO3HG02lqt04nSqfSR53DoEszQOGFUEN98f2vUJGVqWEul5j+JGU0WtobR6UUpNCqVxd+155XiXBqg1ohMq9fqTAzul82YdFq9dCeUBhfX1efS4nyMSqUJMxLFYaZSMX7uJpg/jPPoVSq1pm1Tq1R6D3eTzJnGufUqpfoqiN3czTNPHMe5DarWxAZglcnNcTfT3HhoqQZWq1JG4gZepUrLerlWkLtIe5vMc4gmBPMQc7tZo0alVAI4oCODv2jGXpXGaEUT5GFD040F50fsKszCTIdofiWHw05HE6JRgHY7azGhSzCZnhjoNVq4RNslaRwONM+SMDtiV2DGxF402yEitoaaHZ0ENOqsGg0YQ4j2sDSIGgmP1l7lusrzMBTWPp+XhrQr1LCSkheimeJoiKMIF8V316nD+Ola8bT4vHmlJmz302LMRarMOi/z9bPOivz/AXQ0URo+U0pGAAAAAElFTkSuQmCC"
next
edit "logo_v2_fguard_wf"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAewAAABSCAIAAAAZ/3CGAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9sCChMxDHDbo/gAADePSURBVHja7X0JmFxVmfa9tXZXVaeXdBaykEBCQogEEhYRosAIRhwCohHZhAcUfn9mfnVmHphBfRT1EZ7fDZQBFERA0YisYRslLIEEEhMWszYhezpJJ+lOJ9VLVdc+b9Xb/XFya7u1dndyD6SfqlvnnvU773nPd77zHX3ZsmWaFcodvF4v/uq6jr92u71cyXZ3d8fj8dxxkKnL5aqpqRl2jRYKhfr6+kpJAU3tdDodDkcZ23xYhFgqJBIJCgCEJBqN4ok1Eo+G4Kirq7NawXyQcSKIyVBR0ESmgUAAfz0eT45oNpvNmQrDrlUBOkDwggrPjjDMXoBvt9ttSSnbR20ifAamA9nT280Kwx7EQe6sViisyRwOQDYQU6AcAyMYDFZiHGLUAb7zxkRJamtrQT+jqTC82jOcCiXSRqA/OgWTQSU64kgKEJWYEgxYbwWLiR9pXIYwTYqHAOCu2uoYzBSQhBx9Pl9u9s0ZZTi2MCoYiUSAv6VrP5CIy+WSadUKRdAFwrrVGhYTP3ICcAH0ViUvVRhLADVwybzkCEVi8fABcD8cUYMTFeqrVqqgFPgB2I12wHxQoj7dCtqAPh2dgt7BB4unW0x8+AVQWgJ39UENIweghgJwUzQHtLlSYfg2Mrfd8NedCkXTZ3WFZHHwSsgk+kjQPO+OuhUGDcR7enqGtZyVKylOZtxCrGYVMEhAIVVCmo2T4iHwfZgqvlUEx1KD9c2BvBl/MnQ34BszrqUBqE6vcV9U6LmZoWfNrFUC8dwq16OEcRj+ljhb6IeHbE/C4TCwDCmTkOYQfTDN3HYpQ3/AsAFRX8xYUt/0MpusBRoEKRxtdoRDoQfFeNFSsxyZTDwbGgpyVQhryihPuZMqC8QXh8JdXV3a4QaOuolgaPxBnAO4xMG8lS3HggrgdDqBIxaID6KaxcxeqMXEhx8TZ++qejSSJgSMNyouB7dfQd9YQnVJaB6aM8Ys4xRSSuMYimF+zZu7MOmTQRGzBUY7CLhBla9GzqY+MtRITPKHqTXOEYnmZOXUmFv0fLgyccELTsvozrqRo9u7At4al8+eaNuz2+Fw8BydugdVFjQ3KTS1tbXImhqMjDiVN3Gpo2zySCiav5vH7nQ4M59RoeOqxHGYrS45eLd5Ss4DmZCxsuxkWjyxjFDOfRoDK7daeBgwcQN8J7c+ElpYd8Ud7jNmTd5/4FBr276mYybE+3qDgQBtCWgUXB1WPujHFyHcvb29Jrf1ze/ymQTrSq8biqhURuzOS8kzNmy2uTZbTXOsJ9Svhqk92zRvZulw9ASyGW57WpBa/aC/9dZbhdI0lZYOsO+Et25EzFnjcLomjh29e1/Hhi3b586Z5fPU7Gzb1xsMBg91xkKBeCzqdrvFu4VAeaHcPDcSpVvpDYpYd3V1mZHpUuDADHBXVI9fHHybR3A+yTsbyeccHypUcYMDhiIUUOmRh93qQdWjyp6ntLPFxweZiaejttphdrvD5tDsNns4Ybd7veNHNY1qrLdp2tL31u7rPLTvQGdNzZjRzSMR85DP1xvsC/V22WKRRCxK/SZ15QiUYCo6DYJeUBhcbSnbChMWlTZ57UnKDuK5vxaNXyUak+Vm39l2vPOaGJoB7qpBeUGze9EYXdAyIseHHM1edC+L7YoESz8++Ew8nW4TtUPhsNdXF4xEne7amM1RW1PTWOcb09TQMMJrt+mRaJKWd3b17DnYPbZhBF4GdkdiUbxo123hSLirNxDo7XXoiUQk1O0/5HY6wMuBerL5SVjndqgByjOKBSIALgd9pysSiVBzUjTkmdQmm1GS5EXzKgBZQdS7II1KOpSbhO8c9R2+iFOorX3efsmxUMg7ZwiOc2/MUjQNPhMncAejiUg0AeyO6XGv12dH9zidI5s8Xk9Ng8/r89TUuJwOOzeaEi6Xo6sv2trpX7dyxc4Jk6ZPO8HjdsX74oFgX18kiigjfN5RTQ3hSLSvL+Ssa8R7gH1/xwFfbY0zBejRXj912VS55Oh+xhn0haQclC/oqKcZNauZHde8UFUFPl5GGm6In3vGMnzI9tU8lA87TC9U92JSx2Wma7I9FLtPC7iHBBOPRqPgyB19iWlTptiTxytcCS3htNuAnU5Qa/x14LMd/7udLt2m+0PR9dt3rl76Ruh/npu8dn37MWO7LvjM+LnnTzhmXI2u9yW9RSePlYN919a4vW6X2+VMgmDK2CDYF8bs0Lpvf/euzV6vtwZTg8sFmCbFVvVr+GkoYDdPHpbit6Tooy4mSXcp8F0ciuWlfubh254SMPFplUgLYicqKr50s9EcsH4EcPCCYN181xTdZWWXbSuYZeLZfKeAg1O360z6mXPsbNsfCAbHjGxsrPdhtaS7kvTbmTT5ciHSrk7/hxs3blu2JPHmG5M3b5sVt0+oG+Xf37Phkd9/8Oridz7xCd/p5zSNO9bjdPqceMuGMReKRLREHDiOBdi23XuB12OaG+s8tR2hkMfjoXcn9VQexvNQONwh7mHxwWD9ktHDdREKh9wPS6HheQGrEqeWiiDjpR/IzGgemjEYJoN0N9zDBfQL0quYtPjM1k3mAd0kdlsQXxKIZ/NiSCdzPT09cUctOPK+A51bd+2ZNnni2OaRNocjZrMfCEW7Og/t29W6f93qvndX1rdsnN3ROc3hafaO1MCU44lGX905ibqT9/ds/sszW/721z0nnRQ75XTvtBnNY45pqqurdzhtTnuN293W0fnGO2uam+r/qX42BkhbWxttTiORSDbSLdaK1VSFY/T2pUJBh2hKGVrFAVYpIF46TuWulJnBj05Hz1bHNSMpv5nFjQHl0+m/+jmbpn4YKViKg3LNnLmRFcrc6WvWrMn4A2A0GAz6/f4RYybYna69HZ0JUCRNi4Chg2Pv3R/dudW2aUvDjm0T/N0TE86xtT63u0ZLKsY1/tP4JdVtkXB4b6CnVYvsaa7vnDgxcsI0x4TJvgkTG0aOdttsgXDEbrNNHDPqwKGupf/zzPjx40eNGtXQ0OD1eoXqml8LcyWekccVp6+gj6oibkUp4uSLyXKa16JUU6lSojpFPUkwXMaPmU1jA7JnQ385OJZtNWBwZVE5ITS/e1GcssVC9ioxcSoNurq6RozV4wnN7XI1+Lz7ewOd//2Tif9YPSWmNUa1Zoerzu1x1h+jJeE9noTuAd21dBCfOJ2uiQ3NExOJaG/Iv3pz+3stnY54R01tW1Njzf/7jzNOn93TE0i9nMC04fP5uJqGWKef1imIbBrkXjDCjFku3g2Hw2iE4o4wmNdOlhfEtaFhnVLEOh2djqXVcHSPXnTjiGVt7glAS1l9FKoRKvSosBnDlUIR3CLj1QDxbDpxOgtNjqhEvyjFYnH0QEPXwfOj7poR9f1ATTlJmIC5VByHyz3S7R6J1zAzhMOLW/fvHZBATbPhMWSabv49Hg+YeEbH2WYMD3KQUzkcrMoT8lVVNKh4QebeBRFSk3y8CCZYFn1u6eBuUqmiKSYNllfCSqwMDNu86cHwXEu7nDNbP+awOi+IjFuYXkEmTsPnnp6ekSrBTrJZZ1LljabvB+5C+yDRr2/Bey6nLe5SmQh+A8LSYSly11L7mQWhlUkcL2WLr0S1Y9npSdF68OroavPSPU7bKIzl1qr6SwEtuylnxjkg42SgZTfYLyNfsULBTJw8FIRUFNsJPbURpAv9ZognYnGdD2w6CK0WjamgrCfpla7FoincB+mypRLT2dUOXbPrfDuptMFfjGeQ3xEjRjQ1NaFsdDwtJwgMoqPlO8WnmbARLgLLCjpGUXSECsF35c5tFsS5+JV3hFoc/IhcE6TfxWxpVwaBiSMkO2CgE9Dgtv5GTz5Jom8orDc1JpwOAr/WF9KaGnRN1lOaFggm4nGtYUTyIV7q7Exl6+JMkIRzmy6Qz3xDSYvyZHA4HAa/aK2trZdccknuKn32s5/95je/abi1qzg7jdw4hXnlwgsvxIdTTz31jjvuUE8nkd0sXLjwnXfeef/99+XFBQsWjBs3bv78+fSqWIQxVt5alKhFwd9f/OIXL774Ij4/9NBDEyZM4AFaQ8xRo0adfPLJ/PrBBx9s375dGhzxP/WpT/Gntra21atXS8vgxZkzZ44ePZodvXz5ckzSZjg44kyZMgVTOz4fOnQIOeY9C2YI4ATHHnts7jhIuaWlBRzilFNO4ZP169djCNTW1kpl+aTSt2Y7nU40VDVzrASIi8NxuXPcAu5BYOLJy2c/Wm2lHJ6ox+DDEe2r1+pXLtCT24+JxNPPab9fqD14j1Zfrw28oN1+h9Z5UP/lT/tfWb028cP/b/N3aSnbQXuSvts+wnA9Kb4Y2DWpgMFj0ImbOebDS+LxrnpWKNtWjxmAW7lyJWYFfLjxxhuvueYagQ+5U40qIBaYJVyxYsWdd965Z88eQ1JPPvkk/r700ku33HLLrFmz0q0kS/QCVlwF1Th09CoygPKwJQ3+D9RL7LxeL94C9nFnklDLMHLkSCTClkGjIRrAlD/t27cvGAzyNEDeblXncm6519fXm1ejQyTMNCwP36q3LCEj9qz6BAVAHEgmZgW6Wuvo6Ni9ezd7s+wIJTmWch/poATxTV3QEtYK5WTiPT09PNUyoPxIaTCpFcHHYChywacc//YvH3UG5gP8Cp5V13+UP6mEgeQ5XVpz/9DVP30eACBx2+26A8MvYUsSN51ad0KtMHEMJwMTp2tAfm5sbLz55pvpo1wVAoxqn8/X2dnJ834c5HKnFNG2IENvxJQmAlMDtaTxDO0owLXb29uRJvAa5BQzIjJdtWrVrbfeylc+97nPnXXWWYiAMoDlgZVv27Zt8+bN3/3ud3/+85+PHTsW8QU0S1SnmEHtvBUH5sq18eDXANnm5maDdxq62D1w4AAwGl8RAZVCXQCsaHB0jcRE7dB6kCI8JAwJXn/44Yc7duwgrOeFJ/UaUojl1q1bx48fjzRVeM0R0Ptm2hYpb9myBSnLk507d+Jd9Kz6BGUeM2YMspYioY4QDPR+WVRD1Bym5wjBG17Gl7yWU/waWmR8cJg4rVOSq6FUw9t0oc1xrIHtV19xWFdQwgxGgTYqwT9SmejzP6f95mGtdRfjD+gf+lU0oDMY+RjVtamgMnEIt0AAAR2owdP5KojzdbI/9SdavnMPraARJZkGUgFMkynjOdIEnKGt8ASkDMMMBPNHP/oR42OaAULhV042oN4nnXTSY489BnAE9D///PNf/epXDQyraCe0Jf6kwqWUgWiOloSQGECc4EIQR90pRTyno0IeAtAHbcKtDsaX9Q3eQn+xp/LWVwpPRZ+WuqfJpL8aeliTr4888siyZcsMxBklgTiNGzcOXYy5GbMyBAx9OmnSJLVTAPT00YbXpUgoz8GDB1FBw+1FRYM4ZoVnn30WMwrLcNxxx/EM8/DaPBAn46o6xVKLDwYTl31M+o+VznC79K3btUBQoyjreqJlI1ZQ2utv6D5fCq1TXHx/e8LfpS9Z+hGEYDi5XaI0t9tUdYoN+ZIMAnB5s7sqE7KKJ1shLqgjmSe2gQuIIPQNCVK5bx6+Cdwk73L5kd/vBx6RhmOskl8TufAVMVG8Bx98kE167rnnovwoA6ABaIUEWf6LLrro/vvvRwSA+IUXXnjMMccQywqS6RLpdo5XVM6L+gJECFuHGRElEugd/DR79mxRm+zatQstgx6pH1CmiTJ67dq16CN0pZBcTGOYA0444QR0DYgCWmb06NFAf6oyEBOp7d27Vw5tofuEnKJ4WBIBbWfOnMluQmQQYRq6ZGw9w41OyBGpUZMj9aLk0I/mlClTUFS8BRjl3XIqiCNO8iRzPK4uDiAYPJsmi4NRqZCtRmjDqVOnUvWE1kD5J0yYAGFAhHXr1kFOANxkACgDMkK9hG8hMhqZSx92GVJGATi7SFFBKdAv1F8hDtY9mGmkC7BaRbKV0P+o6hSevs4o2xZ2V4+J2x3OcDTKIW532F12u23AJ5F+1739NidUncTjejym/ef3VfMV3eFIOOzaf35PUwh5Ih5NILLDWaMn3Wn1Wx3GE1rqdA8AUXTiqoISMiEjBBLQ0NAAucdgVh0xciTLVXAoP0bI4sWLwX9luvryl798xhlnnHnmmbIzhgF2+eWX48NNN930la985aGHHgJZw9fbbrvtzjvvlMSXpQI+IEEy6Hnz5uErsOwnP/kJSovBvHTpUnLSGTNmANEwLDHYUFTUi1qI5uZmYDeVRcBBVAEvYgRyw/bSSy9FpkIS0cgXX3zx7t27Uc2nnnpKTioh5hNPPIFigM9K8b7+9a8jZTBHeRdrgmeeeQY/vfXWW+++++599933wQcfnH766b/61a+YBVJ4+umnJRGkMHfuXAECgjKwycDE+RPKDGhgjwAsUEh0HHi3kFPqi0888cQlS5agsniFW5oILS0tACC81ZAKACyVwCLy5MmTgT4ffvghOS/3OaSL0UfHH3+8xEcbIimkycjpwMTn8hUNPnHiRHQNyiDLLJ42Qn1RWZmcyCXVswI8D4wZWqUOZ6UCPqCRubZA+fPWSF39TJ8+XXYLSF9kc5V8BUVFmUV7g/jyOrND+ckwWFNMD5AZNQ5e2bx5sySCiVAbuP2qQteXy81tBnWKZXFYZhDPdscmQJxMPGmEkrIx1AmRkLlATziSPIZe//Tj+iRlx3/RC4mf/hJDJHlyp5+d27RwSJtzpvaTHyVSNor93fatW/2vveb2+hIuYC1mheSooytuUrNsOnGVE9EQgqCfroyDjOLv66+//uMf/9hQtcdT4aqrrgKaUyUt+I5Mr7/+esg6v3Z0dGRsHDAa1e0GynzgwAEMfiA42xNITbDAWKKhpGAQ6A/wGuONu22IjyqIrh8lwUJezqzKvYX40NraiqS4pv7Wt74FvDCU6tepcNddd5188slc7MvpR9QXwC2QAcAFwt577720QlFT+MMf/gBMlHqhQSADquKeA5IbVigS2DS+Ai+A1Kgs0ITRMD1ccMEFqAgQEAiC7kCbCJJiZhVPwph1MqogkBpKAhaPWnPRw+eYHdMjo1kAymvWrMFbamkzMnH8ilI1NjYC+g26OPykrmN4xYdKb+kYLtshXjBiVBn8IG+NkIJMeJzmJRpaVRV7lkEdp1gopCeOZly9ejWyQM9CeFQElyAIjgAxQ7JoBDRdhexeBMSz+dkv1Bm6FTKDeDZ/4sLEo9FwPKFHYomuYCgei9dqerC3x1njTlqejGxKNDVKY4ddjsCB/brHk+g/0ZOytAsGnaGAV4mW7F2HIxKLxrv9WkNDKBLbe9Bvj8ddTgc6mtYp2XTiQsyBeunojAB8vOWWW2h9DGomcRYsWABqA3naunXrCy+8ABT+05/+hOfXXXcdxrM0AtguMOvaa68FISWDuP/++997770HH3wQv86ZM+cTn/gE1abq+EdMNBSeAMr5BJQTwxJLVwxajBOiVXKiisc9qQBiBWDCB/Av5I7yCMICxzHIqWDFABbsAA5yfP7xj38kggPOPv/5zxMR1q9fv3DhQjz885//jOeIqQ4DlB+M+Oqrr0Zh0Djo3DfffJMIjoy++MUvgqYhPnj6Sy+9tHHjRtmWZOOoTFzsfDgDCYLwWiUBpp07dwKt0Fz4PHXqVNkFZdi2bRswF03EF/kQawJMuqgpKvWZz3yG6IbCoHkNBnY7duzACgMwhOzQg5wykSAjpx/0NTDxa665Jl1y2tvbMbcZNHj0d6aCOD9DhLDUOP/887GGwNfXXnsNC6NxqXD22WcLSc9dI0kT7YCOXrRoEVCY5j0yF7IMciW3DATMtZs2bcJPN9xwA3qWz9FZ6Fl0lqx4EF555RVINZLFWgErGHkOcUIPolMqbaevnvDIhtEWZFeWiTcltHA0eqgnkNT3JcdSijbTdM9htx0+VuLRiM5zPQPbn4loJMXBDwu93X6b06XHY0mqrmuHeoKhYLDOU+u022idgpCuE1epZbYA0dy1axdwB6X93e9+x4eXXnopRhdoNUYOhj1GFBAcSQEI5s+fj5hC8FFfDDaMzP3798vFFKL6pBpU1gryHF9BwTAYJB3OQ0QTFpvLbUP42te+hsJwThItRFtbGwERf+WeZbQDMIvPxQX8hRdeSPUuyjkpFYButPoAoiFraS7UBTVFyTs7OzloAUP86eKLLway4zkKDOy44oorwNAFPtALKEO6KSQrhSKJ5gHAAYERRglSjCcEcXwA4ghYg4YjWd5bj3L2r+IWLcL8wdX9888/D85Ixo3+QlIAJpWc3n333dTkoK8xP912222iNMDkgbIZ5jDpqRyBFiaGFyFOnHfV7XGeKKYq3yAYkB+hyXlrpMr2Pffcg2ahPscg9lxTqtvFSG3FihWYKlDU5557TkAcPQVBwsOTTjqJTzZs2PDoo49SM4kZAh2N7lbVKSATVfA4xnWbQLl1HL/aTJz8MXkiI3U4xU6VSDxpdxh64mn76NHi8yr69oqkacrhx3M0hyO+py3857+oy6no3r1auA8/pezE+0M0Fk/eODFgnZKuE1eZOMbAl770JbF+o3DQvhDDiRpY6q8BE8ceeyzShASTUWI8nHbaaW+//TagBAQWXFgkBm+BNiIOIgOPCJpACvkV75Jw4S0V3CGg6uEd/IS8qEshP8rYyLSlUatJHQsngNqkYuqw46bcLfjZz36GIoE2YtDiK8qJKQcVAXZrA0bcvD1DBue0adOQMhqH52CBEeDCJIYIKCFaEqVFfAAuIACDn0wcZTAwcSHjKCTyhYSw8GgTmcOApEhKzORB81999VVkxK9YRiAvtDDgTAgyyg9AwRM8R1ExKRLyMDMtX74crSEFwFoKgItuRVFRPDQCmoL7dagFlxEGmyUUMt2TmiFgBsJ6iJsxak3pUUfVbiOgkKiC9BoigNKiSBAeWQSYrxGqgGIjJmrEjlAV7hRslbkD7tEpyA5/VQUjJxgeklDLgJhIFins27dPTZarXjncMIhk3ILsCjPxFN2gpfgATiVNDhOBYPBX9+pi2JA6cA/k0L3e5GeapyByb29s85be73xfuZ5H09GhdjnsM6AoT0mWWKekn9hUdeJiIKF6OuTufCB5i2cvEY1rVer+gF/4TKsSUQ6CEwFipBFIDImMGJY8TyhEDInTnA5P1MM+9HeIsomJNEYL70VigfEXzBfDGDCBYr/55ptY5FLnDhzExKAmxVUI7TH6T8wOeDNn1fAcZLylpYWbqOmsB8misjwyJ1pXXkYKgMDIB+qJ6Qjio0YY5BjtiIPGBJQQxKkTV5m44VgQ0gfF/tjHPoavxx9/vGwtrFu3Dm114MABHudBwDwqkLd27VoyA3Vi+Pa3v51RDrnrq0oCph88RMmBeoBC9B0tDoliqDu3kdXpn6eW5Ot9992HLqBZEZ/jA/fJ0RRqHWlcoc7BbFLDHMkjUWhY1TLHfI0wLUEsUQDUCFJnsIKlTlktA9oNFUcLQN5E4ca5Cq2hPkHLULuCgBw7eV5aSZZ7HpUGcTm9KWsXy+149Zh48m9yy5GuDCE9YOIJ2VUc8ehvbdOmaUR5u73vsT/1/ea3I576sy2FIMmHNlvPf9ya2N/ue/ShftdXqYP23dfekGj5QItF9ZRE9mN04iM78YwnNlUmjvyBR+BfEGWhTrQSo7224DJiYmhhfB533HGASww8ddVPJBKhobYaUC66bPwqRxBRNjp14fkU1SMEy3z66afzCaAZTceHXPbyKCCnEKGoeAhopsGiuueGgYcScg+T7UPUoIb6gQceoEJfArjzCSec8PLLLyNBetxlZBmcKDCGMSoFNMdPgrZcc0xMBVQN71IjL9oJWqcg04weUxGfq3ISTDEAxSQBMEKOra2tWATgycc//nGBFUAYEN+8e0jDZiNpL4g/qoOCocAiAEgTQiLrm2w6cXxGHeXQFvl1fSrwakCVd6u9I0wc76oEFumzy0wePjKoL9gLInWUFjVHllmdBlBTdCWmXpnAtAFPnCrvoQkQYiJxpKCew2JF1GPGldaoyKkfLc3foQXclWLikI8kE+9vXN1uSxq32Rt88XgCfZ6orYnva3fMPeejbgAy2nTbuGOArx85FK+tTWCojPlopyXh74rvaUuBsmar0e1Om9iEJTRdPbHJg9qC4FTpqutcDDmMHIED2hdSiy1IRO02Rh2GIokVksJD/gqxBgqoOlOqwkmu8ZybliKIUjayGJWJ83z53Llzly1bhmhvvPHGlClTkC9pCApGKMSYoSqDII7FBNpZVhi8t5NZkMKzg+T8G1qACI50Lr74YkAka42iLlmyhFc2kz4DoVTVKpqF5aTmR1YM2sB1zywDPkjxeAw9o05chES2ZDXFbS9W8WhYvNXe3k4QF78loOEsDBKXfWCEW265BV+po+ByhAtBmi0iKakLkqLZAxdtqI4QEb5CuVVBwcDE0b+ANiSL7IhfnP55JFIVBm5uqzsxZJRsK1UnzlWLSnXBxP1+P2AUUsGFVE8qICNAqqpSZwHoQB/PGdmQo1oq6iWoPFGfs2DIVHRcJ5544ubNm2lRQ4836RWhGVilmTibSNWJW8d/ygbihvWjuheEpkS7R/swHhw2XTvU5bf5POETT4nqf3VTofHrB5wXfUYXSuVIOSw0GFfZ7NrhXRL69YPxPXuwIIQMxo+foNXV+dsOJLePGtyxaER8p4h1CkcRlcWqnTjPMvA4sqHXKSjgxe+88w7W11iu4jMTxHMQ4cWLF5NpgvvIbbwc3iSetI2jrAsRo9trUdbL2KYWggvqBQsWIFOMjVdfffWTn/wk1go8AEI9DFK7++67Bf3laJJYIwDTVe8xb731FqkWs8Bz1IUxUSOwb+5/ooSIxvKwlVgLoW/InUwTsEUbkpkzZwJqAbKAzlNPPRVlo1n3pk2b1q1bJ9YpGXXiEjhPIBEVHTgHgCTiYTpF2LlzJ1VVZIUCN8D6d999V86vMms2PpYRXCUwBbQVvnLWZNuKhfWOHTvUI7vSOwYmTot1pCMmRnK8ADFVyCYTVzUzQmC5X8KHqCl7h1M+40+dOnXNmjVcWYqE0P0AGgeNIHycU7tnIBgM8phjul6er6gzAeUTz9EOnDtnzJgBjoKpGq+Dj6smhtVk4sRutANLm9EXuUnstvA9A4jnOLEJOgMwqg0F9Jp6iOaOXbsiCW3snDOD48fU7vdrTkf0H2u6r7/J/cXLkvCt22Kr3gXmhR5/Uq/zaQPqlNjOnUCm8NOLknJp02Pr1vc98BDoOVh3SE/0zfusvy+6actWn9c7sr4OU4WokkkqSZyF76h+l1AkfFXVJqo0Y2BccsklwFN8XbhwIYT46quvRgqrVq264447+NacOXM4YFS+z3EoOKuqRIH+LBjyxSvpTByvY1a45pprfvvb3+L57bfffuWVV9544400OWhpaXnkkUdee+01lTqRd6N4tC3BeFu0aBEVBcuXL5ejRqIrF3OO1atXAwtQBcDB9u3bX3jhBaFvJG5kqVILNhchEunMmzcPII6fHn74YURDW+GV119//ac//anawulMXMUXNteuXbtUEOeFf+wOMFM5ECRMHEmRlyF8+OGHdBB41VVXoYloWQRQPvvsswlDGzduRIsZfF5ffvnlS5cuxfSD6syaNUuev//++5gFucyi+TO3SVBB1RCbc3z6IQPpx7xMnMIpknliKtBuBMyXDgh5CgGFwZSD3E877TTaI2Ia/vvf/86FkeTLBSiSZeOk52goFcuADlUVL4zGtRRbD+HMM89UVyRSXzWRKqhTuLcp64a8dwBZYF0YEzdYHUgfU/p7/Qc9tQ3NTfU+T41ud/Q2jOm77J9Dv/xdjdOX8NRGlrwRee11cm0douB09t7yXwPXbCY7IpGiId1f/5eBO4ASuqcmifiBvuDsaX1nnevsCp90wvEQo3Ak6kmEyKG4tORQVOVA/UrSQdasrkkFpwBw11133aOPPoqffp8Kas3PP/98IiAgQ9URiyKbeaEdxA0pWCo9Wy1btowGMAadOIYr8Pq8885Duz399NNY2C5MBUOjYzp58sknMVDJ8sjrL7vsMpB0LXW6UowIgVA8SURejGjor/nz5wMsgFbPpIIkS0N1WtDfddddIJvC9YRTU6WD51gl0CocIPtAKhjSIVnLoROnwOC5uvbXUsdfybXpwhAzn5yuxBQF2o4FBDfl0AIAcTBWep654YYb0rMAPaeHHFWPDEYJ0DfExPSwZcsWACU3b1X6bLgflaoYBE5ybBBu2hssKDgHqEBP6EeB0d1oJbGLF5TE5Ir6skYZDdKx0OGJJHVfVPUXZDhJRNOUjGUwRGZRkS9wGSI6d+5cQ9YrVqwQL8FqIlUAcdnezK1RsY7/lJOJU1+GYZbUVI6ZYNMBjrW6TQ/3BLovu8KzbJnzH1tsnlqtn2Ql5IofXfVJ1H9PsqYno+kDNijJ0Oex9958M0i+yx7RvV6sYwPBvnXvreLtzDQboPMp6bx0Jo7I5NSUSKpTRbeLh+eccw4GzHvvvQcsEKwBfNNADRJPv4MG5aaopNkOiHDTTTf95S9/kU283bt3gwWnW6fQ1xXSPOOMM8CmlyxZAkQTFTMA8YILLqAWe/z48WBk8iJwBNwT+Lt48eLW1lbG/8IXvoAhBzovWaDKwA7wULQDlhRiXY6YAA60GyYqkjhERmmlhAY7E+qIL7roIjQOsI+UnDoQgHtHRwftXmj4nE0nTrBD4aVZGDZs2ICVuwAlUFtAHJOTLRXokISurJ544okFCxZk3OfERIiJEzQfv8qq4q9//SsKSeWPBEwP999/P1UEJJiqspjnqtSvyBfNpaop9AFnEiosUo+nsl0hsIiPpRWINuZs+RUzFl55/PHH0UcZa4RZEzMNdYCSkYiBMHF1XuSWoMrEaeYRHAgGJo4SolLoBSzsZs+eTZtxCBWWWRgFAuJqIlVQpxi2NzPaGlr7nMUFnRtN6c3NNR0gHiDudNfE60Y7nY5oPOF2Otz1DWN2b2j4xr95g0VeraBr+v6br277/HXhru7UOiveFwo31Die+ePDPOhIizcDR0DZMPAAoIA/ejcFp6NL0vT7ASigKDziY6QhPpWeSYP0lIqGqkma0NJiBGiLKgMywA0B8VQC0KUcfsXYA7pBBBGf6kWkhvTBJZPbv01NKAyeI1nmu3fvXsTnGKNqlQCBAnBdSWRB+SdNmgTcx2yEkQbQBzRTScoCcKuK5u2YAGhVhvHZ1tbGIzPUiWuKhRmTRdWQI0qOYqBUoKgoM1qVMIFoPKNIW2885MQpS2we50NT4C10SrZBxf3J7du3b968GQkiRzTdlClTJk+ejKLiV7QDftq5cydqwYIhTZSNXsjxEFUGBM+YMWPevHkCzc8++ywgEu+itWn5hxdRO8THc+SIyJiEGPm5555DfFQBMZEvCmDwnYtidHZ2onnRxUgEAIpoxx57LHdfDfKP9keziAdBquDRIKgjnuBdlB8P2WWoF/oCLYwsEA19hALTNnT69OmYswXKX3zxRSx90EQoHnocHYE4kGSeQkDJKT9Uc2NeRGk3btyI+qIMmAWROHKnjTyyhiQgEZQfBUNp2SaQBLQ8niMRvIiyIfGDBw9yVc2l2A9+8AOWB8s1zCWIj16uDhOX/fmMIJ6bjFuYXgwTTwyYbKPR9+7YPmPO2O5IzOF0JO/nCfT6p5zq+P53HLd+zx2zac4CJADr1XB3d+C6L+7//LW9B/0uu63foUoivuqNV3i2iISCFiDqIpraSUSguzhIJDeXsh2loYtBDCrEgUxTkU27cqo+gLxEDVJ++oPmERuedRaxAwgiMrGPFuKIQB8d5PIcq2TBNC3HeEaazJeQTeM/Xp7AyFSnULNMV6jcrGMussrmzhj3b7lBhMLgFSQu7tFZci6lae2TdF6WUi6hhARoojynE64wgAKcGnnyk/Mc/W9oKTd4dCKGt7KNIuo6ubvI4tHNNycDmm9yC5paI/ocZ5dxVkOD4Ces9EGx2exSd3p/JP8FTgGtAIKkq0Dtp556CmUj4+aeIUpOOxZ1xSabBMiXEUgOaHtjEB5VxsQYnEViF9NBJlqM2nPEJzjShS8FjDucK1euxLpK9uSpqeNdFuwCpklvBAb54bl8+ufiJM3XedABkVlNLv4ohKJwQ3aAeO5SYHa85557eAIIb4kJLA090WViBlY1xBEynnuT0wLuInXiBj5O2wB0Pxq9e/8uvXG8nuh3YhUF9s+9yPnDPu17P3ZjFLidmhn3p/FEpKc7fOX8tv/zrc4Dflfq0k70lL+7t8kZ27BhPZgIj0rScJDgpV6xRo05hI9WGdRB5+ARHGAkLFxi0zaR9hvEU1qVcVYg7hu8+9NkApHBoSD0eE5zcr5CIwpE4EE7vkVbb+SL0UKkIEQSQVgvog8N26kIog0JLQ7jAw4deQib2C1n+fAXTURX5mT6vG9Bph+WDTmirThb0P5EVa3ycApGO3Ok6SE1EtrAAVHESXdF8pHlUQqMOHlwicCv7Bf66uPsgqajrok+EdnsnO2odkd1wCU5nUjW9FFF3OfERp8zlEkq06g9QI7NqcA5NX1ZRslBgsRH1kt1TCbckN0tR39p5MPjAnzC016sHTsC0kUwZVPQnJRoi4FCaEbutNpGU9BGhQWgVh2fVflhL/CsrxjI4jPyoqyKoys8pzxTMpkIVgYEcSR+5ZVXvv3220gKKw+x1v/b3/7GMwe0wqrmxW+iGU+n4ZbRYZGKDXRwjg1lWotjcQcGNHPWqR0RR/2IOpcTjNzucDo9TY0NSxZ5vv9jlz+ieWqy4bjOe9oi0VgoEPrq5a3X/+vu9h5nIu5CQnZ7p7/ba088t/AR+nWD8MkVyeI3SpKiJwryHW74pN8AmW7bRKorhi7cyFIvaaRgUbYMPwlhJJtjClTBk3hyYiBAU+GrvqVeM6gNHMfgQOVDPpHzkCyG/MRi9Ls9GHiXTySmJCuLGB6GlCdkgtJWar3kNlsZV6yC+A7N1sLivDu9MGoDMn2SVk4S3CpUdxHFyFomWiZC9JdzlVz9kPwyU0mWkcnoM95FKT1IGRAByCg5aky2ABtEfSJbNWoXi50im50kV3zscKLlRiJFhY3DNLk65BkFloqbCqqEiEdA1dkyE6Fksmwk2rRcyjgoli5d+thjj2GsTZ8+nZ6cqwmRHDKqGWUpFodW0HL4E5cDBQRTNOiGtaunnPgxf7fe1FDn0h1o4LC/q+vTX9CbR9m+80P7lt16nTdzUoDxYCju0sLf/sbWf74Ca2Lwdl7Leai7x1vjXLfsFQgirwWgCS1pePq9ZRwJA95WrD7OMF1lHABFb/rn8CBaXPur5RRspZc+Hq1SJzC5fJkxxZmfTA981xDZ/D5bKXt0eaOp+J6ROmQMcqxfG7CU5bTHqnGKVYU/PSkC/aZNmzZv3owxpe67rl27dtWqVatXr+aRV/ppMXnKtBIalXT4tiwOy8zE5VwcKFJXVxdWu+0dHVM/Nlv3NY5uaqzzeiBa+M9ZP8J3YKf3h7c7X35bq/WkjvwoLByp9PRoU8f1fPe/WqbM3rujze0AaXWAhQf7Qhh2LctfXb9uHaQKCM5bArhOFL6WsS/JhcnRrA7O6Hq/civTgq6ZNwnr6rJAgF6138iLpAXdm1oh7K5CshR48hsV4tkp5OaGLX2aHtIoiHshBHGMOIy16l/5Jqc3MyK4RcYLFgmDdYpBvDiuQqEQbxFsb2/H37M/fVFrZ/fopobGhhEOoDhkCQtZe8z72IOu3zyiHwhonlrNlmr9vrCWiCQu/aeOf/33lkht++62pHGL0wEQD4XDLocDCN6yYQNP9yHQ0aAsivMCkAg00byaqr0hheAGy+JC6Uz682zgUuV1NxfdKmEXsdTKcUddRXG/ouifG+JppAjihdGKv9xmoC5LVPPc1c/r3LFCgdOJoHZuKLfQPI86JZt1ikGpwn05bpS/s/TVSdNm7uuIY/U7dtRIp9OmhUJBuyNy/Tfqzj2v9t7/1v+2TOuO6pjgZ00J/d+bWs84f/vujoB/nyN1s5tu03uDoREe9441K1f/4x8UJrEm5J67AcFN0kk57KNKxhFPwFVfKJo5q9viWsawkB8ExqFo0uW+GM5hRXPz4cLfC0pKjFm5DU7TI2ojMYQ5QMDWuZ0gipoSFWUFVUT1y2heqTKIlGJYMnGV7xAseOkM5nas1Do6Os6a+6nOmNPldE0aN8bnrY0nVV1xzemudSVGvP927WuvRKZN7zxvXmvEeXDv/lg0dT4uHnMmTbuiTT7X+hVvImsgOGg4PWnQpIH2GKUbjRro+RHW30JOc2B3ec9QDNkGFKou6JDO2cuL6ZXm72WBfsOudbYtfcOKlmxd1b8LnSo7vnPbNgeIW3oVs2Nz+fLleaVHXOjRE5vf7+/s7ASaTzp+yjHTT/H3BCaMaR7d3KQnfRBGIxhETtfBroNOZ008GOoLBjCmItHUvddAeS0x1udc+PCDIAI88o7A++Bpe5dRFa6VsI1GwRVrxSNAGsQZYQ7mUhY+LmNseKmqBL5lqhNEkw3VoQzl5QLxMq5+RAYM+nf11+LWkdlO/eQl4xasm2LiqiiIJRNx/NChQ6TkdXUjRk+eGnPX1bhdE8eO9tbWJHRt287dK1evHze6+cSpx4WSnn0iwb5wKBKu93p69mxd8upi3lVPBMcHuVJStWYrsZMyUjCDIeBwlAOxPDNIee6v5peoGUdLlRW7FW09dbNHdO6GM4QVwvThtfWaO0EBbgNtV+1n8pJ31VWylqYcL0Vojy4Qf/nllwtatIo/vO7u7q6uLqA5iPn0k2ZOmjmns6evYYRvdFMDhkdXV7c9uenp6O4J9vT11boctfG+De+vWrVypc/no183EnC64edFf+ViyrmNGYiAPC05jOi5WJEXpEIpdGvBwIyO7K0FlaOom6jpe8VFw2XlIlcIvgtKLZu2U7A43TJS1c/IfkZxLrEsfO9vAYP3IjNaNupV6EKIfBwBP5182pldMUdndy9YudvpjMZioXDY7XR49Oi2DWs+aNnAg3lg33Rxp3LwbCcvMvZT2QfGoG/ZFcQizSOyVoiPZkNDHUkEvERQM/D0KnPeqs1kpSte8j5PR+q89yZbGJ03OMxcBG4QaG1gm1vsloDCnZ2dK5e90dDYePy0GXqtJxCK9BzqONTeFgl0b9uyBZFHjRoF6g3g5sF68RcqxxdzcJ+yyKJJYU0/JjoU4DubEWHuhwV52c89Q1hBbaXyWjoeATNBodJo5rMlimabmp6jDfNhXu2EHEMnJe/q6gIrP5QK+BwIBOj3R7yF8HYY3ixD+KbfEtkoL6KrikZtk+Ku0vPBkiTV7sK8lB95I6Ho8lcB2gwkXVXRDDt0Lj2vvPSiOCi3AD0X71TvECmUktNXA21RycfBuAHQ9AdEK1SCuFcJdIhBAp7NwrcsMlciiKv2TzLTVFOMDEaEZUFt6was6hP2CoH7kOXgucXJ4uDlB/GCDt2mU3K544oeiEC3ScPp44aeeuTGSB40EA14Ga3WCsVrMyxelSFx2WHYmak0Ac/YREUcrLfGw1BYOmRUrFcO3IcIyhcB4pZL8cJAvCCdeDYop7NjEnPAND0ZCVXn/SnEbvrSUo12K029SzQdyxitovRcTJuLU3yXuL1phUHh7Nrh5u2DCMplTLw4tbgF4gWDeBGXeqR3MyUP8C3Hw0QPID561AMCVdCcFAToxR3HEJ2SGFGVKG3i3i/j8ii3oFvD4MiD9YxqmeFIzC0yXlkQz3YtTtFiIWe6DO1OeFLZd+nCZBKpi3CsUXTZ5NRyoQJncJZfRvi2HFAcSfieztyridfmEyx6h1OzvF9VgYlXc6ovnYCXBdMLqpf4qTBp3yIHTFQNuPmlqFbC2XrLGPyI4ezZCPvgkveyGBpaIJ4HxHlb/FCA7NJdTOT1Ol1NSm6SnotDPpNLyNLl3hoSRxW+m1e1V07+TRJtSyVYJIiXy6Fwlc/+Forggw7oHEVyClm9Fk71FVcKZykUxy0OftSCe25VTIUEwwwdqcKVJkcgiNM6Jcdhn0oP9bL4+ikLKy/djsVMTMOZ49J5dxHGttZIsEI6pmsVtmevxLLSEmmtXDrxQbm8qiDqXV5iXvb6FrHeLNrFlcXBrVDQ8rGMYlMuMxWLiBwG4n19fdWc8yuRSKEAXQorL6O+pfQDypalrRWGAmevEJRb6hSzIM67rnP7Thl0Sq4Va02Yg0eU0bKl6Iqb1IOXwsTVn0oZeFawgskRav6C1hLVKRag94N4MBgcstJQXko+iAy9RFZSuhbF2sm0wuBiunw1bxJurSbNgjjdVx2FIF660rxoe/O8EmySj5tXHVoc3ApDOVjnNocuE6/mhmclTFaK2w7VCrFRKZciJbfEWwhuheEL65p16jg3iHs8nuHFwUuE8uqr0YvgIEWw74yzgsl7ga1ghSEI33lPO1uUvB/EA4GAVr6NzUHn49UBd61YM3PzV1hp5b663gpWGEZBXMuZF++jdggMRZ146XNDJSwRS2ToBS0Ys11dr+W8QDb9JlI6Jbfw3QrDkY8b/DxbYpyHiQ9HpK40N9dK3gvN9rxQhbhWuEFhehksNLfCcNSoaJZCPC+IV8KL4eACekEMvbzAbWa2MH/GJ7c6xYz4Zlw9WPTcCkMfxOnRk38tnXgeEN+yZcsRUI1SLkMpO7JrJbhdLsgcRTN3qj6jxa54bhncm6CtYIUc6hTNOrRpBsQnTJhw5NWqXBcol47m5SLjBSlSzNzlmO7HzrCVZAUrDC6Cp6vFLQTPDOJD8MTmYBHzQkG8OEA3Q8PN6FK0TDuZeQm44a/hqwwYXsxkYboVBhfKs1FySywPA/G6urqjAbUrwcRLB3GtNC9XeStoHr4zxhEoL/pmVCtYoUQE11KacdGSW9qVDCDe3d199NS2Qgy9xCM/5bprLQeC50DqHEAvf7n7zfuJrGFjhWpycNmEt/QqRzgTLwtPL5qhVw7EzeN4Dj14NtQuCM0ldwQydIueW6FyIC7rv3QEt8i4IfwvAoF+ROLRux8AAAAASUVORK5CYII="
next
edit "logo_v2_fguard_app"
set image-type png
set image-base64 "iVBORw0KGgoAAAANSUhEUgAAAewAAABSCAIAAAAZ/3CGAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA4ZpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMDE0IDc5LjE1Njc5NywgMjAxNC8wOC8yMC0wOTo1MzowMiAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo1ZjMyNDdkYS0xOGMyLTRmYWUtOGE4ZS1mNDkzMTQwOWM3Y2UiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6Q0IyNjY5QjU0OTBFMTFFNThFMUNGQ0FBRjMxNDhDMjMiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6Q0IyNjY5QjQ0OTBFMTFFNThFMUNGQ0FBRjMxNDhDMjMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTQgKE1hY2ludG9zaCkiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo2MDZhZmM2OC02YjBlLTRlNzAtODdiOC1hYTlmZmU5YWMwODkiIHN0UmVmOmRvY3VtZW50SUQ9ImFkb2JlOmRvY2lkOnBob3Rvc2hvcDozZmMwMGU3Zi05MTc1LTExNzgtYjM5MC1hZmEyMzFmOWJmM2EiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz746FfVAAA8XElEQVR42uydCZSUxdnvu6d7enaGYVhkVxA3iLiB4oIajRr3iFuiuCQqxtycGDUn8SbHL4nJl5zPJTdXY1zuUTGaxDVuuOGOoKKouIDsi+wwwOwr0/fX/Wceat6e6enZGgbeOpw5L2/XW8tTT/3rX089VRV+7733An7ozhAKhfLy8jIyMrowzZp4aDNaZmZmTk5O12adhhCNRmtra1OpYGuBKlNxqt+jNQc5NDQ01McDz35X8kOLIVxQUOBLofNBQBkOhyORSLdmVBcPmfGQJBrFIEIwGOxxkmxsbATB26xg8lEzHA89sfqph21NQfjuoryP+HsWiJeXl/tS6IjgwuFQPLioTY+qrq7ujuxgZKRM+m3GhIFSJHXvHifVFGcYyUfT7OxsSWwPUUWNVfrLEEjFPeCu4PdZn4n7IUbxsrKy0mydgHczm6aL5ubmJo9J2XquAQH0oaaaQHQ4Eb7V4OrrqlHyxniwB4IvFp+J73GMOz8/3/7LTD9tWcsu3CaHAt/hniB4Qzz0RKCh2FS2k4UHu5GDD1LJR0qE7GO6z8T3iADt3VnrgVrWo7N5xo8WTQdQV6L1aKpITfmbk5PTmXTg4Ihi9zaCdx9Jl+3FB/SeCuIVFRW+FMwcARBoMs7UPv2dir6UYnOIdQLiPZR9B5pstUw1OilqhIA0fLNvJxtimxN8NO9hIJ6c6+1RQTzO1gPd9SI9uG8S/5v4SbvmuVVVVTy02RxgFoPNbmD2Rc5MOCLx0EkOjkB87e1CJmHrov64uIcycWt4e3BxcA8fIRIFovlsipRT7Bv2akNIT5SqCHjnVxdkTZIMfUNK1xJzgvzTe6KPk8/EOwvf22dnjY2byqpLKmuK87P7FmSHMjI81NUPHQua6npwP1GkiRDf4lwhyTSimwaJzruBW6nkle+rU3qIuW9j2c2ZuMG3lkoqahsqG4P7DBt+8F79V61bv3jFyvxQND8rnBEPOwvKQY28vDy3nG7wF3baNYdo8blNcxNYIC/mznNwTUrS6Sy0J+O4ll7M99wPu1YPnTt3bucnX4Em76XNFTWltdsG7bXXyKGD15eUlFVUjhgyCGhcvmrtug3ri3Iye+dlh0OhdEK51gC7nE6q4ob+/paKdA4qLhtIZQ7hG/S6JPhQvvswcXebr/Crqq6hvHZbKCt3yMCBhwwakJsdoa9MfXY2c7DB/fs2RgOD+vUdOnDA2o2blq9dH9pWm58Vys4MqzcGOrEemJysZcVDoPudu10LdYviqqqqqq+v97VtZ00gWnzT2kwi0LqVqQPDxu40criU3J+29hgm7lmlNL5JG9bUbausrausbQiGI8V9eg8e0Le4sFdediSUEaSR6xsaN24pra6py8/Nqa1vqK9vqGtoQJtzcrLqauvXbSrZWro1MxjNy8rMzcrMCoeEg+aa3RnqBPXupNNxFxJ2xg9/aWhPGCFSGSqSoH/HhoT0Dw+ad5qV3KfkuzoTd00lmyrrG2PYHW0MBGMbK7Kze+XlDyjO61NYkJ0ViYRDOZHMUDgUzsiIRYkN2o3LV6+bv2TZyGFD9x48UAnW1taVVVTR+MW9C4cP2osEt5aVl1VUri+tqq+tbdzWEI4vfzIMFOdmGklPUVMjkYhtTO/k+RudV/ROHsLnB3+E6MDY0OZcoV0Wp9aIlPZnKfh8fJcA8STeKQJxzZ6qyhvGfWs0bRYKZUQbQfZoRjADtM0MZYC8IWdzY2V1zcdfLVz63rR+M/4zeH5VzYG5M44+s89hpw4d2N/4aXlFVU1NbSSSCU/vV1SoA+cYIaDsaMXHX84blJWlQzDaBPGdcp5JkpDiZks/+GFXm0OkaIMi6IwafxGoBzBxmzcBTBnB7Pr6huWr18K1CwvyYN/ZkUhG5o4N3yD94m/WfL1wUf2MxwrmfjJyeXDf/N4FxX3KVtctfvDZqhnPLTjs6LqDz+pXXJyXu8PWsS1meIltOIwGoqVllfwtLCiAjm/evFlbWkLxVdAWta2AmPGf0r+7MjHExrmqKt9y4gc/+CHdIJ7k7BRAvL6+vqamJraxuwGcDSxdtWbdps0TDz8YEBdV37SldMPmLWvXrsn4/OXeCz7N/WJL/2D+kNy+2UXbtxT2yowc1qd/1fqGlU/N3vzCmw2HDl524PHRfcZDwPv1KcoMb49WsrXsuTdnjhg6aOIRh4hfRyKR7OxsxnwPiO9qZ/UhIi2ctnnKoB86QBulCdKBaPMQcLzm3Zc+PfTDntVNZs6cmYRdQnIhmLD1aOHAMfuNXLpyNcS5MD9v9YaNjZtW5n4zJ2/D8vDSVaGVjX1Cuf2ycwojyTZA07c21VRvqKkqj1RHRxVU7z2yauCBjcMOyy8sGj5kwOp1JXD8Qf37fvzl18HStfn5+cCiHWayqxkotKVNe+X90E1B/kWpr4skb68Wg+se6vuJ+mF3Y+IQcGg4Wh47pSjeESKZ4cL83Iqq6kH3/SJraaBXJFKQmVUY6Z9ZlJJJmo4I0POP58oV9VsXLiuvX1Cx7YnG0VlVv546avjgmrq6aBzrM8NhaDggzl87pU/GCh14pLCznLfA7vjyQMg/A7Kbglo5cR62E8fsQPMLFhLpvz8V8MPOAfEk54kLxIlQWlqak9fPNDO2slHVOLZ4r85knBfO5J+ePy1ZZ3CsXMrKyui9YrupH7UqJ0VdzdWaMb0zAeCurKz0Dd/GYe1AaluCNhe0Fv3PtEkn1LTbyxrIDtKz3bMyptGOih9sCqmUynLXJ0qkXXTeamcbW1JJp7WfEkG/zeBuJLa626/udqc08Bi3SOnPvbUZlVpZDWRFcrWlp/es1EWdjIkDoEjErhxzDrQKZHSpiGKpBa0ajZpHQ8Pz8vI6fN2tmjkR4oUg7WXxutky4Bu+mwYzBngEwhgvIRtr5r863IpfdVC4C3DuUodOQhc2KTWtLjTE9xNoMYY4WU1BlvHWBmapvj5XASiJNnyhQnbIcCqNrqRUHjRfJ/3qcwqchsmB9tTIS5WSkJ3JllLptC+d/qhxxTMb6MxUwMVHvZExU1nrihLLPf3zJKE27aLW0V8JRF5qVjAbcbsPZ93jTqVanZeGliHbK+pkTFxKXFFRAf3M7xOIumjYtXNnx5NJuZCjjKFoc3qWMdUSdnOmiQwJ+Ad0JKIMMkExmDAhn/gerpz8/Hykh84wb9N7wbF7xILOHWQgzI8H3bwhlkCLkyDJCj4UmaZXylANRnTj5i0O2FYkVFqeQtr2xbeFhYX6PBUcF4KTwpZ4oDuRI0UtLi7u1asXD919BbPuU0WMVAR5Sghkqvd6o0rpffKpQJJ5QOJ7stDwqdHC/He1/EN55D5bEA+uqTM9FFVloySV8SCfC5sLSrVoaBRGN812h8VV8I18jHCIaphLdCebXsaPdom6bSYum3gzJh7YQZxNfTL69xM/j5aVR+vqMvoWN6v5phLqGuwVz6sx2rhhY8AlC8Ed6em1NQYPLYL41KlT77zzzuQSufDCC3/96193ksW3eeD1zJkzr7vuOh7uueeeY445JjHCq6+++vrrr7/22mv25r/+678GDBjQYuRdJGzevPnEE0/k4YYbbrj88ssTFUOU4cgjj9x///158/HHHy9dupTejnIfddRRBx54YGspr1ixYlE8hOPLHjbVAy6HDRvWv3//cePGWeSVK1d+8803CxculCoS3/i7p1+pP1fEw0EHHXTYYYfpp08++WTx4sV0CeWVylHs4noUia8uuugindywZMkS6ijQ1Nlb3Sd86gJCAVWnnnoqXYAaTZs2jawp1WmnnUa/4Ne33npLytmFZ6mj9hq9tFsNOdD15FxA1oj3/PPPV3nQZ42OREjPMoBGVk1QGN74O2bMmIMPPpiRzOK8/fbblA0FQz3EytVSXYvjmmsKxDXAi8QIqTqpGKQpJj5p0iTEiwa++OKLaCyJJ2notpm49Cm/OOjaxN2SBvNy8+/47/DBo/Xfqr/+veGTub2m3usmVXb5teHDxub+7MfbB5zPv6q46dfRisoWmHgsm6CZTa3xXNsI/4VwtSkRWhQw6kIi/69//etvf/sbDw8//PC+++4r3QJ99CsPqJfbip9//rnw3RN+97vf8feQQw65+eabBw8evAsa5kpKSrY3XFkZ9fKwAFpk69atGzdulJ1Not6wYQN9RvwoSeLD4wHpPf/884gL1VQi3/ve9/bay7vKMiweGO1QZTon+fbp0ycRiAXfFABFPfPMM92ODZqPHj36ySeflJ2RjpGcPAq/qN369esZaK3njBw58pVXXpFawse7lYEiEMSOeKXz/OWZktsKhNZmQHN0uwv3TOqQH5qbv+eeey5v1qxZA0dBnvrJ8FpYQxB5d20L3YTg5EWV6c6IgjYVw/CEE044gb/r1q37z3/+gz7069cPoZl/alcFSkLimzZtgm1AF3iDcqItKGfn73Sk71BHqmBNz7NYC52r80w8Kmv1dhB3xracq68wBE8xED/nqsur/s89ZhMPNqPiUZkyxcc9KEw5EKKdJ/X9738fNGwhi3AYUNDEs6smufaMWCiYjkI1YwsPurBY/6XP//KXv+QBZQJZaG/1N6gl4P7uu+9+9tlnN9544yOPPMI8fVczedN7DVDoBjrC1+UL4iDu0Tpa+pONWy+B6enTp/ft2xf6xntQoKioCLAeNGjQ3nvvPXHiROikbqS79NJLQUw+mT9//qxZs9Bj4oPXEyZMEKlHgM8++6wm+CiGB8QpD/HpRWPHjhWCP/bYY6TDf6+55hpahMnBnDlzbOabnGfJJE1pR40axZsFCxZotvGtb32LmQFloJpKxMzHrhxsIdQWYNSxPSulifFtPi47uMVULrL1mWGKAqBsMvdbynqw5VzXUOsaTOzWHjemSsh/EaYRO7ElmSY8ufNSfVMkXddH2HKcu/IklUg8M8vk5lnubnFajJKoMCeffDLNynsG2vfff5+ZluZ/xx57LIM9MqHXgwlPPfUUH1JOCmkFSF5Cu2vUszoSaH5wJn/NkmPISwFkKkwC4sorce3dLQkPiazazESdZ+Ku7QTuvEPWkVO+3QGk4KsdIB7YgeJRByYklMQ7JKviwTowshCguOeDo3Mys3YVtJEjXE/PDI9DhgxBg5HP0KFDBdY8xNx44mdvzZ07Vy8hkueddx4NgJwpJAUDZdA2ZIsKrlq16oEHHoCt71KL6WiYTS8QIJXydD/XbGeqwn9jByqUl7sLPnQqBlGoqwzcCPD+++//7W9/q4kIjAnKz6RYCA528ytTE0Y1dJqsYdCTJ0/eZ599+BUknTdvHm0qOEssD+WkUfjvF198MWPGDJTn008/5RnwZRyl/5Mg5UlOXakI6ADPov8z0vCGwYAuROOC6R9//DEDkkY1zRFtCddgWp1TXVqDuqmxFqxEYM26qvLokjnFJ03ZfF3d05LDo48+SiIkSI140IKNTe15IEFti7fUxIFkUBbnUBk0VNjSMYlrWsn4bb2GaHAOvqUReZ46dSq1ILJyV47qjJRWNmJbiVUBbElWVgIbP4zCW90VEp3KJGcKtnr16jFjxgjBKSQdh/i9e/em5ESgN82ePfv666+nA/Jyv/32W7JkCT+JY0lErZVQd7SqhAR37FQDyRCnmCTCbICea9NQdBjVjd2jUFEh1utZcpDLnLs63VpJ+AlNju3LafqcZ96ggUn0NlUmHg26Zq9mmFP1t/ubQcC8BY0lmyv/eFuzlli/oWH2HM9Ld1QwK3ucIQSy47US10i0h1BV68b9+/c//PDDE48tFIJoGcoaozNzT3cbCInTjdU/KYAMCDwA0GJGgJFinnLKKRBP2AEklMi0HE2CEjD1Q+1kovnxj38MzO1SIG7DPsLXuqIbgZdUGZlbf+NBMyd0xl4iCuo+fPhwODWKJF1cvHgxGs8bDXtLly7VM2HhwoUkwn8HDhzIA52E3rho0SKBOEC/YsUKUvCs5hk3ND0xFHO9WYy6JpmWGr7Qx0aP3j65fO+99ygSRaVUDMlyUhLWiOIwPMiXwPV+07UViA6VMB8SGWrsXOLYeUFNjEw3lqAG6lqem49UHeFsoGkPlMYGnfegIcpdaiM1Wk2ioLQaQmgCYqoABuKKKbGQgsuQSFyrxPpVbNH1F1JlVQA3WXmXqeSi+TL0y51JdbQjtIiMoKRCiZu0VQZV/OijjzbDJiM9LYJ4SZ+qMYSvX78eHD/++OOJwMQXoDdk1DDfWgll2ZeIECN/VUJ5YQkGc+OBBDUgyXHI4EjjomY5sjV51ueljbLpS8KtlUSKatXnWauDSbY6psrE86I7ViIzmq+BN65d36wnVFZFy8rrpr3m7SGQoOYxm4G4axOPtsHE3bmMFnBbq6HgW8+vxcOrr76q/zKvhxEz0Xbjv/nmm7fccgsPL7zwgkwiMoITGdpo0W666Sa9/PnPf/7ll19q+fSPf/wjSE2Lwtd0wO/IkSMBIFQN5iJ7mVRWXhynn366jC2QHWmt5X777bd7CsZsUez17rvvdo2njATPPPPMZ599pjdEgPh/+9vfTvz2Jz/5CdPMDz74ADZHfP2X9xCcd999V9UkXHbZZePHjzeUlAXQM1FQhyR302Me+K9wzR0pEw/Ak8FdwM1fgNuGRoBSLhC0pl4iNMj7gw8+KPsV4tXyfaI5RdP5ZcuWIQH4GoMHwwPEnCYgAiOBVlA1b0syepE7xYOJMz8Q4yP+/PnzzznnHDUoApeyURJiksWpp56qlXbejxs3DqC3FRHIIMWgiYEnFIP4l156KT8tX778kUceOT4eFBkMYtKA2hA5cWlBjjc8XHLJJVrvQhsF1gic0iIZLfS5qVGAvn37MhASjdwZO0mWCQ1TE1s2ICYKTEytUhIZlbZ84bN33HEHD8899xx1ueqqqxhmyJ3/arWTggGdTEyPOOIIUrZVDSr49ddff/XVVzQxjYhgyQiywk9Mj/75z3+eeOKJ9D4Vg89RS9KHBlERzyBNLtBwcgGXhW5UjTKQshie+g7qIXXStxo8yFRtSt3R6tZKqLETCVNf9Ts6IMmedNJJIv4ESkjTKy86vrUy4ac//anMpPREtOLGG2+0atITqSbpk9cbb7whMx1DUWslARw8kzD1NePmnfdOaXTMKTtCwd23NzM7/OVvlY8+Hg3E5orbQZ8BPJCRd/wxuT//iRtzy9HfsYXNaLCZR1RWykxcDljJDxCn8yDoDz/80H35n3i44IILELo+d9GH5r/55ptpmESDuAtJKuH2tYH4er1axVbV9t13X9qbn1w4o6tQQT6Hv/SPB4/BC12Rzd3q6+YogTChu/baa62ECp/Fw/PPP3/bbbcJKN3TwV5++WVGmh2LGTk5qCZo7qbwSDxcccUVnWfigeb3hxhRtTUAVJNnuPl3vhPThMGDB0+ePPmll15COAhc92eSJrmLrZi3kicLuQBSgJkzZ2qB5JprrgFVr7zySsRF/zdwlH96iy698s2QbZ0+JryYN28eYzD0ee3atTwceOCBs2bNkjKYhcTaGnB0Ezw4HigSOC7Gap2TYqCQAJZFBs4Ya0lh2rRpiMXoqsWXn59JUuuKFACAO/LII23ekJgaEIYugbaICPTxLAnIuMcAgM4wHrhrwp65jmujF4sUtec94O75cO94QFyonIGRKTPa5RYYODv33HNnzJgBjsvTQ+7FxlQEYfYJeEeX4SuGKMXUkjVYqfVt/iu9RT60HRHQhyQl1MKP5Klf0RaPUxbgfsABBzADcBHWIyLQ0iYxVPPMM8+0QZoi8RNNwEhG92+tJJKwO4alxMSTWI3FxMmbv7kB1ycwmCHbNXpfm+CKUFkW2rqxheQqvf4kdTXVkazsmHtiIHZMudvtU2fiKmQSvzHKj+DmzJnD8xlnnEFnQ0Z8wswL5vvkk09u3LhR0EayZvW+6667kB2sBE4nIyy6jpTfeecdfgUdIGVM8CERYIQ+4UGmZCbgeoOS0QYUNbHhqRqfaxortkurW+5Kyvqba6EmjrwFbIyBeoNcWiRhSGf8Zyrw+OOPQ/p4Y9+C1wiBQYvIVIfc4aeG4DBNSQZtgzI8/PDDJl4K74E8+ep6mLgIsjvNpBHFZOFBWrFB1AxpZj+BQtLxQIHp06cLxw+PhwULFhCT0YiftIYmrxItHyFPz3RbRJUiMat48cUX6TyMDTfccAO/QjOhjeQiz2sl2JqfInHk/2BL5eAv0iZHHgBxGoupFYCucZQx2OoCYlJZRMcQTnyY6VlnncV71Eb2XLKjvooslyTw/fXXX9ckA/mPGDGCvGB/DD+kj9iNfHkEHjvff9MmLcCSr9CNUgHElIGXkyZNojVJ7eSTT3766afp/7Tj+eefL41CPzWtJE16hPx5SIcJGW9uvfVWUpADFcSWmZ9Zt8yUT400FlJINEr4iNYhfNqCwYlkKdXw4cNB53vvvRdpmzsZQ46oPcMhDUq7a0p63HHHffLJJ1RcI7c1MUWi4cBiwz4aSAYiwwHbgKPPzSZGOckXOE5ewoceeogcycj4NZ/Q4jBruhu698Mf/pAmowBIidn8/fffDy+EcMi885e//IUOS2d3lyXBDWaW9DhAxgxHjHaqRWslue+++5CVax0xv/hkfiJJAF6sqmnHZrDRluChIXTaDWsi0cbOuO9llpagknWwomGBWoODuIth6kz87nhITByMQ2Q8wOyE4GeffTaarXkWYeLEiTQw0nz77bf5K/8k6zbQdpCd9pO9UmUwh3FttaAB+GvaRiNRWsRl+or2yzcjsXgoDc1J02qE0DKs5a6kbHeoDbS8pwwkiIYxBZaphBmfHAz4FbKA6gDugJeIp32LEJj4o3ZIT4IFQfQTvUjIrj4A+oARpBBoul3aUwWNgh4mrjSFswavMhkLeniG8ckuIWsDAkQ+5Ei3BIAoPPNZrWESZAUCcfiQwVLUWEZDG7PFB7XChroyALje9/S0J554gvfqopKz9r8lnkEvUBAZl0sMsEgflg2HKbxS5qdly5ZpD5rrioNAGD5JFpQnR0ZTin3xxRfz07hx4xiWtCJi2cEGAHFQg08QEaMmVAOFYXAdNWoUn8tXxJi4h6bILEsEudXzTAqoJZyOXBgUGcbABRgrkgTZSVbrLvPnzwfWEaZmMP/4xz8mTJhAZM3utSpoDldE4CfaSCOox+ePjJCGUAkezQAm1kLFEcWPfvQjhiWSZTyDQLjXE1IAKjhkyBDSBONodDnsUni+lZnera+2utiUl3zpd9oF42qCFoq1T1iblXimd7RZQpSf9nW9jBjLGXtoDnoTI8ELL7zArFf2NA268heyvtw3HlzXZz6kB4HUkHoZdgAfzb2Sywpy6Ta0FvYS+2AHmTh1rGuMVlVWU/Z+gUBWk3Wl4tr/1awzLFjUYmp1b7zduGq1dw4STycYyNhaXrmlvDozM9wrftp46ky8tcBoBhIR02zZ6ApCRKYkK9LNuAp8CykQMdU0TWUeRNujwfzVZBZBGarynp6mhSNreI0NWoK3GZZr2UQbYD2JRf39738P/6I5LXce+K9RWhuHNSmjamR0++23gzLUBTKoSqGIdFHRc34Cwmh4dwyny4mDa2h89tln9f6ggw4iBbSKl6SP3HgjEO8MEz83HlpsnRUrVjBMylwr5gXVQrNRenCHzgziyMIrKF+5ciXApIU7KiUAVX+meNQUqguCjx8/XnMORHH11VfTTFOmTLnttttgx3/961/lNURMc9rzuIfTQKq7XiJMOf6TC6OIxi0wmgrSyeldRk416pMC/ItMtbo4b9480JM3mnKhb+bPQGAElR+O9nEgN8iEVilQVKrgHlpgW8yttDrDhz6vsQ0SLcDVvAH5kDUgzk9IEpXgv3/+85+poJYuBHBHHXUUwCHrlrxi3P07ZiUT4rsUR57s/BX4BuI72vrEg4whVIfWBJi0MwAiZbrNVwxgmnbIILNq1SqlQ3YIXPcEGEvTjnGPlVxrdeYcacO5fHV0AAMp02rW45KUkKEU4QeajtgjvP/++7LjIQ0ERQkNUuUd5HrRmOeJVketnOSog0O0nml6lVxWr7zyiuvp2JVMPBqI1jZsK62szo5khsNtHJ0SpPJHjW+W1Aezk8WP79lkvlFVUQXliMb9xFNk4hdeeCG66EEZ/kvP0bAsJxCRO3qgfJKoGrpLYzCT0lKJzlswaSBNoASyYDM71MsFcXEo5GvFk3WeTM3VhPIzmMv8LSVrTQJK2Zi+yEgiE5fxl59oEa2W0Jf+9Kc/tWivF2e3b4kP1UVX0B6KCozCfwUZeo9kZHjlPUoDh+0YE0/uLgkcL1myBDIrbqh5sXbW8V/BK3FQejgarUDjyi2E6TbQpsIrvpBX+1BAfCH4G/GAtBmYGQAAyiuvvFLL1BpH7UAVF8SlKlJ162ykYMe5EJjsi4wTYfHixeq3JgEgg4EQTOQv6WhSzIQJENcSLiBukqEYVAEJ8KsaFLnZ8gaRPXtnZMp39UdGarMwkBeDH6lp3oAkGcUfffRRftIedCWIDBEmo13LXr+RiLqbDTa6eoXUkCf6b+WX6BCj+Lv8QMidxKkLOkmjLFy4UJHpRO6sAlQS8eev+XVYsiqDuztERhvgmJgasSiPRRMOiHrLb0Qe5QJ6EqFIKiGf8EwhE0vIS/7r4jJJwWmIrw3b7tZCOR3Js9udKNAWsnrbWAUvAXNoEd5rgG+zJKir+e93PROP0WNns0/I6ad5t/856GRQ9Yc/1X84O//eZiaO0rO+l3nk+Nzf3LwDZSoq6sZu32Ad2u6dEu2ATVyLS7ajQcxX+wCpmhmsJQUa1bbnyLEJqUHNQEMdSWH6hKKoqWxq6WYqF11ZUe0TiUs6au7kRlflTHb//ffTtLYIyUxK2xa0fSlFJi4Ie+aZZxi0XbFcdNFF5PLUU0+ZowUCtG/pjVoVlGxtTybV1OzVuq5QssM2cSMRzIGmTZsGqMnHWSs/6gOiIdppSTm1W0fKKsc13lAMbXb/zW9+Q2QGG56hwESQ664IKYBICoceeqjmH2+99RZwxq9wKya/9BYm1Nq2I3LNGwrpnsEiAiX3cMqgbk+Qp1BiYNIGM5D5xUVbO3vENvWYSDX5c1FYw5WMEiLd1hMRkee4Hg8TVweRfd80ROTa9vJogJHnvvysL774Ynm+W/joo4+otVYjlKZGLDcj0VuXgggxtbXNAMuqo9PH5CwkX1JQzJ2fmaDMXdoURs4byEEmL0tcvtukJhxEk+nXcimxhU0+1F7Hn/3sZ/rwD3/4g0Ghzo5WpvL19pSQXMyD020dVdaFIGKKPltknWkjzLGZt5peCzY6Xyj1krjz+y61iTsuhp5jdupenZ416XvtNYjzVbPdQ+6OzWg7vFPkJy5scjdH6XOrPFIDTdx1Yborn4DgMnXJ6GZ5yertnlnoZioiIIrtYeK8oTwyN9PVoYGy5SFG2/oh1LNOyyci79YWPMhkJuj3MHHKNmPGDCE489BzzjkHIZgtz43pMnGKJxcuKb1NFxIlo31u9lWHbeLGOGSSck8xlOg0I5YNgXDfffdp+4bESL78hQDSRppuQ980MolHyzJLstRFgEJMnmUvosxPPvnk1VdfbasLX375JfFFw93CawTSX6PhSQIyBA3BEZdgqtdphUNjjBwtTHnI18Ov7dhkjXAmZDlLuC5liUzcjjA0ZUYyHvOCXXmhU26E4KD5c889h6BkuyBfA3HlIsF6stZijHV/bRGy6mg3hl5KB2TE16qvph1u3TVaa7HanRJpO67xLauphqIFCxYIxA855BCmVjKIaYFEBFzTU3MNcF1RNZ9WIWUS8ZRQxbD4xMyLB81LXOc3QZOGSYtsDnI2sGkriQz3WgNPvSQi493CxN2tLhnZ1HZ7S1f/zx3hQw8JjdinHdtJli7jqx3anBNydmy2j4lrJdqzOcI6A1VgRkPzf/7555AOtzGIbxNYpu1UUyeguiY214iZIhMnDjmK4M+aNevTTz8VSdQmYDqSPBOIaa7Z+lAPNpuzMcMtlVlvSVb/HT9+PM1M4bU314QgbiJ7or3RVkDbxYDGo1uJkuEnGGvnvVNsyNH8N+BssBbBIWVmlzZN5kMdViWrqE6oAGisY1BaedHaLjvjfabxKpjIB7zskUcemTJlin6dPXu2fuWvOx3WWjR5kbKdnHXDDTfQXuC1AIifNm7cePLJJ8vnhCb+6quvZH0yP7m5c+fKD0SnnRBk6LTB1SRDsuQO0GgXCbnzPHToUDO2yMqUhImrn5vrERJj1iLWIsfqAw44QC7PMAkoBZxAMZnAzZs3T2uVHsOXNqEI9C0X7Q8yum0SUydFwlScoZri8axtEHzClEgWefnCenqx9IfS1sSDicXOs3S3bsnSRWmZh02YMIGvRo8e/fzzz69YsYICyCLHAxKmx51xxhm2bK4ya1mCQAkpFVVA1VEtt4TEEbNJLIk88T0++55i8ywU1f5Vl/bJpKMzIOWlmrwk8mJyl1hTYuLJ/cRFK2LLBQ31AbfJB/dqnF+int24qaT09HNCo0Zu78/rNqAOpWc14+aNS5fXrttQ/+F2y/i2RUsCBpex1AodRhOk1fLiPFq7pBLR2b0pQg6hLQ5TOidILmvaPy33Zzkn8OtLL72kmKiFbNBGN+SY7DJxN1P9qsmsa8jmJRWB8MKO77kndqjAnXfeee+990J1bT+CIj/00EP0OvdDNym6jZv7119/bbAoq4gp0KhRoyAmMvRrd5LraU5ka3503Ty+xcRPOukkrfqCPnILMR95c1xJ0U9cHCqRiRcXFyMNICPxJEiZs+nwCxcu1BrmxIkT//3vf5O4SJZ2mYGD2kyvzkYfsH3k5lSrrTEoDDMqEUzzP7P9L4RTTz31wQcf1KqjCKYZ1j3u4QA0OMtwS3uJCZIFMzMb9ceNG4fo3K1DjKbvvPOOwJostEAq5sgYSYPSRi7DRfgIWbCrU8YuuugiWzbQtNrl3SibYauxPFSIdJT7nDlzSkpKtLJHanZE1LJly9xVwQ0bNogG6gh4820XbddsycMYCBoyrZOigTrdl0FXZnGKQfWVsmp0wQUX2CI2YnTRzXyfpTauFmn6qBVF68V2KvWHH34oz2s68sMPP4y0pSpalAYKzVeHWRcF4xO0S61A67/xxhuaxnlKiMBRVG2L8ZSE+LZh1XZXyPzokgDbfpno4q0JPa1JSWSpS1ISZEVJXPOLTU06vmNT40DMjpNRGQoGoD1bSkuHDxzQMPaw6unT84I7om6b93Uzrt38vxpTtjVN9pvx5Wig4eBDtzVGv1m7viA/r7ggr4Ghb1uNbEmCDM+2OmiLe3ZKku1MVAGApjmhCeApjTp58mRkTW+cOnWq3DPAr7Fjx8oe51qlPfdn2v0Ach+G5mjDsecTWRXowGeffTZ8Aco8adKk66+//rTTTlM07ex64IEH3BFbedlaPwMA0Cwv1HfffVcbRM2XWasutn9nzJgxNDyVmjZtmu3lATjMrucOaaaOZIpkXnvtNV7eeuutaKSm1XAB2CtkLcmOTW0d9hBDsUWXcNnRpqTQ4kgs0c2cOZMmEMO68sorP/roI5FccgGJjjvuOHMYENCIEspuqOUs/n722We0CJK/5JJLnnjiCeCenn/ZZZchnB3EY/BgsIaYOhTJlqzlQk4w90T6EuMuw48MQWSkAXX58uXiU1okRH9cK8FVV1315ptvIjpewuhPOeUUMz1rdHdBXNti6cw6/e7CCy9UsjQcY6qWIl1bjeemJB3ChYiYXpAUoI/onnvuOTST9+edd57IHcCBKKgCXUZ+k8jkqaeeYoyh7oyazC0MLEQw3ZYiWYrB2OAx0+vYLGIyY9P+z2OPPZYUYEU6LOEHP/iBZiH0Oxi07AbuVE9LVhpyElXLtYnbuVSkjyQhH0xtkdW11177ySefvPXWW3J/RFXMLkQxdPIdOoYwxXJoL1Iw72y3hKiEtpW6em5K7ln50MzAbUr0ipFSzMmVkqopzk4hKYn8HZOUhJHYHa1dV5wO7tiUr9L2Mx9qq+rqY+yGuWhNbd3mwyZnF76aW9bZG34oV23vxi1HXFFdVVsaX6itLewVra/Ozc+VKVPmNsMdOT+4JjOtT7Y2TCFWtPnSSy99/PHHQc//Gw9uBHg6Gj9gwAARJQ+t9jBxHeJBuCMeSPZXv/pV4ifafX7CCScg28cee4zp5E3x4CkbzAttk5FXX6EN5557roaWa665xmKSkTwN5PJFfPotkE2N6MM2jCsMGzYMZgExoX+Svhm7EWO/eLDDPRgzgDwd8/LbeLBE6JlffPFFa0ycAuhgOas7vVQbpsVw3Zdy6U0EcaStZX3whVGNiTAxR8RDYjtSTfoAlJzhynVd0EQ7ED83HMJF3SHjN998s/stfO3pp5+++uqrA/HDN0STZaQ2NwCkwbho634gNUmBFJqty26j2RvkV2gLNNAPLRdG6wMOOGBSPLi5QwkZF7Wa6jo5MC+kMGa9MeCYPn06WVMp0FxjDH8Ro6aJ9oYBRuvnpA/PpSmFa25qkG4GSJSKOoIyYB8S5r+29Gfy0TozDIDcEY5OPSMy77Xr54UXXmA6aLLivRxS0V70UG2njVoeR1KmhpKqu1rD56gln8i+Z8SCMkhhPIf9InbtyKUJPvjgA4oHDhLzpHjwGPqY34iVoydqa+ZM9HGSPSIeEkuIwOWCklgSnbxkE2j5cfJfrYTr5RnxQCuTkRnl3WpqKYi/bZaEYiNkO9HaEiHZJJvS275jU/4xVVtLyyr3Hj5wr/qY+1SoKhDZds0plbdNz+/c8XuMLw1TvlsfzMrLzRy9376hYLCssqqufEt9Vh9j4vLWcoc+9yja5Eycr9A2wBeeghYy+6O36yf0gMYbNWqU3CdkBUvCxBEFVNE9REVTocRPyBS5MzBAA2+55Ra6PYQIEqFovIeka38X5Ah40oc6UwVGw19eAsREJoXvfve7fCIQtyNK0OnLL7+cDmy+3sSEWKF5KBNUS0Y6GSVcs7WMDJojo+V0sClTpgCjlk4gfkAHOQrEW2Ticrxzp962yOZZHbIGSjyA227eoC70OsYScboJEyZYHPoJ4LhgwQJiUjU57cqibZWyC1AYCZDn/vvvb1jM51CbV199lbyAIZmzkRJ8GY3iJR/Kh4T/AsH6atGiRaogfUkuBHLz0NK07aoFNLXaYVNyBuzTTz/dDq5BqpBQiDCAKwOUO025++67+QQct12CaIhmCdqRqzVb0V5bRfe8kVTffvttFAwcN5sYWaPqtCCIowGYWjCSoe02s6F2jIt0B3T14osvFn5pvYEyMEU78sgjrWzyy7Tc5R8lH1YERcXhmBRAp1FqykKr6TwQzSoMg8TiRTDVi0031BxaXPFsbpLBmnwRzueff06zHhIPxlGgsXRwIJ438kNVXmgXCaJdiWenuCXUam2LJXEvF1M0nWnFlIsH21hvi3OJ1ZRRWrtek5dEllJX1EqEdkmyMyaovtoaAmrWQx+Lebn26r/PiJFl1bWZ4Zg1rTAna+hdP8x+e2ukozBeFw3UfLtoxXUP1DXEXFLq6uozQ8Hly5Zl1mylhlQJFZGlyfMh0Em1ddQkigt3S2TiUnS+pSVoYCTFrBBlsrPf5FNIB9PGNt5TUzowKWvPHkrpMnFEwWjJr0ADkUVq0Foko2VA9xOtlcHBgVTBqB1lZwfRkQhJEXNUPMhplOkwRRXJFbEVclF4KjJ06FAUF8ls3LiRokIYdTSo1uil6Gpyeb8CTLyhr1JIvqWnyY9Yc3PQEIihUuQr7bTDrOUPwH8htiic55BFXW6i019lv5MBUQrHe3uJlHjf2lU4QkbNW/lKh2rJec40WBMynXEmgbhetOaArxR0lp5c4szwrZ6pWmu7nbie7voRXCJwOXpKQxTBvYlNK0OiqDq2UJ+AwjKUvfzyy++//z6EwBx7hHGF8UAWNAHKYxMy6DATC5lrZNglOzIlss7LRRp2PZtKogFMb+QCK0tCWTzIOqE5lvYZ9IoHobNMRoqmcwvMlUUeUMpF8bWQqwt05AEiWNG4QuJE04E20hNdiSf/ELm0adFIvhmqoHxJBYgSr83n1GpaNFK9EvfT2vVssi3oSEJlJ0cRu8lPwXqE1s9VcRk/Fd8tobxNtIPJUxIBiCSswhNfAxIxpTOCXS2S2SFrVk35veh9myWRTNymVyMmntyZKhM3Dw3ZOstWLS3qNyA/N7c+DkPV9Q0lP7mr/+orMhZtC7cfxxuigfr9wxum3FVRWx8JxcoXDmVsQRnWf1PUK19ns8nXKrH/67AUnVLtWTcPNN3YYLsl+QlpgtQIQjvW5PhRFA/AN7KTg63e65gFOVp4kIuY8C9ZvuxCXpUk8RPdSoF+gL80thROLEZ7QeWWp+3gWg8kaKuILs0xjRcS6ShXlZMPgQBeai1Li64a9vgvL4XjKp5OAtIamnugrpY3AXeyE+sU9IjzyjYn//HEY0aEs7YDXiYUUUX3peiM1hJbtqfFUVhmIuGFdtxJvw1BtLoogbd4MqIKo25gl+dqnc1AXGU2kmU2UFk5xUDNTdBD+c0ySy4CIK3KehTPvPTcLUU29XHtv0JM2aDsxGrdP6dRSmOAHTltV7/aEbImOtnidH+be5642/NlFpPnnB3gZScHmLjE7kU4NCRLYnbdh12UarsTeRZSy1FaSu4eqaqTRDVKaRuUlpHtGF7r47qoSNt/WlQY0RS1lO7Jk5u5DdjSPTuq26omPieVNtC3EupliyXRgqqErMKbC6ZEqph2eIaCJnmqZrtKYlRDMy1hgiXSEZu4aJ2dZd7QsHHN8sUj9h+DLm3fJxbKz771rsJfXBf8JhBqD45viwbq9snY9Lu/r68NZoS295Ka2nrSDwejIqEaf1q8tk7sDBSz2+1sLo8sEptf46oO/pbs1EnksGwTN4GFpoR2r65nXyWQymxdXUVrmPKzbvETZAuwwojdqwCkfGoz8uK90tGHZKGlfPUQImtNjMrKx1l6o6GbfLXOqR4oCHD5mq7U4a/UMdHVB7GQHVMKpWN+JiIgJCWfEw8LcC/8tstZpMdyJlP/tFuS27yzyr1k3XPVunvnS5K9oIIDS8Hgxr1Yx66zcS9SSayLXbbiydG9kwVE1nm5tt1Gu3N1TJI6sHthjfVzS41oNB8KoDYyn3H3Ih63Ioa2dh2MCVbQJjhLvNlHVbDCu9W0ZO3uAru/xtMQdv2NHix384fT8rL2LqmyLd7s45G/5z6dVK6N99wp4Umzxc+thKnf7GMlaa3wtmXJvZ/InSC61bT3KZbEve4uFeVPxsTtEnENBTEP1lXL1vTqM6zJoZXCb80bGrzz//X+zZTAwm2hFDk4/w4Mb/rdvcsrGPeiAnEaf83aNaRfVNTbTjXSXtjWSq9JjfaMCNfcPXItWI7iiO9ZH/BsjUNeZplp8ZJ7N4JYhrtNo8VPWsxXHMfc2z0fumYc1dFS0BmkrtegZxnD/VyKIvgQ/WztAkzXiUrtbmVLIlJXLAYWZtC0Azfcy8PadTVHmyfkJB8YuvD+SS8LaRrwbMw2QJRBI+AcxKGpt8cNQ9YJ3XLnvlSwwc+9FSyxAC02hImuNem5mJLIc5NAp7Vpa7kb1rj+FWkIauvUtaU7dKNjt4x2SUmSMXG1nA58MePghsVfZOfm9etTFAirowYq8gZn3Pl47zuuanxra5uHGtK20ZP6rL/u7kWbazMC2+cIjBIbSjaTMgjet29fHdOu5fjkQ5A5fQf80IpiiZJ34W3RicHmkqlcMueeLW67Ct0brXpE0BRbp3HpDQ/a+CqrRaKWir/bG636yAKeSo62O9R4mWG9hZ0rE89Vn4FAoAc1aI8OwVmzZiVvGNckv3nz5i1bttRFg/sfMbG4qFf8pIvYwVExg1dmuM9Tvwj+fU44EAi24k3YEAxErxu36MT/vXz9pnAoIzMUih2mFYiWbC1b8PG7kWC0qKhICK7LzxIv3POQRx++k42XcReLbr2GPNB0hFviXp4OUBIjJi4W7JrgbttfdZif5oWmt4lKqxU5rY95Fqy6anz1UHjP3b5po8PbmoLHsd0P3QjiSbxT3EVhbdkAwYXj9dGMEYdO6FPYq3fvXlnxlZyYPTozVLjwpcjvbwt+E/XQgpj3ydCMmltuml9w+OqNsZPkYi4uMZAOlpZXLP30/cxgoxCcv3aBSyr8QrZgvyE9rSarS3f3Iq1xJVk37ypkN+buHgmycyVsRziZZay16yYCTctLWpi1Qz8S75Psxn7ePHgofJeweLeNfBBPK4jrpNY2Z0lyU5FblUJjRnjUEcf16V3Ur7h3Tk62Fs/DGRm50cqCqTdEH52f0dBk5s+MBiePWX/Bfy9aV1ZeXVPfEDMaZoHiwYytZaWLPp6R0djQuynIk0zLxO3Vb1nGfROKXC+6uwvJmSHJokW3YqjdMuMJaQMO1xYUaDoWpjXa667ctrbqtdMgoMklOZG/txfibcnRFrd9hN35TNxtGHnjMh8EweHjMW/Z+oahY8b17duvX3FRUe/CmPEjmIFiQ0V6lS/NffJPgZlLA8eMrJj0q5WBvhu3lNbXN9Q1NADikcxwRuzilU3ffPlRdmZYPhLamCRTuOhMZ/S7NU+V3ZuA21Go3Z2XHYS/60g4kba7f/2u3kmIb43CJyqAHc7uiz09Idkphok4bnsodAIZc8OFH7xVvt+YuhH7VVbVDBrYLyszZhutadhWGRkcnnxP6PJgZXVNeUVVbcOOU7iywmFaeOXShWsXfpmbC+nO1bxS7kryhOkShlJaWmqA7t7at1sGiU47CLq7V8vXpUdMls1jLJG2++DetVYa4++ucdwXUTpAPMnhWJ7OICceO9JED7HVzhULK7dsGj768Iqq6oH9i/v03r67b+XaDW++P/uYw8YWFmzPojF+VnhlddWKr+bUlm0uLu6jLWqyopCaDtPoDn5nm7y1xWY3A3QR8O72Qgk0+c8mXvnYE2ctrdH2nuUn4wc/hNetW5e60tudFNobYoc5bFm3asPqlcMOGFtbf8CGki39iovyc7Mzw6FRQwdHMsN8WVdfX11TW9+wbfXir1d+PTczlKE9LMJWre9rw6TgNT2TdDl9d9+6XHrASAccp4FUandZ4h6o3cwkZcHdfNTjnCD9sAfNh+wsrhT1Wziug7HkMqVjPHX2RUMgo2jwiF5994qZpLMy46fmN9TVx+wwZZvWbVm9NBxo1FHIOlNCjlYeDr6zzKw7ZY2u84iTNpvAzm2dXYS8uyw+4LtC+2FXYOLt2ltlJEU+UjLF2FI7KFxRUVGybF7JN4sL+g7KLx4Qycmtq66qKFlfvmlNoKEufkJN7EQkYbdONZKHgxGfnYgRrihS3LqyczElDS4oZkWRrXOPRfBULDOBhJ2NfvBDOkC8vdZh21ct1LbTW8xWrrPoqjetKl+3XN0+duxOVlZO7166okLndZkRXNfMp9OKkkpw6W3yPUc7ccqfHl7s+iT4HaaTnN0Hdz90PYi3eNxHKmoqmBMlt5NcbP+eNkHYAWM6blEgrovQ7OQp17beA+Tl3EW7s0YX93ycNCC4HcHj95bOw7o7Bnue/eCHDoJShyHJ7CqReLBbmauqqnTQkgvi2c6dmTpsT9t5dpH9Du2qtZ2zk3h0fRoQ3G5VTyeC+/0kPbTdt8n4oSMg3pnzxkzV5HamebcgW4dSmjlFZFxBZNZ8z3suxXNF5zlotDu6untcahqChth2HTrohy4cPm16Gm0efHD3Q6J5oLPQY+ep6/4kwbedwR9wTrkz8/cucu5a1wa3vl3LlM3JPW3E3z2J2w+7IHNP5Ow+su+5IO455riTUB5octTTQfgup7NDlneuC0qagwawztTXzoRLZ5n14HPwnoLpnm7oG9x9Jt4FNMEe3LMXAruS/0n6Gbpub2nXcUK2yzRtpNgdcf2wGyB7a5zdB/fdB8RTOTvFD93BdpMfQ2qnCKWtSLak4SP4bg/uiVdz+GaZHgzi3X3ahh+SwLQRbRc6bRdPOgm4XfPo+4P7yJ5okPGRfZcG8TTfhueHFoN56wu40+mFEnBcCX0juB9MJWw3WSKg++C+a4F4jz7+aXcN6XQ/t11aPgH3Q3uZe4v4HvAN7mkG8dauP/fDnhBkQvF7nR+6CtldIu+e3u6LqBtB3L+gck9GcLm0+xzcD92E7O4mNZ8odBeI6yxvP+yBCJ6ZmWlejH7wQ3cEY+I+jncjiOfk5PhS2AMRfKef5OWHPYSMe26U9nHcZ+J+6GywY17sJC8/+KH7QNxjHPdBvOtBPDc315fCHhLs+g7/aFk/pA3EA02nb/og3l0gXlVV5Uthz2rycDgSifgg7oe0BTOL+54q3dKjfZv4HjvJDTSZVvx99n7oVibuWlR8Ju4zcT90I0PPzMz0Vzv90LVcwbeJp6Hn+js2/bA91MdDoOl8Lh/Q/dB5EDf7iV237Uumi0F8yZIlvhT8kCSA5jk5OZFIxBeFH9oL4rofBmZgfuI+iHc9iA8ZMsSXgh9SDGLo/uzNDymCuNYztaTpw3d3gbjvJ+6HDgO6Lrz2ReEHD3a7CG5/fRDvLhAvKCjwpeCHDgdZPLWJ32fofjAc93ik+J6F3Qji5eXlvhT80IUBQBdD913R99hx3RDcfMN9Gu4zcT/0SC4Gjouh+4C+R4G4S8D9xczuDv9fgAEA1RuxUIoWvOsAAAAASUVORK5CYII="
next
end
config system replacemsg mail "partial"
set buffer "Fragmented emails are blocked."
set header 8bit
set format text
end
config system replacemsg http "url-block"
set buffer "
The URL you requested has been blocked
FortiGuard Intrusion Prevention - Access Blocked
Web Page Blocked
The page you have requested has been blocked because the URL is banned.
URL
%%PROTOCOL%%://%%URL%%
Description
%%IPS_DESC%%
URL Source
%%URL_SOURCE%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg http "urlfilter-err"
set buffer "
Web Page Blocked
Web Page Blocked
%%URLFILTER_ERROR%%
Web Filter Service Error
%%URLFILTER_ERROR_DETAIL%%
"
set header http
set format html
end
config system replacemsg http "infcache-block"
set buffer "
High Security Alert
High Security Alert
The URL you requested was previously found to be infected.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "http-contenttypeblock"
set buffer "
Attention
Attention
Content type not permitted.
URL
%%PROTOCOL%%://%%URL%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg http "https-invalid-cert-block"
set buffer "
Invalid Connection
%%FORTIGUARD_WF%%
This Connection is Invalid. %%CERT_INVL_REASON%%
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site\'s identity can\'t be verified.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "https-untrusted-cert-block"
set buffer "
Untrusted Connection
%%FORTIGUARD_WF%%
This Connection is Untrusted
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present trusted identification to prove that you are going to the right place. The identity for this site can\'t be verified.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "https-blocklisted-cert-block"
set buffer "
Blocked Connection
%%FORTIGUARD_WF%%
This Connection is Blocked
A secure connection to %%HOSTNAME%% cannot be established.
When you try to connect securely, sites will present identification to prove that you are going to the right place. The identity for this site is blocked.
Site
%%HOSTNAME%%
Certificate CN
%%CN%%
Certificate Authority
%%AUTHORITY%%
Certificate Validity
Not Before: %%START_VALID%%
Not After: %%END_VALID%%
Certificate Chain
%%CERT_CHAIN%%
"
set header http
set format html
end
config system replacemsg http "switching-protocols-block"
set buffer "
The request has been blocked
The request has been blocked
The protocol switching request has been blocked for %%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "http-antiphish-block"
set buffer "
Webfilter Violation
Webfilter Violation
Your attempt to submit internal credentials to an external site has been blocked by your system administrator.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg http "videofilter-block"
set buffer "
The URL you requested has been blocked
Attention
Video Access Blocked
The page you have requested has been blocked because the requested video resource is not allowed.
URL
%%PROTOCOL%%://%%URL%%
Description
%%VIDEOFILTER_DESC%%
"
set header http
set format html
end
config system replacemsg webproxy "deny"
set buffer "
Access Denied
Access Denied
The page you requested has been blocked by a firewall policy restriction.
"
set header http
set format html
end
config system replacemsg webproxy "user-limit"
set buffer "
Access Denied
Access Denied
The maximum web proxy user limit has been reached.
"
set header http
set format html
end
config system replacemsg webproxy "auth-challenge"
set buffer "
Firewall Authentication
Firewall Authentication
You must authenticate to use this service.
"
set header http
set format html
end
config system replacemsg webproxy "auth-login-fail"
set buffer "
Firewall Authentication
Firewall Authentication
Authentication failed.
%%WEBPROXY_AUTH_FAIL_REASON%%
%%WEBPROXY_AUTH_FAIL_COMMENT%%
"
set header http
set format html
end
config system replacemsg webproxy "auth-group-info-fail"
set buffer "
Firewall Authorization
Firewall Authorization
Group information query failed.
"
set header http
set format html
end
config system replacemsg webproxy "http-err"
set buffer "
%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%
%%HTTP_ERR_CODE%% %%HTTP_ERR_DESC%%
The webserver reported that an error occurred while trying to access the website. Please return to the previous page.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg webproxy "auth-ip-blackout"
set buffer "
Access Denied
Access Denied
Your IP address has been blocked by a firewall policy due to too many failed login attempts. You can re-login in %%DURATION%% seconds.
"
set header http
set format html
end
config system replacemsg webproxy "ztna-block"
set buffer "
ZTNA Access Denied
ZTNA Access Denied
The page you requested has been blocked by a ZTNA restriction.
Details:
%%ZTNA_DETAIL_TAG%%
"
set header http
set format html
end
config system replacemsg ftp "ftp-explicit-banner"
set buffer "Welcome to the FortiGate FTP proxy."
set header none
set format text
end
config system replacemsg fortiguard-wf "ftgd-block"
set buffer "
Web Filter Violation
FortiGuard Intrusion Prevention - Access Blocked
Web Page Blocked
You have tried to access a web page that is in violation of your Internet usage policy.
"
set header http
set format html
end
config system replacemsg spam "ipblocklist"
set buffer "This message has been blocked because mail from this IP address is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-dnsbl"
set buffer "This message has been blocked because it is from a DNSBL/ORDBL IP address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-feip"
set buffer "This message has been blocked because it is from a FortiGuard AntiSpam Service blocked IP address."
set header none
set format text
end
config system replacemsg spam "smtp-spam-helo"
set buffer "This message has been blocked because the HELO/EHLO domain is invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-emailblock"
set buffer "This message has been blocked because mail from this email address is not allowed."
set header none
set format text
end
config system replacemsg spam "smtp-spam-mimeheader"
set buffer "This message has been blocked because it contains an invalid header."
set header none
set format text
end
config system replacemsg spam "reversedns"
set buffer "This message has been blocked because the return email domain is invalid."
set header none
set format text
end
config system replacemsg spam "smtp-spam-ase"
set buffer "This message has been blocked because ASE reports it as spam."
set header none
set format text
end
config system replacemsg spam "submit"
set buffer "If this email is not spam, contact your administrator to add the signature to the FortiGuard AntiSpam Service."
set header none
set format text
end
config system replacemsg alertmail "alertmail-virus"
set buffer "Virus/Worm detected: %%VIRUS%%; Protocol: %%PROTOCOL%%; Email Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL_TO%%;
VIRUS REFERENCE URL: %%VIRUS_REF_URL%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-block"
set buffer "File Block Detected: %%FILE%%; Protocol: %%PROTOCOL%%; Email Address From: %%EMAIL_FROM%%; Email Address To: %%EMAIL_TO%%"
set header none
set format text
end
config system replacemsg alertmail "alertmail-nids-event"
set buffer "The following intrusion was observed: %%NIDS_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-crit-event"
set buffer "The following critical firewall event was detected: %%CRITICAL_EVENT%%."
set header none
set format text
end
config system replacemsg alertmail "alertmail-disk-full"
set buffer "The log disk is full."
set header none
set format text
end
config system replacemsg admin "pre_admin-disclaimer-text"
set buffer "PRE WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action."
set header none
set format text
end
config system replacemsg admin "post_admin-disclaimer-text"
set buffer "POST WARNING:
This is a private computer system. Unauthorized access or use
is prohibited and subject to prosecution and/or disciplinary
action. Any use of this system constitutes consent to
monitoring at all times and users are not entitled to any
expectation of privacy. If monitoring reveals possible evidence
of violation of criminal statutes, this evidence and any other
related information, including identification information about
the user, may be provided to law enforcement officials.
If monitoring reveals violations of security regulations or
unauthorized use, employees who violate security regulations or
make unauthorized use of this system are subject to appropriate
disciplinary action.
%%LAST_SUCCESSFUL_LOGIN%%
%%LAST_FAILED_LOGIN%%"
set header none
set format text
end
config system replacemsg auth "auth-disclaimer-page-1"
set buffer "
Firewall Disclaimer
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-2"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-disclaimer-page-3"
set buffer ''
set header http
set format html
end
config system replacemsg auth "auth-proxy-reject-page"
set buffer "
Firewall Disclaimer Declined
Disclaimer Declined
Sorry, network access cannot be granted unless you agree to the disclaimer.
"
set header http
set format html
end
config system replacemsg auth "auth-reject-page"
set buffer "
Firewall Disclaimer Declined
Disclaimer Declined
"
set header http
set format html
end
config system replacemsg auth "auth-login-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-login-failed-page"
set buffer "
Firewall Authentication
Authentication Failed
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-token-login-failed-page"
set buffer "
Firewall Authentication
Authentication Failed
"
set header http
set format html
end
config system replacemsg auth "auth-success-msg"
set buffer "Welcome to Fortinet Firewall
Authentication is successful, please connect again."
set header none
set format text
end
config system replacemsg auth "auth-challenge-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg auth "auth-keepalive-page"
set buffer "
Firewall Authentication Keepalive Window
Authentication Keepalive
"
set header http
set format html
end
config system replacemsg auth "auth-portal-page"
set buffer "
Firewall Authentication
Firewall Authentication
Firewall authentication was successful.
You can access the network as per your protection profile.
"
set header http
set format html
end
config system replacemsg auth "auth-password-page"
set buffer "
Firewall Authentication
Password Expired
"
set header http
set format html
end
config system replacemsg auth "auth-fortitoken-page"
set buffer "
Firewall Authentication
FortiToken Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-next-fortitoken-page"
set buffer "
Firewall Authentication
FortiToken Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-email-token-page"
set buffer "
Firewall Authentication
Email Token Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-sms-token-page"
set buffer "
Firewall Authentication
SMS Token Code Required
"
set header http
set format html
end
config system replacemsg auth "auth-email-harvesting-page"
set buffer "
Firewall Authentication
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-email-failed-page"
set buffer "
Firewall Authentication
Terms and Disclaimer Agreement
"
set header http
set format html
end
config system replacemsg auth "auth-cert-passwd-page"
set buffer "
Firewall Authentication
Certificate Password Required
"
set header http
set format html
end
config system replacemsg auth "auth-guest-print-page"
set buffer "Guest Access Credentials%%FOR(USERS:USER_SECTIONS)%%
%%FOR(PRINT_CREDENTIALS:USERS)%%
Network Guest Access Credentials
%%PRINT_CREDENTIALS%%
The above account may be used to access Internet content that is not under the control of the network access provider. The network access provider is therefore not responsible for any of these sites, their content or their privacy policies. The network access provider and its staff do not endorse nor make any representations about these sites, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any Internet content, you do this entirely at your own risk and you are responsible for ensuring that any accessed material does not infringe the laws governing, but not exhaustively covering, copyright, trademarks, pornography, or any other material which is slanderous, defamatory or might cause offence in any other way.
%%ENDFOR%%
%%ENDFOR%%"
set header http
set format html
end
config system replacemsg auth "auth-guest-email-page"
set buffer "User ID=%%USERID%%
Password=%%PASSWORD%%
Expires=%%EXPIRE%%
User Name=%%USERNAME%%
Mobile Phone=%%MOBILEPHONE%%
Sponsor=%%SPONSOR%%
Company=%%COMPANY%%
Email=%%EMAIL%%"
set header http
set format html
end
config system replacemsg auth "auth-success-page"
set buffer "
Firewall Authentication
Firewall Authentication
If JavaScript is not enabled, please click here to continue.
"
set header http
set format html
end
config system replacemsg auth "auth-block-notification-page"
set buffer "
Firewall Notification
Firewall Notification
Your access has been blocked by firewall policy %%POLICY_ID%%. If you have any questions or concerns, please contact your network administrator for more information.
"
set header http
set format html
end
config system replacemsg auth "auth-quarantine-page"
set buffer "
Firewall Quarantine Notification
Quarantine Notification
"
set header http
set format html
end
config system replacemsg auth "auth-qtn-reject-page"
set buffer "
Firewall Quarantine Declined
Quarantine Terms Not Acknowledged
"
set header http
set format html
end
config system replacemsg auth "auth-saml-page"
set buffer "
Firewall Authentication
Authentication Required
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-login"
set buffer "
Please Login
%%SSL_HIDDEN%%
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-header"
set buffer "
%%SSL_STATUS_INFO%%
%%SSL_RESPONSIVE_EXPAND%%
%%SSL_OPTIONS%%
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-limit"
set buffer "Already Logged In
Already Logged In
You already have an open SSL VPN connection. Opening multiple connections is not permitted.
If you proceed, your other connection will be disconnected.
If you have any questions or concerns, please contact your administrator for more information.
%%SSL_LOGIN_ANYWAY%%
%%SSL_LOGIN_CANCEL%%
"
set header http
set format html
end
config system replacemsg sslvpn "hostcheck-error"
set buffer "Your PC does not meet the host checking requirements set by the firewall. Please try again in a few minutes. If the issue persists check that your OS version meets the minimum requirements, that your antivirus and firewall applications are installed and running properly, and that you have the correct network interface."
set header none
set format text
end
config system replacemsg sslvpn "sslvpn-provision-user"
set buffer "
FortiClient SSL-VPN Setup Instructions
How to set up the SSL-VPN connection on %%FTCL_VPN_NAME%%
Download and install FortiClient VPN
FortiClient securely connects your computer or mobile device to your network
Configure the connection
FortiClient VPN can configure your connection automatically.
Click on this link, or scan the QR code below from the FortiClient VPN app.
Contact your network administrator if you require assistance.
"
set header http
set format html
end
config system replacemsg sslvpn "sslvpn-provision-user-sms"
set buffer "To set up the FortiClient VPN connection \"%%FTCL_VPN_NAME%%\", install the FortiClient application and click the following link: %%FTCL_VPN_CONFIG_URL%%."
set header none
set format text
end
config system replacemsg nac-quar "nac-quar-virus"
set buffer "
Virus Quarantine
Blocked because of virus
Your computer has been blocked because of a virus detected in your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dos"
set buffer "
Attack Detected
Blocked because of DoS Attack
Your computer has been blocked because a DoS attack originating from your system was detected. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-ips"
set buffer "
Attack Detected
Blocked because of an intrusion attack
Your computer has been blocked because an intrusion attack originating from your system was detected. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-dlp"
set buffer "
Data Leak Detected
Blocked because of data leak
Your computer has been blocked because of a data leak originating from your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-admin"
set buffer "
Administrative Quarantine
Blocked because of admin action
Your system administrator has blocked your computer or device. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg nac-quar "nac-quar-app"
set buffer "
Application Control
Blocked because of application
Your computer has been blocked because of an application detected in your system. For more information, contact the system administrator.
"
set header http
set format html
end
config system replacemsg traffic-quota "per-ip-shaper-block"
set buffer "
Traffic Quota Control
Traffic blocked because of exceeded session quota
Traffic has been blocked because the per IP shaper session quota has been exceeded. Please contact the system administrator.
Quota: %%QUOTA_INFO%%
"
set header http
set format html
end
config system replacemsg utm "virus-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to download the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
Reference URL
%%VIRUS_REF_URL%%
"
set header http
set format html
end
config system replacemsg utm "client-virus-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because it is infected with the virus \"%%VIRUS%%\".
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
Reference URL
%%VIRUS_REF_URL%%
"
set header http
set format html
end
config system replacemsg utm "virus-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" was infected with the \"%%VIRUS%%\" virus. It has been removed and quarantined as: \"%%QUARFILENAME%%\".\"%%VIRUS_REF_URL%%\"."
set header 8bit
set format text
end
config system replacemsg utm "dlp-html"
set buffer "
Attention
Attention
The transfer attempt has been blocked because it appears to contain a data leak.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "dlp-text"
set buffer "The transfer attempt has been blocked because it appears to contain a data leak."
set header 8bit
set format text
end
config system replacemsg utm "appblk-html"
set buffer "
Application Control Violation
FortiGate Application Control
Application Blocked
You have attempted to use an application that violates your Internet usage policy.
Application
%%APPNAME%%
Category
%%APPCAT%%
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "ipsblk-html"
set buffer "
Intrusion Prevention Violation
FortiGate Intrusion Prevention
Intrusion Prevention Triggered
Your attempt to access the Internet resource is blocked by Intrusion Prevention.
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "ipsfail-html"
set buffer "
Intrusion Prevention Scanning Failure
FortiGate Intrusion Prevention
Intrusion Prevention Scanning Failure
Your attempt to access the Internet resource is blocked because of an Intrusion Prevention scanning failure.
URL
%%PROTOCOL%%://%%URL%%
Policy
%%POLICY_UUID%%
"
set header http
set format html
end
config system replacemsg utm "exe-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because it is a Windows executable.
Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "waf-html"
set buffer "
Web Application Firewall
Web Application Firewall
This transfer is blocked by a Web Application Firewall.
This transfer is blocked.
URL
%%PROTOCOL%%://%%URL%%
Event ID
%%WAF_SIG_ID%%
Event Type
%%WAF_DESC%%
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by the Virus Outbreak Prevention service.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "outbreak-prevention-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by the Virus Outbreak Prevention service. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "external-blocklist-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by an external blocklist.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "external-blocklist-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by an external blocklist. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "ems-threat-feed-html"
set buffer "
High Security Alert
High Security Alert
You are not permitted to transfer the file \"%%FILE%%\" because its signature \"%%VIRUS%%\" has been identified by the EMS Threat Feed.
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "ems-threat-feed-text"
set buffer "Dangerous attachment removed. The file \"%%FILE%%\" has been removed because its signature \"%%VIRUS%%\" has been identified by the EMS Threat Feed. Quarantined File Name: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "file-filter-html"
set buffer "
Attention
Attention
The file \"%%FILE%%\" has been blocked due to its file type and/or properties.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "file-filter-text"
set buffer "The file \"%%FILE%%\" has been blocked due to its file type and/or properties."
set header 8bit
set format text
end
config system replacemsg utm "file-size-text"
set buffer "The file \"%%FILE%%\" has been blocked because it exceeded the configured file size limit."
set header 8bit
set format text
end
config system replacemsg utm "transfer-size-text"
set buffer "The transfer has been blocked because it exceeded the configured size limit."
set header 8bit
set format text
end
config system replacemsg utm "internal-error-text"
set buffer "The file \"%%FILE%%\" has been blocked because of an internal error."
set header 8bit
set format text
end
config system replacemsg utm "archive-block-html"
set buffer "
Attention
Attention
The transfer contained an archive that has been blocked.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "archive-block-text"
set buffer "Transfer failed. Archive \"%%FILE%%\" has been blocked."
set header 8bit
set format text
end
config system replacemsg utm "file-av-fail-text"
set buffer "Transfer of file \"%%FILE%%\" failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "transfer-av-fail-text"
set buffer "Transfer failed due to an internal error."
set header 8bit
set format text
end
config system replacemsg utm "banned-word-html"
set buffer "
Attention
Attention
The page has been blocked because it contains a banned word.
URL
%%PROTOCOL%%://%%URL%%
%%OVERRIDE%%
"
set header http
set format html
end
config system replacemsg utm "banned-word-text"
set buffer "This message has been blocked because it contains a banned word."
set header 8bit
set format text
end
config system replacemsg utm "block-html"
set buffer "
Attention
Attention
File blocked
URL
%%PROTOCOL%%://%%URL%%
Quarantined File Name
%%QUARFILENAME%%
"
set header http
set format html
end
config system replacemsg utm "block-text"
set buffer "Potentially dangerous file removed. The file \"%%FILE%%\" has been blocked. File quarantined as: \"%%QUARFILENAME%%\"."
set header 8bit
set format text
end
config system replacemsg utm "decompress-limit-text"
set buffer "The file \"%%FILE%%\" has been blocked because its decompressed size is over the configured limit."
set header 8bit
set format text
end
config system replacemsg utm "dlp-subject-text"
set buffer "Data leak detected! Subject: %%SUBJECT%%"
set header 8bit
set format text
end
config system replacemsg utm "file-size-html"
set buffer "
Attention
Attention
The file \"%%FILE%%\" has been blocked. The file is larger than the configured file size limit.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg utm "client-file-size-html"
set buffer "
Attention
Attention
The transfer has been blocked because it is larger than the configured size limit.
URL
%%PROTOCOL%%://%%URL%%
"
set header http
set format html
end
config system replacemsg icap "icap-req-resp"
set buffer "
Attention
Attention
HTTP POST action is not allowed for policy reasons.
"
set header http
set format html
end
config system replacemsg automation "automation-email"
set buffer "
"
set header http
set format html
end
config system replacemsg-group
end
config system snmp sysinfo
set status disable
set engine-id-type text
set engine-id ''
set description ''
set contact-info ''
set location ''
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config system snmp community
end
config system snmp user
end
config system autoupdate schedule
set status enable
set frequency automatic
end
config system autoupdate tunneling
set status disable
set address ''
set port 0
set username ''
set password ENC TAO6bBiu971LbCkxbbzhppeiQtzMqVK7bVVs5XhBqaTU6jL4oEhAPTZBIjmxmFJofoz9ulxyQ+LRHZ41DfOf6XPP4stC+yWYXhj3Wco2eeH2/7yQlM1kXEohXboKb6RhGh7fUySphRnq+5HpdwzhkIOYxgp2ucISOtv/LUJ+D8tWDKlKV5172tePlmijtUwRdxgCVA==
end
config system alias
end
config system auto-script
end
config system central-management
set mode normal
set type fortiguard
set schedule-config-restore enable
set schedule-script-restore enable
set allow-push-configuration enable
set allow-push-firmware enable
set allow-remote-firmware-upgrade enable
set allow-monitor enable
set local-cert ''
set vdom "root"
set fmg-update-port 8890
set enc-algorithm high
end
config system sdn-connector
end
config firewall wildcard-fqdn custom
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
end
config firewall internet-service-name
edit "Google-Other"
set type default
set internet-service-id 65536
next
edit "Google-Web"
set type default
set internet-service-id 65537
next
edit "Google-ICMP"
set type default
set internet-service-id 65538
next
edit "Google-DNS"
set type default
set internet-service-id 65539
next
edit "Google-Outbound_Email"
set type default
set internet-service-id 65540
next
edit "Google-SSH"
set type default
set internet-service-id 65542
next
edit "Google-FTP"
set type default
set internet-service-id 65543
next
edit "Google-NTP"
set type default
set internet-service-id 65544
next
edit "Google-Inbound_Email"
set type default
set internet-service-id 65545
next
edit "Google-LDAP"
set type default
set internet-service-id 65550
next
edit "Google-NetBIOS.Session.Service"
set type default
set internet-service-id 65551
next
edit "Google-RTMP"
set type default
set internet-service-id 65552
next
edit "Google-NetBIOS.Name.Service"
set type default
set internet-service-id 65560
next
edit "Google-Google.Cloud"
set type default
set internet-service-id 65641
next
edit "Google-Google.Bot"
set type default
set internet-service-id 65643
next
edit "Google-Gmail"
set type default
set internet-service-id 65646
next
edit "Meta-Other"
set type default
set internet-service-id 131072
next
edit "Meta-Web"
set type default
set internet-service-id 131073
next
edit "Meta-ICMP"
set type default
set internet-service-id 131074
next
edit "Meta-DNS"
set type default
set internet-service-id 131075
next
edit "Meta-Outbound_Email"
set type default
set internet-service-id 131076
next
edit "Meta-SSH"
set type default
set internet-service-id 131078
next
edit "Meta-FTP"
set type default
set internet-service-id 131079
next
edit "Meta-NTP"
set type default
set internet-service-id 131080
next
edit "Meta-Inbound_Email"
set type default
set internet-service-id 131081
next
edit "Meta-LDAP"
set type default
set internet-service-id 131086
next
edit "Meta-NetBIOS.Session.Service"
set type default
set internet-service-id 131087
next
edit "Meta-RTMP"
set type default
set internet-service-id 131088
next
edit "Meta-NetBIOS.Name.Service"
set type default
set internet-service-id 131096
next
edit "Meta-Whatsapp"
set type default
set internet-service-id 131184
next
edit "Meta-Instagram"
set type default
set internet-service-id 131189
next
edit "Apple-Other"
set type default
set internet-service-id 196608
next
edit "Apple-Web"
set type default
set internet-service-id 196609
next
edit "Apple-ICMP"
set type default
set internet-service-id 196610
next
edit "Apple-DNS"
set type default
set internet-service-id 196611
next
edit "Apple-Outbound_Email"
set type default
set internet-service-id 196612
next
edit "Apple-SSH"
set type default
set internet-service-id 196614
next
edit "Apple-FTP"
set type default
set internet-service-id 196615
next
edit "Apple-NTP"
set type default
set internet-service-id 196616
next
edit "Apple-Inbound_Email"
set type default
set internet-service-id 196617
next
edit "Apple-LDAP"
set type default
set internet-service-id 196622
next
edit "Apple-NetBIOS.Session.Service"
set type default
set internet-service-id 196623
next
edit "Apple-RTMP"
set type default
set internet-service-id 196624
next
edit "Apple-NetBIOS.Name.Service"
set type default
set internet-service-id 196632
next
edit "Apple-App.Store"
set type default
set internet-service-id 196723
next
edit "Apple-APNs"
set type default
set internet-service-id 196747
next
edit "Yahoo-Other"
set type default
set internet-service-id 262144
next
edit "Yahoo-Web"
set type default
set internet-service-id 262145
next
edit "Yahoo-ICMP"
set type default
set internet-service-id 262146
next
edit "Yahoo-DNS"
set type default
set internet-service-id 262147
next
edit "Yahoo-Outbound_Email"
set type default
set internet-service-id 262148
next
edit "Yahoo-SSH"
set type default
set internet-service-id 262150
next
edit "Yahoo-FTP"
set type default
set internet-service-id 262151
next
edit "Yahoo-NTP"
set type default
set internet-service-id 262152
next
edit "Yahoo-Inbound_Email"
set type default
set internet-service-id 262153
next
edit "Yahoo-LDAP"
set type default
set internet-service-id 262158
next
edit "Yahoo-NetBIOS.Session.Service"
set type default
set internet-service-id 262159
next
edit "Yahoo-RTMP"
set type default
set internet-service-id 262160
next
edit "Yahoo-NetBIOS.Name.Service"
set type default
set internet-service-id 262168
next
edit "Microsoft-Other"
set type default
set internet-service-id 327680
next
edit "Microsoft-Web"
set type default
set internet-service-id 327681
next
edit "Microsoft-ICMP"
set type default
set internet-service-id 327682
next
edit "Microsoft-DNS"
set type default
set internet-service-id 327683
next
edit "Microsoft-Outbound_Email"
set type default
set internet-service-id 327684
next
edit "Microsoft-SSH"
set type default
set internet-service-id 327686
next
edit "Microsoft-FTP"
set type default
set internet-service-id 327687
next
edit "Microsoft-NTP"
set type default
set internet-service-id 327688
next
edit "Microsoft-Inbound_Email"
set type default
set internet-service-id 327689
next
edit "Microsoft-LDAP"
set type default
set internet-service-id 327694
next
edit "Microsoft-NetBIOS.Session.Service"
set type default
set internet-service-id 327695
next
edit "Microsoft-RTMP"
set type default
set internet-service-id 327696
next
edit "Microsoft-NetBIOS.Name.Service"
set type default
set internet-service-id 327704
next
edit "Microsoft-Skype_Teams"
set type default
set internet-service-id 327781
next
edit "Microsoft-Office365"
set type default
set internet-service-id 327782
next
edit "Microsoft-Azure"
set type default
set internet-service-id 327786
next
edit "Microsoft-Bing.Bot"
set type default
set internet-service-id 327788
next
edit "Microsoft-Outlook"
set type default
set internet-service-id 327791
next
edit "Microsoft-Microsoft.Update"
set type default
set internet-service-id 327793
next
edit "Microsoft-Dynamics"
set type default
set internet-service-id 327837
next
edit "Microsoft-WNS"
set type default
set internet-service-id 327839
next
edit "Microsoft-Office365.Published"
set type default
set internet-service-id 327880
next
edit "Microsoft-Intune"
set type default
set internet-service-id 327886
next
edit "Amazon-Other"
set type default
set internet-service-id 393216
next
edit "Amazon-Web"
set type default
set internet-service-id 393217
next
edit "Amazon-ICMP"
set type default
set internet-service-id 393218
next
edit "Amazon-DNS"
set type default
set internet-service-id 393219
next
edit "Amazon-Outbound_Email"
set type default
set internet-service-id 393220
next
edit "Amazon-SSH"
set type default
set internet-service-id 393222
next
edit "Amazon-FTP"
set type default
set internet-service-id 393223
next
edit "Amazon-NTP"
set type default
set internet-service-id 393224
next
edit "Amazon-Inbound_Email"
set type default
set internet-service-id 393225
next
edit "Amazon-LDAP"
set type default
set internet-service-id 393230
next
edit "Amazon-NetBIOS.Session.Service"
set type default
set internet-service-id 393231
next
edit "Amazon-RTMP"
set type default
set internet-service-id 393232
next
edit "Amazon-NetBIOS.Name.Service"
set type default
set internet-service-id 393240
next
edit "Amazon-AWS"
set type default
set internet-service-id 393320
next
edit "Amazon-AWS.WorkSpaces.Gateway"
set type default
set internet-service-id 393403
next
edit "Amazon-Twitch"
set type default
set internet-service-id 393446
next
edit "eBay-Other"
set type default
set internet-service-id 458752
next
edit "eBay-Web"
set type default
set internet-service-id 458753
next
edit "eBay-ICMP"
set type default
set internet-service-id 458754
next
edit "eBay-DNS"
set type default
set internet-service-id 458755
next
edit "eBay-Outbound_Email"
set type default
set internet-service-id 458756
next
edit "eBay-SSH"
set type default
set internet-service-id 458758
next
edit "eBay-FTP"
set type default
set internet-service-id 458759
next
edit "eBay-NTP"
set type default
set internet-service-id 458760
next
edit "eBay-Inbound_Email"
set type default
set internet-service-id 458761
next
edit "eBay-LDAP"
set type default
set internet-service-id 458766
next
edit "eBay-NetBIOS.Session.Service"
set type default
set internet-service-id 458767
next
edit "eBay-RTMP"
set type default
set internet-service-id 458768
next
edit "eBay-NetBIOS.Name.Service"
set type default
set internet-service-id 458776
next
edit "PayPal-Other"
set type default
set internet-service-id 524288
next
edit "PayPal-Web"
set type default
set internet-service-id 524289
next
edit "PayPal-ICMP"
set type default
set internet-service-id 524290
next
edit "PayPal-DNS"
set type default
set internet-service-id 524291
next
edit "PayPal-Outbound_Email"
set type default
set internet-service-id 524292
next
edit "PayPal-SSH"
set type default
set internet-service-id 524294
next
edit "PayPal-FTP"
set type default
set internet-service-id 524295
next
edit "PayPal-NTP"
set type default
set internet-service-id 524296
next
edit "PayPal-Inbound_Email"
set type default
set internet-service-id 524297
next
edit "PayPal-LDAP"
set type default
set internet-service-id 524302
next
edit "PayPal-NetBIOS.Session.Service"
set type default
set internet-service-id 524303
next
edit "PayPal-RTMP"
set type default
set internet-service-id 524304
next
edit "PayPal-NetBIOS.Name.Service"
set type default
set internet-service-id 524312
next
edit "Box-Other"
set type default
set internet-service-id 589824
next
edit "Box-Web"
set type default
set internet-service-id 589825
next
edit "Box-ICMP"
set type default
set internet-service-id 589826
next
edit "Box-DNS"
set type default
set internet-service-id 589827
next
edit "Box-Outbound_Email"
set type default
set internet-service-id 589828
next
edit "Box-SSH"
set type default
set internet-service-id 589830
next
edit "Box-FTP"
set type default
set internet-service-id 589831
next
edit "Box-NTP"
set type default
set internet-service-id 589832
next
edit "Box-Inbound_Email"
set type default
set internet-service-id 589833
next
edit "Box-LDAP"
set type default
set internet-service-id 589838
next
edit "Box-NetBIOS.Session.Service"
set type default
set internet-service-id 589839
next
edit "Box-RTMP"
set type default
set internet-service-id 589840
next
edit "Box-NetBIOS.Name.Service"
set type default
set internet-service-id 589848
next
edit "Salesforce-Other"
set type default
set internet-service-id 655360
next
edit "Salesforce-Web"
set type default
set internet-service-id 655361
next
edit "Salesforce-ICMP"
set type default
set internet-service-id 655362
next
edit "Salesforce-DNS"
set type default
set internet-service-id 655363
next
edit "Salesforce-Outbound_Email"
set type default
set internet-service-id 655364
next
edit "Salesforce-SSH"
set type default
set internet-service-id 655366
next
edit "Salesforce-FTP"
set type default
set internet-service-id 655367
next
edit "Salesforce-NTP"
set type default
set internet-service-id 655368
next
edit "Salesforce-Inbound_Email"
set type default
set internet-service-id 655369
next
edit "Salesforce-LDAP"
set type default
set internet-service-id 655374
next
edit "Salesforce-NetBIOS.Session.Service"
set type default
set internet-service-id 655375
next
edit "Salesforce-RTMP"
set type default
set internet-service-id 655376
next
edit "Salesforce-NetBIOS.Name.Service"
set type default
set internet-service-id 655384
next
edit "Salesforce-Email.Relay"
set type default
set internet-service-id 655530
next
edit "Dropbox-Other"
set type default
set internet-service-id 720896
next
edit "Dropbox-Web"
set type default
set internet-service-id 720897
next
edit "Dropbox-ICMP"
set type default
set internet-service-id 720898
next
edit "Dropbox-DNS"
set type default
set internet-service-id 720899
next
edit "Dropbox-Outbound_Email"
set type default
set internet-service-id 720900
next
edit "Dropbox-SSH"
set type default
set internet-service-id 720902
next
edit "Dropbox-FTP"
set type default
set internet-service-id 720903
next
edit "Dropbox-NTP"
set type default
set internet-service-id 720904
next
edit "Dropbox-Inbound_Email"
set type default
set internet-service-id 720905
next
edit "Dropbox-LDAP"
set type default
set internet-service-id 720910
next
edit "Dropbox-NetBIOS.Session.Service"
set type default
set internet-service-id 720911
next
edit "Dropbox-RTMP"
set type default
set internet-service-id 720912
next
edit "Dropbox-NetBIOS.Name.Service"
set type default
set internet-service-id 720920
next
edit "Netflix-Other"
set type default
set internet-service-id 786432
next
edit "Netflix-Web"
set type default
set internet-service-id 786433
next
edit "Netflix-ICMP"
set type default
set internet-service-id 786434
next
edit "Netflix-DNS"
set type default
set internet-service-id 786435
next
edit "Netflix-Outbound_Email"
set type default
set internet-service-id 786436
next
edit "Netflix-SSH"
set type default
set internet-service-id 786438
next
edit "Netflix-FTP"
set type default
set internet-service-id 786439
next
edit "Netflix-NTP"
set type default
set internet-service-id 786440
next
edit "Netflix-Inbound_Email"
set type default
set internet-service-id 786441
next
edit "Netflix-LDAP"
set type default
set internet-service-id 786446
next
edit "Netflix-NetBIOS.Session.Service"
set type default
set internet-service-id 786447
next
edit "Netflix-RTMP"
set type default
set internet-service-id 786448
next
edit "Netflix-NetBIOS.Name.Service"
set type default
set internet-service-id 786456
next
edit "LinkedIn-Other"
set type default
set internet-service-id 851968
next
edit "LinkedIn-Web"
set type default
set internet-service-id 851969
next
edit "LinkedIn-ICMP"
set type default
set internet-service-id 851970
next
edit "LinkedIn-DNS"
set type default
set internet-service-id 851971
next
edit "LinkedIn-Outbound_Email"
set type default
set internet-service-id 851972
next
edit "LinkedIn-SSH"
set type default
set internet-service-id 851974
next
edit "LinkedIn-FTP"
set type default
set internet-service-id 851975
next
edit "LinkedIn-NTP"
set type default
set internet-service-id 851976
next
edit "LinkedIn-Inbound_Email"
set type default
set internet-service-id 851977
next
edit "LinkedIn-LDAP"
set type default
set internet-service-id 851982
next
edit "LinkedIn-NetBIOS.Session.Service"
set type default
set internet-service-id 851983
next
edit "LinkedIn-RTMP"
set type default
set internet-service-id 851984
next
edit "LinkedIn-NetBIOS.Name.Service"
set type default
set internet-service-id 851992
next
edit "Adobe-Other"
set type default
set internet-service-id 917504
next
edit "Adobe-Web"
set type default
set internet-service-id 917505
next
edit "Adobe-ICMP"
set type default
set internet-service-id 917506
next
edit "Adobe-DNS"
set type default
set internet-service-id 917507
next
edit "Adobe-Outbound_Email"
set type default
set internet-service-id 917508
next
edit "Adobe-SSH"
set type default
set internet-service-id 917510
next
edit "Adobe-FTP"
set type default
set internet-service-id 917511
next
edit "Adobe-NTP"
set type default
set internet-service-id 917512
next
edit "Adobe-Inbound_Email"
set type default
set internet-service-id 917513
next
edit "Adobe-LDAP"
set type default
set internet-service-id 917518
next
edit "Adobe-NetBIOS.Session.Service"
set type default
set internet-service-id 917519
next
edit "Adobe-RTMP"
set type default
set internet-service-id 917520
next
edit "Adobe-NetBIOS.Name.Service"
set type default
set internet-service-id 917528
next
edit "Adobe-Adobe.Experience.Cloud"
set type default
set internet-service-id 917640
next
edit "Oracle-Other"
set type default
set internet-service-id 983040
next
edit "Oracle-Web"
set type default
set internet-service-id 983041
next
edit "Oracle-ICMP"
set type default
set internet-service-id 983042
next
edit "Oracle-DNS"
set type default
set internet-service-id 983043
next
edit "Oracle-Outbound_Email"
set type default
set internet-service-id 983044
next
edit "Oracle-SSH"
set type default
set internet-service-id 983046
next
edit "Oracle-FTP"
set type default
set internet-service-id 983047
next
edit "Oracle-NTP"
set type default
set internet-service-id 983048
next
edit "Oracle-Inbound_Email"
set type default
set internet-service-id 983049
next
edit "Oracle-LDAP"
set type default
set internet-service-id 983054
next
edit "Oracle-NetBIOS.Session.Service"
set type default
set internet-service-id 983055
next
edit "Oracle-RTMP"
set type default
set internet-service-id 983056
next
edit "Oracle-NetBIOS.Name.Service"
set type default
set internet-service-id 983064
next
edit "Oracle-Oracle.Cloud"
set type default
set internet-service-id 983171
next
edit "Hulu-Other"
set type default
set internet-service-id 1048576
next
edit "Hulu-Web"
set type default
set internet-service-id 1048577
next
edit "Hulu-ICMP"
set type default
set internet-service-id 1048578
next
edit "Hulu-DNS"
set type default
set internet-service-id 1048579
next
edit "Hulu-Outbound_Email"
set type default
set internet-service-id 1048580
next
edit "Hulu-SSH"
set type default
set internet-service-id 1048582
next
edit "Hulu-FTP"
set type default
set internet-service-id 1048583
next
edit "Hulu-NTP"
set type default
set internet-service-id 1048584
next
edit "Hulu-Inbound_Email"
set type default
set internet-service-id 1048585
next
edit "Hulu-LDAP"
set type default
set internet-service-id 1048590
next
edit "Hulu-NetBIOS.Session.Service"
set type default
set internet-service-id 1048591
next
edit "Hulu-RTMP"
set type default
set internet-service-id 1048592
next
edit "Hulu-NetBIOS.Name.Service"
set type default
set internet-service-id 1048600
next
edit "Pinterest-Other"
set type default
set internet-service-id 1114112
next
edit "Pinterest-Web"
set type default
set internet-service-id 1114113
next
edit "Pinterest-ICMP"
set type default
set internet-service-id 1114114
next
edit "Pinterest-DNS"
set type default
set internet-service-id 1114115
next
edit "Pinterest-Outbound_Email"
set type default
set internet-service-id 1114116
next
edit "Pinterest-SSH"
set type default
set internet-service-id 1114118
next
edit "Pinterest-FTP"
set type default
set internet-service-id 1114119
next
edit "Pinterest-NTP"
set type default
set internet-service-id 1114120
next
edit "Pinterest-Inbound_Email"
set type default
set internet-service-id 1114121
next
edit "Pinterest-LDAP"
set type default
set internet-service-id 1114126
next
edit "Pinterest-NetBIOS.Session.Service"
set type default
set internet-service-id 1114127
next
edit "Pinterest-RTMP"
set type default
set internet-service-id 1114128
next
edit "Pinterest-NetBIOS.Name.Service"
set type default
set internet-service-id 1114136
next
edit "LogMeIn-Other"
set type default
set internet-service-id 1179648
next
edit "LogMeIn-Web"
set type default
set internet-service-id 1179649
next
edit "LogMeIn-ICMP"
set type default
set internet-service-id 1179650
next
edit "LogMeIn-DNS"
set type default
set internet-service-id 1179651
next
edit "LogMeIn-Outbound_Email"
set type default
set internet-service-id 1179652
next
edit "LogMeIn-SSH"
set type default
set internet-service-id 1179654
next
edit "LogMeIn-FTP"
set type default
set internet-service-id 1179655
next
edit "LogMeIn-NTP"
set type default
set internet-service-id 1179656
next
edit "LogMeIn-Inbound_Email"
set type default
set internet-service-id 1179657
next
edit "LogMeIn-LDAP"
set type default
set internet-service-id 1179662
next
edit "LogMeIn-NetBIOS.Session.Service"
set type default
set internet-service-id 1179663
next
edit "LogMeIn-RTMP"
set type default
set internet-service-id 1179664
next
edit "LogMeIn-NetBIOS.Name.Service"
set type default
set internet-service-id 1179672
next
edit "LogMeIn-GoTo.Suite"
set type default
set internet-service-id 1179767
next
edit "Fortinet-Other"
set type default
set internet-service-id 1245184
next
edit "Fortinet-Web"
set type default
set internet-service-id 1245185
next
edit "Fortinet-ICMP"
set type default
set internet-service-id 1245186
next
edit "Fortinet-DNS"
set type default
set internet-service-id 1245187
next
edit "Fortinet-Outbound_Email"
set type default
set internet-service-id 1245188
next
edit "Fortinet-SSH"
set type default
set internet-service-id 1245190
next
edit "Fortinet-FTP"
set type default
set internet-service-id 1245191
next
edit "Fortinet-NTP"
set type default
set internet-service-id 1245192
next
edit "Fortinet-Inbound_Email"
set type default
set internet-service-id 1245193
next
edit "Fortinet-LDAP"
set type default
set internet-service-id 1245198
next
edit "Fortinet-NetBIOS.Session.Service"
set type default
set internet-service-id 1245199
next
edit "Fortinet-RTMP"
set type default
set internet-service-id 1245200
next
edit "Fortinet-NetBIOS.Name.Service"
set type default
set internet-service-id 1245208
next
edit "Fortinet-FortiGuard"
set type default
set internet-service-id 1245324
next
edit "Fortinet-FortiMail.Cloud"
set type default
set internet-service-id 1245325
next
edit "Fortinet-FortiCloud"
set type default
set internet-service-id 1245326
next
edit "Fortinet-FortiVoice.Cloud"
set type default
set internet-service-id 1245432
next
edit "Fortinet-FortiGuard.Secure.DNS"
set type default
set internet-service-id 1245454
next
edit "Kaspersky-Other"
set type default
set internet-service-id 1310720
next
edit "Kaspersky-Web"
set type default
set internet-service-id 1310721
next
edit "Kaspersky-ICMP"
set type default
set internet-service-id 1310722
next
edit "Kaspersky-DNS"
set type default
set internet-service-id 1310723
next
edit "Kaspersky-Outbound_Email"
set type default
set internet-service-id 1310724
next
edit "Kaspersky-SSH"
set type default
set internet-service-id 1310726
next
edit "Kaspersky-FTP"
set type default
set internet-service-id 1310727
next
edit "Kaspersky-NTP"
set type default
set internet-service-id 1310728
next
edit "Kaspersky-Inbound_Email"
set type default
set internet-service-id 1310729
next
edit "Kaspersky-LDAP"
set type default
set internet-service-id 1310734
next
edit "Kaspersky-NetBIOS.Session.Service"
set type default
set internet-service-id 1310735
next
edit "Kaspersky-RTMP"
set type default
set internet-service-id 1310736
next
edit "Kaspersky-NetBIOS.Name.Service"
set type default
set internet-service-id 1310744
next
edit "McAfee-Other"
set type default
set internet-service-id 1376256
next
edit "McAfee-Web"
set type default
set internet-service-id 1376257
next
edit "McAfee-ICMP"
set type default
set internet-service-id 1376258
next
edit "McAfee-DNS"
set type default
set internet-service-id 1376259
next
edit "McAfee-Outbound_Email"
set type default
set internet-service-id 1376260
next
edit "McAfee-SSH"
set type default
set internet-service-id 1376262
next
edit "McAfee-FTP"
set type default
set internet-service-id 1376263
next
edit "McAfee-NTP"
set type default
set internet-service-id 1376264
next
edit "McAfee-Inbound_Email"
set type default
set internet-service-id 1376265
next
edit "McAfee-LDAP"
set type default
set internet-service-id 1376270
next
edit "McAfee-NetBIOS.Session.Service"
set type default
set internet-service-id 1376271
next
edit "McAfee-RTMP"
set type default
set internet-service-id 1376272
next
edit "McAfee-NetBIOS.Name.Service"
set type default
set internet-service-id 1376280
next
edit "Symantec-Other"
set type default
set internet-service-id 1441792
next
edit "Symantec-Web"
set type default
set internet-service-id 1441793
next
edit "Symantec-ICMP"
set type default
set internet-service-id 1441794
next
edit "Symantec-DNS"
set type default
set internet-service-id 1441795
next
edit "Symantec-Outbound_Email"
set type default
set internet-service-id 1441796
next
edit "Symantec-SSH"
set type default
set internet-service-id 1441798
next
edit "Symantec-FTP"
set type default
set internet-service-id 1441799
next
edit "Symantec-NTP"
set type default
set internet-service-id 1441800
next
edit "Symantec-Inbound_Email"
set type default
set internet-service-id 1441801
next
edit "Symantec-LDAP"
set type default
set internet-service-id 1441806
next
edit "Symantec-NetBIOS.Session.Service"
set type default
set internet-service-id 1441807
next
edit "Symantec-RTMP"
set type default
set internet-service-id 1441808
next
edit "Symantec-NetBIOS.Name.Service"
set type default
set internet-service-id 1441816
next
edit "Symantec-Symantec.Cloud"
set type default
set internet-service-id 1441922
next
edit "VMware-Other"
set type default
set internet-service-id 1507328
next
edit "VMware-Web"
set type default
set internet-service-id 1507329
next
edit "VMware-ICMP"
set type default
set internet-service-id 1507330
next
edit "VMware-DNS"
set type default
set internet-service-id 1507331
next
edit "VMware-Outbound_Email"
set type default
set internet-service-id 1507332
next
edit "VMware-SSH"
set type default
set internet-service-id 1507334
next
edit "VMware-FTP"
set type default
set internet-service-id 1507335
next
edit "VMware-NTP"
set type default
set internet-service-id 1507336
next
edit "VMware-Inbound_Email"
set type default
set internet-service-id 1507337
next
edit "VMware-LDAP"
set type default
set internet-service-id 1507342
next
edit "VMware-NetBIOS.Session.Service"
set type default
set internet-service-id 1507343
next
edit "VMware-RTMP"
set type default
set internet-service-id 1507344
next
edit "VMware-NetBIOS.Name.Service"
set type default
set internet-service-id 1507352
next
edit "VMware-Workspace.ONE"
set type default
set internet-service-id 1507461
next
edit "AOL-Other"
set type default
set internet-service-id 1572864
next
edit "AOL-Web"
set type default
set internet-service-id 1572865
next
edit "AOL-ICMP"
set type default
set internet-service-id 1572866
next
edit "AOL-DNS"
set type default
set internet-service-id 1572867
next
edit "AOL-Outbound_Email"
set type default
set internet-service-id 1572868
next
edit "AOL-SSH"
set type default
set internet-service-id 1572870
next
edit "AOL-FTP"
set type default
set internet-service-id 1572871
next
edit "AOL-NTP"
set type default
set internet-service-id 1572872
next
edit "AOL-Inbound_Email"
set type default
set internet-service-id 1572873
next
edit "AOL-LDAP"
set type default
set internet-service-id 1572878
next
edit "AOL-NetBIOS.Session.Service"
set type default
set internet-service-id 1572879
next
edit "AOL-RTMP"
set type default
set internet-service-id 1572880
next
edit "AOL-NetBIOS.Name.Service"
set type default
set internet-service-id 1572888
next
edit "RealNetworks-Other"
set type default
set internet-service-id 1638400
next
edit "RealNetworks-Web"
set type default
set internet-service-id 1638401
next
edit "RealNetworks-ICMP"
set type default
set internet-service-id 1638402
next
edit "RealNetworks-DNS"
set type default
set internet-service-id 1638403
next
edit "RealNetworks-Outbound_Email"
set type default
set internet-service-id 1638404
next
edit "RealNetworks-SSH"
set type default
set internet-service-id 1638406
next
edit "RealNetworks-FTP"
set type default
set internet-service-id 1638407
next
edit "RealNetworks-NTP"
set type default
set internet-service-id 1638408
next
edit "RealNetworks-Inbound_Email"
set type default
set internet-service-id 1638409
next
edit "RealNetworks-LDAP"
set type default
set internet-service-id 1638414
next
edit "RealNetworks-NetBIOS.Session.Service"
set type default
set internet-service-id 1638415
next
edit "RealNetworks-RTMP"
set type default
set internet-service-id 1638416
next
edit "RealNetworks-NetBIOS.Name.Service"
set type default
set internet-service-id 1638424
next
edit "Zoho-Other"
set type default
set internet-service-id 1703936
next
edit "Zoho-Web"
set type default
set internet-service-id 1703937
next
edit "Zoho-ICMP"
set type default
set internet-service-id 1703938
next
edit "Zoho-DNS"
set type default
set internet-service-id 1703939
next
edit "Zoho-Outbound_Email"
set type default
set internet-service-id 1703940
next
edit "Zoho-SSH"
set type default
set internet-service-id 1703942
next
edit "Zoho-FTP"
set type default
set internet-service-id 1703943
next
edit "Zoho-NTP"
set type default
set internet-service-id 1703944
next
edit "Zoho-Inbound_Email"
set type default
set internet-service-id 1703945
next
edit "Zoho-LDAP"
set type default
set internet-service-id 1703950
next
edit "Zoho-NetBIOS.Session.Service"
set type default
set internet-service-id 1703951
next
edit "Zoho-RTMP"
set type default
set internet-service-id 1703952
next
edit "Zoho-NetBIOS.Name.Service"
set type default
set internet-service-id 1703960
next
edit "Zoho-Site24x7.Monitor"
set type default
set internet-service-id 1704153
next
edit "Mozilla-Other"
set type default
set internet-service-id 1769472
next
edit "Mozilla-Web"
set type default
set internet-service-id 1769473
next
edit "Mozilla-ICMP"
set type default
set internet-service-id 1769474
next
edit "Mozilla-DNS"
set type default
set internet-service-id 1769475
next
edit "Mozilla-Outbound_Email"
set type default
set internet-service-id 1769476
next
edit "Mozilla-SSH"
set type default
set internet-service-id 1769478
next
edit "Mozilla-FTP"
set type default
set internet-service-id 1769479
next
edit "Mozilla-NTP"
set type default
set internet-service-id 1769480
next
edit "Mozilla-Inbound_Email"
set type default
set internet-service-id 1769481
next
edit "Mozilla-LDAP"
set type default
set internet-service-id 1769486
next
edit "Mozilla-NetBIOS.Session.Service"
set type default
set internet-service-id 1769487
next
edit "Mozilla-RTMP"
set type default
set internet-service-id 1769488
next
edit "Mozilla-NetBIOS.Name.Service"
set type default
set internet-service-id 1769496
next
edit "TeamViewer-Other"
set type default
set internet-service-id 1835008
next
edit "TeamViewer-Web"
set type default
set internet-service-id 1835009
next
edit "TeamViewer-ICMP"
set type default
set internet-service-id 1835010
next
edit "TeamViewer-DNS"
set type default
set internet-service-id 1835011
next
edit "TeamViewer-Outbound_Email"
set type default
set internet-service-id 1835012
next
edit "TeamViewer-SSH"
set type default
set internet-service-id 1835014
next
edit "TeamViewer-FTP"
set type default
set internet-service-id 1835015
next
edit "TeamViewer-NTP"
set type default
set internet-service-id 1835016
next
edit "TeamViewer-Inbound_Email"
set type default
set internet-service-id 1835017
next
edit "TeamViewer-LDAP"
set type default
set internet-service-id 1835022
next
edit "TeamViewer-NetBIOS.Session.Service"
set type default
set internet-service-id 1835023
next
edit "TeamViewer-RTMP"
set type default
set internet-service-id 1835024
next
edit "TeamViewer-NetBIOS.Name.Service"
set type default
set internet-service-id 1835032
next
edit "TeamViewer-TeamViewer"
set type default
set internet-service-id 1835117
next
edit "HP-Other"
set type default
set internet-service-id 1900544
next
edit "HP-Web"
set type default
set internet-service-id 1900545
next
edit "HP-ICMP"
set type default
set internet-service-id 1900546
next
edit "HP-DNS"
set type default
set internet-service-id 1900547
next
edit "HP-Outbound_Email"
set type default
set internet-service-id 1900548
next
edit "HP-SSH"
set type default
set internet-service-id 1900550
next
edit "HP-FTP"
set type default
set internet-service-id 1900551
next
edit "HP-NTP"
set type default
set internet-service-id 1900552
next
edit "HP-Inbound_Email"
set type default
set internet-service-id 1900553
next
edit "HP-LDAP"
set type default
set internet-service-id 1900558
next
edit "HP-NetBIOS.Session.Service"
set type default
set internet-service-id 1900559
next
edit "HP-RTMP"
set type default
set internet-service-id 1900560
next
edit "HP-NetBIOS.Name.Service"
set type default
set internet-service-id 1900568
next
edit "HP-Aruba"
set type default
set internet-service-id 1900726
next
edit "Cisco-Other"
set type default
set internet-service-id 1966080
next
edit "Cisco-Web"
set type default
set internet-service-id 1966081
next
edit "Cisco-ICMP"
set type default
set internet-service-id 1966082
next
edit "Cisco-DNS"
set type default
set internet-service-id 1966083
next
edit "Cisco-Outbound_Email"
set type default
set internet-service-id 1966084
next
edit "Cisco-SSH"
set type default
set internet-service-id 1966086
next
edit "Cisco-FTP"
set type default
set internet-service-id 1966087
next
edit "Cisco-NTP"
set type default
set internet-service-id 1966088
next
edit "Cisco-Inbound_Email"
set type default
set internet-service-id 1966089
next
edit "Cisco-LDAP"
set type default
set internet-service-id 1966094
next
edit "Cisco-NetBIOS.Session.Service"
set type default
set internet-service-id 1966095
next
edit "Cisco-RTMP"
set type default
set internet-service-id 1966096
next
edit "Cisco-NetBIOS.Name.Service"
set type default
set internet-service-id 1966104
next
edit "Cisco-Webex"
set type default
set internet-service-id 1966183
next
edit "Cisco-Meraki.Cloud"
set type default
set internet-service-id 1966218
next
edit "Cisco-Duo.Security"
set type default
set internet-service-id 1966225
next
edit "Cisco-AppDynamic"
set type default
set internet-service-id 1966260
next
edit "Cisco-Secure.Endpoint"
set type default
set internet-service-id 1966324
next
edit "IBM-Other"
set type default
set internet-service-id 2031616
next
edit "IBM-Web"
set type default
set internet-service-id 2031617
next
edit "IBM-ICMP"
set type default
set internet-service-id 2031618
next
edit "IBM-DNS"
set type default
set internet-service-id 2031619
next
edit "IBM-Outbound_Email"
set type default
set internet-service-id 2031620
next
edit "IBM-SSH"
set type default
set internet-service-id 2031622
next
edit "IBM-FTP"
set type default
set internet-service-id 2031623
next
edit "IBM-NTP"
set type default
set internet-service-id 2031624
next
edit "IBM-Inbound_Email"
set type default
set internet-service-id 2031625
next
edit "IBM-LDAP"
set type default
set internet-service-id 2031630
next
edit "IBM-NetBIOS.Session.Service"
set type default
set internet-service-id 2031631
next
edit "IBM-RTMP"
set type default
set internet-service-id 2031632
next
edit "IBM-NetBIOS.Name.Service"
set type default
set internet-service-id 2031640
next
edit "IBM-IBM.Cloud"
set type default
set internet-service-id 2031748
next
edit "Citrix-Other"
set type default
set internet-service-id 2097152
next
edit "Citrix-Web"
set type default
set internet-service-id 2097153
next
edit "Citrix-ICMP"
set type default
set internet-service-id 2097154
next
edit "Citrix-DNS"
set type default
set internet-service-id 2097155
next
edit "Citrix-Outbound_Email"
set type default
set internet-service-id 2097156
next
edit "Citrix-SSH"
set type default
set internet-service-id 2097158
next
edit "Citrix-FTP"
set type default
set internet-service-id 2097159
next
edit "Citrix-NTP"
set type default
set internet-service-id 2097160
next
edit "Citrix-Inbound_Email"
set type default
set internet-service-id 2097161
next
edit "Citrix-LDAP"
set type default
set internet-service-id 2097166
next
edit "Citrix-NetBIOS.Session.Service"
set type default
set internet-service-id 2097167
next
edit "Citrix-RTMP"
set type default
set internet-service-id 2097168
next
edit "Citrix-NetBIOS.Name.Service"
set type default
set internet-service-id 2097176
next
edit "Twitter-Other"
set type default
set internet-service-id 2162688
next
edit "Twitter-Web"
set type default
set internet-service-id 2162689
next
edit "Twitter-ICMP"
set type default
set internet-service-id 2162690
next
edit "Twitter-DNS"
set type default
set internet-service-id 2162691
next
edit "Twitter-Outbound_Email"
set type default
set internet-service-id 2162692
next
edit "Twitter-SSH"
set type default
set internet-service-id 2162694
next
edit "Twitter-FTP"
set type default
set internet-service-id 2162695
next
edit "Twitter-NTP"
set type default
set internet-service-id 2162696
next
edit "Twitter-Inbound_Email"
set type default
set internet-service-id 2162697
next
edit "Twitter-LDAP"
set type default
set internet-service-id 2162702
next
edit "Twitter-NetBIOS.Session.Service"
set type default
set internet-service-id 2162703
next
edit "Twitter-RTMP"
set type default
set internet-service-id 2162704
next
edit "Twitter-NetBIOS.Name.Service"
set type default
set internet-service-id 2162712
next
edit "Dell-Other"
set type default
set internet-service-id 2228224
next
edit "Dell-Web"
set type default
set internet-service-id 2228225
next
edit "Dell-ICMP"
set type default
set internet-service-id 2228226
next
edit "Dell-DNS"
set type default
set internet-service-id 2228227
next
edit "Dell-Outbound_Email"
set type default
set internet-service-id 2228228
next
edit "Dell-SSH"
set type default
set internet-service-id 2228230
next
edit "Dell-FTP"
set type default
set internet-service-id 2228231
next
edit "Dell-NTP"
set type default
set internet-service-id 2228232
next
edit "Dell-Inbound_Email"
set type default
set internet-service-id 2228233
next
edit "Dell-LDAP"
set type default
set internet-service-id 2228238
next
edit "Dell-NetBIOS.Session.Service"
set type default
set internet-service-id 2228239
next
edit "Dell-RTMP"
set type default
set internet-service-id 2228240
next
edit "Dell-NetBIOS.Name.Service"
set type default
set internet-service-id 2228248
next
edit "Vimeo-Other"
set type default
set internet-service-id 2293760
next
edit "Vimeo-Web"
set type default
set internet-service-id 2293761
next
edit "Vimeo-ICMP"
set type default
set internet-service-id 2293762
next
edit "Vimeo-DNS"
set type default
set internet-service-id 2293763
next
edit "Vimeo-Outbound_Email"
set type default
set internet-service-id 2293764
next
edit "Vimeo-SSH"
set type default
set internet-service-id 2293766
next
edit "Vimeo-FTP"
set type default
set internet-service-id 2293767
next
edit "Vimeo-NTP"
set type default
set internet-service-id 2293768
next
edit "Vimeo-Inbound_Email"
set type default
set internet-service-id 2293769
next
edit "Vimeo-LDAP"
set type default
set internet-service-id 2293774
next
edit "Vimeo-NetBIOS.Session.Service"
set type default
set internet-service-id 2293775
next
edit "Vimeo-RTMP"
set type default
set internet-service-id 2293776
next
edit "Vimeo-NetBIOS.Name.Service"
set type default
set internet-service-id 2293784
next
edit "Redhat-Other"
set type default
set internet-service-id 2359296
next
edit "Redhat-Web"
set type default
set internet-service-id 2359297
next
edit "Redhat-ICMP"
set type default
set internet-service-id 2359298
next
edit "Redhat-DNS"
set type default
set internet-service-id 2359299
next
edit "Redhat-Outbound_Email"
set type default
set internet-service-id 2359300
next
edit "Redhat-SSH"
set type default
set internet-service-id 2359302
next
edit "Redhat-FTP"
set type default
set internet-service-id 2359303
next
edit "Redhat-NTP"
set type default
set internet-service-id 2359304
next
edit "Redhat-Inbound_Email"
set type default
set internet-service-id 2359305
next
edit "Redhat-LDAP"
set type default
set internet-service-id 2359310
next
edit "Redhat-NetBIOS.Session.Service"
set type default
set internet-service-id 2359311
next
edit "Redhat-RTMP"
set type default
set internet-service-id 2359312
next
edit "Redhat-NetBIOS.Name.Service"
set type default
set internet-service-id 2359320
next
edit "VK-Other"
set type default
set internet-service-id 2424832
next
edit "VK-Web"
set type default
set internet-service-id 2424833
next
edit "VK-ICMP"
set type default
set internet-service-id 2424834
next
edit "VK-DNS"
set type default
set internet-service-id 2424835
next
edit "VK-Outbound_Email"
set type default
set internet-service-id 2424836
next
edit "VK-SSH"
set type default
set internet-service-id 2424838
next
edit "VK-FTP"
set type default
set internet-service-id 2424839
next
edit "VK-NTP"
set type default
set internet-service-id 2424840
next
edit "VK-Inbound_Email"
set type default
set internet-service-id 2424841
next
edit "VK-LDAP"
set type default
set internet-service-id 2424846
next
edit "VK-NetBIOS.Session.Service"
set type default
set internet-service-id 2424847
next
edit "VK-RTMP"
set type default
set internet-service-id 2424848
next
edit "VK-NetBIOS.Name.Service"
set type default
set internet-service-id 2424856
next
edit "TrendMicro-Other"
set type default
set internet-service-id 2490368
next
edit "TrendMicro-Web"
set type default
set internet-service-id 2490369
next
edit "TrendMicro-ICMP"
set type default
set internet-service-id 2490370
next
edit "TrendMicro-DNS"
set type default
set internet-service-id 2490371
next
edit "TrendMicro-Outbound_Email"
set type default
set internet-service-id 2490372
next
edit "TrendMicro-SSH"
set type default
set internet-service-id 2490374
next
edit "TrendMicro-FTP"
set type default
set internet-service-id 2490375
next
edit "TrendMicro-NTP"
set type default
set internet-service-id 2490376
next
edit "TrendMicro-Inbound_Email"
set type default
set internet-service-id 2490377
next
edit "TrendMicro-LDAP"
set type default
set internet-service-id 2490382
next
edit "TrendMicro-NetBIOS.Session.Service"
set type default
set internet-service-id 2490383
next
edit "TrendMicro-RTMP"
set type default
set internet-service-id 2490384
next
edit "TrendMicro-NetBIOS.Name.Service"
set type default
set internet-service-id 2490392
next
edit "Tencent-Other"
set type default
set internet-service-id 2555904
next
edit "Tencent-Web"
set type default
set internet-service-id 2555905
next
edit "Tencent-ICMP"
set type default
set internet-service-id 2555906
next
edit "Tencent-DNS"
set type default
set internet-service-id 2555907
next
edit "Tencent-Outbound_Email"
set type default
set internet-service-id 2555908
next
edit "Tencent-SSH"
set type default
set internet-service-id 2555910
next
edit "Tencent-FTP"
set type default
set internet-service-id 2555911
next
edit "Tencent-NTP"
set type default
set internet-service-id 2555912
next
edit "Tencent-Inbound_Email"
set type default
set internet-service-id 2555913
next
edit "Tencent-LDAP"
set type default
set internet-service-id 2555918
next
edit "Tencent-NetBIOS.Session.Service"
set type default
set internet-service-id 2555919
next
edit "Tencent-RTMP"
set type default
set internet-service-id 2555920
next
edit "Tencent-NetBIOS.Name.Service"
set type default
set internet-service-id 2555928
next
edit "Ask-Other"
set type default
set internet-service-id 2621440
next
edit "Ask-Web"
set type default
set internet-service-id 2621441
next
edit "Ask-ICMP"
set type default
set internet-service-id 2621442
next
edit "Ask-DNS"
set type default
set internet-service-id 2621443
next
edit "Ask-Outbound_Email"
set type default
set internet-service-id 2621444
next
edit "Ask-SSH"
set type default
set internet-service-id 2621446
next
edit "Ask-FTP"
set type default
set internet-service-id 2621447
next
edit "Ask-NTP"
set type default
set internet-service-id 2621448
next
edit "Ask-Inbound_Email"
set type default
set internet-service-id 2621449
next
edit "Ask-LDAP"
set type default
set internet-service-id 2621454
next
edit "Ask-NetBIOS.Session.Service"
set type default
set internet-service-id 2621455
next
edit "Ask-RTMP"
set type default
set internet-service-id 2621456
next
edit "Ask-NetBIOS.Name.Service"
set type default
set internet-service-id 2621464
next
edit "CNN-Other"
set type default
set internet-service-id 2686976
next
edit "CNN-Web"
set type default
set internet-service-id 2686977
next
edit "CNN-ICMP"
set type default
set internet-service-id 2686978
next
edit "CNN-DNS"
set type default
set internet-service-id 2686979
next
edit "CNN-Outbound_Email"
set type default
set internet-service-id 2686980
next
edit "CNN-SSH"
set type default
set internet-service-id 2686982
next
edit "CNN-FTP"
set type default
set internet-service-id 2686983
next
edit "CNN-NTP"
set type default
set internet-service-id 2686984
next
edit "CNN-Inbound_Email"
set type default
set internet-service-id 2686985
next
edit "CNN-LDAP"
set type default
set internet-service-id 2686990
next
edit "CNN-NetBIOS.Session.Service"
set type default
set internet-service-id 2686991
next
edit "CNN-RTMP"
set type default
set internet-service-id 2686992
next
edit "CNN-NetBIOS.Name.Service"
set type default
set internet-service-id 2687000
next
edit "Myspace-Other"
set type default
set internet-service-id 2752512
next
edit "Myspace-Web"
set type default
set internet-service-id 2752513
next
edit "Myspace-ICMP"
set type default
set internet-service-id 2752514
next
edit "Myspace-DNS"
set type default
set internet-service-id 2752515
next
edit "Myspace-Outbound_Email"
set type default
set internet-service-id 2752516
next
edit "Myspace-SSH"
set type default
set internet-service-id 2752518
next
edit "Myspace-FTP"
set type default
set internet-service-id 2752519
next
edit "Myspace-NTP"
set type default
set internet-service-id 2752520
next
edit "Myspace-Inbound_Email"
set type default
set internet-service-id 2752521
next
edit "Myspace-LDAP"
set type default
set internet-service-id 2752526
next
edit "Myspace-NetBIOS.Session.Service"
set type default
set internet-service-id 2752527
next
edit "Myspace-RTMP"
set type default
set internet-service-id 2752528
next
edit "Myspace-NetBIOS.Name.Service"
set type default
set internet-service-id 2752536
next
edit "Tor-Relay.Node"
set type default
set internet-service-id 2818238
next
edit "Tor-Exit.Node"
set type default
set internet-service-id 2818243
next
edit "Baidu-Other"
set type default
set internet-service-id 2883584
next
edit "Baidu-Web"
set type default
set internet-service-id 2883585
next
edit "Baidu-ICMP"
set type default
set internet-service-id 2883586
next
edit "Baidu-DNS"
set type default
set internet-service-id 2883587
next
edit "Baidu-Outbound_Email"
set type default
set internet-service-id 2883588
next
edit "Baidu-SSH"
set type default
set internet-service-id 2883590
next
edit "Baidu-FTP"
set type default
set internet-service-id 2883591
next
edit "Baidu-NTP"
set type default
set internet-service-id 2883592
next
edit "Baidu-Inbound_Email"
set type default
set internet-service-id 2883593
next
edit "Baidu-LDAP"
set type default
set internet-service-id 2883598
next
edit "Baidu-NetBIOS.Session.Service"
set type default
set internet-service-id 2883599
next
edit "Baidu-RTMP"
set type default
set internet-service-id 2883600
next
edit "Baidu-NetBIOS.Name.Service"
set type default
set internet-service-id 2883608
next
edit "ntp.org-Other"
set type default
set internet-service-id 2949120
next
edit "ntp.org-Web"
set type default
set internet-service-id 2949121
next
edit "ntp.org-ICMP"
set type default
set internet-service-id 2949122
next
edit "ntp.org-DNS"
set type default
set internet-service-id 2949123
next
edit "ntp.org-Outbound_Email"
set type default
set internet-service-id 2949124
next
edit "ntp.org-SSH"
set type default
set internet-service-id 2949126
next
edit "ntp.org-FTP"
set type default
set internet-service-id 2949127
next
edit "ntp.org-NTP"
set type default
set internet-service-id 2949128
next
edit "ntp.org-Inbound_Email"
set type default
set internet-service-id 2949129
next
edit "ntp.org-LDAP"
set type default
set internet-service-id 2949134
next
edit "ntp.org-NetBIOS.Session.Service"
set type default
set internet-service-id 2949135
next
edit "ntp.org-RTMP"
set type default
set internet-service-id 2949136
next
edit "ntp.org-NetBIOS.Name.Service"
set type default
set internet-service-id 2949144
next
edit "Proxy-Proxy.Server"
set type default
set internet-service-id 3014850
next
edit "Botnet-C&C.Server"
set type default
set internet-service-id 3080383
next
edit "Spam-Spamming.Server"
set type default
set internet-service-id 3145920
next
edit "Phishing-Phishing.Server"
set type default
set internet-service-id 3211457
next
edit "Zendesk-Other"
set type default
set internet-service-id 3407872
next
edit "Zendesk-Web"
set type default
set internet-service-id 3407873
next
edit "Zendesk-ICMP"
set type default
set internet-service-id 3407874
next
edit "Zendesk-DNS"
set type default
set internet-service-id 3407875
next
edit "Zendesk-Outbound_Email"
set type default
set internet-service-id 3407876
next
edit "Zendesk-SSH"
set type default
set internet-service-id 3407878
next
edit "Zendesk-FTP"
set type default
set internet-service-id 3407879
next
edit "Zendesk-NTP"
set type default
set internet-service-id 3407880
next
edit "Zendesk-Inbound_Email"
set type default
set internet-service-id 3407881
next
edit "Zendesk-LDAP"
set type default
set internet-service-id 3407886
next
edit "Zendesk-NetBIOS.Session.Service"
set type default
set internet-service-id 3407887
next
edit "Zendesk-RTMP"
set type default
set internet-service-id 3407888
next
edit "Zendesk-NetBIOS.Name.Service"
set type default
set internet-service-id 3407896
next
edit "Zendesk-Zendesk.Suite"
set type default
set internet-service-id 3408047
next
edit "DocuSign-Other"
set type default
set internet-service-id 3473408
next
edit "DocuSign-Web"
set type default
set internet-service-id 3473409
next
edit "DocuSign-ICMP"
set type default
set internet-service-id 3473410
next
edit "DocuSign-DNS"
set type default
set internet-service-id 3473411
next
edit "DocuSign-Outbound_Email"
set type default
set internet-service-id 3473412
next
edit "DocuSign-SSH"
set type default
set internet-service-id 3473414
next
edit "DocuSign-FTP"
set type default
set internet-service-id 3473415
next
edit "DocuSign-NTP"
set type default
set internet-service-id 3473416
next
edit "DocuSign-Inbound_Email"
set type default
set internet-service-id 3473417
next
edit "DocuSign-LDAP"
set type default
set internet-service-id 3473422
next
edit "DocuSign-NetBIOS.Session.Service"
set type default
set internet-service-id 3473423
next
edit "DocuSign-RTMP"
set type default
set internet-service-id 3473424
next
edit "DocuSign-NetBIOS.Name.Service"
set type default
set internet-service-id 3473432
next
edit "ServiceNow-Other"
set type default
set internet-service-id 3538944
next
edit "ServiceNow-Web"
set type default
set internet-service-id 3538945
next
edit "ServiceNow-ICMP"
set type default
set internet-service-id 3538946
next
edit "ServiceNow-DNS"
set type default
set internet-service-id 3538947
next
edit "ServiceNow-Outbound_Email"
set type default
set internet-service-id 3538948
next
edit "ServiceNow-SSH"
set type default
set internet-service-id 3538950
next
edit "ServiceNow-FTP"
set type default
set internet-service-id 3538951
next
edit "ServiceNow-NTP"
set type default
set internet-service-id 3538952
next
edit "ServiceNow-Inbound_Email"
set type default
set internet-service-id 3538953
next
edit "ServiceNow-LDAP"
set type default
set internet-service-id 3538958
next
edit "ServiceNow-NetBIOS.Session.Service"
set type default
set internet-service-id 3538959
next
edit "ServiceNow-RTMP"
set type default
set internet-service-id 3538960
next
edit "ServiceNow-NetBIOS.Name.Service"
set type default
set internet-service-id 3538968
next
edit "GitHub-GitHub"
set type default
set internet-service-id 3604638
next
edit "Workday-Other"
set type default
set internet-service-id 3670016
next
edit "Workday-Web"
set type default
set internet-service-id 3670017
next
edit "Workday-ICMP"
set type default
set internet-service-id 3670018
next
edit "Workday-DNS"
set type default
set internet-service-id 3670019
next
edit "Workday-Outbound_Email"
set type default
set internet-service-id 3670020
next
edit "Workday-SSH"
set type default
set internet-service-id 3670022
next
edit "Workday-FTP"
set type default
set internet-service-id 3670023
next
edit "Workday-NTP"
set type default
set internet-service-id 3670024
next
edit "Workday-Inbound_Email"
set type default
set internet-service-id 3670025
next
edit "Workday-LDAP"
set type default
set internet-service-id 3670030
next
edit "Workday-NetBIOS.Session.Service"
set type default
set internet-service-id 3670031
next
edit "Workday-RTMP"
set type default
set internet-service-id 3670032
next
edit "Workday-NetBIOS.Name.Service"
set type default
set internet-service-id 3670040
next
edit "HubSpot-Other"
set type default
set internet-service-id 3735552
next
edit "HubSpot-Web"
set type default
set internet-service-id 3735553
next
edit "HubSpot-ICMP"
set type default
set internet-service-id 3735554
next
edit "HubSpot-DNS"
set type default
set internet-service-id 3735555
next
edit "HubSpot-Outbound_Email"
set type default
set internet-service-id 3735556
next
edit "HubSpot-SSH"
set type default
set internet-service-id 3735558
next
edit "HubSpot-FTP"
set type default
set internet-service-id 3735559
next
edit "HubSpot-NTP"
set type default
set internet-service-id 3735560
next
edit "HubSpot-Inbound_Email"
set type default
set internet-service-id 3735561
next
edit "HubSpot-LDAP"
set type default
set internet-service-id 3735566
next
edit "HubSpot-NetBIOS.Session.Service"
set type default
set internet-service-id 3735567
next
edit "HubSpot-RTMP"
set type default
set internet-service-id 3735568
next
edit "HubSpot-NetBIOS.Name.Service"
set type default
set internet-service-id 3735576
next
edit "Twilio-Other"
set type default
set internet-service-id 3801088
next
edit "Twilio-Web"
set type default
set internet-service-id 3801089
next
edit "Twilio-ICMP"
set type default
set internet-service-id 3801090
next
edit "Twilio-DNS"
set type default
set internet-service-id 3801091
next
edit "Twilio-Outbound_Email"
set type default
set internet-service-id 3801092
next
edit "Twilio-SSH"
set type default
set internet-service-id 3801094
next
edit "Twilio-FTP"
set type default
set internet-service-id 3801095
next
edit "Twilio-NTP"
set type default
set internet-service-id 3801096
next
edit "Twilio-Inbound_Email"
set type default
set internet-service-id 3801097
next
edit "Twilio-LDAP"
set type default
set internet-service-id 3801102
next
edit "Twilio-NetBIOS.Session.Service"
set type default
set internet-service-id 3801103
next
edit "Twilio-RTMP"
set type default
set internet-service-id 3801104
next
edit "Twilio-NetBIOS.Name.Service"
set type default
set internet-service-id 3801112
next
edit "Twilio-Elastic.SIP.Trunking"
set type default
set internet-service-id 3801277
next
edit "Coupa-Other"
set type default
set internet-service-id 3866624
next
edit "Coupa-Web"
set type default
set internet-service-id 3866625
next
edit "Coupa-ICMP"
set type default
set internet-service-id 3866626
next
edit "Coupa-DNS"
set type default
set internet-service-id 3866627
next
edit "Coupa-Outbound_Email"
set type default
set internet-service-id 3866628
next
edit "Coupa-SSH"
set type default
set internet-service-id 3866630
next
edit "Coupa-FTP"
set type default
set internet-service-id 3866631
next
edit "Coupa-NTP"
set type default
set internet-service-id 3866632
next
edit "Coupa-Inbound_Email"
set type default
set internet-service-id 3866633
next
edit "Coupa-LDAP"
set type default
set internet-service-id 3866638
next
edit "Coupa-NetBIOS.Session.Service"
set type default
set internet-service-id 3866639
next
edit "Coupa-RTMP"
set type default
set internet-service-id 3866640
next
edit "Coupa-NetBIOS.Name.Service"
set type default
set internet-service-id 3866648
next
edit "Atlassian-Other"
set type default
set internet-service-id 3932160
next
edit "Atlassian-Web"
set type default
set internet-service-id 3932161
next
edit "Atlassian-ICMP"
set type default
set internet-service-id 3932162
next
edit "Atlassian-DNS"
set type default
set internet-service-id 3932163
next
edit "Atlassian-Outbound_Email"
set type default
set internet-service-id 3932164
next
edit "Atlassian-SSH"
set type default
set internet-service-id 3932166
next
edit "Atlassian-FTP"
set type default
set internet-service-id 3932167
next
edit "Atlassian-NTP"
set type default
set internet-service-id 3932168
next
edit "Atlassian-Inbound_Email"
set type default
set internet-service-id 3932169
next
edit "Atlassian-LDAP"
set type default
set internet-service-id 3932174
next
edit "Atlassian-NetBIOS.Session.Service"
set type default
set internet-service-id 3932175
next
edit "Atlassian-RTMP"
set type default
set internet-service-id 3932176
next
edit "Atlassian-NetBIOS.Name.Service"
set type default
set internet-service-id 3932184
next
edit "Atlassian-Atlassian.Cloud"
set type default
set internet-service-id 3932388
next
edit "Xero-Other"
set type default
set internet-service-id 3997696
next
edit "Xero-Web"
set type default
set internet-service-id 3997697
next
edit "Xero-ICMP"
set type default
set internet-service-id 3997698
next
edit "Xero-DNS"
set type default
set internet-service-id 3997699
next
edit "Xero-Outbound_Email"
set type default
set internet-service-id 3997700
next
edit "Xero-SSH"
set type default
set internet-service-id 3997702
next
edit "Xero-FTP"
set type default
set internet-service-id 3997703
next
edit "Xero-NTP"
set type default
set internet-service-id 3997704
next
edit "Xero-Inbound_Email"
set type default
set internet-service-id 3997705
next
edit "Xero-LDAP"
set type default
set internet-service-id 3997710
next
edit "Xero-NetBIOS.Session.Service"
set type default
set internet-service-id 3997711
next
edit "Xero-RTMP"
set type default
set internet-service-id 3997712
next
edit "Xero-NetBIOS.Name.Service"
set type default
set internet-service-id 3997720
next
edit "Zuora-Other"
set type default
set internet-service-id 4063232
next
edit "Zuora-Web"
set type default
set internet-service-id 4063233
next
edit "Zuora-ICMP"
set type default
set internet-service-id 4063234
next
edit "Zuora-DNS"
set type default
set internet-service-id 4063235
next
edit "Zuora-Outbound_Email"
set type default
set internet-service-id 4063236
next
edit "Zuora-SSH"
set type default
set internet-service-id 4063238
next
edit "Zuora-FTP"
set type default
set internet-service-id 4063239
next
edit "Zuora-NTP"
set type default
set internet-service-id 4063240
next
edit "Zuora-Inbound_Email"
set type default
set internet-service-id 4063241
next
edit "Zuora-LDAP"
set type default
set internet-service-id 4063246
next
edit "Zuora-NetBIOS.Session.Service"
set type default
set internet-service-id 4063247
next
edit "Zuora-RTMP"
set type default
set internet-service-id 4063248
next
edit "Zuora-NetBIOS.Name.Service"
set type default
set internet-service-id 4063256
next
edit "AdRoll-Other"
set type default
set internet-service-id 4128768
next
edit "AdRoll-Web"
set type default
set internet-service-id 4128769
next
edit "AdRoll-ICMP"
set type default
set internet-service-id 4128770
next
edit "AdRoll-DNS"
set type default
set internet-service-id 4128771
next
edit "AdRoll-Outbound_Email"
set type default
set internet-service-id 4128772
next
edit "AdRoll-SSH"
set type default
set internet-service-id 4128774
next
edit "AdRoll-FTP"
set type default
set internet-service-id 4128775
next
edit "AdRoll-NTP"
set type default
set internet-service-id 4128776
next
edit "AdRoll-Inbound_Email"
set type default
set internet-service-id 4128777
next
edit "AdRoll-LDAP"
set type default
set internet-service-id 4128782
next
edit "AdRoll-NetBIOS.Session.Service"
set type default
set internet-service-id 4128783
next
edit "AdRoll-RTMP"
set type default
set internet-service-id 4128784
next
edit "AdRoll-NetBIOS.Name.Service"
set type default
set internet-service-id 4128792
next
edit "Xactly-Other"
set type default
set internet-service-id 4194304
next
edit "Xactly-Web"
set type default
set internet-service-id 4194305
next
edit "Xactly-ICMP"
set type default
set internet-service-id 4194306
next
edit "Xactly-DNS"
set type default
set internet-service-id 4194307
next
edit "Xactly-Outbound_Email"
set type default
set internet-service-id 4194308
next
edit "Xactly-SSH"
set type default
set internet-service-id 4194310
next
edit "Xactly-FTP"
set type default
set internet-service-id 4194311
next
edit "Xactly-NTP"
set type default
set internet-service-id 4194312
next
edit "Xactly-Inbound_Email"
set type default
set internet-service-id 4194313
next
edit "Xactly-LDAP"
set type default
set internet-service-id 4194318
next
edit "Xactly-NetBIOS.Session.Service"
set type default
set internet-service-id 4194319
next
edit "Xactly-RTMP"
set type default
set internet-service-id 4194320
next
edit "Xactly-NetBIOS.Name.Service"
set type default
set internet-service-id 4194328
next
edit "Intuit-Other"
set type default
set internet-service-id 4259840
next
edit "Intuit-Web"
set type default
set internet-service-id 4259841
next
edit "Intuit-ICMP"
set type default
set internet-service-id 4259842
next
edit "Intuit-DNS"
set type default
set internet-service-id 4259843
next
edit "Intuit-Outbound_Email"
set type default
set internet-service-id 4259844
next
edit "Intuit-SSH"
set type default
set internet-service-id 4259846
next
edit "Intuit-FTP"
set type default
set internet-service-id 4259847
next
edit "Intuit-NTP"
set type default
set internet-service-id 4259848
next
edit "Intuit-Inbound_Email"
set type default
set internet-service-id 4259849
next
edit "Intuit-LDAP"
set type default
set internet-service-id 4259854
next
edit "Intuit-NetBIOS.Session.Service"
set type default
set internet-service-id 4259855
next
edit "Intuit-RTMP"
set type default
set internet-service-id 4259856
next
edit "Intuit-NetBIOS.Name.Service"
set type default
set internet-service-id 4259864
next
edit "Marketo-Other"
set type default
set internet-service-id 4325376
next
edit "Marketo-Web"
set type default
set internet-service-id 4325377
next
edit "Marketo-ICMP"
set type default
set internet-service-id 4325378
next
edit "Marketo-DNS"
set type default
set internet-service-id 4325379
next
edit "Marketo-Outbound_Email"
set type default
set internet-service-id 4325380
next
edit "Marketo-SSH"
set type default
set internet-service-id 4325382
next
edit "Marketo-FTP"
set type default
set internet-service-id 4325383
next
edit "Marketo-NTP"
set type default
set internet-service-id 4325384
next
edit "Marketo-Inbound_Email"
set type default
set internet-service-id 4325385
next
edit "Marketo-LDAP"
set type default
set internet-service-id 4325390
next
edit "Marketo-NetBIOS.Session.Service"
set type default
set internet-service-id 4325391
next
edit "Marketo-RTMP"
set type default
set internet-service-id 4325392
next
edit "Marketo-NetBIOS.Name.Service"
set type default
set internet-service-id 4325400
next
edit "Bill-Other"
set type default
set internet-service-id 4456448
next
edit "Bill-Web"
set type default
set internet-service-id 4456449
next
edit "Bill-ICMP"
set type default
set internet-service-id 4456450
next
edit "Bill-DNS"
set type default
set internet-service-id 4456451
next
edit "Bill-Outbound_Email"
set type default
set internet-service-id 4456452
next
edit "Bill-SSH"
set type default
set internet-service-id 4456454
next
edit "Bill-FTP"
set type default
set internet-service-id 4456455
next
edit "Bill-NTP"
set type default
set internet-service-id 4456456
next
edit "Bill-Inbound_Email"
set type default
set internet-service-id 4456457
next
edit "Bill-LDAP"
set type default
set internet-service-id 4456462
next
edit "Bill-NetBIOS.Session.Service"
set type default
set internet-service-id 4456463
next
edit "Bill-RTMP"
set type default
set internet-service-id 4456464
next
edit "Bill-NetBIOS.Name.Service"
set type default
set internet-service-id 4456472
next
edit "Shopify-Other"
set type default
set internet-service-id 4521984
next
edit "Shopify-Web"
set type default
set internet-service-id 4521985
next
edit "Shopify-ICMP"
set type default
set internet-service-id 4521986
next
edit "Shopify-DNS"
set type default
set internet-service-id 4521987
next
edit "Shopify-Outbound_Email"
set type default
set internet-service-id 4521988
next
edit "Shopify-SSH"
set type default
set internet-service-id 4521990
next
edit "Shopify-FTP"
set type default
set internet-service-id 4521991
next
edit "Shopify-NTP"
set type default
set internet-service-id 4521992
next
edit "Shopify-Inbound_Email"
set type default
set internet-service-id 4521993
next
edit "Shopify-LDAP"
set type default
set internet-service-id 4521998
next
edit "Shopify-NetBIOS.Session.Service"
set type default
set internet-service-id 4521999
next
edit "Shopify-RTMP"
set type default
set internet-service-id 4522000
next
edit "Shopify-NetBIOS.Name.Service"
set type default
set internet-service-id 4522008
next
edit "Shopify-Shopify"
set type default
set internet-service-id 4522162
next
edit "MuleSoft-Other"
set type default
set internet-service-id 4587520
next
edit "MuleSoft-Web"
set type default
set internet-service-id 4587521
next
edit "MuleSoft-ICMP"
set type default
set internet-service-id 4587522
next
edit "MuleSoft-DNS"
set type default
set internet-service-id 4587523
next
edit "MuleSoft-Outbound_Email"
set type default
set internet-service-id 4587524
next
edit "MuleSoft-SSH"
set type default
set internet-service-id 4587526
next
edit "MuleSoft-FTP"
set type default
set internet-service-id 4587527
next
edit "MuleSoft-NTP"
set type default
set internet-service-id 4587528
next
edit "MuleSoft-Inbound_Email"
set type default
set internet-service-id 4587529
next
edit "MuleSoft-LDAP"
set type default
set internet-service-id 4587534
next
edit "MuleSoft-NetBIOS.Session.Service"
set type default
set internet-service-id 4587535
next
edit "MuleSoft-RTMP"
set type default
set internet-service-id 4587536
next
edit "MuleSoft-NetBIOS.Name.Service"
set type default
set internet-service-id 4587544
next
edit "Cornerstone-Other"
set type default
set internet-service-id 4653056
next
edit "Cornerstone-Web"
set type default
set internet-service-id 4653057
next
edit "Cornerstone-ICMP"
set type default
set internet-service-id 4653058
next
edit "Cornerstone-DNS"
set type default
set internet-service-id 4653059
next
edit "Cornerstone-Outbound_Email"
set type default
set internet-service-id 4653060
next
edit "Cornerstone-SSH"
set type default
set internet-service-id 4653062
next
edit "Cornerstone-FTP"
set type default
set internet-service-id 4653063
next
edit "Cornerstone-NTP"
set type default
set internet-service-id 4653064
next
edit "Cornerstone-Inbound_Email"
set type default
set internet-service-id 4653065
next
edit "Cornerstone-LDAP"
set type default
set internet-service-id 4653070
next
edit "Cornerstone-NetBIOS.Session.Service"
set type default
set internet-service-id 4653071
next
edit "Cornerstone-RTMP"
set type default
set internet-service-id 4653072
next
edit "Cornerstone-NetBIOS.Name.Service"
set type default
set internet-service-id 4653080
next
edit "Eventbrite-Other"
set type default
set internet-service-id 4718592
next
edit "Eventbrite-Web"
set type default
set internet-service-id 4718593
next
edit "Eventbrite-ICMP"
set type default
set internet-service-id 4718594
next
edit "Eventbrite-DNS"
set type default
set internet-service-id 4718595
next
edit "Eventbrite-Outbound_Email"
set type default
set internet-service-id 4718596
next
edit "Eventbrite-SSH"
set type default
set internet-service-id 4718598
next
edit "Eventbrite-FTP"
set type default
set internet-service-id 4718599
next
edit "Eventbrite-NTP"
set type default
set internet-service-id 4718600
next
edit "Eventbrite-Inbound_Email"
set type default
set internet-service-id 4718601
next
edit "Eventbrite-LDAP"
set type default
set internet-service-id 4718606
next
edit "Eventbrite-NetBIOS.Session.Service"
set type default
set internet-service-id 4718607
next
edit "Eventbrite-RTMP"
set type default
set internet-service-id 4718608
next
edit "Eventbrite-NetBIOS.Name.Service"
set type default
set internet-service-id 4718616
next
edit "Paychex-Other"
set type default
set internet-service-id 4784128
next
edit "Paychex-Web"
set type default
set internet-service-id 4784129
next
edit "Paychex-ICMP"
set type default
set internet-service-id 4784130
next
edit "Paychex-DNS"
set type default
set internet-service-id 4784131
next
edit "Paychex-Outbound_Email"
set type default
set internet-service-id 4784132
next
edit "Paychex-SSH"
set type default
set internet-service-id 4784134
next
edit "Paychex-FTP"
set type default
set internet-service-id 4784135
next
edit "Paychex-NTP"
set type default
set internet-service-id 4784136
next
edit "Paychex-Inbound_Email"
set type default
set internet-service-id 4784137
next
edit "Paychex-LDAP"
set type default
set internet-service-id 4784142
next
edit "Paychex-NetBIOS.Session.Service"
set type default
set internet-service-id 4784143
next
edit "Paychex-RTMP"
set type default
set internet-service-id 4784144
next
edit "Paychex-NetBIOS.Name.Service"
set type default
set internet-service-id 4784152
next
edit "NewRelic-Other"
set type default
set internet-service-id 4849664
next
edit "NewRelic-Web"
set type default
set internet-service-id 4849665
next
edit "NewRelic-ICMP"
set type default
set internet-service-id 4849666
next
edit "NewRelic-DNS"
set type default
set internet-service-id 4849667
next
edit "NewRelic-Outbound_Email"
set type default
set internet-service-id 4849668
next
edit "NewRelic-SSH"
set type default
set internet-service-id 4849670
next
edit "NewRelic-FTP"
set type default
set internet-service-id 4849671
next
edit "NewRelic-NTP"
set type default
set internet-service-id 4849672
next
edit "NewRelic-Inbound_Email"
set type default
set internet-service-id 4849673
next
edit "NewRelic-LDAP"
set type default
set internet-service-id 4849678
next
edit "NewRelic-NetBIOS.Session.Service"
set type default
set internet-service-id 4849679
next
edit "NewRelic-RTMP"
set type default
set internet-service-id 4849680
next
edit "NewRelic-NetBIOS.Name.Service"
set type default
set internet-service-id 4849688
next
edit "Splunk-Other"
set type default
set internet-service-id 4915200
next
edit "Splunk-Web"
set type default
set internet-service-id 4915201
next
edit "Splunk-ICMP"
set type default
set internet-service-id 4915202
next
edit "Splunk-DNS"
set type default
set internet-service-id 4915203
next
edit "Splunk-Outbound_Email"
set type default
set internet-service-id 4915204
next
edit "Splunk-SSH"
set type default
set internet-service-id 4915206
next
edit "Splunk-FTP"
set type default
set internet-service-id 4915207
next
edit "Splunk-NTP"
set type default
set internet-service-id 4915208
next
edit "Splunk-Inbound_Email"
set type default
set internet-service-id 4915209
next
edit "Splunk-LDAP"
set type default
set internet-service-id 4915214
next
edit "Splunk-NetBIOS.Session.Service"
set type default
set internet-service-id 4915215
next
edit "Splunk-RTMP"
set type default
set internet-service-id 4915216
next
edit "Splunk-NetBIOS.Name.Service"
set type default
set internet-service-id 4915224
next
edit "Domo-Other"
set type default
set internet-service-id 4980736
next
edit "Domo-Web"
set type default
set internet-service-id 4980737
next
edit "Domo-ICMP"
set type default
set internet-service-id 4980738
next
edit "Domo-DNS"
set type default
set internet-service-id 4980739
next
edit "Domo-Outbound_Email"
set type default
set internet-service-id 4980740
next
edit "Domo-SSH"
set type default
set internet-service-id 4980742
next
edit "Domo-FTP"
set type default
set internet-service-id 4980743
next
edit "Domo-NTP"
set type default
set internet-service-id 4980744
next
edit "Domo-Inbound_Email"
set type default
set internet-service-id 4980745
next
edit "Domo-LDAP"
set type default
set internet-service-id 4980750
next
edit "Domo-NetBIOS.Session.Service"
set type default
set internet-service-id 4980751
next
edit "Domo-RTMP"
set type default
set internet-service-id 4980752
next
edit "Domo-NetBIOS.Name.Service"
set type default
set internet-service-id 4980760
next
edit "FreshBooks-Other"
set type default
set internet-service-id 5046272
next
edit "FreshBooks-Web"
set type default
set internet-service-id 5046273
next
edit "FreshBooks-ICMP"
set type default
set internet-service-id 5046274
next
edit "FreshBooks-DNS"
set type default
set internet-service-id 5046275
next
edit "FreshBooks-Outbound_Email"
set type default
set internet-service-id 5046276
next
edit "FreshBooks-SSH"
set type default
set internet-service-id 5046278
next
edit "FreshBooks-FTP"
set type default
set internet-service-id 5046279
next
edit "FreshBooks-NTP"
set type default
set internet-service-id 5046280
next
edit "FreshBooks-Inbound_Email"
set type default
set internet-service-id 5046281
next
edit "FreshBooks-LDAP"
set type default
set internet-service-id 5046286
next
edit "FreshBooks-NetBIOS.Session.Service"
set type default
set internet-service-id 5046287
next
edit "FreshBooks-RTMP"
set type default
set internet-service-id 5046288
next
edit "FreshBooks-NetBIOS.Name.Service"
set type default
set internet-service-id 5046296
next
edit "Tableau-Other"
set type default
set internet-service-id 5111808
next
edit "Tableau-Web"
set type default
set internet-service-id 5111809
next
edit "Tableau-ICMP"
set type default
set internet-service-id 5111810
next
edit "Tableau-DNS"
set type default
set internet-service-id 5111811
next
edit "Tableau-Outbound_Email"
set type default
set internet-service-id 5111812
next
edit "Tableau-SSH"
set type default
set internet-service-id 5111814
next
edit "Tableau-FTP"
set type default
set internet-service-id 5111815
next
edit "Tableau-NTP"
set type default
set internet-service-id 5111816
next
edit "Tableau-Inbound_Email"
set type default
set internet-service-id 5111817
next
edit "Tableau-LDAP"
set type default
set internet-service-id 5111822
next
edit "Tableau-NetBIOS.Session.Service"
set type default
set internet-service-id 5111823
next
edit "Tableau-RTMP"
set type default
set internet-service-id 5111824
next
edit "Tableau-NetBIOS.Name.Service"
set type default
set internet-service-id 5111832
next
edit "Druva-Other"
set type default
set internet-service-id 5177344
next
edit "Druva-Web"
set type default
set internet-service-id 5177345
next
edit "Druva-ICMP"
set type default
set internet-service-id 5177346
next
edit "Druva-DNS"
set type default
set internet-service-id 5177347
next
edit "Druva-Outbound_Email"
set type default
set internet-service-id 5177348
next
edit "Druva-SSH"
set type default
set internet-service-id 5177350
next
edit "Druva-FTP"
set type default
set internet-service-id 5177351
next
edit "Druva-NTP"
set type default
set internet-service-id 5177352
next
edit "Druva-Inbound_Email"
set type default
set internet-service-id 5177353
next
edit "Druva-LDAP"
set type default
set internet-service-id 5177358
next
edit "Druva-NetBIOS.Session.Service"
set type default
set internet-service-id 5177359
next
edit "Druva-RTMP"
set type default
set internet-service-id 5177360
next
edit "Druva-NetBIOS.Name.Service"
set type default
set internet-service-id 5177368
next
edit "Act-on-Other"
set type default
set internet-service-id 5242880
next
edit "Act-on-Web"
set type default
set internet-service-id 5242881
next
edit "Act-on-ICMP"
set type default
set internet-service-id 5242882
next
edit "Act-on-DNS"
set type default
set internet-service-id 5242883
next
edit "Act-on-Outbound_Email"
set type default
set internet-service-id 5242884
next
edit "Act-on-SSH"
set type default
set internet-service-id 5242886
next
edit "Act-on-FTP"
set type default
set internet-service-id 5242887
next
edit "Act-on-NTP"
set type default
set internet-service-id 5242888
next
edit "Act-on-Inbound_Email"
set type default
set internet-service-id 5242889
next
edit "Act-on-LDAP"
set type default
set internet-service-id 5242894
next
edit "Act-on-NetBIOS.Session.Service"
set type default
set internet-service-id 5242895
next
edit "Act-on-RTMP"
set type default
set internet-service-id 5242896
next
edit "Act-on-NetBIOS.Name.Service"
set type default
set internet-service-id 5242904
next
edit "GoodData-Other"
set type default
set internet-service-id 5308416
next
edit "GoodData-Web"
set type default
set internet-service-id 5308417
next
edit "GoodData-ICMP"
set type default
set internet-service-id 5308418
next
edit "GoodData-DNS"
set type default
set internet-service-id 5308419
next
edit "GoodData-Outbound_Email"
set type default
set internet-service-id 5308420
next
edit "GoodData-SSH"
set type default
set internet-service-id 5308422
next
edit "GoodData-FTP"
set type default
set internet-service-id 5308423
next
edit "GoodData-NTP"
set type default
set internet-service-id 5308424
next
edit "GoodData-Inbound_Email"
set type default
set internet-service-id 5308425
next
edit "GoodData-LDAP"
set type default
set internet-service-id 5308430
next
edit "GoodData-NetBIOS.Session.Service"
set type default
set internet-service-id 5308431
next
edit "GoodData-RTMP"
set type default
set internet-service-id 5308432
next
edit "GoodData-NetBIOS.Name.Service"
set type default
set internet-service-id 5308440
next
edit "SurveyMonkey-Other"
set type default
set internet-service-id 5373952
next
edit "SurveyMonkey-Web"
set type default
set internet-service-id 5373953
next
edit "SurveyMonkey-ICMP"
set type default
set internet-service-id 5373954
next
edit "SurveyMonkey-DNS"
set type default
set internet-service-id 5373955
next
edit "SurveyMonkey-Outbound_Email"
set type default
set internet-service-id 5373956
next
edit "SurveyMonkey-SSH"
set type default
set internet-service-id 5373958
next
edit "SurveyMonkey-FTP"
set type default
set internet-service-id 5373959
next
edit "SurveyMonkey-NTP"
set type default
set internet-service-id 5373960
next
edit "SurveyMonkey-Inbound_Email"
set type default
set internet-service-id 5373961
next
edit "SurveyMonkey-LDAP"
set type default
set internet-service-id 5373966
next
edit "SurveyMonkey-NetBIOS.Session.Service"
set type default
set internet-service-id 5373967
next
edit "SurveyMonkey-RTMP"
set type default
set internet-service-id 5373968
next
edit "SurveyMonkey-NetBIOS.Name.Service"
set type default
set internet-service-id 5373976
next
edit "Cvent-Other"
set type default
set internet-service-id 5439488
next
edit "Cvent-Web"
set type default
set internet-service-id 5439489
next
edit "Cvent-ICMP"
set type default
set internet-service-id 5439490
next
edit "Cvent-DNS"
set type default
set internet-service-id 5439491
next
edit "Cvent-Outbound_Email"
set type default
set internet-service-id 5439492
next
edit "Cvent-SSH"
set type default
set internet-service-id 5439494
next
edit "Cvent-FTP"
set type default
set internet-service-id 5439495
next
edit "Cvent-NTP"
set type default
set internet-service-id 5439496
next
edit "Cvent-Inbound_Email"
set type default
set internet-service-id 5439497
next
edit "Cvent-LDAP"
set type default
set internet-service-id 5439502
next
edit "Cvent-NetBIOS.Session.Service"
set type default
set internet-service-id 5439503
next
edit "Cvent-RTMP"
set type default
set internet-service-id 5439504
next
edit "Cvent-NetBIOS.Name.Service"
set type default
set internet-service-id 5439512
next
edit "Blackbaud-Other"
set type default
set internet-service-id 5505024
next
edit "Blackbaud-Web"
set type default
set internet-service-id 5505025
next
edit "Blackbaud-ICMP"
set type default
set internet-service-id 5505026
next
edit "Blackbaud-DNS"
set type default
set internet-service-id 5505027
next
edit "Blackbaud-Outbound_Email"
set type default
set internet-service-id 5505028
next
edit "Blackbaud-SSH"
set type default
set internet-service-id 5505030
next
edit "Blackbaud-FTP"
set type default
set internet-service-id 5505031
next
edit "Blackbaud-NTP"
set type default
set internet-service-id 5505032
next
edit "Blackbaud-Inbound_Email"
set type default
set internet-service-id 5505033
next
edit "Blackbaud-LDAP"
set type default
set internet-service-id 5505038
next
edit "Blackbaud-NetBIOS.Session.Service"
set type default
set internet-service-id 5505039
next
edit "Blackbaud-RTMP"
set type default
set internet-service-id 5505040
next
edit "Blackbaud-NetBIOS.Name.Service"
set type default
set internet-service-id 5505048
next
edit "InsideSales-Other"
set type default
set internet-service-id 5570560
next
edit "InsideSales-Web"
set type default
set internet-service-id 5570561
next
edit "InsideSales-ICMP"
set type default
set internet-service-id 5570562
next
edit "InsideSales-DNS"
set type default
set internet-service-id 5570563
next
edit "InsideSales-Outbound_Email"
set type default
set internet-service-id 5570564
next
edit "InsideSales-SSH"
set type default
set internet-service-id 5570566
next
edit "InsideSales-FTP"
set type default
set internet-service-id 5570567
next
edit "InsideSales-NTP"
set type default
set internet-service-id 5570568
next
edit "InsideSales-Inbound_Email"
set type default
set internet-service-id 5570569
next
edit "InsideSales-LDAP"
set type default
set internet-service-id 5570574
next
edit "InsideSales-NetBIOS.Session.Service"
set type default
set internet-service-id 5570575
next
edit "InsideSales-RTMP"
set type default
set internet-service-id 5570576
next
edit "InsideSales-NetBIOS.Name.Service"
set type default
set internet-service-id 5570584
next
edit "ServiceMax-Other"
set type default
set internet-service-id 5636096
next
edit "ServiceMax-Web"
set type default
set internet-service-id 5636097
next
edit "ServiceMax-ICMP"
set type default
set internet-service-id 5636098
next
edit "ServiceMax-DNS"
set type default
set internet-service-id 5636099
next
edit "ServiceMax-Outbound_Email"
set type default
set internet-service-id 5636100
next
edit "ServiceMax-SSH"
set type default
set internet-service-id 5636102
next
edit "ServiceMax-FTP"
set type default
set internet-service-id 5636103
next
edit "ServiceMax-NTP"
set type default
set internet-service-id 5636104
next
edit "ServiceMax-Inbound_Email"
set type default
set internet-service-id 5636105
next
edit "ServiceMax-LDAP"
set type default
set internet-service-id 5636110
next
edit "ServiceMax-NetBIOS.Session.Service"
set type default
set internet-service-id 5636111
next
edit "ServiceMax-RTMP"
set type default
set internet-service-id 5636112
next
edit "ServiceMax-NetBIOS.Name.Service"
set type default
set internet-service-id 5636120
next
edit "Apptio-Other"
set type default
set internet-service-id 5701632
next
edit "Apptio-Web"
set type default
set internet-service-id 5701633
next
edit "Apptio-ICMP"
set type default
set internet-service-id 5701634
next
edit "Apptio-DNS"
set type default
set internet-service-id 5701635
next
edit "Apptio-Outbound_Email"
set type default
set internet-service-id 5701636
next
edit "Apptio-SSH"
set type default
set internet-service-id 5701638
next
edit "Apptio-FTP"
set type default
set internet-service-id 5701639
next
edit "Apptio-NTP"
set type default
set internet-service-id 5701640
next
edit "Apptio-Inbound_Email"
set type default
set internet-service-id 5701641
next
edit "Apptio-LDAP"
set type default
set internet-service-id 5701646
next
edit "Apptio-NetBIOS.Session.Service"
set type default
set internet-service-id 5701647
next
edit "Apptio-RTMP"
set type default
set internet-service-id 5701648
next
edit "Apptio-NetBIOS.Name.Service"
set type default
set internet-service-id 5701656
next
edit "Veracode-Other"
set type default
set internet-service-id 5767168
next
edit "Veracode-Web"
set type default
set internet-service-id 5767169
next
edit "Veracode-ICMP"
set type default
set internet-service-id 5767170
next
edit "Veracode-DNS"
set type default
set internet-service-id 5767171
next
edit "Veracode-Outbound_Email"
set type default
set internet-service-id 5767172
next
edit "Veracode-SSH"
set type default
set internet-service-id 5767174
next
edit "Veracode-FTP"
set type default
set internet-service-id 5767175
next
edit "Veracode-NTP"
set type default
set internet-service-id 5767176
next
edit "Veracode-Inbound_Email"
set type default
set internet-service-id 5767177
next
edit "Veracode-LDAP"
set type default
set internet-service-id 5767182
next
edit "Veracode-NetBIOS.Session.Service"
set type default
set internet-service-id 5767183
next
edit "Veracode-RTMP"
set type default
set internet-service-id 5767184
next
edit "Veracode-NetBIOS.Name.Service"
set type default
set internet-service-id 5767192
next
edit "Anaplan-Other"
set type default
set internet-service-id 5832704
next
edit "Anaplan-Web"
set type default
set internet-service-id 5832705
next
edit "Anaplan-ICMP"
set type default
set internet-service-id 5832706
next
edit "Anaplan-DNS"
set type default
set internet-service-id 5832707
next
edit "Anaplan-Outbound_Email"
set type default
set internet-service-id 5832708
next
edit "Anaplan-SSH"
set type default
set internet-service-id 5832710
next
edit "Anaplan-FTP"
set type default
set internet-service-id 5832711
next
edit "Anaplan-NTP"
set type default
set internet-service-id 5832712
next
edit "Anaplan-Inbound_Email"
set type default
set internet-service-id 5832713
next
edit "Anaplan-LDAP"
set type default
set internet-service-id 5832718
next
edit "Anaplan-NetBIOS.Session.Service"
set type default
set internet-service-id 5832719
next
edit "Anaplan-RTMP"
set type default
set internet-service-id 5832720
next
edit "Anaplan-NetBIOS.Name.Service"
set type default
set internet-service-id 5832728
next
edit "Rapid7-Other"
set type default
set internet-service-id 5898240
next
edit "Rapid7-Web"
set type default
set internet-service-id 5898241
next
edit "Rapid7-ICMP"
set type default
set internet-service-id 5898242
next
edit "Rapid7-DNS"
set type default
set internet-service-id 5898243
next
edit "Rapid7-Outbound_Email"
set type default
set internet-service-id 5898244
next
edit "Rapid7-SSH"
set type default
set internet-service-id 5898246
next
edit "Rapid7-FTP"
set type default
set internet-service-id 5898247
next
edit "Rapid7-NTP"
set type default
set internet-service-id 5898248
next
edit "Rapid7-Inbound_Email"
set type default
set internet-service-id 5898249
next
edit "Rapid7-LDAP"
set type default
set internet-service-id 5898254
next
edit "Rapid7-NetBIOS.Session.Service"
set type default
set internet-service-id 5898255
next
edit "Rapid7-RTMP"
set type default
set internet-service-id 5898256
next
edit "Rapid7-NetBIOS.Name.Service"
set type default
set internet-service-id 5898264
next
edit "AnyDesk-AnyDesk"
set type default
set internet-service-id 5963927
next
edit "ESET-Eset.Service"
set type default
set internet-service-id 6029426
next
edit "Slack-Other"
set type default
set internet-service-id 6094848
next
edit "Slack-Web"
set type default
set internet-service-id 6094849
next
edit "Slack-ICMP"
set type default
set internet-service-id 6094850
next
edit "Slack-DNS"
set type default
set internet-service-id 6094851
next
edit "Slack-Outbound_Email"
set type default
set internet-service-id 6094852
next
edit "Slack-SSH"
set type default
set internet-service-id 6094854
next
edit "Slack-FTP"
set type default
set internet-service-id 6094855
next
edit "Slack-NTP"
set type default
set internet-service-id 6094856
next
edit "Slack-Inbound_Email"
set type default
set internet-service-id 6094857
next
edit "Slack-LDAP"
set type default
set internet-service-id 6094862
next
edit "Slack-NetBIOS.Session.Service"
set type default
set internet-service-id 6094863
next
edit "Slack-RTMP"
set type default
set internet-service-id 6094864
next
edit "Slack-NetBIOS.Name.Service"
set type default
set internet-service-id 6094872
next
edit "Slack-Slack"
set type default
set internet-service-id 6095024
next
edit "ADP-Other"
set type default
set internet-service-id 6160384
next
edit "ADP-Web"
set type default
set internet-service-id 6160385
next
edit "ADP-ICMP"
set type default
set internet-service-id 6160386
next
edit "ADP-DNS"
set type default
set internet-service-id 6160387
next
edit "ADP-Outbound_Email"
set type default
set internet-service-id 6160388
next
edit "ADP-SSH"
set type default
set internet-service-id 6160390
next
edit "ADP-FTP"
set type default
set internet-service-id 6160391
next
edit "ADP-NTP"
set type default
set internet-service-id 6160392
next
edit "ADP-Inbound_Email"
set type default
set internet-service-id 6160393
next
edit "ADP-LDAP"
set type default
set internet-service-id 6160398
next
edit "ADP-NetBIOS.Session.Service"
set type default
set internet-service-id 6160399
next
edit "ADP-RTMP"
set type default
set internet-service-id 6160400
next
edit "ADP-NetBIOS.Name.Service"
set type default
set internet-service-id 6160408
next
edit "Blackboard-Other"
set type default
set internet-service-id 6225920
next
edit "Blackboard-Web"
set type default
set internet-service-id 6225921
next
edit "Blackboard-ICMP"
set type default
set internet-service-id 6225922
next
edit "Blackboard-DNS"
set type default
set internet-service-id 6225923
next
edit "Blackboard-Outbound_Email"
set type default
set internet-service-id 6225924
next
edit "Blackboard-SSH"
set type default
set internet-service-id 6225926
next
edit "Blackboard-FTP"
set type default
set internet-service-id 6225927
next
edit "Blackboard-NTP"
set type default
set internet-service-id 6225928
next
edit "Blackboard-Inbound_Email"
set type default
set internet-service-id 6225929
next
edit "Blackboard-LDAP"
set type default
set internet-service-id 6225934
next
edit "Blackboard-NetBIOS.Session.Service"
set type default
set internet-service-id 6225935
next
edit "Blackboard-RTMP"
set type default
set internet-service-id 6225936
next
edit "Blackboard-NetBIOS.Name.Service"
set type default
set internet-service-id 6225944
next
edit "SAP-Other"
set type default
set internet-service-id 6291456
next
edit "SAP-Web"
set type default
set internet-service-id 6291457
next
edit "SAP-ICMP"
set type default
set internet-service-id 6291458
next
edit "SAP-DNS"
set type default
set internet-service-id 6291459
next
edit "SAP-Outbound_Email"
set type default
set internet-service-id 6291460
next
edit "SAP-SSH"
set type default
set internet-service-id 6291462
next
edit "SAP-FTP"
set type default
set internet-service-id 6291463
next
edit "SAP-NTP"
set type default
set internet-service-id 6291464
next
edit "SAP-Inbound_Email"
set type default
set internet-service-id 6291465
next
edit "SAP-LDAP"
set type default
set internet-service-id 6291470
next
edit "SAP-NetBIOS.Session.Service"
set type default
set internet-service-id 6291471
next
edit "SAP-RTMP"
set type default
set internet-service-id 6291472
next
edit "SAP-NetBIOS.Name.Service"
set type default
set internet-service-id 6291480
next
edit "SAP-HANA"
set type default
set internet-service-id 6291612
next
edit "SAP-SuccessFactors"
set type default
set internet-service-id 6291618
next
edit "Snap-Snapchat"
set type default
set internet-service-id 6357108
next
edit "Zoom.us-Zoom.Meeting"
set type default
set internet-service-id 6422646
next
edit "Sophos-Other"
set type default
set internet-service-id 6488064
next
edit "Sophos-Web"
set type default
set internet-service-id 6488065
next
edit "Sophos-ICMP"
set type default
set internet-service-id 6488066
next
edit "Sophos-DNS"
set type default
set internet-service-id 6488067
next
edit "Sophos-Outbound_Email"
set type default
set internet-service-id 6488068
next
edit "Sophos-SSH"
set type default
set internet-service-id 6488070
next
edit "Sophos-FTP"
set type default
set internet-service-id 6488071
next
edit "Sophos-NTP"
set type default
set internet-service-id 6488072
next
edit "Sophos-Inbound_Email"
set type default
set internet-service-id 6488073
next
edit "Sophos-LDAP"
set type default
set internet-service-id 6488078
next
edit "Sophos-NetBIOS.Session.Service"
set type default
set internet-service-id 6488079
next
edit "Sophos-RTMP"
set type default
set internet-service-id 6488080
next
edit "Sophos-NetBIOS.Name.Service"
set type default
set internet-service-id 6488088
next
edit "Cloudflare-Other"
set type default
set internet-service-id 6553600
next
edit "Cloudflare-Web"
set type default
set internet-service-id 6553601
next
edit "Cloudflare-ICMP"
set type default
set internet-service-id 6553602
next
edit "Cloudflare-DNS"
set type default
set internet-service-id 6553603
next
edit "Cloudflare-Outbound_Email"
set type default
set internet-service-id 6553604
next
edit "Cloudflare-SSH"
set type default
set internet-service-id 6553606
next
edit "Cloudflare-FTP"
set type default
set internet-service-id 6553607
next
edit "Cloudflare-NTP"
set type default
set internet-service-id 6553608
next
edit "Cloudflare-Inbound_Email"
set type default
set internet-service-id 6553609
next
edit "Cloudflare-LDAP"
set type default
set internet-service-id 6553614
next
edit "Cloudflare-NetBIOS.Session.Service"
set type default
set internet-service-id 6553615
next
edit "Cloudflare-RTMP"
set type default
set internet-service-id 6553616
next
edit "Cloudflare-NetBIOS.Name.Service"
set type default
set internet-service-id 6553624
next
edit "Cloudflare-CDN"
set type default
set internet-service-id 6553737
next
edit "Pexip-Pexip.Meeting"
set type default
set internet-service-id 6619256
next
edit "Zscaler-Other"
set type default
set internet-service-id 6684672
next
edit "Zscaler-Web"
set type default
set internet-service-id 6684673
next
edit "Zscaler-ICMP"
set type default
set internet-service-id 6684674
next
edit "Zscaler-DNS"
set type default
set internet-service-id 6684675
next
edit "Zscaler-Outbound_Email"
set type default
set internet-service-id 6684676
next
edit "Zscaler-SSH"
set type default
set internet-service-id 6684678
next
edit "Zscaler-FTP"
set type default
set internet-service-id 6684679
next
edit "Zscaler-NTP"
set type default
set internet-service-id 6684680
next
edit "Zscaler-Inbound_Email"
set type default
set internet-service-id 6684681
next
edit "Zscaler-LDAP"
set type default
set internet-service-id 6684686
next
edit "Zscaler-NetBIOS.Session.Service"
set type default
set internet-service-id 6684687
next
edit "Zscaler-RTMP"
set type default
set internet-service-id 6684688
next
edit "Zscaler-NetBIOS.Name.Service"
set type default
set internet-service-id 6684696
next
edit "Zscaler-Zscaler.Cloud"
set type default
set internet-service-id 6684793
next
edit "Yandex-Other"
set type default
set internet-service-id 6750208
next
edit "Yandex-Web"
set type default
set internet-service-id 6750209
next
edit "Yandex-ICMP"
set type default
set internet-service-id 6750210
next
edit "Yandex-DNS"
set type default
set internet-service-id 6750211
next
edit "Yandex-Outbound_Email"
set type default
set internet-service-id 6750212
next
edit "Yandex-SSH"
set type default
set internet-service-id 6750214
next
edit "Yandex-FTP"
set type default
set internet-service-id 6750215
next
edit "Yandex-NTP"
set type default
set internet-service-id 6750216
next
edit "Yandex-Inbound_Email"
set type default
set internet-service-id 6750217
next
edit "Yandex-LDAP"
set type default
set internet-service-id 6750222
next
edit "Yandex-NetBIOS.Session.Service"
set type default
set internet-service-id 6750223
next
edit "Yandex-RTMP"
set type default
set internet-service-id 6750224
next
edit "Yandex-NetBIOS.Name.Service"
set type default
set internet-service-id 6750232
next
edit "mail.ru-Other"
set type default
set internet-service-id 6815744
next
edit "mail.ru-Web"
set type default
set internet-service-id 6815745
next
edit "mail.ru-ICMP"
set type default
set internet-service-id 6815746
next
edit "mail.ru-DNS"
set type default
set internet-service-id 6815747
next
edit "mail.ru-Outbound_Email"
set type default
set internet-service-id 6815748
next
edit "mail.ru-SSH"
set type default
set internet-service-id 6815750
next
edit "mail.ru-FTP"
set type default
set internet-service-id 6815751
next
edit "mail.ru-NTP"
set type default
set internet-service-id 6815752
next
edit "mail.ru-Inbound_Email"
set type default
set internet-service-id 6815753
next
edit "mail.ru-LDAP"
set type default
set internet-service-id 6815758
next
edit "mail.ru-NetBIOS.Session.Service"
set type default
set internet-service-id 6815759
next
edit "mail.ru-RTMP"
set type default
set internet-service-id 6815760
next
edit "mail.ru-NetBIOS.Name.Service"
set type default
set internet-service-id 6815768
next
edit "Alibaba-Other"
set type default
set internet-service-id 6881280
next
edit "Alibaba-Web"
set type default
set internet-service-id 6881281
next
edit "Alibaba-ICMP"
set type default
set internet-service-id 6881282
next
edit "Alibaba-DNS"
set type default
set internet-service-id 6881283
next
edit "Alibaba-Outbound_Email"
set type default
set internet-service-id 6881284
next
edit "Alibaba-SSH"
set type default
set internet-service-id 6881286
next
edit "Alibaba-FTP"
set type default
set internet-service-id 6881287
next
edit "Alibaba-NTP"
set type default
set internet-service-id 6881288
next
edit "Alibaba-Inbound_Email"
set type default
set internet-service-id 6881289
next
edit "Alibaba-LDAP"
set type default
set internet-service-id 6881294
next
edit "Alibaba-NetBIOS.Session.Service"
set type default
set internet-service-id 6881295
next
edit "Alibaba-RTMP"
set type default
set internet-service-id 6881296
next
edit "Alibaba-NetBIOS.Name.Service"
set type default
set internet-service-id 6881304
next
edit "Alibaba-Alibaba.Cloud"
set type default
set internet-service-id 6881402
next
edit "GoDaddy-Other"
set type default
set internet-service-id 6946816
next
edit "GoDaddy-Web"
set type default
set internet-service-id 6946817
next
edit "GoDaddy-ICMP"
set type default
set internet-service-id 6946818
next
edit "GoDaddy-DNS"
set type default
set internet-service-id 6946819
next
edit "GoDaddy-Outbound_Email"
set type default
set internet-service-id 6946820
next
edit "GoDaddy-SSH"
set type default
set internet-service-id 6946822
next
edit "GoDaddy-FTP"
set type default
set internet-service-id 6946823
next
edit "GoDaddy-NTP"
set type default
set internet-service-id 6946824
next
edit "GoDaddy-Inbound_Email"
set type default
set internet-service-id 6946825
next
edit "GoDaddy-LDAP"
set type default
set internet-service-id 6946830
next
edit "GoDaddy-NetBIOS.Session.Service"
set type default
set internet-service-id 6946831
next
edit "GoDaddy-RTMP"
set type default
set internet-service-id 6946832
next
edit "GoDaddy-NetBIOS.Name.Service"
set type default
set internet-service-id 6946840
next
edit "GoDaddy-GoDaddy.Email"
set type default
set internet-service-id 6946939
next
edit "Webroot-Webroot.SecureAnywhere"
set type default
set internet-service-id 7078013
next
edit "Avast-Other"
set type default
set internet-service-id 7143424
next
edit "Avast-Web"
set type default
set internet-service-id 7143425
next
edit "Avast-ICMP"
set type default
set internet-service-id 7143426
next
edit "Avast-DNS"
set type default
set internet-service-id 7143427
next
edit "Avast-Outbound_Email"
set type default
set internet-service-id 7143428
next
edit "Avast-SSH"
set type default
set internet-service-id 7143430
next
edit "Avast-FTP"
set type default
set internet-service-id 7143431
next
edit "Avast-NTP"
set type default
set internet-service-id 7143432
next
edit "Avast-Inbound_Email"
set type default
set internet-service-id 7143433
next
edit "Avast-LDAP"
set type default
set internet-service-id 7143438
next
edit "Avast-NetBIOS.Session.Service"
set type default
set internet-service-id 7143439
next
edit "Avast-RTMP"
set type default
set internet-service-id 7143440
next
edit "Avast-NetBIOS.Name.Service"
set type default
set internet-service-id 7143448
next
edit "Avast-Avast.Security"
set type default
set internet-service-id 7143550
next
edit "Wetransfer-Other"
set type default
set internet-service-id 7208960
next
edit "Wetransfer-Web"
set type default
set internet-service-id 7208961
next
edit "Wetransfer-ICMP"
set type default
set internet-service-id 7208962
next
edit "Wetransfer-DNS"
set type default
set internet-service-id 7208963
next
edit "Wetransfer-Outbound_Email"
set type default
set internet-service-id 7208964
next
edit "Wetransfer-SSH"
set type default
set internet-service-id 7208966
next
edit "Wetransfer-FTP"
set type default
set internet-service-id 7208967
next
edit "Wetransfer-NTP"
set type default
set internet-service-id 7208968
next
edit "Wetransfer-Inbound_Email"
set type default
set internet-service-id 7208969
next
edit "Wetransfer-LDAP"
set type default
set internet-service-id 7208974
next
edit "Wetransfer-NetBIOS.Session.Service"
set type default
set internet-service-id 7208975
next
edit "Wetransfer-RTMP"
set type default
set internet-service-id 7208976
next
edit "Wetransfer-NetBIOS.Name.Service"
set type default
set internet-service-id 7208984
next
edit "Sendgrid-Sendgrid.Email"
set type default
set internet-service-id 7274623
next
edit "Ubiquiti-UniFi"
set type default
set internet-service-id 7340160
next
edit "Lifesize-Lifesize.Cloud"
set type default
set internet-service-id 7405697
next
edit "Okta-Other"
set type default
set internet-service-id 7471104
next
edit "Okta-Web"
set type default
set internet-service-id 7471105
next
edit "Okta-ICMP"
set type default
set internet-service-id 7471106
next
edit "Okta-DNS"
set type default
set internet-service-id 7471107
next
edit "Okta-Outbound_Email"
set type default
set internet-service-id 7471108
next
edit "Okta-SSH"
set type default
set internet-service-id 7471110
next
edit "Okta-FTP"
set type default
set internet-service-id 7471111
next
edit "Okta-NTP"
set type default
set internet-service-id 7471112
next
edit "Okta-Inbound_Email"
set type default
set internet-service-id 7471113
next
edit "Okta-LDAP"
set type default
set internet-service-id 7471118
next
edit "Okta-NetBIOS.Session.Service"
set type default
set internet-service-id 7471119
next
edit "Okta-RTMP"
set type default
set internet-service-id 7471120
next
edit "Okta-NetBIOS.Name.Service"
set type default
set internet-service-id 7471128
next
edit "Okta-Okta"
set type default
set internet-service-id 7471307
next
edit "Cybozu-Other"
set type default
set internet-service-id 7536640
next
edit "Cybozu-Web"
set type default
set internet-service-id 7536641
next
edit "Cybozu-ICMP"
set type default
set internet-service-id 7536642
next
edit "Cybozu-DNS"
set type default
set internet-service-id 7536643
next
edit "Cybozu-Outbound_Email"
set type default
set internet-service-id 7536644
next
edit "Cybozu-SSH"
set type default
set internet-service-id 7536646
next
edit "Cybozu-FTP"
set type default
set internet-service-id 7536647
next
edit "Cybozu-NTP"
set type default
set internet-service-id 7536648
next
edit "Cybozu-Inbound_Email"
set type default
set internet-service-id 7536649
next
edit "Cybozu-LDAP"
set type default
set internet-service-id 7536654
next
edit "Cybozu-NetBIOS.Session.Service"
set type default
set internet-service-id 7536655
next
edit "Cybozu-RTMP"
set type default
set internet-service-id 7536656
next
edit "Cybozu-NetBIOS.Name.Service"
set type default
set internet-service-id 7536664
next
edit "VNC-Other"
set type default
set internet-service-id 7602176
next
edit "VNC-Web"
set type default
set internet-service-id 7602177
next
edit "VNC-ICMP"
set type default
set internet-service-id 7602178
next
edit "VNC-DNS"
set type default
set internet-service-id 7602179
next
edit "VNC-Outbound_Email"
set type default
set internet-service-id 7602180
next
edit "VNC-SSH"
set type default
set internet-service-id 7602182
next
edit "VNC-FTP"
set type default
set internet-service-id 7602183
next
edit "VNC-NTP"
set type default
set internet-service-id 7602184
next
edit "VNC-Inbound_Email"
set type default
set internet-service-id 7602185
next
edit "VNC-LDAP"
set type default
set internet-service-id 7602190
next
edit "VNC-NetBIOS.Session.Service"
set type default
set internet-service-id 7602191
next
edit "VNC-RTMP"
set type default
set internet-service-id 7602192
next
edit "VNC-NetBIOS.Name.Service"
set type default
set internet-service-id 7602200
next
edit "Egnyte-Egnyte"
set type default
set internet-service-id 7667846
next
edit "CrowdStrike-CrowdStrike.Falcon.Cloud"
set type default
set internet-service-id 7733383
next
edit "Aruba.it-Other"
set type default
set internet-service-id 7798784
next
edit "Aruba.it-Web"
set type default
set internet-service-id 7798785
next
edit "Aruba.it-ICMP"
set type default
set internet-service-id 7798786
next
edit "Aruba.it-DNS"
set type default
set internet-service-id 7798787
next
edit "Aruba.it-Outbound_Email"
set type default
set internet-service-id 7798788
next
edit "Aruba.it-SSH"
set type default
set internet-service-id 7798790
next
edit "Aruba.it-FTP"
set type default
set internet-service-id 7798791
next
edit "Aruba.it-NTP"
set type default
set internet-service-id 7798792
next
edit "Aruba.it-Inbound_Email"
set type default
set internet-service-id 7798793
next
edit "Aruba.it-LDAP"
set type default
set internet-service-id 7798798
next
edit "Aruba.it-NetBIOS.Session.Service"
set type default
set internet-service-id 7798799
next
edit "Aruba.it-RTMP"
set type default
set internet-service-id 7798800
next
edit "Aruba.it-NetBIOS.Name.Service"
set type default
set internet-service-id 7798808
next
edit "ISLOnline-Other"
set type default
set internet-service-id 7864320
next
edit "ISLOnline-Web"
set type default
set internet-service-id 7864321
next
edit "ISLOnline-ICMP"
set type default
set internet-service-id 7864322
next
edit "ISLOnline-DNS"
set type default
set internet-service-id 7864323
next
edit "ISLOnline-Outbound_Email"
set type default
set internet-service-id 7864324
next
edit "ISLOnline-SSH"
set type default
set internet-service-id 7864326
next
edit "ISLOnline-FTP"
set type default
set internet-service-id 7864327
next
edit "ISLOnline-NTP"
set type default
set internet-service-id 7864328
next
edit "ISLOnline-Inbound_Email"
set type default
set internet-service-id 7864329
next
edit "ISLOnline-LDAP"
set type default
set internet-service-id 7864334
next
edit "ISLOnline-NetBIOS.Session.Service"
set type default
set internet-service-id 7864335
next
edit "ISLOnline-RTMP"
set type default
set internet-service-id 7864336
next
edit "ISLOnline-NetBIOS.Name.Service"
set type default
set internet-service-id 7864344
next
edit "Akamai-CDN"
set type default
set internet-service-id 7929993
next
edit "Rackspace-CDN"
set type default
set internet-service-id 7995529
next
edit "Instart-CDN"
set type default
set internet-service-id 8061065
next
edit "Bitdefender-Other"
set type default
set internet-service-id 8126464
next
edit "Bitdefender-Web"
set type default
set internet-service-id 8126465
next
edit "Bitdefender-ICMP"
set type default
set internet-service-id 8126466
next
edit "Bitdefender-DNS"
set type default
set internet-service-id 8126467
next
edit "Bitdefender-Outbound_Email"
set type default
set internet-service-id 8126468
next
edit "Bitdefender-SSH"
set type default
set internet-service-id 8126470
next
edit "Bitdefender-FTP"
set type default
set internet-service-id 8126471
next
edit "Bitdefender-NTP"
set type default
set internet-service-id 8126472
next
edit "Bitdefender-Inbound_Email"
set type default
set internet-service-id 8126473
next
edit "Bitdefender-LDAP"
set type default
set internet-service-id 8126478
next
edit "Bitdefender-NetBIOS.Session.Service"
set type default
set internet-service-id 8126479
next
edit "Bitdefender-RTMP"
set type default
set internet-service-id 8126480
next
edit "Bitdefender-NetBIOS.Name.Service"
set type default
set internet-service-id 8126488
next
edit "Pingdom-Other"
set type default
set internet-service-id 8192000
next
edit "Pingdom-Web"
set type default
set internet-service-id 8192001
next
edit "Pingdom-ICMP"
set type default
set internet-service-id 8192002
next
edit "Pingdom-DNS"
set type default
set internet-service-id 8192003
next
edit "Pingdom-Outbound_Email"
set type default
set internet-service-id 8192004
next
edit "Pingdom-SSH"
set type default
set internet-service-id 8192006
next
edit "Pingdom-FTP"
set type default
set internet-service-id 8192007
next
edit "Pingdom-NTP"
set type default
set internet-service-id 8192008
next
edit "Pingdom-Inbound_Email"
set type default
set internet-service-id 8192009
next
edit "Pingdom-LDAP"
set type default
set internet-service-id 8192014
next
edit "Pingdom-NetBIOS.Session.Service"
set type default
set internet-service-id 8192015
next
edit "Pingdom-RTMP"
set type default
set internet-service-id 8192016
next
edit "Pingdom-NetBIOS.Name.Service"
set type default
set internet-service-id 8192024
next
edit "UptimeRobot-Other"
set type default
set internet-service-id 8257536
next
edit "UptimeRobot-Web"
set type default
set internet-service-id 8257537
next
edit "UptimeRobot-ICMP"
set type default
set internet-service-id 8257538
next
edit "UptimeRobot-DNS"
set type default
set internet-service-id 8257539
next
edit "UptimeRobot-Outbound_Email"
set type default
set internet-service-id 8257540
next
edit "UptimeRobot-SSH"
set type default
set internet-service-id 8257542
next
edit "UptimeRobot-FTP"
set type default
set internet-service-id 8257543
next
edit "UptimeRobot-NTP"
set type default
set internet-service-id 8257544
next
edit "UptimeRobot-Inbound_Email"
set type default
set internet-service-id 8257545
next
edit "UptimeRobot-LDAP"
set type default
set internet-service-id 8257550
next
edit "UptimeRobot-NetBIOS.Session.Service"
set type default
set internet-service-id 8257551
next
edit "UptimeRobot-RTMP"
set type default
set internet-service-id 8257552
next
edit "UptimeRobot-NetBIOS.Name.Service"
set type default
set internet-service-id 8257560
next
edit "UptimeRobot-UptimeRobot.Monitor"
set type default
set internet-service-id 8257709
next
edit "Quovadisglobal-Other"
set type default
set internet-service-id 8323072
next
edit "Quovadisglobal-Web"
set type default
set internet-service-id 8323073
next
edit "Quovadisglobal-ICMP"
set type default
set internet-service-id 8323074
next
edit "Quovadisglobal-DNS"
set type default
set internet-service-id 8323075
next
edit "Quovadisglobal-Outbound_Email"
set type default
set internet-service-id 8323076
next
edit "Quovadisglobal-SSH"
set type default
set internet-service-id 8323078
next
edit "Quovadisglobal-FTP"
set type default
set internet-service-id 8323079
next
edit "Quovadisglobal-NTP"
set type default
set internet-service-id 8323080
next
edit "Quovadisglobal-Inbound_Email"
set type default
set internet-service-id 8323081
next
edit "Quovadisglobal-LDAP"
set type default
set internet-service-id 8323086
next
edit "Quovadisglobal-NetBIOS.Session.Service"
set type default
set internet-service-id 8323087
next
edit "Quovadisglobal-RTMP"
set type default
set internet-service-id 8323088
next
edit "Quovadisglobal-NetBIOS.Name.Service"
set type default
set internet-service-id 8323096
next
edit "Splashtop-Splashtop"
set type default
set internet-service-id 8388751
next
edit "Zoox-Other"
set type default
set internet-service-id 8454144
next
edit "Zoox-Web"
set type default
set internet-service-id 8454145
next
edit "Zoox-ICMP"
set type default
set internet-service-id 8454146
next
edit "Zoox-DNS"
set type default
set internet-service-id 8454147
next
edit "Zoox-Outbound_Email"
set type default
set internet-service-id 8454148
next
edit "Zoox-SSH"
set type default
set internet-service-id 8454150
next
edit "Zoox-FTP"
set type default
set internet-service-id 8454151
next
edit "Zoox-NTP"
set type default
set internet-service-id 8454152
next
edit "Zoox-Inbound_Email"
set type default
set internet-service-id 8454153
next
edit "Zoox-LDAP"
set type default
set internet-service-id 8454158
next
edit "Zoox-NetBIOS.Session.Service"
set type default
set internet-service-id 8454159
next
edit "Zoox-RTMP"
set type default
set internet-service-id 8454160
next
edit "Zoox-NetBIOS.Name.Service"
set type default
set internet-service-id 8454168
next
edit "Skyfii-Other"
set type default
set internet-service-id 8519680
next
edit "Skyfii-Web"
set type default
set internet-service-id 8519681
next
edit "Skyfii-ICMP"
set type default
set internet-service-id 8519682
next
edit "Skyfii-DNS"
set type default
set internet-service-id 8519683
next
edit "Skyfii-Outbound_Email"
set type default
set internet-service-id 8519684
next
edit "Skyfii-SSH"
set type default
set internet-service-id 8519686
next
edit "Skyfii-FTP"
set type default
set internet-service-id 8519687
next
edit "Skyfii-NTP"
set type default
set internet-service-id 8519688
next
edit "Skyfii-Inbound_Email"
set type default
set internet-service-id 8519689
next
edit "Skyfii-LDAP"
set type default
set internet-service-id 8519694
next
edit "Skyfii-NetBIOS.Session.Service"
set type default
set internet-service-id 8519695
next
edit "Skyfii-RTMP"
set type default
set internet-service-id 8519696
next
edit "Skyfii-NetBIOS.Name.Service"
set type default
set internet-service-id 8519704
next
edit "CoffeeBean-Other"
set type default
set internet-service-id 8585216
next
edit "CoffeeBean-Web"
set type default
set internet-service-id 8585217
next
edit "CoffeeBean-ICMP"
set type default
set internet-service-id 8585218
next
edit "CoffeeBean-DNS"
set type default
set internet-service-id 8585219
next
edit "CoffeeBean-Outbound_Email"
set type default
set internet-service-id 8585220
next
edit "CoffeeBean-SSH"
set type default
set internet-service-id 8585222
next
edit "CoffeeBean-FTP"
set type default
set internet-service-id 8585223
next
edit "CoffeeBean-NTP"
set type default
set internet-service-id 8585224
next
edit "CoffeeBean-Inbound_Email"
set type default
set internet-service-id 8585225
next
edit "CoffeeBean-LDAP"
set type default
set internet-service-id 8585230
next
edit "CoffeeBean-NetBIOS.Session.Service"
set type default
set internet-service-id 8585231
next
edit "CoffeeBean-RTMP"
set type default
set internet-service-id 8585232
next
edit "CoffeeBean-NetBIOS.Name.Service"
set type default
set internet-service-id 8585240
next
edit "Cloud4Wi-Other"
set type default
set internet-service-id 8650752
next
edit "Cloud4Wi-Web"
set type default
set internet-service-id 8650753
next
edit "Cloud4Wi-ICMP"
set type default
set internet-service-id 8650754
next
edit "Cloud4Wi-DNS"
set type default
set internet-service-id 8650755
next
edit "Cloud4Wi-Outbound_Email"
set type default
set internet-service-id 8650756
next
edit "Cloud4Wi-SSH"
set type default
set internet-service-id 8650758
next
edit "Cloud4Wi-FTP"
set type default
set internet-service-id 8650759
next
edit "Cloud4Wi-NTP"
set type default
set internet-service-id 8650760
next
edit "Cloud4Wi-Inbound_Email"
set type default
set internet-service-id 8650761
next
edit "Cloud4Wi-LDAP"
set type default
set internet-service-id 8650766
next
edit "Cloud4Wi-NetBIOS.Session.Service"
set type default
set internet-service-id 8650767
next
edit "Cloud4Wi-RTMP"
set type default
set internet-service-id 8650768
next
edit "Cloud4Wi-NetBIOS.Name.Service"
set type default
set internet-service-id 8650776
next
edit "Panda-Panda.Security"
set type default
set internet-service-id 8716432
next
edit "Ewon-Talk2M"
set type default
set internet-service-id 8781970
next
edit "Nutanix-Nutanix.Cloud"
set type default
set internet-service-id 8847507
next
edit "Backblaze-Other"
set type default
set internet-service-id 8912896
next
edit "Backblaze-Web"
set type default
set internet-service-id 8912897
next
edit "Backblaze-ICMP"
set type default
set internet-service-id 8912898
next
edit "Backblaze-DNS"
set type default
set internet-service-id 8912899
next
edit "Backblaze-Outbound_Email"
set type default
set internet-service-id 8912900
next
edit "Backblaze-SSH"
set type default
set internet-service-id 8912902
next
edit "Backblaze-FTP"
set type default
set internet-service-id 8912903
next
edit "Backblaze-NTP"
set type default
set internet-service-id 8912904
next
edit "Backblaze-Inbound_Email"
set type default
set internet-service-id 8912905
next
edit "Backblaze-LDAP"
set type default
set internet-service-id 8912910
next
edit "Backblaze-NetBIOS.Session.Service"
set type default
set internet-service-id 8912911
next
edit "Backblaze-RTMP"
set type default
set internet-service-id 8912912
next
edit "Backblaze-NetBIOS.Name.Service"
set type default
set internet-service-id 8912920
next
edit "Extreme-Extreme.Cloud"
set type default
set internet-service-id 8978580
next
edit "XING-Other"
set type default
set internet-service-id 9043968
next
edit "XING-Web"
set type default
set internet-service-id 9043969
next
edit "XING-ICMP"
set type default
set internet-service-id 9043970
next
edit "XING-DNS"
set type default
set internet-service-id 9043971
next
edit "XING-Outbound_Email"
set type default
set internet-service-id 9043972
next
edit "XING-SSH"
set type default
set internet-service-id 9043974
next
edit "XING-FTP"
set type default
set internet-service-id 9043975
next
edit "XING-NTP"
set type default
set internet-service-id 9043976
next
edit "XING-Inbound_Email"
set type default
set internet-service-id 9043977
next
edit "XING-LDAP"
set type default
set internet-service-id 9043982
next
edit "XING-NetBIOS.Session.Service"
set type default
set internet-service-id 9043983
next
edit "XING-RTMP"
set type default
set internet-service-id 9043984
next
edit "XING-NetBIOS.Name.Service"
set type default
set internet-service-id 9043992
next
edit "Genesys-PureCloud"
set type default
set internet-service-id 9109653
next
edit "BlackBerry-Cylance"
set type default
set internet-service-id 9175190
next
edit "DigiCert-OCSP"
set type default
set internet-service-id 9240728
next
edit "Infomaniak-SwissTransfer"
set type default
set internet-service-id 9306265
next
edit "Fuze-Fuze"
set type default
set internet-service-id 9371802
next
edit "Truecaller-Truecaller"
set type default
set internet-service-id 9437339
next
edit "GlobalSign-OCSP"
set type default
set internet-service-id 9502872
next
edit "VeriSign-OCSP"
set type default
set internet-service-id 9568408
next
edit "Sony-PlayStation.Network"
set type default
set internet-service-id 9633952
next
edit "Acronis-Cyber.Cloud"
set type default
set internet-service-id 9699489
next
edit "RingCentral-RingCentral"
set type default
set internet-service-id 9765027
next
edit "FSecure-FSecure"
set type default
set internet-service-id 9830564
next
edit "Kaseya-Kaseya.Cloud"
set type default
set internet-service-id 9896101
next
edit "Shodan-Scanner"
set type default
set internet-service-id 9961638
next
edit "Censys-Scanner"
set type default
set internet-service-id 10027174
next
edit "Valve-Steam"
set type default
set internet-service-id 10092711
next
edit "YouSeeU-Bongo"
set type default
set internet-service-id 10158248
next
edit "Cato-Cato.Cloud"
set type default
set internet-service-id 10223785
next
edit "SolarWinds-SpamExperts"
set type default
set internet-service-id 10289323
next
edit "SolarWinds-Pingdom.Probe"
set type default
set internet-service-id 10289326
next
edit "SolarWinds-SolarWinds.RMM"
set type default
set internet-service-id 10289379
next
edit "8X8-8X8.Cloud"
set type default
set internet-service-id 10354860
next
edit "Zattoo-Zattoo.TV"
set type default
set internet-service-id 10420401
next
edit "Datto-Datto.RMM"
set type default
set internet-service-id 10485939
next
edit "Barracuda-Barracuda.Cloud"
set type default
set internet-service-id 10551477
next
edit "Naver-Line"
set type default
set internet-service-id 10617015
next
edit "Disney-Disney+"
set type default
set internet-service-id 10682552
next
edit "DNS-DoH_DoT"
set type default
set internet-service-id 10748089
next
edit "DNS-Root.Name.Servers"
set type default
set internet-service-id 10748156
next
edit "Quad9-Quad9.Standard.DNS"
set type default
set internet-service-id 10813626
next
edit "Stretchoid-Scanner"
set type default
set internet-service-id 10879142
next
edit "Poly-RealConnect.Service"
set type default
set internet-service-id 10944700
next
edit "Telegram-Telegram"
set type default
set internet-service-id 11010249
next
edit "Spotify-Spotify"
set type default
set internet-service-id 11075786
next
edit "NextDNS-NextDNS"
set type default
set internet-service-id 11141324
next
edit "Fastly-CDN"
set type default
set internet-service-id 11206793
next
edit "Neustar-UltraDNS.Probes"
set type default
set internet-service-id 11272397
next
edit "Malicious-Malicious.Server"
set type default
set internet-service-id 11337935
next
edit "NIST-ITS"
set type default
set internet-service-id 11403472
next
edit "Jamf-Jamf.Cloud"
set type default
set internet-service-id 11469009
next
edit "Alcatel.Lucent-Rainbow"
set type default
set internet-service-id 11534546
next
edit "Forcepoint-Forcepoint.Cloud"
set type default
set internet-service-id 11600083
next
edit "Datadog-Datadog"
set type default
set internet-service-id 11665620
next
edit "Mimecast-Mimecast"
set type default
set internet-service-id 11731157
next
edit "MediaFire-Other"
set type default
set internet-service-id 11796480
next
edit "MediaFire-Web"
set type default
set internet-service-id 11796481
next
edit "MediaFire-ICMP"
set type default
set internet-service-id 11796482
next
edit "MediaFire-DNS"
set type default
set internet-service-id 11796483
next
edit "MediaFire-Outbound_Email"
set type default
set internet-service-id 11796484
next
edit "MediaFire-SSH"
set type default
set internet-service-id 11796486
next
edit "MediaFire-FTP"
set type default
set internet-service-id 11796487
next
edit "MediaFire-NTP"
set type default
set internet-service-id 11796488
next
edit "MediaFire-Inbound_Email"
set type default
set internet-service-id 11796489
next
edit "MediaFire-LDAP"
set type default
set internet-service-id 11796494
next
edit "MediaFire-NetBIOS.Session.Service"
set type default
set internet-service-id 11796495
next
edit "MediaFire-RTMP"
set type default
set internet-service-id 11796496
next
edit "MediaFire-NetBIOS.Name.Service"
set type default
set internet-service-id 11796504
next
edit "Pandora-Pandora"
set type default
set internet-service-id 11862230
next
edit "SiriusXM-SiriusXM"
set type default
set internet-service-id 11927767
next
edit "Hopin-Hopin"
set type default
set internet-service-id 11993304
next
edit "RedShield-RedShield.Cloud"
set type default
set internet-service-id 12058842
next
edit "InterneTTL-Scanner"
set type default
set internet-service-id 12124326
next
edit "VadeSecure-VadeSecure.Cloud"
set type default
set internet-service-id 12189915
next
edit "Netskope-Netskope.Cloud"
set type default
set internet-service-id 12255452
next
edit "ClickMeeting-ClickMeeting"
set type default
set internet-service-id 12320989
next
edit "Tenable-Tenable.io.Cloud.Scanner"
set type default
set internet-service-id 12386528
next
edit "Vidyo-VidyoCloud"
set type default
set internet-service-id 12452065
next
edit "OpenNIC-OpenNIC.DNS"
set type default
set internet-service-id 12517602
next
edit "Sectigo-Sectigo"
set type default
set internet-service-id 12583141
next
edit "DigitalOcean-DigitalOcean.Platform"
set type default
set internet-service-id 12648679
next
edit "Pitney.Bowes-Pitney.Bowes.Data.Center"
set type default
set internet-service-id 12714216
next
edit "VPN-Anonymous.VPN"
set type default
set internet-service-id 12779753
next
edit "Blockchain-Crypto.Mining.Pool"
set type default
set internet-service-id 12845290
next
edit "FactSet-FactSet"
set type default
set internet-service-id 12910830
next
edit "Bloomberg-Bloomberg"
set type default
set internet-service-id 12976367
next
edit "Five9-Five9"
set type default
set internet-service-id 13041904
next
edit "Gigas-Gigas.Cloud"
set type default
set internet-service-id 13107441
next
edit "Imperva-Imperva.Cloud.WAF"
set type default
set internet-service-id 13172978
next
edit "HorizonIQ-HorizonIQ"
set type default
set internet-service-id 13238515
next
edit "Azion-Azion.Platform"
set type default
set internet-service-id 13304053
next
edit "Hurricane.Electric-Hurricane.Electric.Internet.Services"
set type default
set internet-service-id 13369590
next
edit "NodePing-NodePing.Probe"
set type default
set internet-service-id 13435127
next
edit "Frontline-Frontline"
set type default
set internet-service-id 13500665
next
edit "Tally-Tally.ERP"
set type default
set internet-service-id 13566202
next
edit "Hosting-Bulletproof.Hosting"
set type default
set internet-service-id 13631739
next
edit "Okko-Okko.TV"
set type default
set internet-service-id 13697277
next
edit "Voximplant-Voximplant.Platform"
set type default
set internet-service-id 13762829
next
edit "OVHcloud-OVHcloud"
set type default
set internet-service-id 13828367
next
edit "Microsoft-Office365.Published.Optimize"
set type default
set internet-service-id 327902
next
edit "Microsoft-Office365.Published.Allow"
set type default
set internet-service-id 327903
next
edit "Microsoft-Office365.Published.USGOV"
set type default
set internet-service-id 327917
next
edit "Amazon-AWS.GovCloud.US"
set type default
set internet-service-id 393452
next
edit "Cisco-Webex.FedRAMP"
set type default
set internet-service-id 1966315
next
edit "Adobe-Adobe.Sign"
set type default
set internet-service-id 917776
next
edit "SentinelOne-SentinelOne.Cloud"
set type default
set internet-service-id 13893905
next
edit "Kakao-Kakao.Services"
set type default
set internet-service-id 13959442
next
edit "Stripe-Stripe"
set type default
set internet-service-id 14024979
next
edit "NetScout-Scanner"
set type default
set internet-service-id 14090406
next
edit "Recyber-Scanner"
set type default
set internet-service-id 14155942
next
edit "Cyber.Casa-Scanner"
set type default
set internet-service-id 14221478
next
edit "Atlassian-Atlassian.Notification"
set type default
set internet-service-id 3932436
next
edit "Amazon-Amazon.SES"
set type default
set internet-service-id 393493
next
edit "GTHost-Dedicated.Instant.Servers"
set type default
set internet-service-id 14287132
next
edit "ivi-ivi.Streaming"
set type default
set internet-service-id 14352669
next
edit "BinaryEdge-Scanner"
set type default
set internet-service-id 14418086
next
edit "Fintech-MarketMap.Terminal"
set type default
set internet-service-id 14483742
next
edit "xMatters-xMatters.Platform"
set type default
set internet-service-id 14549279
next
edit "Blizzard-Battle.Net"
set type default
set internet-service-id 14614816
next
edit "Axon-Evidence"
set type default
set internet-service-id 14680353
next
edit "CDN77-CDN"
set type default
set internet-service-id 14745737
next
edit "GCore.Labs-CDN"
set type default
set internet-service-id 14811273
next
edit "Matrix42-FastViewer"
set type default
set internet-service-id 14876962
next
edit "Fortinet-FortiEDR"
set type default
set internet-service-id 1245475
next
edit "Bunny.net-CDN"
set type default
set internet-service-id 14942345
next
edit "Akamai-Linode.Cloud"
set type default
set internet-service-id 7930148
next
edit "StackPath-CDN"
set type default
set internet-service-id 15007881
next
edit "Edgio-CDN"
set type default
set internet-service-id 15073417
next
edit "CacheFly-CDN"
set type default
set internet-service-id 15138953
next
edit "Fortinet-FortiClient.EMS"
set type default
set internet-service-id 1245477
next
edit "Paylocity-Paylocity"
set type default
set internet-service-id 15204646
next
edit "Qualys-Qualys.Cloud.Platform"
set type default
set internet-service-id 15270183
next
edit "Dailymotion-Other"
set type default
set internet-service-id 15335424
next
edit "Dailymotion-Web"
set type default
set internet-service-id 15335425
next
edit "Dailymotion-ICMP"
set type default
set internet-service-id 15335426
next
edit "Dailymotion-DNS"
set type default
set internet-service-id 15335427
next
edit "Dailymotion-Outbound_Email"
set type default
set internet-service-id 15335428
next
edit "Dailymotion-SSH"
set type default
set internet-service-id 15335430
next
edit "Dailymotion-FTP"
set type default
set internet-service-id 15335431
next
edit "Dailymotion-NTP"
set type default
set internet-service-id 15335432
next
edit "Dailymotion-Inbound_Email"
set type default
set internet-service-id 15335433
next
edit "Dailymotion-LDAP"
set type default
set internet-service-id 15335438
next
edit "Dailymotion-NetBIOS.Session.Service"
set type default
set internet-service-id 15335439
next
edit "Dailymotion-RTMP"
set type default
set internet-service-id 15335440
next
edit "Dailymotion-NetBIOS.Name.Service"
set type default
set internet-service-id 15335448
next
edit "Fortinet-FortiWeb.Cloud"
set type default
set internet-service-id 1245480
next
edit "Fortinet-FortiSASE"
set type default
set internet-service-id 1245481
next
edit "LaunchDarkly-LaunchDarkly.Platform"
set type default
set internet-service-id 15401258
next
edit "Medianova-CDN"
set type default
set internet-service-id 15466633
next
edit "NetDocuments-NetDocuments.Platform"
set type default
set internet-service-id 15532331
next
edit "Vonage-Vonage.Contact.Center"
set type default
set internet-service-id 15597869
next
edit "DNS-ARPA.Name.Servers"
set type default
set internet-service-id 10748206
next
edit "Veritas-Enterprise.Vault.Cloud"
set type default
set internet-service-id 15663407
next
edit "UK.NCSC-Scanner"
set type default
set internet-service-id 15728806
next
edit "Vonage-Vonage.Video.API"
set type default
set internet-service-id 15597872
next
edit "Restream-Restream.Platform"
set type default
set internet-service-id 15794481
next
edit "NewRelic-Synthetic.Monitor"
set type default
set internet-service-id 4849970
next
edit "ArcticWolf-ArcticWolf.Cloud"
set type default
set internet-service-id 15860019
next
edit "CounterPath-Bria"
set type default
set internet-service-id 15925556
next
edit "CriminalIP-Scanner"
set type default
set internet-service-id 15990950
next
edit "IPFS-IPFS.Gateway"
set type default
set internet-service-id 16056629
next
edit "Internet.Census.Group-Scanner"
set type default
set internet-service-id 16122022
next
edit "SAP-SAP.Ariba"
set type default
set internet-service-id 6291766
next
edit "Microsoft-Teams.Published.Worldwide.Optimize"
set type default
set internet-service-id 327991
next
edit "Microsoft-Teams.Published.Worldwide.Allow"
set type default
set internet-service-id 327992
next
edit "Performive-Performive.Cloud"
set type default
set internet-service-id 16187706
next
edit "Microsoft-Azure.Monitor"
set type default
set internet-service-id 327958
next
edit "Microsoft-Azure.SQL"
set type default
set internet-service-id 327959
next
edit "Microsoft-Azure.AD"
set type default
set internet-service-id 327960
next
edit "Microsoft-Azure.Data.Factory"
set type default
set internet-service-id 327961
next
edit "Microsoft-Azure.Virtual.Desktop"
set type default
set internet-service-id 327962
next
edit "Microsoft-Azure.Power.BI"
set type default
set internet-service-id 327963
next
edit "Tencent-VooV.Meeting"
set type default
set internet-service-id 2556219
next
edit "OneLogin-OneLogin"
set type default
set internet-service-id 16253244
next
edit "Shadowserver-Scanner"
set type default
set internet-service-id 16318630
next
edit "Turkcell-Suit.Conference"
set type default
set internet-service-id 16384317
next
edit "LeakIX-Scanner"
set type default
set internet-service-id 16449702
next
edit "Infoblox-BloxOne"
set type default
set internet-service-id 16515390
next
edit "Nice-CXone"
set type default
set internet-service-id 16580927
next
edit "Hetzner-Hetzner.Hosting.Service"
set type default
set internet-service-id 16646464
next
edit "ThreatLocker-ThreatLocker"
set type default
set internet-service-id 16712001
next
edit "ZPE-ZPE.Cloud"
set type default
set internet-service-id 16777538
next
edit "Datto-Datto.BCDR"
set type default
set internet-service-id 10486083
next
edit "ColoCrossing-ColoCrossing.Hosting.Service"
set type default
set internet-service-id 16843076
next
edit "Sinch-Mailgun"
set type default
set internet-service-id 16908613
next
edit "SpaceX-Starlink"
set type default
set internet-service-id 16974150
next
edit "Ingenuity-Ingenuity.Cloud.Service"
set type default
set internet-service-id 17039688
next
edit "Fortinet-FortiGuard.SOCaaS"
set type default
set internet-service-id 1245514
next
edit "Skyhigh.Security-Secure.Web.Gateway"
set type default
set internet-service-id 17105227
next
edit "Stark.Industries-Stark.Industries.Hosting.Service"
set type default
set internet-service-id 17170764
next
edit "StatusCake-StatusCake.Monitor"
set type default
set internet-service-id 17236307
next
edit "NAP-NAPLAN"
set type default
set internet-service-id 17301844
next
edit "Elastic-Elastic.Cloud"
set type default
set internet-service-id 17367382
next
edit "Alibaba-DingTalk"
set type default
set internet-service-id 6881623
next
edit "Zoom-phones"
set type location
set internet-service-id 6422646
set country-id 840
set region-id 1280
set city-id 65535
next
edit "NFON-NFON"
set type default
set internet-service-id 17432920
next
edit "SERVERD-SERVERD.Hosting.Service"
set type default
set internet-service-id 17498457
next
edit "MEGA-MEGA.Cloud"
set type default
set internet-service-id 17563994
next
edit "Hadrian-Scanner"
set type default
set internet-service-id 17629350
next
edit "ISLOnline-ISLOnline"
set type default
set internet-service-id 7864667
next
edit "Dotcom.Monitor-Dotcom.Monitor"
set type default
set internet-service-id 17695068
next
edit "Ahrefs-AhrefsBot"
set type default
set internet-service-id 17760605
next
edit "Semrush-SemrushBot"
set type default
set internet-service-id 17826142
next
edit "Vultr-Vultr.Cloud"
set type default
set internet-service-id 17957216
next
edit "Rapid7-Scanner"
set type default
set internet-service-id 5898406
next
edit "Lookout-Lookout.Cloud"
set type default
set internet-service-id 18219365
next
edit "Fortinet-FortiDLP.Cloud"
set type default
set internet-service-id 1245546
next
edit "Fortinet-FortiSandbox"
set type default
set internet-service-id 1245560
next
edit "Fortinet-FortiSandbox.Cloud"
set type default
set internet-service-id 1245561
next
edit "Bluejeans-Bluejeans.Meeting"
set type default
set internet-service-id 7012476
next
edit "DNS-Generic.TLD.Name.Servers"
set type default
set internet-service-id 10748284
next
edit "Microsoft-Azure.Front.Door.MicrosoftSecurity"
set type default
set internet-service-id 328080
next
end
config firewall internet-service-addition
end
config firewall internet-service-append
set match-port 0
set append-port 0
end
config firewall internet-service-definition
end
config system external-resource
end
config certificate ca
end
config certificate remote
end
config certificate local
edit "Fortinet_CA_SSL"
set password ENC wyG5qPZjOi7uB5syu8L36yxcnGOa+RfcgeD5iF/n25VALygOGYLmTIpzGx6ctjcoOdsZJ08SJR8UKedHgAzFUkjy9J/+qYCrYg1b6Q8wOE7wJCp8sxaXHkQrdwo0OGRr3ufm0ZPQqsAJqGH6xml2cdUeW8QLKvFotmPA8KC5/da1vY6EwtjV47cHXmgUWheXXmZ6ow==
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIeKYcNPa/EyUCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECOqAOiyi69hoBIIEyGNEdi0N9DWd
JLgpkDxfT7ZwzEMpuWIaOmFlqg/SKuFIvYQ8klUQP7u7o17lOKAcq0K16JPodK6N
392G9urIwEcdJB99z7B6AlAqfJLaV23emlL9eZbwGAM7ZdmcuKwH2WHUajzcW8+p
uDnsSfMIsowmigOe6spGsYyvOegCP58opyVbi2cRd2dcv1nZQS/VQcLCtcMXV8x0
ksU3bHC/Z53OUoh2mHmsO4vqvFuYpCkcdfW0MgWvsULpgGJFHiRmU1JQFCG/t8lW
b470fBfnFRxVx+t7pwUupkAF+xpsVi4SH1aIQXsWS9fhfq/l9ILuIJy5Gg4ysC87
afaTe+65Wz5oCxQW6G7bTuw7aXb5BOP2UsY60UwvSaNSGwwtNMaz5cvZsjgp6k1Z
6cAkd5jL1HQbjnqT+eKBCIAIqwDIuk5T47B3lllpp/4VQtbpHEjN83isYg3t/0pz
asH21OhMZhGykDmV+sU5rvpTaJKQecLdDzIsNKJ6rWHGFZOLsVs4KMwvijVhZ+eW
bvx8+CZYmjvzb9P4OZXk3f+efA4KBbWRQie17Adb7IFhD7I+0JWPc2YbbNqJ8k2H
K70cVPkDH4r4pkWvEd1FXhjAT3bxjJ7mu+0D1qfovzk/MQDKYyVdyxlETn3yft51
x8SijYj056PTkiYj+7Kg8vel1HJbCf8Y5eVgMU+g7SK9c5mdMqs9M0L5jpOZpIXY
AT22UQlKfqHHXVGG2UqFa00QVbtdm4FIy6urKkFRX6RgzWxK5YHpczBo1W26LQIA
eKl8ebl0/a5PMgvn3qmo3yc1h6fsvWhGGI6PQ3mRcZGQkBwc2x96wWw9OgHe7uNz
UaiSKwGuuAb7bE1H0XTT/oBGrc8qmlcMA4l2pxyyLSF7KMaaXskNtSWljvfobqng
vKG4wQcoj2gSvGg99A3rcaq74k1IYHTZLOjHqmssOzMuiOIbzRYBRqkAt0V5ee22
Ss1H2mXWAbd2I9N0SHjxnY/t7a/9rsSnzR9pMyBgFB1N55H/lkSBfX+Api/4iqZa
jrbf+/rBs9wXpPbf5J4pnz9iZguDj6cUTjV4t3egmNoyd2sbDoDiqkp9E7zwYYlU
g4cD/NM60s9dVKhYzL4lU9Sri/IoC+7O6Q7sE2Z/IpfXCss71JLIpxfhAlg1D4dC
SW62f2nYHgH9zl6/WntY7b5rhYTskoO8XTldbB4lhPAEscv01ZPXD+IYGwynh6TA
ZKRZlh1haWN4N4jKLZ8Yt0T8ucMY7E8mPKftEp4+bYUOiqltaOJDWk8+4oDBXYrL
aeeD5KAYYUqbvwHnOmbi/7zBkGH2AlDUIsU0sAYUltzjTqJP08DHrU7oVSE4S5Q+
V8Y5qzo5LYaOQU5e7xomL8AsuEFhqdNhYrxiCGzROH2WGQmRtyRMm1eFFjsdrvbf
NyUncVhfTNrsa6Ur35JK16dhoo2KRLr0G8UmWn3juoYihFomFu0Iw0qH2SMmMZIJ
iy9KiffiZCtXrDC0RXz2ftot95pQeQv+zLwpzSfeEDMdNG8tzDX1CY15p3kbrxWC
qL0ehisV6FczHYZSrSPhUd0FAh/oM7SLbdkiUiPWmL2S4P7dY39OFQKbFmUIIPun
BqN08bPmROZSPuvkMG1Glg==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIIB7EKemWPvOQwDQYJKoZIhvcNAQELBQAwgakxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1
cHBvcnRAZm9ydGluZXQuY29tMB4XDTIyMDEyMTEzMTczMVoXDTMyMDEyMjEzMTcz
MVowgakxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQH
DAlTdW5ueXZhbGUxETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZp
Y2F0ZSBBdXRob3JpdHkxGTAXBgNVBAMMEEYySzYxRlRLMjE5MDAzMzQxIzAhBgkq
hkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA8lh2I1oUF0PTeVN14j/cvF3Q+1VH1KkIOwPvr3Pi/edV
AcZ0Z0lvk/5v5i5Nk8x4c693Vju17p/nr5soKua1Sti41NUhwC+sKs3fIwDW0aOt
JET0GnKqCEXLGhzppSErYQDS90LQw64tSf7o0PolJBZNBDFJWrziJ52A+AaijF3X
8LfD1UW3SSA8onjKvt1EMc+w39rwsZVV/u7pBCj90zQGx/Z/U67gfYxPqjUxLPzK
S9bg0TbXQcF8vf+XU/FqdV+1TboiV+WZXXFX0zr+tqfDSKQS2VV85CiGgW6VZzwg
qGAOSGtGR/2kyq18FfZsCJCFisPSKqcfmiBt1F44pwIDAQABoxAwDjAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBkRSNYYDZA/nn5sl57DA3MnRcezWS0
+NUVOLXpJXzQ3hB1yXMcKm3sgA2IyXInoZAr8kQCWHwwM8Y9igSRyZExPgp+Tm8m
iuU6T3Fn5GisEKdjkKSmrL+D9ibYqFEPNfBzNAj9aTR1Os9702fX+nE7ypLZlulz
ilF1S2XaOLVEiWK7zF7s0Gaq9bihZtkZP8VNnIJSr/5KzFrjDBV0euhpCsnsUTeg
ayKPsODLnp7grKizkKKA8Rk9OgnsEkCy7628Y1XLNTU7qB+7ZXjixmcfMdNS1PKY
xXZbFhu6d5a9mB1ykfdnxwlXwL44T273UzikwDl6YJNpJ+F8++WYJmhS
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set password ENC pIUZRD2tgmDUd4dW/xz18bze0hLI9pPrKEuBePgh0E8TSLhDXLpPgA0DyasTCgKkU+qxAiN6kLIN+kE1WJkIQwRuEocCsM+7TcNzvCYLXt+9oBn8xREOuLnfgGymSgKPkW+8r3lTaIaDQOuvha+Eg/bBfl2u+pyKi4dMXz7h/Q4ZdTX0y0sSbkTCS9IFAw7AHLYrbg==
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIWWa4Wq7Lt+UCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECN7k9hzjaXs8BIIEyE45Po/0xBDF
BhpVHzVpY06A8eN/pd4EutnwmlKYMFOk4N3yKzKi0x/yaS0tbPtgvL3DNNnHtM+C
tWdooc3Ebs74M2h4YqG2Nz1HEtlQDAWLHcD7ToyepdYI9GhJeo9nI51E0n9TM+H9
U+wCK2ycsmO7i7s7QR61hokj2q23gTamJuiAdXQoPNYyXrGUl+IN8+T1TC+w/dJC
9WTXtftDSVCWA5b161RZwA2W+KAL7+p9tuy8s3Sa2Eg2CLMLnYeTlolfNGP2w6Xh
DyySCMpS3PGAF8qRC0b+MG7FH3xJjE2j1PKzb3Re9o7KEps96SJ3OkyXcSYTt/Fw
v+0xvCqFg+CMn7+olW8lVkdajwMBDEM44dLSRGijOOaHZtFOe2MfhgKMbblDYuyB
uSZeysm7AotLXOUmjF8QdQynTh8jvKmCEWaD9xWlvadBPrB/DR1E3pdIMV2bsysI
FowEsVFibLA1KaIncr4/M+w6jqU/qJg9F0HjExr3jSauzGm12GuPxvl5knoi+Dnr
sa1OkygQA6BLdSxz9NIlFaglUMXIsFH+0KH8eB4CtUjlBliBDIOZaJ1NFNExIrRT
Zt+UBKhBnlrOnDwhspy+DY2Hg3HuvwI79oBDUlDB4ZoAcWryMxbgYOwS/c3BxT7h
PKa+UlB23Uh5FwZKIMDzeUw1XdbFQBn5QRfy5coeyrbZbAXYNEpoSb1wCAe/SOeh
gKyVfxpwpSu3YuR3qDgcTBa4MOJ27th+Otl+00/hzvqy/ZGx4VneCNCdfjAcSt74
z9znYyM5oeVd8PZROw0LlPgd8hPJSFVhHUwKNGC1vpX4ogd2aHlA59SYZyeq6zxL
rv6pvyNQ++Nrjtd7OUbv3eiNoSkwCDq57TrStDJfKmdsExloiFjXq6MeET/NCDsi
djlVUgoMNqFToxLZwOxNeMEwPXLMjFX7Wjf9QsIllqnIJxRTieahRxTw4NAX4z8Q
BwllzNRPwMZkWVMJO/t1SWlAPD05PnIdbrXh8FKUNDpABMaXmTLOy2UoXVLPhbu6
RXgDo+46+r5ZMk6oUTtERU0x88o+Yf1g+0xgh0yy1Im249iGYrGF+ydVJqyyxgop
Q+vfCy2W3mGZKFnwd2fxEyEU/410cbI6pkAGIKpZgCRmnFHRvLCoUFyTw2eQTa3+
ug2As3pM0SUu5fjAYD22LrI7oWHSWIN1Pt823rz+sKBexdhIWiMmz2SOLt6Un77V
BWQ30p5F5elLz/Ck2vyW0SqZwZ3LwcGB5SxqTuQlKMsEw+rnvraexFMZ4IviEek/
L9wfYbnisuAQW3mBTpXLCE/qztw+Yt3zgBtdTURsqU32gsv71tpKpU+l5kyuf1LT
BG9J274z6ZpQprqZM7+7K53WHzl3sq8vFfqBSRSLstlOMVSgJySeSg6dP73OKJ8N
5vSQ1MitkvsRLkTczdNQPsmmVRh978cIbu05BQvhnr+uTA0wBq9UP62PqP+KjQwp
3W1Ju8OsRsY1uqb2MN46IckISShPNW7iwqelStg982+7RHLgCKdmvz9yXKLW74Re
qblmhD7nkwDFrO5sGg6gx10Uaa91LVUo6GfMmfscBNEzbsaBMzX1YjW+L3l/0Ccc
xNWqLGg/F7qJyleKpDC3Hg==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIIJJ5p1RsocBEwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxHjAcBgNVBAMMFUZvcnRpbmV0IFVudHJ1c3RlZCBDQTEjMCEGCSqGSIb3DQEJ
ARYUc3VwcG9ydEBmb3J0aW5ldC5jb20wHhcNMjIwMTIxMTMxNzMxWhcNMzIwMTIy
MTMxNzMxWjCBrjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEjAQ
BgNVBAcMCVN1bm55dmFsZTERMA8GA1UECgwIRm9ydGluZXQxHjAcBgNVBAsMFUNl
cnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAwwVRm9ydGluZXQgVW50cnVzdGVk
IENBMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3MDfGYnRXUFwDTMvLYyQJKsggiGavE
I6S33xoF7k3vK8LDozySJP/JzyYlIH1HJNJCp5AQVbwVjZPGu05bgeFsytC8f8Ox
K6hqb+vgcQOcao+5fTYhjbkQwarPcDwasH/G0q1ye8aKLgLxskD0Zw7AzwqBWEkg
yRzAawTaZyZLqAhh/8zXpKFZ3ET4/1uWkLmWB/VHZQfue64AczjRnCrbtkGulARo
2Sz0eY3uYtS3IJ0ExyIgvVWa6ga/bF/wEayGKjAYOI11D81jgqYVi/yDHKKkP0oC
X5qBu56YSr3WladesKH2RAFflk1lPxPPFvNU7ZxGZYvJEzog6cdBCsUCAwEAAaMQ
MA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsV/3cOb31gHxJDMY
kiaq0BilhXcKg/QWmu6TeIzID0XxKuWPpnmDDODwHy0/3w4y8fkLo9m4pJh981i1
1lP8nSTN/o2ke7coqhWZ0QeqPbkMOk+pKx1c4CK/7GTvi5QYlWfI/WVu/uLPwplU
d8d1y6uNh3JaBThoA+a8gtFgRkxmgOQ6esZUGMWHRVfyI/uWWLm79THqBqvoPEUm
/7X0XRP+n/cWieOa/6MQv5d/iHJI7BpurysCEcySdS9fx3RHxwdAMCqn9UO3dEWv
q0ik2r7sts/s3V+z8yMore1n8FcMX7ADoGjCSNHe5gOq/kThWWVR2EHwkDTnraYp
0C14eA==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set password ENC z4kFa8x/t+1T9rz5iMtaibF0XpY4skaBEC+iGDGTU1fGR3SclZEHPSuQ0YwMFbwws6sSfxMQ92DBlYQ2V8TACjFjG1n1cnJZDH0mZBYmcghbJ4r1VHUCCH+FIxm+VGlTaRm0wFgbpxeuXYyLBNShWMmdoKX4flygpElJGvGccVCqbb3GsHhOkmA2m8RhHoOCDq5rgw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIy9cNub+Ob9UCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHWMyUjCY6LKBIIEyJWfz8RZtKMb
77COCMKlMywSMhuzt/IhFrZTwvjX8NezCqDIEB5OB6eBA8BhUaXpmL7JUIN7e0Rt
OC4hc37bbUygz9frNhICz4EXR8P8iw+kyu29LgRfcWh7yUOgM7aV7e1mPPHGMpgm
vwRCWU1ru8SPQlXT3nHey1deKMCyxKv02OxH+dEgCGWwILYVoaVbZ8svzuSANDvo
krluDuRF8n7B96Az2VOK49yW9atAPIzAUZgfQ7x3KEu8LrYfJb8IiGC/5q6aTmaT
99uotmwFqpJY4bjDITSI4eTZ1yQfEedv6ZO4G/YtqzgTYZZGkeBgd4QoicErnGfB
e8rjHHoHts2HyjJ2MUnGgr5OZWjUesKaysy2qnqXWptyEIM2uZcESLEr0tQpzFno
b0KwrLU4mXDupDGiCmX2xgkYvL4aIB1612qKR2jlT98mWRJpbzj31Hx9brEsoedp
+gJlIp+c6phAHCnZLEcop7m+gnjXfpCzawUXqIpKdKkHxhNyWpMa+oqQgahvBDpq
jU3J5V2jR4CaNJi7nAA+2sjPcD16bJOUWsDo1HXxEKLGZP8ygEeDDk9IeRzKS/VH
sqopb0M2W9RFH9B3GsqRdyfyfX4kx85lK7GLBp+DlqQQEHUhFXGfuYcar/al3PMg
PvaJQLsPKRys4eiqt7Zu4chnMHcYYer0OIBnejQC0ZNw9xR/ey12+4rKPyf1nsRK
xrCgPf0vrBrlyxqkDxsJiGea1rWge0TcNsj/19vW12+J1qAGhcTOtE+bwiBF+J0v
UehpQE031DuhK3YnmKsqH3gXRfX1YTcc0W5HaMhrAODD12sVBKtoMoa2iasTj2WU
q9UZDy4nfshwuE//HSeU+MIUPsCFkTtcYF6+ZfwLpOxRpdmbEbYBUrvUy0GgLMTF
JPrqyu8Ad3eg4fTaeGbpwg0gqdJ48vGt8bjUBXr0+DvL3zkSpTgXU4EzcgVOGFaW
k2IOso5fov+n04YfHos0QD/LeBPYP6Yw/Jql9YHEgUaoe9uj+KDXJiH92/g1R+0B
H/oAi9hUHgf/+SRLMwwUzr9S4i6gAnrRB4YNWxvGhVhMy0BJq6eP/UWMAG7ARh6J
O7YlVgfsACV2dJkwLud1MloFsn6dtpT40GL8885wybe9q4gbpfaTLoVXgZVok6Sq
x6ofvdAEp3Sa/FhkYciuuoy1Eq6AdKz6VDr+Q0QSENVh8TTYBXM81EUtk9O+pOW1
xLkMeyZq8lLf5NKgFS4SIMMdls2zko/OEWVtUTz0bqCygOi/sMQS9P6ifyAch3Oe
JUd15sIAxHj2wymXrkiovgwIrwPxuBlupgSm2HnXdQJiA3xdexrsktsvIQezVMTq
5R5YT00G7a2MJQFhYmbTH0Ay2jhMCXaj2BFySdag685ENSYQ+nxCSiF7TFvXJI16
0tpcdS2qPH8j4UdawajwSJLz7Ec40Ph245SBmT0IAZBE2N5+cZGee6gNUFjaw71X
9boJ7owkmOlYybmneF6KWb+tbi5OZhimqD4+MoZXXXC8Ly1LZicC2ZBFm/r+Cff9
p4hrY2yWvC8ZIkJo7eIh+pr6mNz1tlyYLOGQKyu3yRkHhKTsdbJqQsEQ0nv52qxs
8jDu6VCAJg5mj3hYf6dX9g==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIIDpscz/0cckAwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTI0MDUxNDExMzIxNVoXDTI2MDgxNzExMzIxNVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM3oe6MYMMKx
n+pOxZF6/GApkcOBVgomZUnak7EVNvhuGLEoRHsaagdnGghpr7/1fjTjq9pwcy50
ulQZaDpd4iolIiIM6DZuLNy3g0S6tBZSDZzLzP44YZiaXxUCq3V7ofbNApb70b5n
DmuI3YeOdCa6OTlR7hP+qXgnXIU7/oMqeZbjwFeL02cHeTEZZCRMfj34aoGasMSP
1xSbuhIy0SF673a0KTwwvqCQcL1gGRgQK8N6iC5U7/LB8qofcrQETl0+gKq29awk
2ZifS8L4j2vzaRW7Wk9v2JE1gv1nv24P5R+zRNfwkMui9IuG8qMsmLy9tC0Zvqqs
on9t57/B1wIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQBOaVMulzoqWefpYr6weX7dhuNl/AHU6141oxNw
EcNkP12sVRU/vOEh2OwWhGSQcYikM14Ix8n6uXWPvCaEoL9hWvxdYesLhk8LESaX
kyse8RHOaRShEpYLBTwD7Famppo7l0AB0GQy32VXMHSDIt4il4kxOxHtsFZVnt81
zduGY8rnqquEvsW2Er2gC9jSfqwdlenThRnUvoYIonCGwRmPNdYwOOFD/akJymMl
WZNQxgu2iagy+QnUmgprFMAHLe0F1Pd76u4xbViX/q95DPF9B4QYHCjL467iulQj
GIkjH1RQNZqgIWm9oqyVE6p2U5ZWpVghjAgxibuofpuddUTG
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set password ENC uxzBRlOsSH98xvfxE3ix5N2+QeeDA+JDKj8HUFYbT8HLr/MxpYUN8qnaGrlByfKJCztaz7HhWC16d0DYYH0k5NpErhz1Y7+STEVpEdVTDj64YXSkb5rt7MxDlru8lt0yboxpzlo8kmOjaU7bP7JQmSwr8cMoc3LYTCCG4y3uCVUPUUpwnwki9vmqZHPedX6t/J8MkA==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIStZL1SoNwhMCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFnGktgqHMXhBIICgFpaefD/Szpp
L7qGTHphASIvpspG2FnqfkXM6zow4VYwsIQHKlosKSJ8V6Xo5GkttYM8lHE5WOy5
4BoRiuNj+ptfEwNeFQ32etFpu/bKuWFKq8yDFrzww61VKUb6qe0vjuP0FNpf5xOs
vh59EE3UCPlf+T7BJzI6n3WShkgoEI47MFQtQg6WeJn/4/ls6lsAJQg8359nw+28
/btY+yOseaijn/J8mTEkOpObBcBfTHhAosMbsb5BPWNq0JypXPJHjYAxKHJpgN2X
AefMHwhTwTLn3wKemeOassmdrGRofcPFlkffox1edaobqFPl8nVTrphv6+4NvUL0
mPEGEJHAsuTW7ZnZQBP/0kp0tMj1sZDVccsk4VHTpRkliePWEuq+n5HsRMgVd30G
KCkQqP9IBNl5MOriUy3Z/2VB22rFigjwNb+cTZnn7kk/9uxMKeMaPF0bp/+znawk
ZMMFAlOouybmK4nrVZ9GY5eO4RtMJVupHxJFVoin6Eb1aOpj5v/1sW78chbwFh2f
SWNC2X8jlmOsEWSqDZwuo+JpBXaXYLW7P2t+bSEr7xOuAOmeWGP3vz5SqI8Vsrxx
TqxTYsX/tnwxt7+GCILfgYlrcrlcl3d3KzKa1Xi1Ylud0wxEyVt24JFGv5xa5tbX
pI6FqvxIPNssEmXNLv5ZVC1AzdpAmiOCqYPdf3w26AiHA5cBAIZHGjg8eWtMe+OL
LDHD8QhqAOB25MNMczge2yGc7n89WU2ErWBiL6lQjciYUKNlAp7M0Diq8AuGHsTo
FYecX4P3/6ScHH7wA0VaVlP5g1Ai2/bZs3DTmnRuMzBQEEAFU14Qw3f1icVzfPxI
rKLWq9l2Q5A=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC2zCCAkSgAwIBAgIIYcPBSSh9j04wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMDEyMTEzMTczMVoXDTI0MDQyNTEzMTczMVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU0m2pdvxFcNs3IvQO
50vExHsO59u9xdFgF9SO4yQF/55mzTcIdZDNVinpCZpQl7sRyPLpQrag8kq+oqum
BPpOnT/QmaVimQkvl1m3cAMw4/gaqPQ9A9+WJ9P+VcGpnOU5sCbwVwchcyYa2l6Q
kLgpzSIC0ZN2302gsKaDVgWpNQIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4GBABcU2eQRRvz7rWuC1AYF8+7L
6fDLvn2AenusmaqIillRciwkxihsC2AJAgooy+VQmhzIitia4MThmrnFyg8YUtaE
xAelnLljOrOuiruJT7LDEWlvt7MeQFVbXIo1VbYAN3cThA2iG4wWURJjqSNDHJkt
/bS1p3QmMb86zWZq0FBs
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set password ENC DettF3mJVhZ55Rr9QhOArPYiAgqYNO4zRCsoZ6C+GfrN8+2f1rXkwjEKJT60W9lVyLK06u+1gnG/LX/jlAUpjQ8K50TWMjUiK0qf8YwIzVV8W2XJn4JtVFtVC8b7XDKXJIBC+xEuIhwHxXsQAnkIkDBESWQDbRiKOLUCje0zHdAHd/zX7UknBj3BNK88a0X9TjdCwg==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQITWYHTtt2ItYCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECMRKJPNb18tABIIEyK8FV43DyvOd
cJkDi5JV51AGN6thvRQYrOzC47Pab9PTGljWt/SD2q7pouRxx4JhCNecxe7jW2dT
ohoP/ckJ4JwxlEGua0/NlZtbQZRqLr4fUDqJhBdaA9nQcx9FevKkty9eRIERXOT1
uh7tDo3UtRyto+4rj7teWuzp4mpf56guTPnRY1JVakj8A8kyrarmybFLsH7s2p4w
yPv2+T2Owd+1FCgTHLG9e5UncaqnkXWg6ZW+6B0nRZ+LAUjkH96DxTTjJil4dGcz
l5SJg3znoLeSshHqRwxQvRgDBJOl8Y+GzOT67H4OFLgsFsZddXPHrHV7zcwIZouR
8fNjYZbJJPoNWpjlTkzC6+td7qb7mSzOV7pyZXtb6H+J5Z8WSFN/KEJOff8T2Mx/
AKLqk81Y/P9nM19id5IHHNfHJoD+Z0AapQALnYRyqvhLM1c4Hf24hWnL7GFuXlLE
bhJpM8PYyMpjzggFPWTU76Ld90pzooon55IVDhhsOamM0DcWr5fVPgVUifnRKD7+
KeR49LOJq5cDgH79DcIeyN0goWvbN5LbC2OR+B/4YDt8ENByFGpo6KneizucrY58
dkAI/yUx3O04FwSFPTpJBv4us+eA6Y3shkycYKQUqqby8S5EaZv2/NT9xtJ10C15
C43gglCdsRy0te727Yz8O/q53mj7WaWCGAR1voAePRpyqRWvESO2WddrL44W4krN
m+jhEsHM0+d4rmMqOI/Z+B4eR04IK7WEzHzWQVy7+DILr7wS53hZiZkc3wixHFf2
Q23emnM1GOZJ/KcrrxV8oPOfkUzm3lys39UC5XwtGZzq50gBwEuWnUy4BKJugyAD
hZkwKYpPNXAmL2C9NunsTNZQ/syPzpHZDKYcVsEIO81+QBl2DfFjMi+xa49bvDEV
5K7FGtlLpki3gu/3zkvmJd5atfgj11Uxby8Tu/YuPSrB/BrH6TIxXrXpErM3ao8E
X+ap1mpbLouQjYFSFOcUQdrtrYMmpgNUQK39p1uiPhwr5kkMDZBCKOROpIFqJenR
yEsY1UAfZiTOoYJwTwo9ghBnJdXurT/tWZklKi1pg8HNWFByt6f21zuTmwLocN+u
KVon5RzFJc8FZAxLnxHFpD0nqSlBZj7ZkvPhIOyfTNZmE6N1KoJwsuCwCTQqA5xr
/M546iEG+JvwHq4efGfg7Y7Rze4q4Xfe86UBBkWV4SYgvVeKFLCMmmvCjq+Scvxn
Jl30cJKv5BxduvmfLgeRKJf9R1on/xC/E4S+jC2IHPOyO5Ldf1s7EvmsErFK5iEn
gXSyXUM47WgIjRPSX/EpKuavTha0FUXDxhIIqQL8kf9RrbWf8J1ShHEuqji5JSun
nHq6onHCYywcHxuNRn2YEMDNhJej0t7Jr3CPtqmClPwp1BTcDcSdn8uoU711L0iL
aR4itdbRUnd0gs3BDUIbFQTc1lGH0Uk9SpJw4BcTHCgHTmtd4L1s2/p2nHzBRNV3
jF1lkOass/JwGGWOo770Pw1ovKIVAp0RjYp1Kwx5LbrTO0ARCYRt1pdKPYocdxST
YzWTUgsVfv2L/4C/V+EP3xqdh3elVeTFU6R0i6dZnHnGkleQxUlDJ2RcQIjvIgc8
LMTZpMfFC6JzKOFkaP1lGg==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIIA3GupZAm+lAwDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMDEyMTEzMTczMVoXDTI0MDQyNTEzMTczMVowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53h9bYxHM8LH
XOfXRnTI55K6wbcnpch1MN/8jYlEbsFcZJnUTIHr2UYhdZiUHZJZ6xCRVHsBwuVt
7e0MG0UY5BFD6qWOErK+4/ZgdYqN4kzpPKkDZLeXwaIp541mOBfjAUWZXNQLU0Aq
xXIDMyAqxNlMb/WoemhHTXNidKUw2IPhcRtu2YbYSCn51cuwl1aliXDcwPbpFATl
GXX49WuX0+obW3mXT0bXnGFUdrSQDxTZFllobFABNFptyVvnmXn3ykEJcM3xq3py
Fu2WX/VscxNT/PzV9EzfeevimKeNPOgGQEMhZA9geHckFL0dAoxV+7uDsXpGT8Up
FPyHh8RHCwIDAQABoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
MA0GCSqGSIb3DQEBCwUAA4IBAQBNswgAgK7uko2M/TndztvtLIOuM21TDAL328yb
5xGoIi31sg45bDlhEzU10/DFutOs9idq17ujZMkJBQ3kQZ8SBWIP/VNW8KV/AeCV
rWpgCRSKl+3gG7d49x1iQdyYwQJKykvY70eyfPctDXrtr7fX2camAS6QpHtmV2I4
/VBaPC5FB47JocaoK9PJDKQ1diVPKoIyD9/otBOmfZSmKESqknikYhM9xffTEF7W
4xxyN27pTQOCW5ZPtOmSh4aqcHgTR+w8rIJOfxApy61dO0Ahc1l8vYGnWNSgqlG2
yJ7HMjDau9HMqeaxnKWVubbZ3tVPDM4iYZEeRFbBx8V2Dmv6
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set password ENC ejQwiKsIi82xX+ji2wt8u7SsHlSmwqZ0yeuLkDZVna12SUvD2arAvqJMq2vomMs/4kfiA17YExxmDn5HmPSv/+zMxlgjr4cbOL2NN7K0zWBZX9sHah6RyI+yYtOYLO6eW70DIO+fHe7YdQDXyVuGIXB9HBb1SPnw2MeYTAfLnDDz74irM670cFSRYe774b8/368yiA==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQInfCTFS5Sv28CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECKd//de+jDIDBIIJSFs5Ar1Rg8jW
HsM3DfecyTezUEm3sbqe71TwB/Z2t9YuxGvxT3JosSqGD6aat1/VWuUC4FogyK1F
YIAFFoqZq1HsHQI/PX7sj7D/9j9zQeDCgegN+vkniy/Up2ft+MM8SRmbWZgJU1cm
lpDdntBxTNIBq5w6X22zKaM4DRyW+V/mUPMqvibIyFeggq6JMRJwzNWTxxL0JHYf
QGVXGDfilYAgIDjcoo/+BN2vjx+T6TLHASidv28RCIkUJK6QS3mvIao2rR8Rhe70
oAGBQuIRAfW2V/pAbO4gwyiQq9eBJUBik43Ux7aqbP1aWdUBno8L9DeqngcVvwd5
p8hpq4s0kM0n3OSuJvVMbUzffoayxeJ2bQDThvcaSwSa+h9mCK/1kQNFiWE2lfJx
S14NsUPq21T2k12F0Ac6DHWf6GK7d1f8fUjn+ptMHnGvyHNdD/fU3Klfd+rv38u+
5eJ9wA5D/XloBO9153cTkAGLCB/lw67m617xja1HwmR05NSxY8hnRaOXNA/nPKfq
aRuS3+xB7fBvFBBhtvZLkZJImnLaZvPgfyFl+SzSh5t5MW7HXvoSskmmKGvF+5Ef
ushcn/47zkNgMnY3vUGnx/HJyjRIDodf6jqO4AiHXTRqtLG3/Uvq4yytdfAWyXBM
YEdRwq4B1/QMxA0JRtLciEyDmZBjS+pMcbZQVv1Xf0jmaGPyE99FkwC6r6AFkgfH
Hx21oBoP9xtIYOoWcM5zgybA6XlPtaqnrkjAOEGPj/bi4iBtSUTGzcsWXI5reb99
0AxY3ElwdnOf8XwqTqosK2SLqWKcDN22ju8sWfliEvG6n/ZVWGo+d4Qh3dqOfI7H
HYa5bWeqosAexh0VEV8Zj2Uu8OFq9QLvS672HoimyziRHUTCxGaBaGdoFNR1A4ed
4Ih1M5T20Giu+W+jkFon2TEVPWUSxoak5rhP5b3qbW5LbpkSp4jYnzYENIKjwRIv
bz9J6hzKDbQNvKX+x5Aavo6fyb0pQLei4QAv5tWfWLYXySDkSSa1qIHsR2E+9ZUQ
7O87dBgfd56MnsEVGvladNGS75ABUfLqFOJXLHPzCuCRAdhoKASYR0wGkH/VTqrP
UpwQ1brME8wPqWsCwRNZS6m3XquHYuHmrohwlUlEJTa1psg6rmDFrE6GXdddt2LZ
yJOv/LRJf4tlkXTtQqJ6qTitIyhmKIr9xEnWFVgN+s72aPlSGzLdF1doeSkRTk/r
9amNxPP0E7wsa2rqknh8P3OZoNGq4DdqmjN8kysPJ4ixzQpm60L+zkB17TD6Jut6
BTKWXFvpRHoadm6ehf3FK+rtNYwwmv4S4nABy+8IZAl9we3TWeyweCD4Q1sw5XJZ
tIN9GaOgWTQofA5kRsC6ClAqmFHrQc6fy+q2cYVF11WTU+pUIpzJ5J7UALJ74Se4
vYW4VSiJMrnH2OWj1nzLpxLcbWzVXFVitSgl35m8E4ZymnE8UHIpORlVpqd+W15/
whE4opmf+ygUC2VIPxrGdS54zHVeC37S4CwZR6hfj+U/8JSvvOE5nTFLuETKb2bX
tf1N9lw2QJanUgHSHUV/fYnPQJmKuUJpNu/Cn/39ElLgoa7om+BiZTJXWNnNFiQB
aN/54nLtgOdw5qr0Lqz4LXxQwEeVPrmWfsxNvBzWVRklhoYlU8v/THDhCsH7Wu7S
PFhKbbXvnIZmeDPgo6KMlupdoi9pEuimOdVFuq005ca6BnJdzw9WPcF+9sHPXDtx
MFrlXtt8oOtgRtlQxp2lZ6G6BD47ZPR0aA90/bRkNVY6FQnCG2+HY9gY/jynhNqd
NdjtqBqev/3LJASELysJ+eIU5Rcg40CX0D5iLXbvR7F1ySxGa3sHKHPbSHbbT3VD
FCpi8EpvF60rDhf1Fln6UHnkKAvjD/pZF9KKRNI3RCZ9UBQgc2HSj47FCn+uW/yg
lrjJynCNVOiEKwyKCSgi4pudDHPW8q4pLPsgwgnIp1p+82mAhYdRFpmJlsjhZWnz
ZxnjgcZiHIuTsnRTI3Mdt95EPnhDOtxwFivoGCbnBodZ5Qjg0m7CICgWx26QdEI+
NvoFobrDRUQ8/Fqxijca8tifW0IK8BrvahSBBVsXl+vMKjCKIw1Vd1tHmHU43kch
1TMtUjN09UshwsV1CGV/SJUXLLtNmPeSHAFpa/Crpl/XplYlJ+mPirh8CsieWUlk
Nl8x5F6puURiP/1DyyBfU0Aa8iSxfwwWz2AMT0dRjvF7APvXjNhsRub8a3FgrBuV
4IhnYVmnA+CPPa5qf0sTW9kIid6nk2kapWiFRqk5ivDp7RzJ3f/rVijiRWgfUBQh
oFTMMw6no3hp+v+rm+kfbQZv97eGEC3S41BDitaeWxhuuSO7kUBIhGYuhUZ2S/j9
4oMi7abIPMch8fxv1HTzWcZBSEqXvYscK0EtlAMbJm+TmkoWc+nimHDlu8Z+k7M/
OEqVicV69Z4nvStCMXR7zp6RanrRtwoMCUac8Bdf3qbfl7IV/NTWBl1WQbIhn+D0
L//a6v2sb4Fog+eESA6zRypH1uFZ9LUvrUPVRxMQNudf3xKAUUgTZkHH5zcNyL+K
M43B28PqfbQifSOaZ+lo5Bc23Eq4ZOJwTzF84JLOrwtxZiJD42F62FJXc2EndE/D
YF8kExLq4uIwPV2Qq8CkxUED1FloWTQ9wL506dtWHNMWGGSsun5s1IjV63epWLLo
VVmXRU+juHgIpZ1FuEcXWa4MpXMoMEUhac7gkkq4q6raFr0E2kwshGPA3EmiUcwG
L6IrxyETe3G0jKxUIdepCGQfKcPs5aBzOC2JzYpFzS75cmEo8JCNy7SvLosAGQh/
a/Z2x06Yyx/inPfwEUb6/LGWdNzcM2SAAQQ7H5THv1pC7RtkuFsZ9RWaOj8wklww
LNgPRXALJ+F3dLrDT5QAoft/Hv7KDTx7ToOUcCxrDlTu01KkTB4L+INZjyLBHoWT
pVeLNPocR7VVMcuDcPnM/E/vkBkxc/ut7N8mZN4qcNPuxlcJ5z4pLzO3sVr7WT8V
0smKOGnAvUjLOg06Ref1phzog862CMjlQzZJOjBLO3B9F4KJ3V12/Ja7kADx1Huk
sZlJUYuptGqostVnCXaVikiN+jZXtGVDqmyyw6DJ/dbSy9Na5YME31Om6xfXwR8A
MFzkBzDil4xWF1gYBWv1ig==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIF4DCCA8igAwIBAgIIOyuSlXiAZz0wDQYJKoZIhvcNAQELBQAwgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMB4XDTIyMDEyMTEzMTczMloXDTI0MDQyNTEzMTczMlowgZ0xCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUx
ETAPBgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMM
EEYySzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGlu
ZXQuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwyVG5t7nGwDg
vej/7eZ0r7PcHpLa0WqilM7KNTeYMcNBob7sbPgHmLJgWIGCtrzp7fgxp1LEO2JM
68NCEyqGTj6n3iNU3zUw4CIllrZeTSCIo7KeZ/wf1yGr/HGRszXKWn0aa1m9cEsf
8IeNvdqSaok68v0dm97E3Ce8lFAftVO57i9Qh7sPHK3xXGAuBuZhm0dgkU+I6lPl
6ycSwr4DIbkOdHOMMtkJslnZZ/fYazorEwg4CYgT934nDQNUprberUSgKlkuEJDw
nA55Cp9AleyvkL/2xH6KGO/aUIuzMZn9bRmOwz2GxvX5Zk/b629I7O8GCtjcZJ+l
UScparoPpaE+Q45oaxsAfC4+cWaWTd6WCNv36PVrNvmt/gQWNPuXbfTBEUL5cHgk
ouq75PmvuiAaC6s3bH2wpbls1zPXbqTdXQxQiZIzPniLEDc9o3P8S9sRnm6ypOwx
j4cAys5fPdGreRFTI95mWnrM30yK1P2YpGU7LCPAuleXrkJ/04tG1R0U+dHwJcW+
HMK09qPxusUpp6rZBIydVAkkSMlL2fMNvvLkPAfD15iuF2hs+pDYa8Pel/pCXoTO
jQekiweLFVd/t97Z0Bh7s9Ko3uFPavtsztzbLvT0qSpSSpE6cMC1ZsIHykyJFRli
aweYgIDwiq9ja4Wb79E7uPV4x4o4KNUCAwEAAaMiMCAwCQYDVR0TBAIwADATBgNV
HSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAI+Aqpvb0ojqpsmsl
vEr9mQNTL6bKvagWpYKnfzHVhlhkRJxEQgH6ItgqZRt593MpxMtWL4dvM0Sfl7vh
e8PxetFvNJjbgkiCGKOhdx5bnl90p28YVS6iXi2DkokAkdJSpJnsqGYIzzgEXY+Y
q5EjLCuhF8dSq1TOhNjZLkqVcSZe65jNh1Y3fQ1OPPv72nFLLpFSGk3htr+L1yes
RsfOpBdXu7gO/HwLGbHzTjksHAsklVcm+KcdsC+P0XPB4RKsC9Gqyv/lbbXGD6xM
u+7AxbmBWloYScHiSeffu9ooIeaDGIKPG24kf2tqEGRnHXTQXEBcYt1bUmL6FYdB
HvdROeNUWF5qno/9GBbuWJ7K/c4+Nj+B/Fjh9EMyQbuRf/WQlMYN4wROgfqZjU84
TNMcX1ezdzKh7K4d2JQNB2ke/byEwF3KwFO6mV8ag20bCPq8oaUtMmQDmM0HgA/H
2IW21yVgyAOvA+ZvFffocseA1SAIKgHsb8zU/xYzfc9P2RfxXtm2REgq35yho5uO
3aqKlLvSFb9GN9zn3lrzlur61gfuSNSrlk8Cbf932HB4lG9A/hs9+AnmZmC2DDLr
USgnPvV9FGt/zySOjvlY71Y/ysoj5jAzQrtMswvcVAE/7uj4OurLvIQGm8OSIp8q
UM9qCGu2uhHLRu7OJt1t2qWPS/w=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set password ENC G7dcgoRdiqwTAxaE2d6RdZG5XKZW1fi6BUsMCchCA9rH1bPV3joBJ93Me7H4BA8+kCgTOLxRSDlRQbtdwo50jXIkpnl9KrDa7ep07+anEFx+lQ/nRFtQD31UTXdpBFtjEEW7cEP3Q+k2xgLABVHevDozMQdSXYpYV2rLr/WUsYIsNf05DM1gNzqbQNkBg3iwD+ItNw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBpDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI7Ej4vA/yS/MCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCab0XiQqU6uBIIBUP9eJWhY4SXJ
ct0+t281f0QIj519reNSdwe4/Rgr5PefvlnaR0RYc1AEvvWxF9klr136wupAA4lQ
k32C3wwhBsIK8VwOlcmufTSHpu/RqBLWtle4uPkdFGoPkKmajGeX7aSS/8IeY/An
C/PCXFvAb5wY3TCfXKVj74A7Wv76bTErTw6P7EnuJD6533hsB9gQNma2OKENRwyn
ygflx41F41SNnajOemZ07+dtjltgzd+YFtJeSrjdMiRionZsHSRiMHCOvxrVSIHb
lo5q7IBfq2J8KuZeDmFgTyPiXty0qlv4kmJesDSg1Ksg6MLH1EOiTzTU20y3g1YZ
LBNlphJRb7MiAttezcq0EhsC/vqnTqq8dLu/cYQQ5EAiB6m5AhlEU8qbF2uEOi+N
Zp7mmVeHas3JLi9u7bc2pd3A4wr+dQ4HnSL7CNTfT4iCKJSHctYbAQ==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIDnjCCA1ugAwIBAgIICnJZiuQT5kwwCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjAxMjExMzE3MzJaFw0yNDA0MjUxMzE3MzJaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQC+4nK8AoHZzfZOk6DeFoqkU/1E
tsChanHEA7rA/zewAN1lXEyY1Q1wLcoBAfWM+dKsu5QoFPQOfpkBEv7/lNlu31Kf
EoGWy1llX36XNtGSUODWN84MpDZRZvbB7hYYpCSI1oXQWRH5iPDn0oqhALUWyvbb
PKP/p/QqJHAKQl4DMwIVAM0negphMCVwllVVs65Lrn3qBObJAoGADowodiGVQS+j
yYFhh0q1KQZUwqz5w/UMeRvidMMTXpWzA0/6mi9m2mI3nlthlqjKlT/jkgZVATqn
LIrkPe+QpEfz/KGIf/juVl8EGlYDlxBR0wv2RQiR/Us5cSSGAP0oaxOUNCdacWd1
iXtwSsIuflcxzTqj7Pn2zKnc8vVkDlUDgYUAAoGBAJZt6dKujCngP0X0jvZHIkHh
lhpCaRaiktahC9v/qN2RSVeowxZ8AKBRI1+QJuHBrBOwEddEkNknliMXjZr4JP17
dW8oXDB9A0MzkHH5EMONKXlixmjO4Hprj2r5mKACUCkbb2reI+jo8fz6GpRmDZSW
qs6hRQIshfZ0CF/w3rwIoyIwIDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMAsGCWCGSAFlAwQDAgMwADAtAhUAvyA64Mp+Dw9KuaBJb3RWnXS8C3MCFHd3
vncZsUn3T4/gdogfFYgsj1Z2
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set password ENC HAvd5VGHf7p/2/xD+U7IdUo327RaYPM7/FHgW0HGJkcUOnAlHp9voZhJjyMRq60c34kU0eXiOiW8wecJG4DfUsijrTMggpfj2UB7CJ+J6zZSpebDMazqo8PErkdqawMhOe54NydhRYChmkqnImlp93gPhzVRQYoFQ+P2NfTuQAQX34neNVZg8isduiU8e7e/VKpsmg==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIICxDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIABKfUtK3YY4CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECGrZvn3Rc2nIBIICcGJ7K+dgxi1m
st7IDedrA/791Fh4AA2Fw2Tg2S8lUkB4biR+PfJtkRiMcZG2qkH92bmHQQi+cNcD
vRbvAoLA0HeLStdsZH6Y66hyeWrU2rmYErtiQ4BPqGTq0VKBUtSePiFGb8v0u8v6
9nksfhiLzJ2uroLa0o7L11ID15ffp3VrK3nbBMRmp9LJa37UBduIcxcwO1o/Hl9U
E4ZHXfTqiATibRoUJnQDz6Z+eTq2uj5T2Wq7TSBo0VsG5Zej4glYXFQuseXoaxOY
TVsbT6Tlg7QWYoef6P6PeS4BdUpOwAl42c4Rx4Qf5UgxeC2xqzziVDylnBY4PcWT
tnAXf/Mko7lVaLTC8ZsS7xh048oUHBrd3V9daYAsNEbbxFAB+shybU7CyXVGiO3z
4LS9rCt5wCViN3HwCQweHPu1rG0+LV9UrSepZxLzZn/uBzpQ8CwF7RW12muWl1tY
TUvCnX3dp+oVyt38PBSLTB90XOxYOtsSfgeaHajoVlWyZV+8IndJGmjdn3doRngA
CCEVAusBqk2CyPK8+W2pBX5rfvYnbLJnYwwN5y//xHLS8Vr/XZtrSWORLjmSwgiY
5+hKNFSZlpuvvakVTYqUSkzQ65HLH8siUGLHZPwdVehBRxwMOhvCmV0jWzubwlPc
QI/zoyE7dahuRRZvCCUytTOv1Vw/psjkQvSdZVTR5f/COPFUBfIJa3Lwx3g2jeSs
naKON93cUQy28DPuRcmIj5d++cQSNG+4Zunl12teAEMnZrkfYUr8FLTeyNwF+1IJ
4+QY2bIUJFiCejzMnMMStBvvthqzEZnd5AOIxmx/BVGB9XRUvTbruw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIFRjCCBOugAwIBAgIIb9Ue9OCxwc4wCwYJYIZIAWUDBAMCMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTAeFw0yMjAxMjExMzE3MzNaFw0yNDA0MjUxMzE3MzNaMIGdMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREw
DwYDVQQKDAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBG
Mks2MUZUSzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0
LmNvbTCCA0cwggI5BgcqhkjOOAQBMIICLAKCAQEAobgWFx7GOelSuTz2LQXq2WSf
XNU2bOmog6adPfioJkQfgmSfpzM5O9wFOs0L5oZMDv01Cig8U5UlWvd3sEjyHmiB
EUR0swc2jGMIXuW4d+7Wu9HdiKQ+XwbDTuysoegG/F604I+6syj5PYy5IGKmBUAl
ff2WkrkISafqIUJYKCe6ipF4uK84bc58+elygYLGdtC+64zgq+6PUBcePmKPxWtk
d0FBFiaSwSOnj1fhv38koSOEI3sMfkPYKzIsJd3l8BUoIuj1ISGYQzobO+aZPoGU
GpxnGE8ztyb1ICYe9OEgCXQ5GQ0Y+EHxufarHISvsUbC+ZR8665wThsQc1xOYQIh
ANteeFG+/MJHYNasES0Jr8fS9XU+RVjmS8CuSuhv/JILAoIBAESm2CulfpNo7WGH
b6KmJQSCTH+mGQ8bO3gCRyc5p3l2t1aTG4dFa0x8Od+eCUBzJs31GgeOncY4OPp6
ZIcqt2L8G9Vc/W9M7b+xNEOO4tF34zxycxg0bsK1mW+kNpBgsBvfBKoKoV1dedy7
dV3Qmtu/xeIcgG+Uii50MzxpZNKnkYecmj6yA2T7Di5W/kmmRfo6EndQGIXRt6He
fJz8IP1Xq6K86FkvgnnAES1rC0THYbgHBtZi/CQc/plvHc/8fsKWwLhIM5ANMOtN
h9Vsjmb5xQkmrFIdX+K0vDNINd/WETw5HtgDapHmLgIPUPcsHFAewOv96gPEMCnQ
8VdCni0DggEGAAKCAQEAjWAFqLgApELI0RLgmhx551lFckyW2FMaA0m8CZ4auMXA
RvmCtcILrvtzjevaNmdWn3S7/zIa60nYY2JSVgSFss/eP6BpmvBiKbDEb7w1qQ78
+vj1Ym737AjSgtM96m6kcKCUS3LKZu1LD58IFkf2OC6SlV1MyMClhOnNBS7JjwdO
ZQmvPYVsSr44FFqgKbGOgd6mW/+li7SXI5vRi68ak3rVVIFo+Nq7mbY45e8JSoaM
zWf8mQR9AojvjlfQmlLDmixqbGU+1fKvb+jnK35S+hxg82hvZ5ROcCEEz4M5D8Om
SeeY9Ho4Uy/u+JWEtm2HHN8/abGIhUkq0CY8/FsB5KMiMCAwCQYDVR0TBAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDATALBglghkgBZQMEAwIDSAAwRQIgETGpcM+jLq6B
QJdHqanHlAeKrkBRk+YT7U/f1TDF0oICIQCryEVtHWwX/MOh7rkfwQQvWkcmQQaC
MJWQytLYT+txcQ==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set password ENC RSI0LKqRBPwzMeerG8sTm5CRx6323R+D8ToRZdDb6tooIhVn27SX/CZeX+FE/PUM4Qy69VDD75IRFUOn1MXdlkhk5eco6/dOBQqPKHC/6uVgqmHjhxT6WuxpXr54PCU0i9sAs8RLeKw6o2MeSV+JjfiL0ED1JAwKOVJnyN48f8RCWeBzWl2chZXSkiV0HxPp6y8tzg==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIHjME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAhDVC/zR8KCowICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIzXvrQ99uwHUEgZCAFl8A3dgwNaBr
ZCCuUi8lnGcsCRa6ZqnjrkK49I2XpFE+KrC88OPQq9A4QGGa370F9gWkfA829Sep
fr1G9UtQTDmxim8SKdQeMIVxK0RGd6rxKUtUhQl9r1M/0jUiWKQYXCD4wEd709jF
Jz/M/rqzJKRzk7sB7B5pgqLZokDfBfeiA2Vgh7GFemqGwZN/qb8=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICUzCCAfqgAwIBAgIIZRi7f/MAJXcwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMDEyMTEzMTczM1oXDTI0MDQyNTEzMTczM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEzQlo5ZS9PJ7tEifDb4GWLIcB
49A0sUddXg6tvIDdZwWDEeNCrHZ2Za55budhEmjUScHT8OOX/RNwbU51BEvJyKMi
MCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNH
ADBEAiB6T3DTjYQg6Th9qmXaf8Sr9YMhzp9THiwKY9wCMjk2UAIgaFZalmSAyAb3
aPVOyJd/Vo4LhganarUtReirtMNLteE=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set password ENC 1bQaZ8apuI4E7uZetEbRMQfTCXfKKcIzin8OzjPuM9VJ9nyPGbx+0yI1jwTE4HE16XYpLrOKWxrZDIcLyKAHc13RU/WNxAgKh6GcSbLcdKcODvromUQ6A1PnPhIRh8KCezOeKck0aqNHdvC85dehMW+fayJsOVDPTF9mG7TePPFc97dGAblncIdMxs8OVblQzI2RwA==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBEzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIL1YNqz3KRJECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG09d4g1dQOBBIHA1YBkWD7AUhCb
26TAv+SSgdnklbQ3jgDhRdEdjgMKzmb425Uaf2JH7P29uWWheEZ8XZaRNZatrfuP
1GynJ5fmIrHHFDDKt88md5nEwpN0KecFUzTFoptMPVBCiRgq8DWdJj2Zz51zon12
Th+VeyUkW6tTw/1llozKP2KxnsBeDZI3sY8TG/zCOMEiCaMsWff4Fer1b6V9J+sN
X8TNzrAbgnw0+L8h2BiVnrALGBbn0OFU/fAqYfVL1pT6ypLN/VQL
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICkTCCAhegAwIBAgIIaKfzT0doMX0wCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMDEyMTEzMTczM1oXDTI0MDQyNTEzMTczM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXltra7ZMLIm5s1It30E8m0WMLm07
cqGS0DcSOfH2EznGOMs79QXn/YH1IdbbWEz1w86NfgVxfyi5CWkKqHSsL1DBYLan
y0v4BBrH4no+hB2UvWm3aExhkbqn4cbr10FAoyIwIDAJBgNVHRMEAjAAMBMGA1Ud
JQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2gAMGUCMBRHQLVuZxXEvqOwGRnb
DL4Pi8SL3rLBZVJZw4ll+XIx9clascYG70Xk1ffcQDu4hAIxAJqAd+R0RhjDWrkS
rXRhJBy9Awg19h5c3UFoaQRlfUIYy70XRPrIUGaxGZms7t2qpQ==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set password ENC 0MKCkBgDd3ySFaCpqBVywDYnlqCfW9z1+Wnnfos5daDaOBMCfu/2z8cmEDeBys070QmZzbEm+1lbnvv1B6A/8sFZIMTvZ7k+FOuKLT+D5lTG0AYft/fBbwCiMuTv7wOwlhay2H3jHSuhgzcVAE74q24YoFaDGu/pV3rhjdDP/wdXzqSPboGwDmvE7MPi4YE/wBNjYw==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBSzBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQItluxz5gczGACAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECOIOpdc1zQv8BIH4jhN8gSPu7Lu+
Vmfnd3urrEssjNEfevxDM9+oZxGitvJLqoxrQkQ2Fx+g3MLPO0J3UscaFRudeo4/
ueMGKCBTzbQhcIo38zQ1UciitaXtdutVuhRT1sbQ6u0z/87MYnEqR8ytZ45yBAKD
/cEPvbhVPJ2PwLj767GArjGwAqmGa3FCnz224/VE7/9aUTQT3DLpAM8OyZPteRUs
pWpc4WWJoLnhnL3lK/cExT2EJyypg9EucKHsvoEVkjdAKB2xY/QTxpEW5wGjoFOe
cMUAZuOWI+FUS4QqphhQM+NH2qnYgYKZQbkwNyoAHUCW3neax3EeeJAeKTv1l9Y=
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIC3DCCAj2gAwIBAgIIVq8ihaRoKLgwCgYIKoZIzj0EAwIwgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMB4XDTIyMDEyMTEzMTczM1oXDTI0MDQyNTEzMTczM1owgZ0xCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRIwEAYDVQQHDAlTdW5ueXZhbGUxETAP
BgNVBAoMCEZvcnRpbmV0MRIwEAYDVQQLDAlGb3J0aUdhdGUxGTAXBgNVBAMMEEYy
SzYxRlRLMjE5MDAzMzQxIzAhBgkqhkiG9w0BCQEWFHN1cHBvcnRAZm9ydGluZXQu
Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAqfE1xW05XaLgS3pqEAvGluNP
awzUAnkKAGAYCoTf476vdaZx9rXvZsLHf0l4vMKaQ9Bz6UqmT567MQECodv76m0B
CQa8mJiek5dqT/TUTNibO4VK/xd0zkgTyJmzvKfmuG//NKejGZE7V8VQ8r9ZKvX4
e2imhNBhmkJPZ6e8Zex9EY6jIjAgMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwCgYIKoZIzj0EAwIDgYwAMIGIAkIBgfYFR5Zs8Bv1cBIc5Hxw/HR+SR5T
j/wQQ1PI9if/yx4n5SicKsmU3SV5WdEC/ux8edI6pzgzKqzWGLoxLV45fGECQgES
i8D6f3jce8/D5Ll97+q3Mmq1AHWrUBvBh7QeHd/48IIGQusgkNQbxAjquo2YbDXD
AJvskQzNTa+n/oTmPe0ksw==
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set password ENC rGx8W7r/1PFjG1HKP45s7x7psyZwagy3FiXd3gTQ7JpIOZDmr9S44tt5/Khc0gUNtXctTY8HHnrGvbDl+b3tC9O+eiKXPkONBzvrQOvpUXToNFnhMhOSolbKZ6h4Kny3n0Z0YvWBJL2L8sOAfnFjCVERde2r4yTGVJYLHC7u6khyWhw385unCda+yub4SCSeUO/CZg==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGKME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAjqbg+hLk9mmgICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQI4SstyeVuZxUEOLmyVQjkQnXSgVrc
17HGzoaDn0V5O54a/pbuyYPg43sAPfelZJIIdykHhmXU/sTagbjgWl2/afQD
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICFDCCAcagAwIBAgIIe9Jk9bbV9AowBQYDK2VwMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjAxMjExMzE3MzNaFw0yNDA0MjUxMzE3MzNaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAq
MAUGAytlcAMhAPTybe+KeTPvQdh2eRZ/QfcwTvsaMhhZDLq0egkutZgcoyIwIDAJ
BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAUGAytlcANBADgJJhYZcDnc
jDiUkqW+EZWsh09in5d/a4DVDk78zqFsrFIbrWTQxotUHEYwu038DxndyIayYw1N
dB6YzHdvZAE=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set password ENC An6bNH3+wZ4oRz9QH4oaFe4C6ECUUoSV7j+bOBSVmIG52lnIL4JIItJHrnWLkL1Mj6zyQMRrpv+7kStmatLs3IttlfR+I3vb5pSZQ9OMMEY0L+X+vhMAgOHK72TmrWL3MeGiXYvWbeHVZevsNLXiMSL9dbSHuXxqzFeH4Zjf68sjU7oUGgClTrD7aoHhxYRcdjvG2w==
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGiME4GCSqGSIb3DQEFDTBBMCkGCSqGSIb3DQEFDDAcBAhDe8KJgnGZEAICCAAw
DAYIKoZIhvcNAgkFADAUBggqhkiG9w0DBwQIBs9bVqUMc2oEUCepoIh9PjAPGre/
Xn6kt6bxxjaHiOWRnSTevdI0VHnMetcJkcxiuVd6I2xBaOMjCyQuaOOwxeO+JMlm
T+9mGIM5imVhjdqdg40dZ7xjximl
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIICXzCCAd+gAwIBAgIIEpo4xm2L33kwBQYDK2VxMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAe
Fw0yMjAxMjExMzE3MzNaFw0yNDA0MjUxMzE3MzNaMIGdMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU3Vubnl2YWxlMREwDwYDVQQK
DAhGb3J0aW5ldDESMBAGA1UECwwJRm9ydGlHYXRlMRkwFwYDVQQDDBBGMks2MUZU
SzIxOTAwMzM0MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QGZvcnRpbmV0LmNvbTBD
MAUGAytlcQM6AFjYzJ8Mqakz7JW0a/UxfzmYUdJ8ctXQ3KLxx/smIp6dq2tAJS62
K7nL2gm9oVHYfVGGzASzH6zcAKMiMCAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggr
BgEFBQcDATAFBgMrZXEDcwDSOW6ovjbS16JdUIQc4SHTPXQCnp3gN/3hRdcllT7X
PhPTkxF0UQt34SIc/r8Bk+ZOI2jTFmxgegB8r65l0m1JEG8o25GjnLs/Y7picq6g
Ci9wZHk6Jp1Z8BotCQLQsTqgitidAXzT3exG7bnl4C08EAA=
-----END CERTIFICATE-----"
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config certificate crl
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config application list
edit "g-default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config dlp sensor
edit "g-default"
set comment "Default sensor."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "g-sniffer-profile"
set comment "Log a summary of email and web traffic."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
end
config webfilter ips-urlfilter-cache-setting
set dns-retry-interval 0
set extended-ttl 0
end
config system ips-urlfilter-dns
end
config system ips-urlfilter-dns6
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
end
config webfilter fortiguard
set cache-mode ttl
set cache-prefix-match enable
set cache-mem-percent 2
set ovrd-auth-port-http 8008
set ovrd-auth-port-https 8010
set ovrd-auth-port-https-flow 8015
set ovrd-auth-port-warning 8020
set ovrd-auth-https enable
set warn-auth-https enable
set close-ports disable
set request-packet-size-limit 0
end
config webfilter search-engine
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
next
end
config wanopt content-delivery-network-rule
edit "vcache://"
set comment "Static entries are not allowed to change except disable."
set status enable
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.m3u8"
next
end
config content-id
set target hls-manifest
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mpd"
next
end
config content-id
set target dash-manifest
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.ts"
next
end
config content-id
set target hls-fragment
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule4"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.*"
next
end
config content-id
set target dash-fragment
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://youtube/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "youtube.com"
set category youtube
set request-cache-control disable
set response-cache-control disable
set response-expires disable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set start-direction forward
set end-str "&"
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/stream_204"
next
edit 2
set target path
set pattern "/ptracking"
next
edit 3
set target path
set pattern "/get_video_info"
next
end
config content-id
set target youtube-map
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://googlevideo/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "googlevideo.com"
set category youtube
set request-cache-control disable
set response-cache-control disable
set response-expires disable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set start-direction forward
set end-str "&"
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/videoplayback"
next
end
config content-id
set target youtube-id
set start-str "v="
set start-skip 2
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/stream_204"
next
edit 2
set target path
set pattern "/ptracking"
next
edit 3
set target path
set pattern "/get_video_info"
next
end
config content-id
set target youtube-map
set start-str "/"
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://metacafe/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "mccont.com" "akvideos.metacafe.com" "cdn.metacafe.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://facebook/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "fbcdn.net" "facebook.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://dailymotion/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "dailymotion.com" "dmcdn.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/video/*.mp4"
next
edit 2
set target path
set pattern "/video/*.flv"
next
edit 3
set target path
set pattern "/video/*.ts"
next
edit 4
set target path
set pattern "/video/*.on2"
next
edit 5
set target path
set pattern "/video/*.aac"
next
edit 6
set target path
set pattern "/video/*.h264"
next
edit 7
set target path
set pattern "/video/*.h263"
next
edit 8
set target path
set pattern "/sec*.mp4"
next
edit 9
set target path
set pattern "/sec*.flv"
next
edit 10
set target path
set pattern "/sec*.on2"
next
edit 11
set target path
set pattern "/sec*.aac"
next
edit 12
set target path
set pattern "/sec*.h264"
next
edit 13
set target path
set pattern "/sec*.h263"
next
edit 14
set target path
set pattern "*.ts"
next
end
config skip-entries
edit 1
set target parameter
set pattern "start=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://break/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "break.com" "0ebe.edgecastcdn.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/dnet/media/*.flv"
next
edit 2
set target path
set pattern "/dnet/media/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "ec_seek=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mp4*"
next
edit 2
set target path
set pattern "*Seg*"
next
edit 3
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://msn/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "video.msn.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://llnwd/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "llnwd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.fll"
next
end
config skip-entries
edit 1
set target parameter
set pattern "fs=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://yahoo/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "yimg.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.m4s"
next
end
config content-id
set target parameter
set start-str "vid="
set start-skip 0
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://myspace/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "myspacecdn.com"
set category vcache
set request-cache-control enable
set response-cache-control enable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://vimeo/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "vimeo.com" "vimeocdn.com" "56skyfiregce-a.akamaihd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.m4s"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://blip.tv/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "blip.tv"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.m4v"
next
edit 2
set target path
set pattern "/*.flv"
next
edit 3
set target path
set pattern "/*.mp4"
next
edit 4
set target path
set pattern "/*.wmv"
next
edit 5
set target path
set pattern "/*.rm"
next
edit 6
set target path
set pattern "/*.ram"
next
edit 7
set target path
set pattern "/*.mov"
next
edit 8
set target path
set pattern "/*.avi"
next
end
config skip-entries
edit 1
set target parameter
set pattern "ms=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://maker.tv/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "videos-f.jwpsrv.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://aol/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "stream.aol.com" "5min.com" "vidiblevod-vh.akamaihd.net" "stg-ec-ore-u.uplynk.com" "vidible.tv"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*timeoffset=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://clipfish/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "clipfish.de" "universal-music.de"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.f4v"
next
edit 3
set target path
set pattern "/*.mp4"
next
edit 4
set target path
set pattern "/*.m4v"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://cnn/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "cnn-vh.akamaihd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv*"
next
edit 2
set target path
set pattern "*Seg*"
next
edit 3
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mp4*"
next
edit 2
set target path
set pattern "*Seg*"
next
edit 3
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.ts*"
next
edit 2
set target path
set pattern "*Seg*"
next
edit 3
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://foxnews/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "foxnews.com" "foxnews-f.akamaihd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mp4*"
next
edit 2
set target parameter
set pattern "*Seg*"
next
edit 3
set target parameter
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://discovery/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "discovery.com" "discidevflash-f.akamaihd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://liveleak/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "edge.liveleak.com" "cdn.liveleak.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.mp4"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.wmv"
next
edit 2
set target parameter
set pattern "*seek=0"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://sevenload/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "sevenload.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "aktimeoffset=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://stupidvideos/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "stupidvideos.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://howcast/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "media.howcast.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "start=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://vevo/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "vevo.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://ooyala/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "ooyala.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "*Seg*"
next
edit 2
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://ms-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "msads.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://yumenetworks-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "yumenetworks.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://2mdn-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "2mdn.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://eyewonder-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "eyewonder.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://eyereturn-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "eyereturn.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://serving-sys-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "serving-sys.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://amazonaws-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "amazonaws.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://edgesuite-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "edgesuite.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://gorillanation-ads/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "video.gorillanation.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode any
set skip-rule-mode any
config match-entries
edit 1
set target path
set pattern "/*.flv"
next
edit 2
set target path
set pattern "/*.mp4"
next
edit 3
set target path
set pattern "/*.ts"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://youku/"
set comment "Static entries are not allowed to change except disable."
set status enable
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.mp4"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.flv"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule3"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.kux"
next
edit 2
set target parameter
set pattern "*start=0"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule4"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.mp4"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule5"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.flv"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule6"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/youku/*.kux"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*start=*"
next
end
config content-id
set target youku-id
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://tudou/"
set comment "Static entries are not allowed to change except disable."
set status enable
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/f4v/*"
next
edit 2
set target parameter
set pattern "*id=tudou*"
next
end
config skip-entries
edit 1
set target parameter
set pattern "*begin=*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction backward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://cbc/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "cbc.ca" "mobilehls-vh.akamaihd.net"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "*.mp4*"
next
edit 2
set target path
set pattern "*Seg*"
next
edit 3
set target path
set pattern "*Frag*"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
edit "rule2"
set match-mode any
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "*.ts"
next
edit 2
set target path
set pattern "*.mp4"
next
end
config content-id
set target path
set start-str "/"
set start-skip 1
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "vcache://megaupload/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "megaupload.com"
set category vcache
set request-cache-control disable
set response-cache-control disable
set response-expires enable
set updateserver disable
config rules
edit "rule1"
set match-mode all
set skip-rule-mode all
config match-entries
edit 1
set target path
set pattern "/files/*"
next
end
config content-id
set target referrer
set start-str "d="
set start-skip 2
set start-direction forward
set end-str ''
set end-skip 0
set end-direction forward
set range-str ''
end
next
end
next
edit "update://windowsupdate/"
set comment "Static entries are not allowed to change except disable."
set status enable
set host-domain-name-suffix "download.windowsupdate.com"
set category vcache
set request-cache-control enable
set response-cache-control enable
set response-expires enable
set updateserver enable
next
end
config wanopt cache-service
set prefer-scenario balance
set collaboration disable
set device-id "default_dev_id"
set acceptable-connections any
end
config wanopt remote-storage
set status disable
end
config system resource-limits
set log-disk-quota 703406
end
config system vdom-property
edit "root"
set description "property limits for vdom root"
set snmp-index 1
set session 0 0
set ipsec-phase1 0 0
set ipsec-phase2 0 0
set ipsec-phase1-interface 0 0
set ipsec-phase2-interface 0 0
set dialup-tunnel 0 0
set firewall-policy 0 0
set firewall-address 0 0
set firewall-addrgrp 0 0
set custom-service 0 0
set service-group 0 0
set onetime-schedule 0 0
set recurring-schedule 0 0
set user 0 0
set user-group 0 0
set sslvpn 0 0
set proxy 0 0
set log-disk-quota 0 0
next
edit "Policy"
set description "property limits for vdom Policy"
set snmp-index 4
set session 0 0
set ipsec-phase1 0 0
set ipsec-phase2 0 0
set ipsec-phase1-interface 0 0
set ipsec-phase2-interface 0 0
set dialup-tunnel 0 0
set firewall-policy 0 0
set firewall-address 0 0
set firewall-addrgrp 0 0
set custom-service 0 0
set service-group 0 0
set onetime-schedule 0 0
set recurring-schedule 0 0
set user 0 0
set user-group 0 0
set sslvpn 0 0
set proxy 0 0
set log-disk-quota 0 0
next
edit "TEST"
set description "property limits for vdom TEST"
set snmp-index 3
set session 0 0
set ipsec-phase1 0 0
set ipsec-phase2 0 0
set ipsec-phase1-interface 0 0
set ipsec-phase2-interface 0 0
set dialup-tunnel 0 0
set firewall-policy 0 0
set firewall-address 0 0
set firewall-addrgrp 0 0
set custom-service 0 0
set service-group 0 0
set onetime-schedule 0 0
set recurring-schedule 0 0
set user 0 0
set user-group 0 0
set sslvpn 0 0
set proxy 0 0
set log-disk-quota 0 0
next
edit "scsd"
set description "property limits for vdom scsd"
set snmp-index 2
set session 0 0
set ipsec-phase1 0 0
set ipsec-phase2 0 0
set ipsec-phase1-interface 0 0
set ipsec-phase2-interface 0 0
set dialup-tunnel 0 0
set firewall-policy 0 0
set firewall-address 0 0
set firewall-addrgrp 0 0
set custom-service 0 0
set service-group 0 0
set onetime-schedule 0 0
set recurring-schedule 0 0
set user 0 0
set user-group 0 0
set sslvpn 0 0
set proxy 0 0
set log-disk-quota 0 0
next
end
config log syslogd setting
set status disable
end
config log syslogd2 setting
set status disable
end
config log syslogd3 setting
set status disable
end
config log syslogd4 setting
set status disable
end
config log webtrends setting
set status disable
end
config log memory global-setting
set max-size 507278786
set full-first-warning-threshold 75
set full-second-warning-threshold 90
set full-final-warning-threshold 95
end
config log syslogd filter
set severity error
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log syslogd2 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log syslogd3 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log syslogd4 filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log webtrends filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log fortiguard setting
set status disable
set access-config enable
set source-ip 0.0.0.0
set interface-select-method auto
end
config log fortianalyzer setting
set status enable
set ips-archive enable
set server "10.1.48.40"
set certificate-verification enable
set serial "FAZVMSTM22000402"
set preshared-key ''
set access-config enable
set enc-algorithm high
set ssl-min-proto-version default
set conn-timeout 10
set monitor-keepalive-period 5
set monitor-failure-retry-period 5
set certificate ''
set source-ip "192.168.1.241"
set interface-select-method auto
set upload-option realtime
set reliable disable
set priority default
set max-log-rate 0
end
config log fortianalyzer2 setting
set status disable
end
config log fortianalyzer3 setting
set status disable
end
config log fortianalyzer-cloud setting
set status disable
end
config log fortianalyzer filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
end
config firewall ssh local-key
edit "g-Fortinet_SSH_RSA2048"
set password ENC S/jBH+OwC3lNJlHicAZMVf3wgUL5Ax8ufMyew3Dzbk4VkHlcWl3A/WUyqfAbtJ6rAhpRcy8pfLjtq3WvvYJ52Qu35dneygzooyhPFHir2C5WGCK/DCjEtlhFgFLKeIrn8JkkYEb/ffBYU6l5Pd7X1SeUkm2z5eLnLL7WtSml0XeGUGJmnf78KRzc4xm0PY7lsyMxGw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA1mO561N
c7CpF0rN+BdOBQAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwMcyMNKCNYzFHF
tA305t53D83ogXcTrwO8f3ScWdcLBap5o0aqwfOrswdChdOytbHMx3lmpnLZvFt2JbcqT0
jDm+ZSb5NwFCW2h5MJlnLolIx85H0ab7XO+JhK1c/J3U0K/m0Y6q3uXObJsAInPNAJDjqL
VUxgIU438n7dB/NkWQWNjVaddEO/tK9UzzUd5a5JuG2lsukXLGFRC0XIJ94Q9BFuiziNmX
QUZ7LRqm59ZcsixGSQ1YApEvTZFf+Yd/umWIh9bbHeCAZOWZukDy47VLy2uVd3H+HLOSno
ZBpX7xa3c6mjI/oHgz7lQAybNzbPoJiBKq5VlTBhR9kTdB3JnnzKegLNwRtsdtEim/O4xJ
QPxfwGSzE57M9OgPGZMOuFu8Fh07tV06dUnfe9mGDLiQ3HWCZoRW5tuCE0fsieAseqqEiS
Vy13DPGtkSSLUKmBpJQvR6yK79GtMyIxZEmC43xHmCghHTebSnK45ikagYh0BsK01Q1rx1
syqY2Ul3bwCSCTuK2sjqnmgGEIIUI8Yikj0kDLSVJukfxdjU/c4eOcqj8yuRbQyfzFmHsv
debbeU1+oI08M0c5kKVTNeTWQ0iXuETJX1G3gu44xtkQLbCmF4K3byAPGnR2FIBG8tnPaJ
JCjhZQmN1nohNXt5F7nSALJ3UVSpzD6fnKBQSfxbKN4EAggu0NpX3QyhoDvWx378MRukGn
OkLi2Z7c/iZrS5w6Jt+kTJ7n6T5ciiaIvzgi7YjtS7ogwNQfodpXC/pd9KE/H7hgrtwclt
bP9bkpWQKIh/Z4hl2B8hqHDk1wDhNRHRyT2rvuoipJLroyYAZKxS1qerGuArwmxv1YNeNm
oq5Ibisn/CTLT6zVaKmdHD+qBGd46IlEobgLRd3bmKsBIf5hUfd+LcThhOT4OgjgK2jqAS
zOLrNH/Ns+Ut+tz7DhzoRhoTzfitjKdjHl8libziHU4rbulbEuqhnxlGrb9G6xKeFOG1Ha
JUkWoRzX5/tljM2GZRQciN6BF/L9kDboLnR6V2sOS6r/BlnlUMmKhxC81CTzejn4I+XSYk
Y5dBb9PhA2dJuhkgZEj4vGDkXdnL0fSI9qccHAKkAjd4ECFMRtqjnkdLtUODi6EZiZYDJI
zcVK0VdeqiSP2M+vx2WwLKdwVBdhHXyrxv5JGwKaYkmaYwFCJ6DRttHlaTID4HgjVWJCVR
O9UaKreP6Uz9G/L0J54iEclbiKHkC38/IMhi9XhslLzD39f42oKLedWYTJiVgsr3klwtMk
GvWZyLtg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
edit "g-Fortinet_SSH_DSA1024"
set password ENC NK4DwI1OFefgJoUIpFajD03RBQ+GOvnIFlXcUxUWR0lO8vDAeBRRVFUWIXkSpXwu3So1Jg/mkoFpunftA8A61nZ6Ecc/mU7yxZ0HfZysGyo8dCFE/RKkbIOsTNieQVTsbpaqbHh16LH/Wm+yjrkViULoXE9kfTPK9MSgf2q7+vD4UduYUCkg1ZQKKD1hkAM/mpJYAA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDWMdT3yG
/DLzIBU5O0UtJ/AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgxMcP4nd5bs47/RHx
ArZUDjNCJzDVajX1tIDHffLzzlLm2RRU/wKXccxXn1TC14JdA3gOmS/hFa1C/ctWGGFdz1
RDMGJtXQ8+APtMlY7LoLq0soKjkNkY5KDgGBqbZ8dLcYCKYfl4RoCWGeKNYKjbdudRmuix
GP/Iy8L+8qLZd7rSDA6q48zv82nNbPUCtSgRLiG9/CDTQx1ICwO61rdjQLqvwycJ7//885
eXUyaiDA7DD8p/Q/y3L23iLI/t8VEe7sCeFcoFPmJxKURNoCg119GObjEYNDokpv9QOC2G
/uGE672Yvr9YFLe1RPwWpMgQr05tVu05HiPvRlX+hORf+Q80PQaxyCnSGkGh9FHq2Cph3F
nOlujutMPe0E9do0qGavzo7yw4g4L5fUUxgUoWLZPfE0dt7Dy1IP+kltIUqGu6a2StNq8U
rYEYAjVHzaKoU+95oZLimCj0n61LyCNXVg+gcIb+FIq6B4WQhRNJ0ltK7k5TKvCcnClWzj
DDVeZYF7XOPX9S38MGt9vfWZEF+ZnUrGdl4Py5khdfH99mlSDwt42flFQf2usHNR3ZaaHU
meM/WUb803e5fUpdeWXtOx9b+YmRujD4g0N49/OISwkC0MIfhdG2FDsuvpLiZit7
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC o/Q36LFFIP5Ku07K3e1PvuOSApVkzq7hc1VWjl7Dda8YgNIXQumytCFCSYkqjLUwROLwKLOFa2bskVyrwJB2YKuJjG/f1FeRizPtl0iY5Dp5QXQgxNXmdxyNq3IRYpNrc+RUhHoY46N6uQlJsn5GPrxS/asgsJrP5K6Y6bYgUbu8KEyO2dxd7C+/zvJUM7XnvpRd3A==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCYj0k4bh
mxNdVne/WYI48/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgQHrpN3sAxVooYsKXIb5xGNvvwxUtTIIAisaQ
ftEDAx3nTj7+NLlPATgMRDy12pescKquy79fyCFgENFUP+K2pfPsb2IE/RdTcmBsL0646h
hL2sHeuvZ/mhIMti3oLfj91bBs7TBB2MRvHRYvcZD6rdAkumBmyrSPUO4JwqSPkI68kBVo
C9C5gBWgfhqKs6DGgceAFVxbb9+RWrpH9YCpIA==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC wKEkADenFjzvEr9s2dS8dDVpS5CfNcu+EDICEBbVN5Rdg9cNq9YbB14/1yG7tHPri0trB64/E+FcAhJoUopA3K4xKQAnhi1N+p5fGqKaWyRwEr5qt7kzA/p4TUZIW1tD+7I+dPfjp/81VUNqOhlnOJkjEgLGTglh/Ztg3WXW/xfBERDxf8jAVKchfvEh7sOBfFSh3w==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN9BRJMR
77/5pUXIX3azbHAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANChlajlzxrBilfuFt0NeQjCmvICKuDRnd+bDSBxAVZcAnFPKPN/ZOUsHIFry+62R4
xmcknYeWtA09QFKdSbyeOUyqI4CmeqxufXPlPk8N2Mjg/Rub53WkREGx7nv335EUtKyIIE
qc7vNaHvrM8CbUwCD53Tmrv126aSxuuDEBhth1CkIT8LZEcTEYRSHAZEojS8TB4UhHLRfm
Rn+DmbJga0IDnPc/ZgNHGTqYx2toV2Fy/DCJ2en2FejJU89J9ZFrGUfz117vVweEVGLCBr
4j10
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC glFsaDC4E9pTo6nAnPwhgrxLwbbw2YEi+b3CsYGeVoL6eBCl8wrKhmk9Y6WhdrSzDgODto+OduqcuKWoYkB4DVMF/6P4XQHStfgkdxR7UNcB/WFyXBCAM2Y4fOVOV5oWvevEBlYY96uOgXXPEZqL8B2/fCraI+q4qORFJ1n2J7beMNy/7SyFWJ9lxsvUVR8CVNrmtg==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBTZME+kF
3Bzq+XqVo08S4FAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC/5NwC8S8n04Bskl
P/Wnde2xZxoWXlBYuV8iJ8OmT7RRVEi3NhVGbIJMqlXfTVi67DgfbtMpVNVhO3UMwPAoC4
8zcMmJ/1aA58Y+5H8DuYRMfAnuky6vWJFBA4DXgx/vmrn8UK1E2xgW8dgaEEDlLQPittQc
hlwRhgSZrJoRtQPn8OA5ZNePcblOq1WH6PanQP7Bj2SubMTTZ0Mo+gy7y11wDAMd0MYN6Q
d2biFs9XCB9xGNGQIrgOEUQoFJ8AyrbQzZt3Tr7tthp0GDyWoCNICjY/vKS9Av/xMMHaq9
cjEJOwfxqaJfVrEn2/6DS1t2SyTD9C8imQOI2xz/fdVCaO
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC svmfQGYGtOVRGdzLbDk9CHKMP9+Sx8FQGpZHNu+lN+YiKUXY3FCgKRX7/FLPlBUZcDDKEWym+rd+2Gg6ZpQoeeZzakWKIY1ZqnZE1XRmPpA5VNKv7/VtirHPglULQAEoQOvSkSpuKDufs/wAPkcZ0wsGAzKVTDPQJuObkDJqYjFCYNl5LUYodiqxFdPqwcVUiaC0YA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAedjCOkt
+sFbLzTS4y12TbAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkCa1NSX8hj+j3jVwv2A2AU/gLRKzX4h+Gwxyxz
JeBT+OyHbzc8MDCIh8a3tf0fJiQ6VJdj3JjhBrp1OWfy2GHkfpMInRlGGz0Hu4XMU702a0
MgwELDyqSpEdZupNMH44pIjkI0iY/ipgwuNDOTIenADwbqdkC2oX9XA3jIutAB++JU4rvR
NwgjPHD1irGOM7Gg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC K4O4DC8R/GWDJAuDGMSMvrBmtLIujq/pnuQ/qu/PVD+HS4xpheuCBwH0MwJLzLcvOqI/YXkRRCqvchqTgXO/Iw3VOmV/dwu6w2RaLqjNI7NoSn00lxONY61odjuiCagWYqgSnocBkGzHqU1Rl1G8U4A7xPwvmLZTaYtyZSdWkrCeYzsQjJdz7CUDwwRCS/0j9DcKFQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBf8C4hJd
+M6AVhFqreO879AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNT2HECamLA8UM
fFNSAnPj7lq5k64lxdOyGKKbIDDF/wS2H8g2ZlCuJwGpgHoVeFPiqQhJMjBSfwWDS8oOZA
po7PyvszP6XAbnIpBHUMDNdUr1Clso9ra9d2oP43fjhzRSHBD0j/x1nJRvse/cP5XuCa4Z
pGFpgVsz7q+XNEXou8YpAndqUebw/wm3MNzS2AE5YYFQofhSKBxyNSYrsPdaoasmwbnGuv
XW9vPFnDxNNJ0IkEUeXAWZaE2sBYP3qD4C97curFpYuAPYH5FnvvMLuUtyRFzYMv3WKi8z
Mw+01rU4yVtCVoAMYCfqjnisIyxgyQHLpLFfWkvIz6IgAQWVtBypJHxiiG2wcLHscWI0gQ
uCMN/n5QkbBcskRpy52lFypQ2eosTLMzrwfqQF5PDoDz/2Jnf5qXK9hQsNA3fHn2KoyODY
VmXb1G044Qq3/3ZsW7zkgWfyWJ1fgcIYiJg+wy/KQBkPlew/m5oheT8bs0aivJ8FW8gS1u
8zq/lBhWxsSsCfD8/nD9ROanz8yArOa8WfF/BFLs1UqkB4oAuVa5dA9xVhIeBbeA6E8eRm
ucu/a6+tmjaELkiwwscurSqEgELD+K5esR23MAe/Aw5BuzGHRdEDwa79PuqtgpMP7QEFND
yL/Xe6E4TGMTV5hQYpj7e5dunhr60rd4kg+ZAgfRwDzOaU2ry7n2bSxY/Cauc/dogM0rbG
SHCohMdMp0We53Y2J7ffmZzDySRIfgxRpjGN/Zv1QH1s3fbqwEG5R2leAlG0+bdN9jXn5F
dcZ4TGrm8wluUwfrU+mXcoAzelwuphNfbzwp0rIEnxIZxd6puFV7Svlsg4STr1YvA98E7N
2gDQhd3vYyIFPZG6CtAjzjP3e4KzEXghjgHXLYI31dS8HCVOKCC91tTc5Ojll76jmakIWT
r9dhSvjkACc688ixxo40qtX79Y33a8lEh1YZqPZ+qF/RgwQS4Wpa8hyZS6xFN2kMtQc9Up
gCurTRhfA9R5c/Mbgn097CYBOwu3nCfcjgBQ03xwmUJpB2pVKngd/dc/n37J2Z97Nl4Wu3
Zs4ftOGyqXgmM61ddTYhF6ZZbpjBkdKFFEfl6XkBZDUiVaMsq7hIiCYUCGE/cvljzYuntt
XEnf4fO8Ifr8sviwPE4gRaHHePPo9EtFAlSewYzeI3M1EkYPAzSf28ztk74FydHUGfqPkF
RjGiTkUG4NozwGmSG3LGYleBc0CySr+j4Q/qiCEgRQpkihrWkO/j+ILiog9Trh5x/+c2X9
V9G26szw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC lgVKqKzrnoQkcm0/OUXL0d91jupvWdzt8hsxuRe/MG3LQhKtJA/eenTIvob7qWGUr4kBxQoXTr1hkPpNNQZsGAJVUrW35Zkoj8CJ1A7PYRoMi1aTLIlCu/nYVDbCFlKobR9AzgCf/8TRzHg7YV1oEzt41qAvrmTlTQ/L/SSMXgq5u5wn0lIN8wvWvsPZzRWHnrDlIA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBU2aLPen
uU59+GRRZCZgSJAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwEWDeIVUpNfN6N
N9tfe7OnulqQ3OdP7T7M8A596uBvR4P1G7BAcPgC+xoTQP+W94crBOhoq49mlZJBJGnPwg
+ufxwO8eg8NUAPyMAaS6M8yaTcFvopwbZnMo8Ioey1rX/1JD0W+RJwV7N8FM95waqsjDnB
fLQy2F8KvzvycsQF4ATAVPbrkcaED3JxQEiHtlMZuIuCtB3Gq0xYJ6sz84NpW2aXlPFzuu
80YhUVuD7oZESSRIzMZ35/Td1rXeP/JOgFkrL0NSb7RgaHDqFKE4LHC+o+NgskxRPumlhb
H160LskSooMIVZCKGTii/c1Ipo2YVrAeaUrxgRSGQPeHJ4pivs8/bYP9fd1AHQ64UTX56x
P60fOA9lhwQtnlox+7J6H1biMMrwboqpI/19y+Qmfd35jbIUTwzxbEeqw55Vxcn29FGU1S
CtkHwyGB38OFFlawdb05PMT3X5KKXmss8ge4xAoRXooNbVAy6p9R0jrSyU1CKvnYoXPyjd
nEa6FBZTJNo9ygt0TnlNYEpdaCmiknxMxxnHN3oVLpSLeEHjEqFIXwr+322OqN1Wt90pD0
QV/5UxiT+bX55IYcz0F9Y05kw60Okc/Gy6NGPyOjuLpHGgVWI+WDueR5sBFP3nQmUjvCi6
jzzTNgSQV9ED9klycj4NCqNZvbqHAE3PKp5hRkUZ4GB8aGb2NzuUs3cx+JDgLxIW5QC6v6
kfgc1FAYaVH2cm+FHX+pt+uSqB38RE10lnfnR1oG3ldegelN4lJYkibIafYynDrzv1Xi8j
Oqd4z/ds41KcGll9gsWclP7MmhL2s6w/cOOwRvZRDNknK1uA111B+yPdsuA78N0ACYulAX
HT1aiEnwFjfaZauBSPtJex0TbjAQWZ5b6+0XAjkfru+ptV9GfMEsQpfHBIge4JmkcXCFoE
czjAqskJ9YddKe2FfJGxc1jMCkmA+h/2oR8OyMUSGXxTwKLPabeUFwBuPKH56PqAjIPoKW
4h+EPfOx3pPY92rDvZ/ETBNf+o/vvxkOPmh3TSRoo2knQvNuWiQ7OPGXrXa0PeZ1UvDRuU
PMTkbpooKletk49Jw8WOzUqIRd8yF8g2i8tzZ2Xlr8RnOLRBsOzXagjBGyk56kAMhaOOrm
n+MTbxpM61zYilvCOBeSIvzWp4DjjqXfuFcEpzEHDTZ9Yvz474s1qinmgEibtYSoY61d9d
QxAI2xneFlb207A+/PTuFaDoCE9g/CD17Rc+WoCP0eU8p/yaLpWIq0JQyEXK48vKCJcVvM
gs3wZo+Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssl setting
set proxy-connect-timeout 30
set ssl-dh-bits 2048
set ssl-send-empty-frags enable
set no-matching-cipher-action bypass
set cert-cache-capacity 200
set cert-cache-timeout 10
set session-cache-capacity 500
set session-cache-timeout 20
set kxp-queue-threshold 16
set ssl-queue-threshold 32
set abbreviate-handshake enable
end
config firewall ipv6-eh-filter
set hop-opt disable
set dest-opt disable
set routing enable
set routing-type 0
set fragment disable
set auth disable
set no-next disable
end
config dlp settings
set storage-device ''
set size 16
set db-mode stop-adding
set cache-mem-percent 2
set chunk-size 2800
end
config system standalone-cluster
set standalone-group-id 0
set group-member-id 0
set layer2-connection unavailable
unset session-sync-dev
set encryption disable
end
config system cluster-sync
end
config switch-controller system
set parallel-process-override disable
set data-sync-interval 60
set iot-weight-threshold 1
set iot-scan-interval 60
set iot-holdoff 5
set iot-mac-idle 1440
set nac-periodic-interval 15
set dynamic-periodic-interval 15
set tunnel-mode compatible
end
config wireless-controller timers
set echo-interval 30
set discovery-interval 5
set client-idle-timeout 300
set auth-timeout 5
set rogue-ap-log 0
set fake-ap-log 1
set rogue-ap-cleanup 0
set sta-stats-interval 1
set vap-stats-interval 15
set radio-stats-interval 15
set sta-capability-interval 30
set sta-locate-timer 1800
set ipsec-intf-cleanup 120
set ble-scan-report-intv 30
set drma-interval 60
end
config emailfilter fortishield
set spam-submit-srv "www.nospammer.net"
set spam-submit-force enable
set spam-submit-txt2htm enable
end
config emailfilter options
set dns-timeout 7
end
config system fortiguard
set fortiguard-anycast disable
set protocol udp
set port 53
set load-balance-servers 1
set update-server-location usa
set sandbox-region ''
set update-ffdb enable
set update-uwdb enable
set update-extdb enable
set update-build-proxy enable
set antispam-force-off disable
set antispam-cache enable
set antispam-cache-ttl 1800
set antispam-cache-mpercent 2
set antispam-timeout 7
set outbreak-prevention-force-off disable
set outbreak-prevention-cache enable
set outbreak-prevention-cache-ttl 300
set outbreak-prevention-cache-mpercent 2
set outbreak-prevention-timeout 7
set webfilter-force-off disable
set webfilter-cache enable
set webfilter-cache-ttl 3600
set webfilter-timeout 15
set sdns-server-ip "208.91.112.220" "173.243.140.53" "210.7.96.53"
set sdns-server-port 53
unset sdns-options
set source-ip 0.0.0.0
set source-ip6 ::
set proxy-server-ip 0.0.0.0
set proxy-server-port 0
set proxy-username ''
set proxy-password ENC dHM8aLWRNtrfiGh0SFPFtEfKGV7GR9nZoTgMHyv+cO7unkBeHl/iy50Dv/GCzASxjaUnbBquNn7TN7WTwL1n3vBGfGa7TghFpn/mhNpPGQSZxm7SM3u5uddqgjK2gQKnk3elL8RUfI+Qjx7QoTSA1CQARZaq01MSNsrohZevkZaLmjXWPzW9xeYVNrRDuimnx6mFKA==
set ddns-server-ip 0.0.0.0
set ddns-server-ip6 ::
set ddns-server-port 443
set interface-select-method auto
end
config endpoint-control fctems
edit 1
set status disable
set name ''
set dirty-reason none
set fortinetone-cloud-authentication disable
set server ''
set https-port 443
set serial-number ''
set source-ip 0.0.0.0
set pull-sysinfo disable
set pull-vulnerabilities disable
set pull-avatars disable
set pull-tags disable
set pull-malware-hash disable
unset capabilities
set call-timeout 30
set out-of-sync-threshold 180
set websocket-override disable
set preserve-ssl-session disable
set interface-select-method auto
set trust-ca-cn enable
next
edit 2
set status disable
set name ''
set dirty-reason none
set fortinetone-cloud-authentication disable
set server ''
set https-port 443
set serial-number ''
set source-ip 0.0.0.0
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set pull-tags enable
set pull-malware-hash enable
unset capabilities
set call-timeout 30
set out-of-sync-threshold 180
set websocket-override disable
set preserve-ssl-session disable
set interface-select-method auto
set trust-ca-cn enable
next
edit 3
set status disable
set name ''
set dirty-reason none
set fortinetone-cloud-authentication disable
set server ''
set https-port 443
set serial-number ''
set source-ip 0.0.0.0
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set pull-tags enable
set pull-malware-hash enable
unset capabilities
set call-timeout 30
set out-of-sync-threshold 180
set websocket-override disable
set preserve-ssl-session disable
set interface-select-method auto
set trust-ca-cn enable
next
edit 4
set status disable
set name ''
set dirty-reason none
set fortinetone-cloud-authentication disable
set server ''
set https-port 443
set serial-number ''
set source-ip 0.0.0.0
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set pull-tags enable
set pull-malware-hash enable
unset capabilities
set call-timeout 30
set out-of-sync-threshold 180
set websocket-override disable
set preserve-ssl-session disable
set interface-select-method auto
set trust-ca-cn enable
next
edit 5
set status disable
set name ''
set dirty-reason none
set fortinetone-cloud-authentication disable
set server ''
set https-port 443
set serial-number ''
set source-ip 0.0.0.0
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set pull-tags enable
set pull-malware-hash enable
unset capabilities
set call-timeout 30
set out-of-sync-threshold 180
set websocket-override disable
set preserve-ssl-session disable
set interface-select-method auto
set trust-ca-cn enable
next
end
config ips global
set fail-open disable
set database extended
set traffic-submit disable
set anomaly-mode continuous
set session-limit-mode heuristic
set socket-size 128
set engine-count 0
set sync-session-ttl enable
set np-accel-mode basic
set ips-reserve-cpu disable
set cp-accel-mode advanced
set deep-app-insp-timeout 0
set deep-app-insp-db-limit 0
set exclude-signatures industrial
set packet-log-queue-depth 128
set ngfw-max-scan-range 4096
config tls-active-probe
set interface-select-method auto
end
end
config system email-server
set type custom
set server "notification.fortinet.net"
set port 465
set source-ip 0.0.0.0
set source-ip6 ::
set authenticate disable
set validate-server disable
set security smtps
set ssl-min-proto-version default
set interface-select-method auto
end
config system session-helper
edit 1
set name pptp
set protocol 6
set port 1723
next
edit 2
set name h323
set protocol 6
set port 1720
next
edit 3
set name ras
set protocol 17
set port 1719
next
edit 4
set name tns
set protocol 6
set port 1521
next
edit 5
set name tftp
set protocol 17
set port 69
next
edit 6
set name rtsp
set protocol 6
set port 554
next
edit 7
set name rtsp
set protocol 6
set port 7070
next
edit 8
set name rtsp
set protocol 6
set port 8554
next
edit 9
set name ftp
set protocol 6
set port 21
next
edit 10
set name mms
set protocol 6
set port 1863
next
edit 11
set name pmap
set protocol 6
set port 111
next
edit 12
set name pmap
set protocol 17
set port 111
next
edit 14
set name dns-udp
set protocol 17
set port 53
next
edit 15
set name rsh
set protocol 6
set port 514
next
edit 16
set name rsh
set protocol 6
set port 512
next
edit 17
set name dcerpc
set protocol 6
set port 135
next
edit 18
set name dcerpc
set protocol 17
set port 135
next
edit 19
set name mgcp
set protocol 17
set port 2427
next
edit 20
set name mgcp
set protocol 17
set port 2727
next
end
config system fips-cc
end
config system tos-based-priority
end
config system dscp-based-priority
end
config system probe-response
set mode none
end
config system auto-install
set auto-install-config enable
set auto-install-image enable
set default-config-file "fgt_system.conf"
set default-image-file "image.out"
end
config system console
set mode line
set output standard
set login enable
set fortiexplorer enable
end
config system ntp
set ntpsync enable
set type custom
set syncinterval 5
config ntpserver
edit 1
set server "10.1.1.2"
set ntpv3 disable
set authentication disable
set interface-select-method auto
next
edit 2
set server "10.1.1.3"
set ntpv3 disable
set authentication disable
set interface-select-method auto
next
end
set source-ip 0.0.0.0
set source-ip6 ::
set server-mode disable
end
config system smc-ntp
set ntpsync disable
set syncinterval 60
set channel 5
end
config system vdom-radius-server
end
config system ftm-push
set server-port 4433
set server-cert "Fortinet_Factory"
set server-ip 0.0.0.0
set server ''
set status disable
end
config system geoip-override
end
config system fortisandbox
set status disable
set email ''
end
config system fortindr
set status disable
end
config system vdom-exception
end
config system csf
set status disable
set log-unification enable
set fabric-workers 2
set forticloud-account-enforcement enable
end
config system automation-trigger
edit "Network Down"
set description ''
set trigger-type event-based
set event-type event-log
set logid 20099
config fields
edit 1
set name "status"
set value "DOWN"
next
end
next
edit "HA Failover"
set description ''
set trigger-type event-based
set event-type ha-failover
next
edit "Reboot"
set description ''
set trigger-type event-based
set event-type reboot
next
edit "FortiAnalyzer Connection Down"
set description ''
set trigger-type event-based
set event-type event-log
set logid 22902
next
edit "License Expired Notification"
set description ''
set trigger-type event-based
set event-type license-near-expiry
set license-type any
next
edit "Compromised Host Quarantine"
set description ''
set trigger-type event-based
set event-type ioc
next
edit "Incoming Webhook Call"
set description ''
set trigger-type event-based
set event-type incoming-webhook
next
edit "Security Rating Notification"
set description ''
set trigger-type event-based
set event-type security-rating-summary
set report-type posture
next
end
config system automation-action
edit "Network Down_email"
set description ''
set action-type email
set email-from ''
set email-subject "Network Down"
set minimum-interval 0
set message "%%log%%"
set replacement-message disable
next
edit "HA Failover_email"
set description ''
set action-type email
set email-from ''
set email-subject "HA Failover"
set minimum-interval 0
set message "%%log%%"
set replacement-message disable
next
edit "Reboot_email"
set description ''
set action-type email
set email-from ''
set email-subject "Reboot"
set minimum-interval 0
set message "%%log%%"
set replacement-message disable
next
edit "FortiAnalyzer Connection Down_ios-notification"
set description ''
set action-type fortiexplorer-notification
set minimum-interval 0
next
edit "License Expired Notification_ios-notification"
set description ''
set action-type fortiexplorer-notification
set minimum-interval 0
next
edit "Security Rating Notification_ios-notification"
set description ''
set action-type fortiexplorer-notification
set minimum-interval 0
next
edit "Compromised Host Quarantine_quarantine"
set description ''
set action-type quarantine
next
edit "Compromised Host Quarantine_quarantine-forticlient"
set description ''
set action-type quarantine-forticlient
next
end
config system automation-destination
end
config system automation-stitch
edit "Network Down"
set description ''
set status disable
set trigger "Network Down"
config actions
edit 1
set action "Network Down_email"
set delay 0
set required disable
next
end
next
edit "HA Failover"
set description ''
set status disable
set trigger "HA Failover"
config actions
edit 1
set action "HA Failover_email"
set delay 0
set required disable
next
end
next
edit "Reboot"
set description ''
set status disable
set trigger "Reboot"
config actions
edit 1
set action "Reboot_email"
set delay 0
set required disable
next
end
next
edit "FortiAnalyzer Connection Down"
set description ''
set status enable
set trigger "FortiAnalyzer Connection Down"
config actions
edit 1
set action "FortiAnalyzer Connection Down_ios-notification"
set delay 0
set required disable
next
end
next
edit "License Expired Notification"
set description ''
set status enable
set trigger "License Expired Notification"
config actions
edit 1
set action "License Expired Notification_ios-notification"
set delay 0
set required disable
next
end
next
edit "Compromised Host Quarantine"
set description ''
set status disable
set trigger "Compromised Host Quarantine"
config actions
edit 1
set action "Compromised Host Quarantine_quarantine"
set delay 0
set required disable
next
edit 2
set action "Compromised Host Quarantine_quarantine-forticlient"
set delay 0
set required disable
next
end
next
edit "Incoming Webhook Quarantine"
set description ''
set status disable
set trigger "Incoming Webhook Call"
config actions
edit 1
set action "Compromised Host Quarantine_quarantine"
set delay 0
set required disable
next
edit 2
set action "Compromised Host Quarantine_quarantine-forticlient"
set delay 0
set required disable
next
end
next
edit "Security Rating Notification"
set description ''
set status enable
set trigger "Security Rating Notification"
config actions
edit 1
set action "Security Rating Notification_ios-notification"
set delay 0
set required disable
next
end
next
end
config monitoring npu-hpe
set status disable
set interval 1
set multipliers 4 4 4 4 8 8 8 8 8 8 8 8
end
config system saml
set status disable
set default-login-page normal
set default-profile ''
end
config system federated-upgrade
set status disabled
set upgrade-id 0
set next-path-index 0
end
config system ike
set embryonic-limit 20000
set dh-multiprocess disable
end
config system acme
set source-ip 0.0.0.0
set source-ip6 ::
end
config system ipam
set status disable
set server-type fabric-root
end
end
config vdom
edit root
config wireless-controller hotspot20 anqp-venue-name
end
config wireless-controller hotspot20 anqp-venue-url
end
config wireless-controller hotspot20 anqp-network-auth-type
end
config wireless-controller hotspot20 anqp-roaming-consortium
end
config wireless-controller hotspot20 anqp-nai-realm
end
config wireless-controller hotspot20 anqp-3gpp-cellular
end
config wireless-controller hotspot20 anqp-ip-address-type
end
config wireless-controller hotspot20 h2qp-operator-name
end
config wireless-controller hotspot20 h2qp-wan-metric
end
config wireless-controller hotspot20 h2qp-conn-capability
end
config wireless-controller hotspot20 icon
end
config wireless-controller hotspot20 h2qp-osu-provider
end
config wireless-controller hotspot20 qos-map
end
config wireless-controller hotspot20 h2qp-advice-of-charge
end
config wireless-controller hotspot20 h2qp-osu-provider-nai
end
config wireless-controller hotspot20 h2qp-terms-and-conditions
end
config wireless-controller hotspot20 hs-profile
end
config wireless-controller vap
end
config system object-tagging
edit "default"
set address optional
set device optional
set interface optional
set multiple enable
set color 0
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set policer-status enable
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set policer-status enable
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
end
config switch-controller fortilink-settings
end
config system stp
set switch-priority 32768
set hello-time 2
set forward-delay 15
set max-age 20
set max-hops 20
end
config system settings
set comments ''
set opmode nat
set policy-offload-level disable
set ngfw-mode profile-based
set http-external-dest fortiweb
set firewall-session-dirty check-all
set bfd disable
set utf8-spam-tagging enable
set wccp-cache-engine disable
set vpn-stats-log ipsec pptp l2tp ssl
set vpn-stats-period 600
set v4-ecmp-mode source-ip-based
set fw-session-hairpin disable
set prp-trailer-action disable
set snat-hairpin-traffic enable
set dhcp-proxy disable
set central-nat disable
set lldp-reception global
set lldp-transmission global
set link-down-access enable
set nat46-generate-ipv6-fragment-header disable
set nat46-force-ipv4-packet-forwarding disable
set nat64-force-ipv6-packet-forwarding enable
set auxiliary-session disable
set asymroute disable
set asymroute-icmp disable
set tcp-session-without-syn disable
set ses-denied-traffic disable
set strict-src-check disable
set allow-linkdown-path disable
set asymroute6 disable
set asymroute6-icmp disable
set sctp-session-without-init disable
set sip-expectation disable
set sip-nat-trace enable
set h323-direct-model enable
set status enable
set sip-tcp-port 5060
set sip-udp-port 5060
set sip-ssl-port 5061
set sccp-port 2000
set multicast-forward enable
set multicast-ttl-notchange disable
set allow-subnet-overlap disable
set deny-tcp-with-icmp disable
set ecmp-max-paths 255
set discovered-device-timeout 28
set email-portal-check-dns enable
set default-voip-alg-mode proxy-based
set gui-icap disable
set gui-implicit-policy enable
set gui-dns-database disable
set gui-load-balance disable
set gui-multicast-policy disable
set gui-dos-policy enable
set gui-object-colors enable
set gui-voip-profile disable
set gui-ap-profile enable
set gui-security-profile-group disable
set gui-local-in-policy disable
set gui-wanopt-cache disable
set gui-explicit-proxy disable
set gui-dynamic-routing enable
set gui-sslvpn-personal-bookmarks disable
set gui-sslvpn-realms disable
set gui-policy-based-ipsec disable
set gui-threat-weight enable
set gui-spamfilter disable
set gui-file-filter disable
set gui-application-control enable
set gui-ips enable
set gui-endpoint-control enable
set gui-endpoint-control-advanced disable
set gui-dhcp-advanced enable
set gui-vpn enable
set gui-wireless-controller enable
set gui-switch-controller enable
set gui-fortiap-split-tunneling disable
set gui-traffic-shaping enable
set gui-wan-load-balancing enable
set gui-antivirus enable
set gui-webfilter disable
set gui-videofilter enable
set gui-dnsfilter disable
set gui-waf-profile disable
set gui-fortiextender-controller disable
set gui-advanced-policy disable
set gui-allow-unnamed-policy disable
set gui-email-collection disable
set gui-multiple-interface-policy disable
set gui-policy-disclaimer disable
set gui-ztna enable
set location-id 0.0.0.0
set ike-session-resume disable
set ike-quick-crash-detect disable
set ike-dn-format with-space
set ike-port 500
set ike-policy-route disable
set block-land-attack disable
set application-bandwidth-tracking disable
end
config system sit-tunnel
end
config system arp-table
end
config system ipv6-neighbor-cache
end
config system replacemsg-group
edit "default"
set comment "Default replacement message group."
set group-type default
next
end
config system session-ttl
set default 3600
end
config system dhcp server
edit 1
set status enable
set lease-time 604800
set mac-acl-default-action assign
set forticlient-on-net-status enable
set dns-service default
set wifi-ac-service specify
set wifi-ac1 0.0.0.0
set wifi-ac2 0.0.0.0
set wifi-ac3 0.0.0.0
set ntp-service specify
set domain ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set default-gateway 192.168.200.1
set next-server 0.0.0.0
set netmask 255.255.255.0
set interface "mgmt2"
config ip-range
edit 1
set start-ip 192.168.200.2
set end-ip 192.168.200.254
next
end
set timezone-option disable
set filename ''
set server-type regular
set conflicted-ip-timeout 1800
set auto-configuration enable
set dhcp-settings-from-fortiipam disable
set ddns-update disable
set vci-match disable
set ntp-server1 0.0.0.0
set ntp-server2 0.0.0.0
set ntp-server3 0.0.0.0
next
end
config system dhcp6 server
end
config system modem
set status disable
set pin-init ''
set network-init ''
set lockdown-lac ''
set mode standalone
set auto-dial disable
set dial-on-demand disable
set idle-timer 5
set redial none
set reset 0
set connect-timeout 90
set wireless-port 0
set dont-send-CR1 disable
set phone1 ''
set dial-cmd1 ''
set username1 ''
set passwd1 ENC 1MpQWKAE6bHbkcLE9I3evEhR8zaEWmlC48WmgOwWaAfLjs8Hz7O81+iJB3f2+Q331FSJm35v31z4oh57VyCAskmb9Wp/aV6pnK/l6onxL99jO68btrg3e5j9GKU4FXoSCeNtFPL8hQlHvT3jDfGcFrvt9DfQq5O/Rq3hhGXfB56iCkzxrJfaXaoED/G6CG5sqERhRw==
set extra-init1 ''
set peer-modem1 generic
set ppp-echo-request1 enable
set authtype1 pap chap mschap mschapv2
set dont-send-CR2 disable
set phone2 ''
set dial-cmd2 ''
set username2 ''
set passwd2 ENC 2uIOvSurCCEMPG1zJTzbHJl6YLS2U79eXMVkSnUEcvtLbfnaRqD/v0UM4VqO6WPa5O259KLBgurIA6EY2y+YWPxl7EuDTbGFgPWx6h/tGQKFQ/El0TpYl4PinF+rjKWegmI1eGj6A2pZY9yp9D9vwxsY8uI90AlnB9Dudht1iiiFjDaLzs7NJYEbSR4HZColE6SU0g==
set extra-init2 ''
set peer-modem2 generic
set ppp-echo-request2 enable
set authtype2 pap chap mschap mschapv2
set dont-send-CR3 disable
set phone3 ''
set dial-cmd3 ''
set username3 ''
set passwd3 ENC 7dQ79AlNNdM64hhKU6tMtEncP6y7y/LZDoF14u0nnyWMEzB7/QyJ06OE3qWJFvFRlrKdMTn2B4OmxUCeFE+UDVZ910dn5uqZRSA0rsrhJwYRZlk5Z91eU0dSbApoMg9iJztcrQwvi1MfS/Y80K+q6dZDGQxPazr/mzYYeUBlI5lUxkQfU3VtPE9+0DYXs1E2PkF+1w==
set extra-init3 ''
set peer-modem3 generic
set ppp-echo-request3 enable
set altmode enable
set authtype3 pap chap mschap mschapv2
set distance 1
set priority 0
end
config system 3g-modem custom
end
config system zone
end
config firewall address
edit "none"
set uuid 7e89d32c-7abc-51ec-ada3-e0bf09e3f43d
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 255.255.255.255
next
edit "login.microsoftonline.com"
set uuid 7e89d9bc-7abc-51ec-748f-69691c3b494c
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoftonline.com"
set cache-ttl 0
next
edit "login.microsoft.com"
set uuid 7e89df3e-7abc-51ec-f5ae-b57e90f6f270
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoft.com"
set cache-ttl 0
next
edit "login.windows.net"
set uuid 7e89e3c6-7abc-51ec-e5a7-17e461dedf86
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.windows.net"
set cache-ttl 0
next
edit "gmail.com"
set uuid 7e89e826-7abc-51ec-bb70-9f12149152de
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "gmail.com"
set cache-ttl 0
next
edit "wildcard.google.com"
set uuid 7e89ec72-7abc-51ec-a7bb-3a00a6de5aca
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.google.com"
set cache-ttl 0
next
edit "wildcard.dropbox.com"
set uuid 7e89f5f0-7abc-51ec-dee4-ca2ba4b9de4d
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.dropbox.com"
set cache-ttl 0
next
edit "all"
set uuid 7e946422-7abc-51ec-fcd4-6272903f0e79
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid 7e9465e4-7abc-51ec-18eb-b3a1b533951c
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FABRIC_DEVICE"
set uuid 7e946756-7abc-51ec-8e5a-18caba2cdf21
set type ipmask
set comment "IPv4 addresses of Fabric Devices."
set associated-interface ''
set color 0
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "SSLVPN_TUNNEL_ADDR1"
set uuid 7e94dbfa-7abc-51ec-26c3-04e68952913c
set type iprange
set comment ''
set color 0
set fabric-object disable
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid 89320da2-7d1a-51ec-883d-26894f0a2b7e
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
end
config firewall multicast-address
edit "all"
set type multicastrange
set start-ip 224.0.0.0
set end-ip 239.255.255.255
set comment ''
set associated-interface ''
set color 0
next
edit "all_hosts"
set type multicastrange
set start-ip 224.0.0.1
set end-ip 224.0.0.1
set comment ''
set associated-interface ''
set color 0
next
edit "all_routers"
set type multicastrange
set start-ip 224.0.0.2
set end-ip 224.0.0.2
set comment ''
set associated-interface ''
set color 0
next
edit "Bonjour"
set type multicastrange
set start-ip 224.0.0.251
set end-ip 224.0.0.251
set comment ''
set associated-interface ''
set color 0
next
edit "EIGRP"
set type multicastrange
set start-ip 224.0.0.10
set end-ip 224.0.0.10
set comment ''
set associated-interface ''
set color 0
next
edit "OSPF"
set type multicastrange
set start-ip 224.0.0.5
set end-ip 224.0.0.6
set comment ''
set associated-interface ''
set color 0
next
end
config firewall address6-template
end
config firewall address6
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid 7e94de98-7abc-51ec-535f-ea484729663b
set type ipprefix
set ip6 fdff:ffff::/120
set color 0
set comment ''
set fabric-object disable
next
edit "all"
set uuid 7e8a0bda-7abc-51ec-6793-47d646768988
set type ipprefix
set ip6 ::/0
set color 0
set comment ''
set fabric-object disable
next
edit "none"
set uuid 7e8a0fa4-7abc-51ec-1f1e-1d8d41102c74
set type ipprefix
set ip6 ::/128
set color 0
set comment ''
set fabric-object disable
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
set comment ''
set color 0
next
end
config system ipv6-tunnel
end
config firewall addrgrp
edit "G Suite"
set type default
set category default
set uuid 7e89fd16-7abc-51ec-b36a-97f92912a844
set member "gmail.com" "wildcard.google.com"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Microsoft Office 365"
set type default
set category default
set uuid 7e8a03ba-7abc-51ec-826a-4988e9b80b6e
set member "login.microsoftonline.com" "login.microsoft.com" "login.windows.net"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
end
config firewall addrgrp6
end
config firewall wildcard-fqdn custom
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
end
config firewall wildcard-fqdn group
end
config firewall service category
edit "General"
set comment "General services."
set fabric-object disable
next
edit "Web Access"
set comment "Web access."
set fabric-object disable
next
edit "File Access"
set comment "File access."
set fabric-object disable
next
edit "Email"
set comment "Email services."
set fabric-object disable
next
edit "Network Services"
set comment "Network services."
set fabric-object disable
next
edit "Authentication"
set comment "Authentication service."
set fabric-object disable
next
edit "Remote Access"
set comment "Remote access."
set fabric-object disable
next
edit "Tunneling"
set comment "Tunneling service."
set fabric-object disable
next
edit "VoIP, Messaging & Other Applications"
set comment "VoIP, messaging, and other applications."
set fabric-object disable
next
edit "Web Proxy"
set comment "Explicit web proxy."
set fabric-object disable
next
end
config firewall service custom
edit "DNS"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 53
set udp-portrange 53
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTP"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 80
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTPS"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 443
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 143
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 993
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DCE-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 135
set udp-portrange 135
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 110
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3S"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 995
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SAMBA"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 139
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 25
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 465
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "KERBEROS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 88 464
set udp-portrange 88 464
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP_UDP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 389
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMB"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 445
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_GET"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_PUT"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL"
set proxy disable
set category "General"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 0
next
edit "ALL_TCP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1-65535
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_UDP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1-65535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_ICMP"
set proxy disable
set category "General"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "ALL_ICMP6"
set proxy disable
set category "General"
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "GRE"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 47
next
edit "AH"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 51
next
edit "ESP"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 50
next
edit "AOL"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5190-5194
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "BGP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 179
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 67-68
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FINGER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 79
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "GOPHER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 70
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "H323"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720 1503
set udp-portrange 1719
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IKE"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 500 4500
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Internet-Locator-Service"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IRC"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6660-6669
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "L2TP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1701
set udp-portrange 1701
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NetMeeting"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NFS"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111 2049
set udp-portrange 111 2049
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NNTP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 119
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NTP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 123
set udp-portrange 123
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "OSPF"
set proxy disable
set category "Network Services"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 89
next
edit "PC-Anywhere"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5631
set udp-portrange 5632
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING"
set proxy disable
set category "Network Services"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111
set udp-portrange 111
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PPTP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1723
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "QUAKE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 26000 27000 27910 27960
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RAUDIO"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 7070
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "REXEC"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 512
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RIP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 520
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RLOGIN"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 513:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RSH"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 514:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SCCP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060
set udp-portrange 5060
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP-MSNmessenger"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1863
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SNMP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 161-162
set udp-portrange 161-162
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SSH"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 22
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SYSLOG"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 514
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TALK"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 517-518
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TELNET"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 23
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TFTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 69
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MGCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 2427 2727
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UUCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 540
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VDOLIVE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7010
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WAIS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 210
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINFRAME"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1494 2598
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "X-WINDOWS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6000-6063
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING6"
set proxy disable
set category ''
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433 1434
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MYSQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3306
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RDP"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VNC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5900
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP6"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 546 547
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SQUID"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3128
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SOCKS"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1080
set udp-portrange 1080
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1512
set udp-portrange 1512
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1812 1813
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS-OLD"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1645 1646
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "CVSPSERVER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2401
set udp-portrange 2401
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "AFS3"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TRACEROUTE"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 33434-33535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RTSP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 554 7070 8554
set udp-portrange 554
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MMS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1755
set udp-portrange 1024-5000
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NONE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "webproxy"
set proxy enable
set category "Web Proxy"
set protocol ALL
set helper auto
set comment ''
set color 0
set visibility enable
set app-service-type disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0-65535:0-65535
next
end
config firewall service group
edit "Email Access"
set proxy disable
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Web Access"
set proxy disable
set member "DNS" "HTTP" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Windows AD"
set proxy disable
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
set comment ''
set color 0
set fabric-object disable
next
edit "Exchange Server"
set proxy disable
set member "DCE-RPC" "DNS" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
end
config firewall internet-service-group
end
config firewall internet-service-extension
end
config firewall internet-service-custom
end
config firewall internet-service-custom-group
end
config system external-resource
end
config vpn certificate ca
end
config vpn certificate remote
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config vpn certificate crl
end
config vpn certificate ocsp-server
end
config vpn certificate setting
set ocsp-status disable
set ocsp-option server
set ocsp-default-server ''
set interface-select-method auto
set check-ca-cert enable
set check-ca-chain disable
set subject-match substring
set subject-set subset
set cn-match substring
set cn-allow-multi enable
config crl-verification
set expiry ignore
set leaf-crl-absence ignore
set chain-crl-absence ignore
end
set strict-ocsp-check disable
set ssl-min-proto-version default
set cmp-save-extra-certs disable
set cmp-key-usage-checking enable
set certname-rsa1024 "Fortinet_SSL_RSA1024"
set certname-rsa2048 "Fortinet_SSL_RSA2048"
set certname-rsa4096 "Fortinet_SSL_RSA4096"
set certname-dsa1024 "Fortinet_SSL_DSA1024"
set certname-dsa2048 "Fortinet_SSL_DSA2048"
set certname-ecdsa256 "Fortinet_SSL_ECDSA256"
set certname-ecdsa384 "Fortinet_SSL_ECDSA384"
set certname-ecdsa521 "Fortinet_SSL_ECDSA521"
set certname-ed25519 "Fortinet_SSL_ED25519"
set certname-ed448 "Fortinet_SSL_ED448"
end
config webfilter ftgd-local-cat
edit "custom1"
set status enable
set id 140
next
edit "custom2"
set status enable
set id 141
next
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "all_default"
set comment "All predefined signatures with default setting."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity all
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "all_default_pass"
set comment "All predefined signatures with PASS action."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity all
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action pass
set quarantine none
next
end
next
edit "high_security"
set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities"
set replacemsg-group ''
set block-malicious-url enable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status enable
set log enable
set log-packet disable
set log-attack-context disable
set action block
set quarantine none
next
edit 2
set location all
set severity low
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "protect_client"
set comment "Protect against client-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location client
set severity all
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "protect_email_server"
set comment "Protect against email server-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location server
set severity all
set protocol SMTP POP3 IMAP
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "protect_http_server"
set comment "Protect against HTTP server-side vulnerabilities."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location server
set severity all
set protocol HTTP
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config firewall shaper traffic-shaper
edit "high-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "medium-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority medium
set per-policy enable
set diffserv disable
set overhead 0
next
edit "low-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority low
set per-policy enable
set diffserv disable
set overhead 0
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "shared-1M-pipe"
set guaranteed-bandwidth 0
set maximum-bandwidth 1024
set bandwidth-unit kbps
set priority high
set per-policy disable
set diffserv disable
set overhead 0
next
end
config firewall shaper per-ip-shaper
end
config firewall proxy-address
end
config firewall proxy-addrgrp
end
config web-proxy profile
end
config web-proxy global
set ssl-cert "Fortinet_Factory"
set ssl-ca-cert "Fortinet_CA_SSL"
set fast-policy-match enable
set ldap-user-cache disable
set proxy-fqdn "default.fqdn"
set max-request-length 8
set max-message-length 32
set strict-web-check disable
set forward-proxy-auth disable
set forward-server-affinity-timeout 30
set max-waf-body-cache-length 32
set webproxy-profile ''
set learn-client-ip disable
end
config web-proxy explicit
set status disable
set ipv6-status disable
set strict-guest disable
set https-replacement-message enable
set ssl-algorithm low
end
config web-proxy forward-server
end
config web-proxy forward-server-group
end
config web-proxy debug-url
end
config web-proxy wisp
end
config wanopt webcache
set max-object-size 512000
set neg-resp-time 0
set fresh-factor 100
set max-ttl 7200
set min-ttl 5
set default-ttl 1440
set ignore-ims disable
set ignore-conditional disable
set ignore-pnc disable
set ignore-ie-reload enable
set cache-expired disable
set cache-cookie disable
set reval-pnc disable
set always-revalidate disable
set cache-by-default disable
set host-validate disable
set external disable
end
config ftp-proxy explicit
set status disable
set ssl disable
end
config web-proxy url-match
end
config application custom
end
config application list
edit "g-default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "block-high-risk"
set comment ''
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set category 2 6
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action block
set log enable
set log-packet disable
set session-ttl 0
set quarantine none
next
edit 2
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config application group
end
config dlp filepattern
edit 1
set name "builtin-patterns"
set comment ''
config entries
edit "*.bat"
set filter-type pattern
next
edit "*.com"
set filter-type pattern
next
edit "*.dll"
set filter-type pattern
next
edit "*.doc"
set filter-type pattern
next
edit "*.exe"
set filter-type pattern
next
edit "*.gz"
set filter-type pattern
next
edit "*.hta"
set filter-type pattern
next
edit "*.ppt"
set filter-type pattern
next
edit "*.rar"
set filter-type pattern
next
edit "*.scr"
set filter-type pattern
next
edit "*.tar"
set filter-type pattern
next
edit "*.tgz"
set filter-type pattern
next
edit "*.vb?"
set filter-type pattern
next
edit "*.wps"
set filter-type pattern
next
edit "*.xl?"
set filter-type pattern
next
edit "*.zip"
set filter-type pattern
next
edit "*.pif"
set filter-type pattern
next
edit "*.cpl"
set filter-type pattern
next
end
next
edit 2
set name "all_executables"
set comment ''
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp sensitivity
edit "Private"
next
edit "Critical"
next
edit "Warning"
next
end
config dlp fp-doc-source
end
config dlp sensor
edit "g-default"
set comment "Default sensor."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "g-sniffer-profile"
set comment "Log a summary of email and web traffic."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
edit "Content_Archive"
set comment ''
set feature-set proxy
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
set full-archive-proto smtp pop3 imap http-get http-post ftp nntp mapi
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
next
edit "Content_Summary"
set comment ''
set feature-set proxy
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post ftp nntp mapi
next
edit "Credit-Card"
set comment ''
set feature-set proxy
set replacemsg-group ''
config filter
edit 1
set name "Credit-Card-Filter"
set severity high
set type file
set proto smtp pop3 imap http-get http-post mapi
set filter-by credit-card
set archive disable
set action log-only
next
edit 2
set name "Credit-Card-Filter"
set severity high
set type message
set proto smtp pop3 imap http-post mapi
set filter-by credit-card
set archive disable
set action log-only
next
end
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "Large-File"
set comment ''
set feature-set proxy
set replacemsg-group ''
config filter
edit 1
set name "Large-File-Filter"
set severity medium
set type file
set proto smtp pop3 imap http-get http-post mapi
set filter-by file-size
set file-size 5120
set archive disable
set action log-only
next
end
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "SSN-Sensor"
set comment "Match SSN numbers but NOT WebEx invite emails."
set feature-set proxy
set replacemsg-group ''
config filter
edit 1
set name "SSN-Sensor-Filter"
set severity high
set type message
set proto smtp pop3 imap mapi
set filter-by regexp
set regexp "WebEx"
set archive disable
set action allow
next
edit 2
set name "SSN-Sensor-Filter"
set severity high
set type message
set proto smtp pop3 imap mapi
set filter-by ssn
set archive disable
set action log-only
next
edit 3
set name "SSN-Sensor-Filter"
set severity high
set type file
set proto smtp pop3 imap http-get http-post ftp mapi
set filter-by ssn
set archive disable
set action log-only
next
end
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
end
config webfilter content
end
config webfilter content-header
end
config webfilter urlfilter
end
config videofilter youtube-key
end
config videofilter youtube-channel-filter
end
config videofilter profile
end
config webfilter ips-urlfilter-setting
set device ''
set distance 1
set gateway 0.0.0.0
set geo-filter ''
end
config webfilter ips-urlfilter-setting6
set device ''
set distance 1
set gateway6 ::
set geo-filter ''
end
config emailfilter bword
end
config emailfilter block-allow-list
end
config emailfilter mheader
end
config emailfilter dnsbl
end
config emailfilter iptrust
end
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set url-block-detected high
set botnet-connection-detected critical
config malware
set virus-infected critical
set fortindr critical
set file-blocked low
set command-blocked disable
set oversized disable
set virus-scan-error high
set switch-proto disable
set mimefragmented disable
set virus-file-type-executable medium
set virus-outbreak-prevention critical
set content-disarm medium
set malware-list medium
set ems-threat-feed medium
set fsa-malicious critical
set fsa-high-risk high
set fsa-medium-risk medium
end
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
set level low
next
edit 2
set category 6
set level medium
next
end
end
config icap server
end
config icap profile
edit "default"
set replacemsg-group ''
set request disable
set response disable
set streaming-content-bypass disable
set preview disable
set methods delete get head options post put trace other
set icap-block-log disable
set chunk-encap disable
unset extension-feature
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$user"
set base64-encoding disable
next
edit 2
set name "X-Authenticated-Groups"
set content "$local_grp"
set base64-encoding disable
next
end
next
end
config system network-visibility
set destination-visibility enable
set source-location enable
set destination-hostname-visibility enable
set hostname-ttl 86400
set hostname-limit 5000
set destination-location enable
end
config user certificate
end
config user radius
end
config user tacacs+
end
config user exchange
end
config user ldap
end
config user krb-keytab
end
config user domain-controller
end
config user pop3
end
config user saml
end
config user fsso
end
config user adgrp
end
config user fsso-polling
end
config user fortitoken
edit "FTKMOB2134C905F9"
set status active
set comments ''
set license "FTMTRIAL03307A6F"
set activation-code ''
set activation-expire 0
set reg-id ''
set os-ver ''
next
edit "FTKMOB21BF31F838"
set status active
set comments ''
set license "FTMTRIAL03307A6F"
set activation-code ''
set activation-expire 0
set reg-id ''
set os-ver ''
next
end
config user password-policy
end
config user local
edit "guest"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 0000-00-00 00:00:00
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC 1kMXc/0dlDNYbZwiQ0jBLgPMQxoEvFdFPrUbEQQH3KuPfn6QiHwXOXCr/4GUJQRprGsRwAYMr62i50BF8iAgJXPFQjoUWUk84mEOuFsXaxlD4Q4KRrm/O3gKtLYirZvNY+slKuT0bu3ZaP6fVNiUt+yo/GX6Ry3o3XmaXMLJ/H7NlPS32rcFC/pTVlnwssXdu+IK7A==
set ppk-identity ''
set passwd ENC xPBvzRl0fSM2uN3J7UIN5ZgsnzDN6HlyERGlWMjnJwiOPjoavEAA7GBbieLcGi6kdM3yKTs+HoV/KJp/wFrDo5phGDorttSDcqGGcEYeOsH68xCT+1/OTAlp8NsLaa50tbQ5ujQQjWHBuFoWYqK3xqu820+DvKAP8UOceD719WobX5wwC/mKmGbCpMeJO1JZxdStzQ==
next
end
config user setting
set auth-type http https ftp telnet
set auth-cert "Fortinet_Factory"
set auth-ca-cert ''
set auth-secure-http disable
set auth-http-basic disable
set auth-ssl-allow-renegotiation disable
set auth-src-mac enable
set auth-on-demand implicitly
set auth-timeout 5
set auth-timeout-type idle-timeout
set auth-portal-timeout 3
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
set per-policy-disclaimer disable
set auth-ssl-min-proto-version default
unset auth-ssl-max-proto-version
set auth-ssl-sigalgs all
end
config user peer
end
config user peergrp
end
config user quarantine
set quarantine enable
set traffic-policy ''
set firewall-groups ''
end
config user group
edit "SSO_Guest_Users"
set authtimeout 0
set http-digest-realm ''
next
edit "Guest-group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "guest"
next
end
config user security-exempt-list
end
config vpn ssl web realm
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set os-type windows
set type av
set version ''
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set os-type windows
set type fw
set version ''
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set os-type windows
set type av
set version ''
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set os-type windows
set type fw
set version ''
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set os-type windows
set type av
set version ''
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set os-type windows
set type fw
set version ''
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set os-type windows
set type av
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set os-type windows
set type fw
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set os-type windows
set type av
set version ''
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set os-type windows
set type fw
set version ''
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set os-type windows
set type av
set version ''
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set os-type windows
set type av
set version ''
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set os-type windows
set type fw
set version ''
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set os-type windows
set type av
set version ''
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set os-type windows
set type fw
set version ''
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set os-type windows
set type av
set version ''
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set os-type windows
set type fw
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set os-type windows
set type fw
set version ''
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set os-type windows
set type av
set version ''
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set os-type windows
set type fw
set version ''
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set os-type windows
set type av
set version ''
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set os-type windows
set type fw
set version ''
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set os-type windows
set type av
set version ''
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set os-type windows
set type fw
set version ''
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "web-access"
set tunnel-mode disable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set dns-suffix ''
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "tunnel-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode disable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
next
end
config vpn ssl settings
set status enable
set reqclientcert disable
set ssl-max-proto-ver tls1-3
set ssl-min-proto-ver tls1-2
unset banned-cipher
set ciphersuite TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set ssl-insert-empty-fragment enable
set https-redirect disable
set x-content-type-options enable
set ssl-client-renegotiation disable
set force-two-factor-auth disable
set servercert "Fortinet_Factory"
set algorithm high
set idle-timeout 300
set auth-timeout 28800
set login-attempt-limit 2
set login-block-time 60
set login-timeout 30
set dtls-hello-timeout 10
set dns-suffix ''
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set url-obscuration disable
set http-compression disable
set http-only-cookie enable
set port 443
set port-precedence enable
set auto-tunnel-static-route enable
set header-x-forwarded-for add
set dtls-tunnel enable
set check-referer disable
set http-request-header-timeout 20
set http-request-body-timeout 30
set auth-session-check-source-ip enable
set tunnel-connect-without-reauth disable
set hsts-include-subdomains disable
set transform-backward-slashes disable
set encode-2f-sequence disable
set encrypt-and-store-password disable
set client-sigalgs all
set dual-stack-mode disable
set tunnel-addr-assigned-method first-available
set saml-redirect-port 8020
set dtls-max-proto-ver dtls1-2
set dtls-min-proto-ver dtls1-0
end
config vpn ssl web user-group-bookmark
end
config vpn ssl web user-bookmark
end
config vpn ssl client
end
config voip profile
edit "default"
set feature-set proxy
set comment "Default VoIP profile."
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line pass
set malformed-header-via pass
set malformed-header-from pass
set malformed-header-to pass
set malformed-header-call-id pass
set malformed-header-cseq pass
set malformed-header-rack pass
set malformed-header-rseq pass
set malformed-header-contact pass
set malformed-header-record-route pass
set malformed-header-route pass
set malformed-header-expires pass
set malformed-header-content-type pass
set malformed-header-content-length pass
set malformed-header-max-forwards pass
set malformed-header-allow pass
set malformed-header-p-asserted-identity pass
set malformed-header-sdp-v pass
set malformed-header-sdp-o pass
set malformed-header-sdp-s pass
set malformed-header-sdp-i pass
set malformed-header-sdp-c pass
set malformed-header-sdp-b pass
set malformed-header-sdp-z pass
set malformed-header-sdp-k pass
set malformed-header-sdp-a pass
set malformed-header-sdp-t pass
set malformed-header-sdp-r pass
set malformed-header-sdp-m pass
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
edit "strict"
set feature-set proxy
set comment ''
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line discard
set malformed-header-via discard
set malformed-header-from discard
set malformed-header-to discard
set malformed-header-call-id discard
set malformed-header-cseq discard
set malformed-header-rack discard
set malformed-header-rseq discard
set malformed-header-contact discard
set malformed-header-record-route discard
set malformed-header-route discard
set malformed-header-expires discard
set malformed-header-content-type discard
set malformed-header-content-length discard
set malformed-header-max-forwards discard
set malformed-header-allow discard
set malformed-header-p-asserted-identity discard
set malformed-header-sdp-v discard
set malformed-header-sdp-o discard
set malformed-header-sdp-s discard
set malformed-header-sdp-i discard
set malformed-header-sdp-c discard
set malformed-header-sdp-b discard
set malformed-header-sdp-z discard
set malformed-header-sdp-k discard
set malformed-header-sdp-a discard
set malformed-header-sdp-t discard
set malformed-header-sdp-r discard
set malformed-header-sdp-m discard
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
end
config system sdwan
set status disable
set load-balance-mode source-ip-based
set speedtest-bypass-routing disable
set duplication-max-num 2
set neighbor-hold-down disable
set neighbor-hold-down-time 0
set neighbor-hold-boot-time 0
set fail-detect disable
config zone
edit "virtual-wan-link"
set service-sla-tie-break cfg-order
next
end
config health-check
edit "Default_Office_365"
set probe-packets enable
set addr-mode ipv4
set server "www.office.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Gmail"
set probe-packets enable
set addr-mode ipv4
set server "gmail.com"
set detect-mode active
set protocol ping
set ha-priority 1
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
next
end
next
edit "Default_Google Search"
set probe-packets enable
set addr-mode ipv4
set server "www.google.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_FortiGuard"
set probe-packets enable
set addr-mode ipv4
set server "fortiguard.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end
config vpn ipsec phase1
end
config vpn ipsec phase2
end
config vpn ipsec manualkey
end
config vpn ipsec concentrator
end
config vpn ipsec fec
end
config vpn ipsec phase1-interface
end
config vpn ipsec phase2-interface
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config vpn ipsec forticlient
end
config vpn ocvpn
set status disable
set role spoke
set multipath enable
set sdwan disable
set auto-discovery enable
set poll-interval 30
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set use-extreme-db disable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set agelimit 0
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
unset drop-blocked
set store-blocked imap smtp pop3 http ftp nntp imaps smtps pop3s ftps mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
set lowspace ovrw-old
set destination disk
end
config ssh-filter profile
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "default"
set comment "Default web filtering."
set feature-set proxy
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
set log-search disable
end
config ftgd-wf
unset options
set exempt-quota 17
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set max-quota-timeout 300
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
config antiphish
set status disable
set check-uri disable
set check-basic-auth disable
set check-username-only disable
set max-body-len 65536
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-activex-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-filter-applet-log enable
set web-filter-jscript-log enable
set web-filter-js-log enable
set web-filter-vbs-log enable
set web-filter-unknown-log enable
set web-filter-referer-log enable
set web-filter-cookie-removal-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set web-ftgd-quota-usage enable
set extended-log disable
set web-antiphishing-log enable
next
edit "monitor-all"
set comment "Monitor and log all visited URLs, flow-based."
set feature-set proxy
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
set log-search disable
end
config ftgd-wf
unset options
set exempt-quota 17
unset ovrd
config filters
edit 1
set category 1
set action monitor
set log enable
next
edit 2
set category 3
set action monitor
set log enable
next
edit 3
set category 4
set action monitor
set log enable
next
edit 4
set category 5
set action monitor
set log enable
next
edit 5
set category 6
set action monitor
set log enable
next
edit 6
set category 12
set action monitor
set log enable
next
edit 7
set category 59
set action monitor
set log enable
next
edit 8
set category 62
set action monitor
set log enable
next
edit 9
set category 83
set action monitor
set log enable
next
edit 10
set category 2
set action monitor
set log enable
next
edit 11
set category 7
set action monitor
set log enable
next
edit 12
set category 8
set action monitor
set log enable
next
edit 13
set category 9
set action monitor
set log enable
next
edit 14
set category 11
set action monitor
set log enable
next
edit 15
set category 13
set action monitor
set log enable
next
edit 16
set category 14
set action monitor
set log enable
next
edit 17
set category 15
set action monitor
set log enable
next
edit 18
set category 16
set action monitor
set log enable
next
edit 19
set category 57
set action monitor
set log enable
next
edit 20
set category 63
set action monitor
set log enable
next
edit 21
set category 64
set action monitor
set log enable
next
edit 22
set category 65
set action monitor
set log enable
next
edit 23
set category 66
set action monitor
set log enable
next
edit 24
set category 67
set action monitor
set log enable
next
edit 25
set category 19
set action monitor
set log enable
next
edit 26
set category 24
set action monitor
set log enable
next
edit 27
set category 25
set action monitor
set log enable
next
edit 28
set category 72
set action monitor
set log enable
next
edit 29
set category 75
set action monitor
set log enable
next
edit 30
set category 76
set action monitor
set log enable
next
edit 31
set category 26
set action monitor
set log enable
next
edit 32
set category 61
set action monitor
set log enable
next
edit 33
set category 86
set action monitor
set log enable
next
edit 34
set category 17
set action monitor
set log enable
next
edit 35
set category 18
set action monitor
set log enable
next
edit 36
set category 20
set action monitor
set log enable
next
edit 37
set category 23
set action monitor
set log enable
next
edit 38
set category 28
set action monitor
set log enable
next
edit 39
set category 29
set action monitor
set log enable
next
edit 40
set category 30
set action monitor
set log enable
next
edit 41
set category 33
set action monitor
set log enable
next
edit 42
set category 34
set action monitor
set log enable
next
edit 43
set category 35
set action monitor
set log enable
next
edit 44
set category 36
set action monitor
set log enable
next
edit 45
set category 37
set action monitor
set log enable
next
edit 46
set category 38
set action monitor
set log enable
next
edit 47
set category 39
set action monitor
set log enable
next
edit 48
set category 40
set action monitor
set log enable
next
edit 49
set category 42
set action monitor
set log enable
next
edit 50
set category 44
set action monitor
set log enable
next
edit 51
set category 46
set action monitor
set log enable
next
edit 52
set category 47
set action monitor
set log enable
next
edit 53
set category 48
set action monitor
set log enable
next
edit 54
set category 54
set action monitor
set log enable
next
edit 55
set category 55
set action monitor
set log enable
next
edit 56
set category 58
set action monitor
set log enable
next
edit 57
set category 68
set action monitor
set log enable
next
edit 58
set category 69
set action monitor
set log enable
next
edit 59
set category 70
set action monitor
set log enable
next
edit 60
set category 71
set action monitor
set log enable
next
edit 61
set category 77
set action monitor
set log enable
next
edit 62
set category 78
set action monitor
set log enable
next
edit 63
set category 79
set action monitor
set log enable
next
edit 64
set category 80
set action monitor
set log enable
next
edit 65
set category 82
set action monitor
set log enable
next
edit 66
set category 85
set action monitor
set log enable
next
edit 67
set category 87
set action monitor
set log enable
next
edit 68
set category 31
set action monitor
set log enable
next
edit 69
set category 41
set action monitor
set log enable
next
edit 70
set category 43
set action monitor
set log enable
next
edit 71
set category 49
set action monitor
set log enable
next
edit 72
set category 50
set action monitor
set log enable
next
edit 73
set category 51
set action monitor
set log enable
next
edit 74
set category 52
set action monitor
set log enable
next
edit 75
set category 53
set action monitor
set log enable
next
edit 76
set category 56
set action monitor
set log enable
next
edit 77
set category 81
set action monitor
set log enable
next
edit 78
set category 84
set action monitor
set log enable
next
edit 79
set category 0
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set max-quota-timeout 300
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
config antiphish
set status disable
set check-uri disable
set check-basic-auth disable
set check-username-only disable
set max-body-len 65536
end
set wisp disable
set log-all-url enable
set web-content-log disable
set web-filter-activex-log disable
set web-filter-command-block-log disable
set web-filter-cookie-log disable
set web-filter-applet-log disable
set web-filter-jscript-log disable
set web-filter-js-log disable
set web-filter-vbs-log disable
set web-filter-unknown-log disable
set web-filter-referer-log disable
set web-filter-cookie-removal-log disable
set web-url-log disable
set web-invalid-domain-log disable
set web-ftgd-err-log disable
set web-ftgd-quota-usage disable
set extended-log disable
set web-antiphishing-log enable
next
edit "sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set proxy
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
unset safe-search
set log-search disable
end
config ftgd-wf
unset options
set exempt-quota 17
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set max-quota-timeout 300
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
config antiphish
set status disable
set check-uri disable
set check-basic-auth disable
set check-username-only disable
set max-body-len 65536
end
set wisp disable
set log-all-url disable
set web-content-log enable
set web-filter-activex-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-filter-applet-log enable
set web-filter-jscript-log enable
set web-filter-js-log enable
set web-filter-vbs-log enable
set web-filter-unknown-log enable
set web-filter-referer-log enable
set web-filter-cookie-removal-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set web-ftgd-quota-usage enable
set extended-log disable
set web-antiphishing-log enable
next
end
config webfilter override
end
config webfilter ftgd-local-rating
end
config webfilter search-engine
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "translate"
set hostname "translate\\.google\\..*"
set url "^\\/translate\\?"
set query "u="
set safesearch translate
next
edit "yt-video"
set hostname ''
set url "www.youtube.com/watch"
set query ''
set safesearch yt-video
next
end
config emailfilter profile
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
edit "default"
set comment "Malware and phishing URL filtering."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
end
config wanopt settings
set host-id "default-id"
set tunnel-ssl-algorithm high
set auto-detect-algorithm simple
set tunnel-optimization balanced
end
config wanopt peer
end
config wanopt auth-group
end
config wanopt profile
edit "default"
set transparent enable
set comments "Default WANopt profile."
set auth-group ''
config http
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config cifs
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config mapi
set status disable
set secure-tunnel disable
set byte-caching enable
set tunnel-sharing private
set log-traffic enable
end
config ftp
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config tcp
set status disable
end
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log disk setting
set status disable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log disk filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
end
config log fortiguard override-setting
set override disable
set access-config enable
end
config log tacacs+accounting setting
set status disable
end
config log tacacs+accounting2 setting
set status disable
end
config log tacacs+accounting3 setting
set status disable
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set log-invalid-packet disable
set local-in-allow enable
set local-in-deny-unicast enable
set local-in-deny-broadcast enable
set local-out enable
set daemon-log disable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set fortiview-weekly-data disable
set expolicy-implicit-log disable
set log-policy-comment disable
set faz-override disable
set syslog-override disable
set rest-api-set disable
set rest-api-get disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
end
config firewall vip6
end
config firewall vipgrp
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set password ENC SseMZJGuj7SPRqynahuAZirfFZ9TSN51fw9jI7Dm/MGvtOI+YeUsAGRVyvr8YeKCI90XJ31lhlAv/lWERUQNkEjaqwohGHYhNqGAOv4sR41dRZq4FaVMJt6Txdnd2bF0pnIAJ3ANXmhoj5zPvWJ/WatWuwkR0geZS3/Az1QPjWOhhGmjdnYK9Ot3f5ByNRcxKHAuqQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDWMdT3yG
/DLzIBU5O0UtJ/AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgxMcP4nd5bs47/RHx
ArZUDjNCJzDVajX1tIDHffLzzlLm2RRU/wKXccxXn1TC14JdA3gOmS/hFa1C/ctWGGFdz1
RDMGJtXQ8+APtMlY7LoLq0soKjkNkY5KDgGBqbZ8dLcYCKYfl4RoCWGeKNYKjbdudRmuix
GP/Iy8L+8qLZd7rSDA6q48zv82nNbPUCtSgRLiG9/CDTQx1ICwO61rdjQLqvwycJ7//885
eXUyaiDA7DD8p/Q/y3L23iLI/t8VEe7sCeFcoFPmJxKURNoCg119GObjEYNDokpv9QOC2G
/uGE672Yvr9YFLe1RPwWpMgQr05tVu05HiPvRlX+hORf+Q80PQaxyCnSGkGh9FHq2Cph3F
nOlujutMPe0E9do0qGavzo7yw4g4L5fUUxgUoWLZPfE0dt7Dy1IP+kltIUqGu6a2StNq8U
rYEYAjVHzaKoU+95oZLimCj0n61LyCNXVg+gcIb+FIq6B4WQhRNJ0ltK7k5TKvCcnClWzj
DDVeZYF7XOPX9S38MGt9vfWZEF+ZnUrGdl4Py5khdfH99mlSDwt42flFQf2usHNR3ZaaHU
meM/WUb803e5fUpdeWXtOx9b+YmRujD4g0N49/OISwkC0MIfhdG2FDsuvpLiZit7
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC dQStjdR43Cw6JmCjjLoAxrFU4d55OdnfT7b7/ogj8OsfAK4j3iBT5CiHoSjtkNrEDbJuRhleR2R16yCyHWJvlB+iFmliVFMCCSYdz1vdTZ2xfAjNkaE7u+R31hH6FOEm0LALVytLSk+EU6I6WKYYB8WDOSb3axUWNc2HaBP1LXwseEI42kfpd8cAv1VvhIlKPHzH4A==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCYj0k4bh
mxNdVne/WYI48/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgQHrpN3sAxVooYsKXIb5xGNvvwxUtTIIAisaQ
ftEDAx3nTj7+NLlPATgMRDy12pescKquy79fyCFgENFUP+K2pfPsb2IE/RdTcmBsL0646h
hL2sHeuvZ/mhIMti3oLfj91bBs7TBB2MRvHRYvcZD6rdAkumBmyrSPUO4JwqSPkI68kBVo
C9C5gBWgfhqKs6DGgceAFVxbb9+RWrpH9YCpIA==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC 6UlA+DVUlRtCW5xXGSOAFMO+u887JWHAr0MX4EFtjhQnEzH1MBvxa7eWqMoYaIktWB7jOtpOrMApyCiadIJnYdHnysyPSRyacTXpLdjqxtJjE5f+j96ASzWWrc8ecsCsw1X0N+6/ybzrQAYZ4sRSoUidTkOWUiPR20EDtDEkS8S0mtYVA7OTxilpmeRt29ERpWB+kw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN9BRJMR
77/5pUXIX3azbHAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANChlajlzxrBilfuFt0NeQjCmvICKuDRnd+bDSBxAVZcAnFPKPN/ZOUsHIFry+62R4
xmcknYeWtA09QFKdSbyeOUyqI4CmeqxufXPlPk8N2Mjg/Rub53WkREGx7nv335EUtKyIIE
qc7vNaHvrM8CbUwCD53Tmrv126aSxuuDEBhth1CkIT8LZEcTEYRSHAZEojS8TB4UhHLRfm
Rn+DmbJga0IDnPc/ZgNHGTqYx2toV2Fy/DCJ2en2FejJU89J9ZFrGUfz117vVweEVGLCBr
4j10
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC rLIJ8oCZn6XJpCp59OlaXsW6JxwOXKQ8zxyif4OOeYspt/dlXtJ72yD3dhL47l6UmNTflkCcrz9GXqGlhAxiff2fgGneLwBqlK9ot7lma+TFRCVBUsWfxzYaLwLJf3EtV9m73UO6VnjsB/xMevJWBBsMj/w5djT9jdkPkZ861+/c0Q4gIIK6N7wNKvGz7WhQpHjXgQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBTZME+kF
3Bzq+XqVo08S4FAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC/5NwC8S8n04Bskl
P/Wnde2xZxoWXlBYuV8iJ8OmT7RRVEi3NhVGbIJMqlXfTVi67DgfbtMpVNVhO3UMwPAoC4
8zcMmJ/1aA58Y+5H8DuYRMfAnuky6vWJFBA4DXgx/vmrn8UK1E2xgW8dgaEEDlLQPittQc
hlwRhgSZrJoRtQPn8OA5ZNePcblOq1WH6PanQP7Bj2SubMTTZ0Mo+gy7y11wDAMd0MYN6Q
d2biFs9XCB9xGNGQIrgOEUQoFJ8AyrbQzZt3Tr7tthp0GDyWoCNICjY/vKS9Av/xMMHaq9
cjEJOwfxqaJfVrEn2/6DS1t2SyTD9C8imQOI2xz/fdVCaO
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC oJ/rM9SQCI+oG/Ko30qhMKJVYMGauHW8TaNL1k1+mbLG0tOsBrbgOinBZUmLUoYHvoXTy/79crN9QVV97wd2CwR45SclqfHIQTfLWH1RH6+eNih3jhI52Y6DAhrZzvy6XHKbBEThJB7MkRBPNUU3DGucDh2STByDsitJEQirVksegxIG0cDTXTlUz7MMdfjQ4FWTFQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAedjCOkt
+sFbLzTS4y12TbAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkCa1NSX8hj+j3jVwv2A2AU/gLRKzX4h+Gwxyxz
JeBT+OyHbzc8MDCIh8a3tf0fJiQ6VJdj3JjhBrp1OWfy2GHkfpMInRlGGz0Hu4XMU702a0
MgwELDyqSpEdZupNMH44pIjkI0iY/ipgwuNDOTIenADwbqdkC2oX9XA3jIutAB++JU4rvR
NwgjPHD1irGOM7Gg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set password ENC vI00TpP/pXEwFd6xvQkMrRZSWeVyYUmJjJrGGLrMixOXqyy6I0ulkOy9vREfMI2fu8SmHa8uyODMf4nqcewNOnLfgDO4e+QOtpZi1BrnemU3udvMkLXUEfdVKDF47l0+NDz99l4OckEXDty2oA4I3wuKW3h4Zq2z7ZP+OOmZOTEISE3vD1/iTl9dednfuUuWR7++6Q==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA1mO561N
c7CpF0rN+BdOBQAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwMcyMNKCNYzFHF
tA305t53D83ogXcTrwO8f3ScWdcLBap5o0aqwfOrswdChdOytbHMx3lmpnLZvFt2JbcqT0
jDm+ZSb5NwFCW2h5MJlnLolIx85H0ab7XO+JhK1c/J3U0K/m0Y6q3uXObJsAInPNAJDjqL
VUxgIU438n7dB/NkWQWNjVaddEO/tK9UzzUd5a5JuG2lsukXLGFRC0XIJ94Q9BFuiziNmX
QUZ7LRqm59ZcsixGSQ1YApEvTZFf+Yd/umWIh9bbHeCAZOWZukDy47VLy2uVd3H+HLOSno
ZBpX7xa3c6mjI/oHgz7lQAybNzbPoJiBKq5VlTBhR9kTdB3JnnzKegLNwRtsdtEim/O4xJ
QPxfwGSzE57M9OgPGZMOuFu8Fh07tV06dUnfe9mGDLiQ3HWCZoRW5tuCE0fsieAseqqEiS
Vy13DPGtkSSLUKmBpJQvR6yK79GtMyIxZEmC43xHmCghHTebSnK45ikagYh0BsK01Q1rx1
syqY2Ul3bwCSCTuK2sjqnmgGEIIUI8Yikj0kDLSVJukfxdjU/c4eOcqj8yuRbQyfzFmHsv
debbeU1+oI08M0c5kKVTNeTWQ0iXuETJX1G3gu44xtkQLbCmF4K3byAPGnR2FIBG8tnPaJ
JCjhZQmN1nohNXt5F7nSALJ3UVSpzD6fnKBQSfxbKN4EAggu0NpX3QyhoDvWx378MRukGn
OkLi2Z7c/iZrS5w6Jt+kTJ7n6T5ciiaIvzgi7YjtS7ogwNQfodpXC/pd9KE/H7hgrtwclt
bP9bkpWQKIh/Z4hl2B8hqHDk1wDhNRHRyT2rvuoipJLroyYAZKxS1qerGuArwmxv1YNeNm
oq5Ibisn/CTLT6zVaKmdHD+qBGd46IlEobgLRd3bmKsBIf5hUfd+LcThhOT4OgjgK2jqAS
zOLrNH/Ns+Ut+tz7DhzoRhoTzfitjKdjHl8libziHU4rbulbEuqhnxlGrb9G6xKeFOG1Ha
JUkWoRzX5/tljM2GZRQciN6BF/L9kDboLnR6V2sOS6r/BlnlUMmKhxC81CTzejn4I+XSYk
Y5dBb9PhA2dJuhkgZEj4vGDkXdnL0fSI9qccHAKkAjd4ECFMRtqjnkdLtUODi6EZiZYDJI
zcVK0VdeqiSP2M+vx2WwLKdwVBdhHXyrxv5JGwKaYkmaYwFCJ6DRttHlaTID4HgjVWJCVR
O9UaKreP6Uz9G/L0J54iEclbiKHkC38/IMhi9XhslLzD39f42oKLedWYTJiVgsr3klwtMk
GvWZyLtg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC kNrgGaggJ8XNTOdfgYocbLLJOmvzVF1FFc8iRxZ4hvNSAo3b5PSUWieLwZfFkBn7XTnwzD0cQ8DESb4IePsMGRp3V8AgEIICj9Uw6qt9oZRrCEAPIHDkTaCewjziK26hi75yX1exZ2DHmHfiQQUZGMq6/UOP7OI31/mtkUpmvRAICr+fkegxz1pVGzMEF93kHu3LMA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBf8C4hJd
+M6AVhFqreO879AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNT2HECamLA8UM
fFNSAnPj7lq5k64lxdOyGKKbIDDF/wS2H8g2ZlCuJwGpgHoVeFPiqQhJMjBSfwWDS8oOZA
po7PyvszP6XAbnIpBHUMDNdUr1Clso9ra9d2oP43fjhzRSHBD0j/x1nJRvse/cP5XuCa4Z
pGFpgVsz7q+XNEXou8YpAndqUebw/wm3MNzS2AE5YYFQofhSKBxyNSYrsPdaoasmwbnGuv
XW9vPFnDxNNJ0IkEUeXAWZaE2sBYP3qD4C97curFpYuAPYH5FnvvMLuUtyRFzYMv3WKi8z
Mw+01rU4yVtCVoAMYCfqjnisIyxgyQHLpLFfWkvIz6IgAQWVtBypJHxiiG2wcLHscWI0gQ
uCMN/n5QkbBcskRpy52lFypQ2eosTLMzrwfqQF5PDoDz/2Jnf5qXK9hQsNA3fHn2KoyODY
VmXb1G044Qq3/3ZsW7zkgWfyWJ1fgcIYiJg+wy/KQBkPlew/m5oheT8bs0aivJ8FW8gS1u
8zq/lBhWxsSsCfD8/nD9ROanz8yArOa8WfF/BFLs1UqkB4oAuVa5dA9xVhIeBbeA6E8eRm
ucu/a6+tmjaELkiwwscurSqEgELD+K5esR23MAe/Aw5BuzGHRdEDwa79PuqtgpMP7QEFND
yL/Xe6E4TGMTV5hQYpj7e5dunhr60rd4kg+ZAgfRwDzOaU2ry7n2bSxY/Cauc/dogM0rbG
SHCohMdMp0We53Y2J7ffmZzDySRIfgxRpjGN/Zv1QH1s3fbqwEG5R2leAlG0+bdN9jXn5F
dcZ4TGrm8wluUwfrU+mXcoAzelwuphNfbzwp0rIEnxIZxd6puFV7Svlsg4STr1YvA98E7N
2gDQhd3vYyIFPZG6CtAjzjP3e4KzEXghjgHXLYI31dS8HCVOKCC91tTc5Ojll76jmakIWT
r9dhSvjkACc688ixxo40qtX79Y33a8lEh1YZqPZ+qF/RgwQS4Wpa8hyZS6xFN2kMtQc9Up
gCurTRhfA9R5c/Mbgn097CYBOwu3nCfcjgBQ03xwmUJpB2pVKngd/dc/n37J2Z97Nl4Wu3
Zs4ftOGyqXgmM61ddTYhF6ZZbpjBkdKFFEfl6XkBZDUiVaMsq7hIiCYUCGE/cvljzYuntt
XEnf4fO8Ifr8sviwPE4gRaHHePPo9EtFAlSewYzeI3M1EkYPAzSf28ztk74FydHUGfqPkF
RjGiTkUG4NozwGmSG3LGYleBc0CySr+j4Q/qiCEgRQpkihrWkO/j+ILiog9Trh5x/+c2X9
V9G26szw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC C75M3v+6eY+5hbN9M8q/qLpY+x1IqHQr6t6tRQ2MEEQGcXvNtJ8kzEhFg94C2IWzUch8ji1x85olAZuke2eArdZdGDnE01JuNzHhAAmjwwrJSoGFynxexCnaVDO4NOiGd8kaxQB7WQ/utKWlKxF6d/V/IbbbaXvPMwL27fVutjboORJAjH/S/BA70mspFDWElyemQA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBU2aLPen
uU59+GRRZCZgSJAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwEWDeIVUpNfN6N
N9tfe7OnulqQ3OdP7T7M8A596uBvR4P1G7BAcPgC+xoTQP+W94crBOhoq49mlZJBJGnPwg
+ufxwO8eg8NUAPyMAaS6M8yaTcFvopwbZnMo8Ioey1rX/1JD0W+RJwV7N8FM95waqsjDnB
fLQy2F8KvzvycsQF4ATAVPbrkcaED3JxQEiHtlMZuIuCtB3Gq0xYJ6sz84NpW2aXlPFzuu
80YhUVuD7oZESSRIzMZ35/Td1rXeP/JOgFkrL0NSb7RgaHDqFKE4LHC+o+NgskxRPumlhb
H160LskSooMIVZCKGTii/c1Ipo2YVrAeaUrxgRSGQPeHJ4pivs8/bYP9fd1AHQ64UTX56x
P60fOA9lhwQtnlox+7J6H1biMMrwboqpI/19y+Qmfd35jbIUTwzxbEeqw55Vxcn29FGU1S
CtkHwyGB38OFFlawdb05PMT3X5KKXmss8ge4xAoRXooNbVAy6p9R0jrSyU1CKvnYoXPyjd
nEa6FBZTJNo9ygt0TnlNYEpdaCmiknxMxxnHN3oVLpSLeEHjEqFIXwr+322OqN1Wt90pD0
QV/5UxiT+bX55IYcz0F9Y05kw60Okc/Gy6NGPyOjuLpHGgVWI+WDueR5sBFP3nQmUjvCi6
jzzTNgSQV9ED9klycj4NCqNZvbqHAE3PKp5hRkUZ4GB8aGb2NzuUs3cx+JDgLxIW5QC6v6
kfgc1FAYaVH2cm+FHX+pt+uSqB38RE10lnfnR1oG3ldegelN4lJYkibIafYynDrzv1Xi8j
Oqd4z/ds41KcGll9gsWclP7MmhL2s6w/cOOwRvZRDNknK1uA111B+yPdsuA78N0ACYulAX
HT1aiEnwFjfaZauBSPtJex0TbjAQWZ5b6+0XAjkfru+ptV9GfMEsQpfHBIge4JmkcXCFoE
czjAqskJ9YddKe2FfJGxc1jMCkmA+h/2oR8OyMUSGXxTwKLPabeUFwBuPKH56PqAjIPoKW
4h+EPfOx3pPY92rDvZ/ETBNf+o/vvxkOPmh3TSRoo2knQvNuWiQ7OPGXrXa0PeZ1UvDRuU
PMTkbpooKletk49Jw8WOzUqIRd8yF8g2i8tzZ2Xlr8RnOLRBsOzXagjBGyk56kAMhaOOrm
n+MTbxpM61zYilvCOBeSIvzWp4DjjqXfuFcEpzEHDTZ9Yvz474s1qinmgEibtYSoY61d9d
QxAI2xneFlb207A+/PTuFaDoCE9g/CD17Rc+WoCP0eU8p/yaLpWIq0JQyEXK48vKCJcVvM
gs3wZo+Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssh setting
set caname "g-Fortinet_SSH_CA"
set untrusted-caname "g-Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "g-Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "g-Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "g-Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "g-Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "g-Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "g-Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set tunnel-non-http enable
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set block-page-status-code 403
set retry-count 0
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status certificate-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log disable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log disable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log disable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log disable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log disable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log disable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log disable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log disable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log disable
set severity high
end
config main-class 90000000
set status enable
set action block
set log disable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall profile-group
end
config firewall ssl-server
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
end
config firewall policy
end
config firewall traffic-class
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall proxy-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
end
config firewall DoS-policy6
end
config firewall sniffer
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp settings
set mode disable
end
config switch-controller ptp policy
edit "default"
set status enable
next
end
config switch-controller vlan-policy
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization enable
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set collector-ip 0.0.0.0
set collector-port 0
set transport udp
set level ip
set max-export-pkt-size 512
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 1000
set weight-dfs-channel 500
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel disable
set include-dfs-channel disable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller address
end
config wireless-controller addrgrp
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extender-controller dataplan
end
config extender-controller extender-profile
end
config extender-controller extender
end
config system ips
set signature-hold-time 0h
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set ips-packet-quota 0
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set HA-logs disable
set IPsec-errors-logs disable
set FDS-update-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set FDS-license-expiring-warning disable
set log-disk-usage-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
set FDS-license-expiring-days 15
set local-disk-usage 75
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
edit 1
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 192.168.1.1
set distance 10
set weight 0
set priority 1
set device "mgmt1"
set comment ''
set blackhole disable
set dynamic-gateway disable
set dstaddr ''
unset internet-service
set internet-service-custom ''
set link-monitor-exempt disable
set bfd disable
next
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
set restart-period 120
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
set as 0
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC TCYx3/K51Fed0UjjXkzeMYeWQsXGkkpXiFOCeKYtbITCPz4mrL/JQG8nF8pzMihrELR4gNag+2iXW5+2m1Fy9oLrL3dARmrW/Af3kIuFyDQm+EjjG3ZGPjxD27F21AmsS0ctHd/TxCQ83zXUFmMHUe9S9FCMsj7Sg3WXq0Yp/qA211giD1/9PPcvigDQIm7C7NpHSg==
set auth-password-l2 ENC eDFkihXgqpx+VXFFpV/oYhJOpoZaDR9LQF7Rz09t9yNvPY4m56VjdQAbBeLT4WtY5eU6prjBw0A7joQQaK3PjIILVRqRIJUssO+A3Nf9+iVJQ++849OWS6HzgLfFXsUvua2KkwVNAgQbvaHwImhnWXzCiNHndTfMpXgfuiIt1Yh2J2U68coGm2n7dZhZSK0Ulsu/Aw==
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-register-checksum disable
set cisco-crp-prefix disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-tunnel
set status disable
end
end
config vdom
edit Policy
config wireless-controller hotspot20 anqp-venue-name
end
config wireless-controller hotspot20 anqp-venue-url
end
config wireless-controller hotspot20 anqp-network-auth-type
end
config wireless-controller hotspot20 anqp-roaming-consortium
end
config wireless-controller hotspot20 anqp-nai-realm
end
config wireless-controller hotspot20 anqp-3gpp-cellular
end
config wireless-controller hotspot20 anqp-ip-address-type
end
config wireless-controller hotspot20 h2qp-operator-name
end
config wireless-controller hotspot20 h2qp-wan-metric
end
config wireless-controller hotspot20 h2qp-conn-capability
end
config wireless-controller hotspot20 icon
end
config wireless-controller hotspot20 h2qp-osu-provider
end
config wireless-controller hotspot20 qos-map
end
config wireless-controller hotspot20 h2qp-advice-of-charge
end
config wireless-controller hotspot20 h2qp-osu-provider-nai
end
config wireless-controller hotspot20 h2qp-terms-and-conditions
end
config wireless-controller hotspot20 hs-profile
end
config wireless-controller vap
end
config system object-tagging
edit "default"
set address optional
set device optional
set interface optional
set multiple enable
set color 0
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set policer-status enable
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set policer-status enable
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
end
config switch-controller fortilink-settings
end
config system stp
set switch-priority 32768
set hello-time 2
set forward-delay 15
set max-age 20
set max-hops 20
end
config system settings
set comments "Test VDOM for Policy-based"
set opmode nat
set policy-offload-level disable
set ngfw-mode policy-based
set http-external-dest fortiweb
set firewall-session-dirty check-all
set bfd disable
set utf8-spam-tagging enable
set wccp-cache-engine disable
set vpn-stats-log ipsec pptp l2tp ssl
set vpn-stats-period 600
set v4-ecmp-mode source-ip-based
set fw-session-hairpin disable
set prp-trailer-action disable
set snat-hairpin-traffic enable
set dhcp-proxy disable
set lldp-reception global
set lldp-transmission global
set link-down-access enable
set nat46-generate-ipv6-fragment-header disable
set nat46-force-ipv4-packet-forwarding disable
set nat64-force-ipv6-packet-forwarding enable
set auxiliary-session disable
set asymroute disable
set asymroute-icmp disable
set ses-denied-traffic disable
set strict-src-check disable
set allow-linkdown-path disable
set asymroute6 disable
set asymroute6-icmp disable
set sctp-session-without-init disable
set sip-expectation disable
set sip-nat-trace enable
set h323-direct-model enable
set status enable
set sip-tcp-port 5060
set sip-udp-port 5060
set sip-ssl-port 5061
set sccp-port 2000
set multicast-forward enable
set multicast-ttl-notchange disable
set allow-subnet-overlap disable
set deny-tcp-with-icmp disable
set ecmp-max-paths 255
set discovered-device-timeout 28
set email-portal-check-dns enable
set default-voip-alg-mode proxy-based
set gui-implicit-policy enable
set gui-dns-database disable
set gui-load-balance disable
set gui-multicast-policy disable
set gui-dos-policy enable
set gui-object-colors enable
set gui-ap-profile enable
set gui-security-profile-group disable
set gui-local-in-policy disable
set gui-dynamic-routing enable
set gui-sslvpn-personal-bookmarks disable
set gui-sslvpn-realms disable
set gui-threat-weight enable
set gui-spamfilter disable
set gui-file-filter disable
set gui-ips enable
set gui-endpoint-control enable
set gui-endpoint-control-advanced disable
set gui-dhcp-advanced enable
set gui-vpn enable
set gui-wireless-controller enable
set gui-switch-controller enable
set gui-fortiap-split-tunneling disable
set gui-webfilter-advanced disable
set gui-traffic-shaping enable
set gui-wan-load-balancing enable
set gui-antivirus enable
set gui-webfilter enable
set gui-videofilter enable
set gui-advanced-policy disable
set gui-allow-unnamed-policy disable
set gui-email-collection disable
set gui-multiple-interface-policy disable
set gui-ztna enable
set location-id 0.0.0.0
set ike-session-resume disable
set ike-quick-crash-detect disable
set ike-dn-format with-space
set ike-port 500
set ike-policy-route disable
set block-land-attack disable
set application-bandwidth-tracking disable
end
config system sit-tunnel
end
config system arp-table
end
config system ipv6-neighbor-cache
end
config system vdom-sflow
set vdom-sflow disable
set interface-select-method auto
end
config system vdom-netflow
set vdom-netflow disable
set interface-select-method auto
end
config system vdom-dns
set vdom-dns disable
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
end
config system replacemsg-group
edit "default"
set comment "Default replacement message group."
set group-type default
next
end
config system session-ttl
set default 3600
end
config system dhcp server
end
config system dhcp6 server
end
config system zone
end
config firewall address
edit "none"
set uuid bde11ce6-3520-51ed-9974-a5b4264be0b3
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 255.255.255.255
next
edit "login.microsoftonline.com"
set uuid bde12b0a-3520-51ed-d2a0-e807d4a14a3f
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoftonline.com"
set cache-ttl 0
next
edit "login.microsoft.com"
set uuid bde139e2-3520-51ed-d55f-33931d299d78
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoft.com"
set cache-ttl 0
next
edit "login.windows.net"
set uuid bde14b94-3520-51ed-a1e7-319da9a479ea
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.windows.net"
set cache-ttl 0
next
edit "gmail.com"
set uuid bde158b4-3520-51ed-b71e-57f937fa40cb
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "gmail.com"
set cache-ttl 0
next
edit "wildcard.google.com"
set uuid bde165c0-3520-51ed-0783-860a2a214ffd
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.google.com"
set cache-ttl 0
next
edit "wildcard.dropbox.com"
set uuid bde17240-3520-51ed-a328-5346f2fa7447
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.dropbox.com"
set cache-ttl 0
next
edit "SSLVPN_TUNNEL_ADDR1"
set uuid bde88710-3520-51ed-728e-76461d6221fe
set type iprange
set comment ''
set color 0
set fabric-object disable
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "all"
set uuid bde8d012-3520-51ed-6285-eddc784a24b1
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid bde8d1f2-3520-51ed-0936-132ed3b829c9
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FABRIC_DEVICE"
set uuid bde8d3c8-3520-51ed-3305-2f204031c35c
set type ipmask
set comment "IPv4 addresses of Fabric Devices."
set associated-interface ''
set color 0
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid 516aa2ce-3522-51ed-0c4a-0d18239acea9
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
end
config firewall multicast-address
edit "all_hosts"
set type multicastrange
set start-ip 224.0.0.1
set end-ip 224.0.0.1
set comment ''
set associated-interface ''
set color 0
next
edit "all_routers"
set type multicastrange
set start-ip 224.0.0.2
set end-ip 224.0.0.2
set comment ''
set associated-interface ''
set color 0
next
edit "Bonjour"
set type multicastrange
set start-ip 224.0.0.251
set end-ip 224.0.0.251
set comment ''
set associated-interface ''
set color 0
next
edit "EIGRP"
set type multicastrange
set start-ip 224.0.0.10
set end-ip 224.0.0.10
set comment ''
set associated-interface ''
set color 0
next
edit "OSPF"
set type multicastrange
set start-ip 224.0.0.5
set end-ip 224.0.0.6
set comment ''
set associated-interface ''
set color 0
next
edit "all"
set type multicastrange
set start-ip 224.0.0.0
set end-ip 239.255.255.255
set comment ''
set associated-interface ''
set color 0
next
end
config firewall address6-template
end
config firewall address6
edit "all"
set uuid bde1bfa2-3520-51ed-7b6a-7bad8cadabaa
set type ipprefix
set ip6 ::/0
set color 0
set comment ''
set fabric-object disable
next
edit "none"
set uuid bde1c8d0-3520-51ed-d759-9123906c2212
set type ipprefix
set ip6 ::/128
set color 0
set comment ''
set fabric-object disable
next
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid bde88a26-3520-51ed-47a2-8ac186cdb86d
set type ipprefix
set ip6 fdff:ffff::/120
set color 0
set comment ''
set fabric-object disable
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
set comment ''
set color 0
next
end
config system ipv6-tunnel
end
config firewall addrgrp
edit "G Suite"
set type default
set category default
set uuid bde18140-3520-51ed-b156-8feccd84c03c
set member "gmail.com" "wildcard.google.com"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Microsoft Office 365"
set type default
set category default
set uuid bde19b44-3520-51ed-cc72-40627cfd767c
set member "login.microsoftonline.com" "login.microsoft.com" "login.windows.net"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
end
config firewall addrgrp6
end
config firewall wildcard-fqdn custom
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
end
config firewall wildcard-fqdn group
end
config firewall service category
edit "General"
set comment "General services."
set fabric-object disable
next
edit "Web Access"
set comment "Web access."
set fabric-object disable
next
edit "File Access"
set comment "File access."
set fabric-object disable
next
edit "Email"
set comment "Email services."
set fabric-object disable
next
edit "Network Services"
set comment "Network services."
set fabric-object disable
next
edit "Authentication"
set comment "Authentication service."
set fabric-object disable
next
edit "Remote Access"
set comment "Remote access."
set fabric-object disable
next
edit "Tunneling"
set comment "Tunneling service."
set fabric-object disable
next
edit "VoIP, Messaging & Other Applications"
set comment "VoIP, messaging, and other applications."
set fabric-object disable
next
edit "Web Proxy"
set comment "Explicit web proxy."
set fabric-object disable
next
end
config firewall service custom
edit "DNS"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 53
set udp-portrange 53
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTP"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 80
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTPS"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 443
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 143
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 993
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DCE-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 135
set udp-portrange 135
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 110
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3S"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 995
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SAMBA"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 139
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 25
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 465
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "KERBEROS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 88 464
set udp-portrange 88 464
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP_UDP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 389
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMB"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 445
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_GET"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_PUT"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL"
set proxy disable
set category "General"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 0
next
edit "ALL_TCP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1-65535
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_UDP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1-65535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_ICMP"
set proxy disable
set category "General"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "ALL_ICMP6"
set proxy disable
set category "General"
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "GRE"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 47
next
edit "AH"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 51
next
edit "ESP"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 50
next
edit "AOL"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5190-5194
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "BGP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 179
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 67-68
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FINGER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 79
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "GOPHER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 70
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "H323"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720 1503
set udp-portrange 1719
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IKE"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 500 4500
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Internet-Locator-Service"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IRC"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6660-6669
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "L2TP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1701
set udp-portrange 1701
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NetMeeting"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NFS"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111 2049
set udp-portrange 111 2049
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NNTP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 119
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NTP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 123
set udp-portrange 123
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "OSPF"
set proxy disable
set category "Network Services"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 89
next
edit "PC-Anywhere"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5631
set udp-portrange 5632
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING"
set proxy disable
set category "Network Services"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111
set udp-portrange 111
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PPTP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1723
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "QUAKE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 26000 27000 27910 27960
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RAUDIO"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 7070
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "REXEC"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 512
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RIP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 520
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RLOGIN"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 513:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RSH"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 514:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SCCP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060
set udp-portrange 5060
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP-MSNmessenger"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1863
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SNMP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 161-162
set udp-portrange 161-162
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SSH"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 22
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SYSLOG"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 514
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TALK"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 517-518
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TELNET"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 23
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TFTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 69
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MGCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 2427 2727
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UUCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 540
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VDOLIVE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7010
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WAIS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 210
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINFRAME"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1494 2598
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "X-WINDOWS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6000-6063
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING6"
set proxy disable
set category ''
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433 1434
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MYSQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3306
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RDP"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VNC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5900
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP6"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 546 547
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SQUID"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3128
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SOCKS"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1080
set udp-portrange 1080
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1512
set udp-portrange 1512
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1812 1813
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS-OLD"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1645 1646
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "CVSPSERVER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2401
set udp-portrange 2401
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "AFS3"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TRACEROUTE"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 33434-33535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RTSP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 554 7070 8554
set udp-portrange 554
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MMS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1755
set udp-portrange 1024-5000
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NONE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "webproxy"
set proxy enable
set category "Web Proxy"
set protocol ALL
set helper auto
set comment ''
set color 0
set visibility enable
set app-service-type disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0-65535:0-65535
next
end
config firewall service group
edit "Email Access"
set proxy disable
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Web Access"
set proxy disable
set member "DNS" "HTTP" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Windows AD"
set proxy disable
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
set comment ''
set color 0
set fabric-object disable
next
edit "Exchange Server"
set proxy disable
set member "DCE-RPC" "DNS" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
end
config firewall internet-service-group
end
config firewall internet-service-extension
end
config firewall internet-service-custom
end
config firewall internet-service-custom-group
end
config system external-resource
end
config vpn certificate ca
end
config vpn certificate remote
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config vpn certificate crl
end
config vpn certificate ocsp-server
end
config vpn certificate setting
set ocsp-status disable
set ocsp-option server
set ocsp-default-server ''
set interface-select-method auto
set check-ca-cert enable
set check-ca-chain disable
set subject-match substring
set subject-set subset
set cn-match substring
set cn-allow-multi enable
config crl-verification
set expiry ignore
set leaf-crl-absence ignore
set chain-crl-absence ignore
end
set strict-ocsp-check disable
set ssl-min-proto-version default
set cmp-save-extra-certs disable
set cmp-key-usage-checking enable
set certname-rsa1024 "Fortinet_SSL_RSA1024"
set certname-rsa2048 "Fortinet_SSL_RSA2048"
set certname-rsa4096 "Fortinet_SSL_RSA4096"
set certname-dsa1024 "Fortinet_SSL_DSA1024"
set certname-dsa2048 "Fortinet_SSL_DSA2048"
set certname-ecdsa256 "Fortinet_SSL_ECDSA256"
set certname-ecdsa384 "Fortinet_SSL_ECDSA384"
set certname-ecdsa521 "Fortinet_SSL_ECDSA521"
set certname-ed25519 "Fortinet_SSL_ED25519"
set certname-ed448 "Fortinet_SSL_ED448"
end
config webfilter ftgd-local-cat
edit "custom1"
set status enable
set id 140
next
edit "custom2"
set status enable
set id 141
next
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config firewall shaper traffic-shaper
edit "high-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "medium-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority medium
set per-policy enable
set diffserv disable
set overhead 0
next
edit "low-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority low
set per-policy enable
set diffserv disable
set overhead 0
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "shared-1M-pipe"
set guaranteed-bandwidth 0
set maximum-bandwidth 1024
set bandwidth-unit kbps
set priority high
set per-policy disable
set diffserv disable
set overhead 0
next
end
config firewall shaper per-ip-shaper
end
config firewall proxy-address
end
config firewall proxy-addrgrp
end
config web-proxy profile
end
config web-proxy global
set ssl-cert "Fortinet_Factory"
set ssl-ca-cert "Fortinet_CA_SSL"
set fast-policy-match enable
set ldap-user-cache disable
set proxy-fqdn "default.fqdn"
set max-request-length 8
set max-message-length 32
set strict-web-check disable
set forward-proxy-auth disable
set forward-server-affinity-timeout 30
set max-waf-body-cache-length 32
set webproxy-profile ''
set learn-client-ip disable
end
config web-proxy forward-server
end
config web-proxy forward-server-group
end
config web-proxy debug-url
end
config web-proxy wisp
end
config wanopt webcache
set max-object-size 512000
set neg-resp-time 0
set fresh-factor 100
set max-ttl 7200
set min-ttl 5
set default-ttl 1440
set ignore-ims disable
set ignore-conditional disable
set ignore-pnc disable
set ignore-ie-reload enable
set cache-expired disable
set cache-cookie disable
set reval-pnc disable
set always-revalidate disable
set cache-by-default disable
set host-validate disable
set external disable
end
config web-proxy url-match
end
config application custom
end
config application group
end
config dlp filepattern
edit 1
set name "builtin-patterns"
set comment ''
config entries
edit "*.bat"
set filter-type pattern
next
edit "*.com"
set filter-type pattern
next
edit "*.dll"
set filter-type pattern
next
edit "*.doc"
set filter-type pattern
next
edit "*.exe"
set filter-type pattern
next
edit "*.gz"
set filter-type pattern
next
edit "*.hta"
set filter-type pattern
next
edit "*.ppt"
set filter-type pattern
next
edit "*.rar"
set filter-type pattern
next
edit "*.scr"
set filter-type pattern
next
edit "*.tar"
set filter-type pattern
next
edit "*.tgz"
set filter-type pattern
next
edit "*.vb?"
set filter-type pattern
next
edit "*.wps"
set filter-type pattern
next
edit "*.xl?"
set filter-type pattern
next
edit "*.zip"
set filter-type pattern
next
edit "*.pif"
set filter-type pattern
next
edit "*.cpl"
set filter-type pattern
next
end
next
edit 2
set name "all_executables"
set comment ''
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp sensitivity
edit "Private"
next
edit "Critical"
next
edit "Warning"
next
end
config dlp fp-doc-source
end
config dlp sensor
edit "g-default"
set comment "Default sensor."
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "g-sniffer-profile"
set comment "Log a summary of email and web traffic."
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
end
config webfilter content
end
config webfilter content-header
end
config webfilter urlfilter
end
config videofilter youtube-key
end
config videofilter youtube-channel-filter
end
config videofilter profile
end
config webfilter ips-urlfilter-setting
set device ''
set distance 1
set gateway 0.0.0.0
set geo-filter ''
end
config webfilter ips-urlfilter-setting6
set device ''
set distance 1
set gateway6 ::
set geo-filter ''
end
config emailfilter bword
end
config emailfilter block-allow-list
end
config emailfilter mheader
end
config emailfilter dnsbl
end
config emailfilter iptrust
end
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set url-block-detected high
set botnet-connection-detected critical
config malware
set virus-infected critical
set fortindr critical
set file-blocked low
set command-blocked disable
set oversized disable
set virus-scan-error high
set switch-proto disable
set mimefragmented disable
set virus-file-type-executable medium
set virus-outbreak-prevention critical
set content-disarm medium
set malware-list medium
set ems-threat-feed medium
set fsa-malicious critical
set fsa-high-risk high
set fsa-medium-risk medium
end
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
set level low
next
edit 2
set category 6
set level medium
next
end
end
config icap server
end
config icap profile
edit "default"
set replacemsg-group ''
set request disable
set response disable
set streaming-content-bypass disable
set preview disable
set methods delete get head options post put trace other
set icap-block-log disable
set chunk-encap disable
unset extension-feature
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$user"
set base64-encoding disable
next
edit 2
set name "X-Authenticated-Groups"
set content "$local_grp"
set base64-encoding disable
next
end
next
end
config system network-visibility
set destination-visibility enable
set source-location enable
set destination-hostname-visibility enable
set hostname-ttl 86400
set hostname-limit 5000
set destination-location enable
end
config user certificate
end
config user radius
end
config user tacacs+
end
config user exchange
end
config user ldap
end
config user krb-keytab
end
config user domain-controller
end
config user pop3
end
config user saml
end
config user fsso
end
config user adgrp
end
config user fsso-polling
end
config user fortitoken
end
config user password-policy
end
config user local
end
config user setting
set auth-type http https ftp telnet
set auth-cert "Fortinet_Factory"
set auth-ca-cert ''
set auth-secure-http disable
set auth-http-basic disable
set auth-ssl-allow-renegotiation disable
set auth-src-mac enable
set auth-on-demand implicitly
set auth-timeout 5
set auth-timeout-type idle-timeout
set auth-portal-timeout 3
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
set per-policy-disclaimer disable
set auth-ssl-min-proto-version default
unset auth-ssl-max-proto-version
set auth-ssl-sigalgs all
end
config user peer
end
config user peergrp
end
config user quarantine
set quarantine enable
set traffic-policy ''
set firewall-groups ''
end
config user group
edit "SSO_Guest_Users"
set authtimeout 0
set http-digest-realm ''
next
end
config user security-exempt-list
end
config vpn ssl web realm
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set os-type windows
set type av
set version ''
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set os-type windows
set type fw
set version ''
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set os-type windows
set type av
set version ''
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set os-type windows
set type fw
set version ''
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set os-type windows
set type av
set version ''
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set os-type windows
set type fw
set version ''
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set os-type windows
set type av
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set os-type windows
set type fw
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set os-type windows
set type av
set version ''
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set os-type windows
set type fw
set version ''
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set os-type windows
set type av
set version ''
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set os-type windows
set type av
set version ''
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set os-type windows
set type fw
set version ''
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set os-type windows
set type av
set version ''
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set os-type windows
set type fw
set version ''
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set os-type windows
set type av
set version ''
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set os-type windows
set type fw
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set os-type windows
set type fw
set version ''
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set os-type windows
set type av
set version ''
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set os-type windows
set type fw
set version ''
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set os-type windows
set type av
set version ''
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set os-type windows
set type fw
set version ''
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set os-type windows
set type av
set version ''
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set os-type windows
set type fw
set version ''
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "web-access"
set tunnel-mode disable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set dns-suffix ''
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "tunnel-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode disable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
next
end
config vpn ssl settings
set status enable
set reqclientcert disable
set ssl-max-proto-ver tls1-3
set ssl-min-proto-ver tls1-2
unset banned-cipher
set ciphersuite TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set ssl-insert-empty-fragment enable
set https-redirect disable
set x-content-type-options enable
set ssl-client-renegotiation disable
set force-two-factor-auth disable
set servercert "Fortinet_Factory"
set algorithm high
set idle-timeout 300
set auth-timeout 28800
set login-attempt-limit 2
set login-block-time 60
set login-timeout 30
set dtls-hello-timeout 10
set dns-suffix ''
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set url-obscuration disable
set http-compression disable
set http-only-cookie enable
set port 443
set port-precedence enable
set auto-tunnel-static-route enable
set header-x-forwarded-for add
set dtls-tunnel enable
set check-referer disable
set http-request-header-timeout 20
set http-request-body-timeout 30
set auth-session-check-source-ip enable
set tunnel-connect-without-reauth disable
set hsts-include-subdomains disable
set transform-backward-slashes disable
set encode-2f-sequence disable
set encrypt-and-store-password disable
set client-sigalgs all
set dual-stack-mode disable
set tunnel-addr-assigned-method first-available
set saml-redirect-port 8020
set dtls-max-proto-ver dtls1-2
set dtls-min-proto-ver dtls1-0
end
config vpn ssl web user-group-bookmark
end
config vpn ssl web user-bookmark
end
config vpn ssl client
end
config system sdwan
set status disable
set load-balance-mode source-ip-based
set speedtest-bypass-routing disable
set duplication-max-num 2
set neighbor-hold-down disable
set neighbor-hold-down-time 0
set neighbor-hold-boot-time 0
set fail-detect disable
config zone
edit "virtual-wan-link"
set service-sla-tie-break cfg-order
next
end
config health-check
edit "Default_DNS"
set probe-packets enable
set addr-mode ipv4
set system-dns enable
set detect-mode active
set ha-priority 1
set dns-request-domain "www.example.com"
set dns-match-ip 0.0.0.0
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Office_365"
set probe-packets enable
set addr-mode ipv4
set server "www.office.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Gmail"
set probe-packets enable
set addr-mode ipv4
set server "gmail.com"
set detect-mode active
set protocol ping
set ha-priority 1
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
next
end
next
edit "Default_Google Search"
set probe-packets enable
set addr-mode ipv4
set server "www.google.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_FortiGuard"
set probe-packets enable
set addr-mode ipv4
set server "fortiguard.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end
config vpn ipsec phase1
end
config vpn ipsec phase2
end
config vpn ipsec manualkey
end
config vpn ipsec concentrator
end
config vpn ipsec fec
end
config vpn ipsec phase1-interface
end
config vpn ipsec phase2-interface
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config vpn ipsec forticlient
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set use-extreme-db disable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set agelimit 0
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
unset drop-blocked
set store-blocked imap smtp pop3 http ftp nntp imaps smtps pop3s ftps mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
set lowspace ovrw-old
set destination disk
end
config ssh-filter profile
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set replacemsg-group ''
unset options
set https-replacemsg enable
set post-action normal
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set replacemsg-group ''
unset options
set https-replacemsg enable
set post-action normal
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
set post-action normal
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set extended-log disable
next
end
config webfilter ftgd-local-rating
end
config webfilter search-engine
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "translate"
set hostname "translate\\.google\\..*"
set url "^\\/translate\\?"
set query "u="
set safesearch translate
next
edit "yt-video"
set hostname ''
set url "www.youtube.com/watch"
set query ''
set safesearch yt-video
next
end
config emailfilter profile
edit "default"
set comment "Malware and phishing URL filtering."
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
end
config wanopt settings
set host-id "default-id"
set tunnel-ssl-algorithm high
set auto-detect-algorithm simple
set tunnel-optimization balanced
end
config wanopt peer
end
config wanopt auth-group
end
config wanopt profile
edit "default"
set transparent enable
set comments "Default WANopt profile."
set auth-group ''
config http
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config cifs
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config mapi
set status disable
set secure-tunnel disable
set byte-caching enable
set tunnel-sharing private
set log-traffic enable
end
config ftp
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config tcp
set status disable
end
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log disk setting
set status disable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log disk filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
end
config log fortiguard override-setting
set override disable
set access-config enable
end
config log tacacs+accounting setting
set status disable
end
config log tacacs+accounting2 setting
set status disable
end
config log tacacs+accounting3 setting
set status disable
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set log-invalid-packet disable
set local-in-allow disable
set local-in-deny-unicast disable
set local-in-deny-broadcast disable
set local-out disable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set fortiview-weekly-data disable
set expolicy-implicit-log disable
set log-policy-comment disable
set faz-override disable
set syslog-override disable
set rest-api-set disable
set rest-api-get disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
end
config firewall vip6
end
config firewall vipgrp
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set password ENC RFPxW/LIJAp/1lk8/Y47dhuqSL7/Tqerk1IdyQx0uj5c3j42/ufWZkWmWsojKMLqmdA7ZIXBzHm91p6hCE3lHcDpw48hj7VjVPxnGSdiUx20K2ioSpKrClrIqy9dfRetfgD52F/AZuEpIS7QhhwepbNoMucOe6KMft2gi4FYlZ6ACxrScwl4hJJk/j48JCFy9qeuVw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDWMdT3yG
/DLzIBU5O0UtJ/AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgxMcP4nd5bs47/RHx
ArZUDjNCJzDVajX1tIDHffLzzlLm2RRU/wKXccxXn1TC14JdA3gOmS/hFa1C/ctWGGFdz1
RDMGJtXQ8+APtMlY7LoLq0soKjkNkY5KDgGBqbZ8dLcYCKYfl4RoCWGeKNYKjbdudRmuix
GP/Iy8L+8qLZd7rSDA6q48zv82nNbPUCtSgRLiG9/CDTQx1ICwO61rdjQLqvwycJ7//885
eXUyaiDA7DD8p/Q/y3L23iLI/t8VEe7sCeFcoFPmJxKURNoCg119GObjEYNDokpv9QOC2G
/uGE672Yvr9YFLe1RPwWpMgQr05tVu05HiPvRlX+hORf+Q80PQaxyCnSGkGh9FHq2Cph3F
nOlujutMPe0E9do0qGavzo7yw4g4L5fUUxgUoWLZPfE0dt7Dy1IP+kltIUqGu6a2StNq8U
rYEYAjVHzaKoU+95oZLimCj0n61LyCNXVg+gcIb+FIq6B4WQhRNJ0ltK7k5TKvCcnClWzj
DDVeZYF7XOPX9S38MGt9vfWZEF+ZnUrGdl4Py5khdfH99mlSDwt42flFQf2usHNR3ZaaHU
meM/WUb803e5fUpdeWXtOx9b+YmRujD4g0N49/OISwkC0MIfhdG2FDsuvpLiZit7
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC YzERzmTPhVGnGXIwqP4oPlTyadC+Svw2vKpPruJoYSISLs6lW4fcqTcTZ6ekDk2rgXSJhv9PnoJAijbTYFezcHp6V51OlsW4TJcOOSOmho+QLnsdns/33htiX219webXrlNXQjEU5WjSGIQLwzcTuKV+QHpDJG11jo5UUPJk+VcfNgzP4DvFsbp+7XhZAK0E7J12qg==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCYj0k4bh
mxNdVne/WYI48/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgQHrpN3sAxVooYsKXIb5xGNvvwxUtTIIAisaQ
ftEDAx3nTj7+NLlPATgMRDy12pescKquy79fyCFgENFUP+K2pfPsb2IE/RdTcmBsL0646h
hL2sHeuvZ/mhIMti3oLfj91bBs7TBB2MRvHRYvcZD6rdAkumBmyrSPUO4JwqSPkI68kBVo
C9C5gBWgfhqKs6DGgceAFVxbb9+RWrpH9YCpIA==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC G9u/ixIJ1bh5eCvTVsDaMmIaExENNiccFkDSflYNo7B7Ts6T4+BwOMiB6XLb+5l2xVeb9aAxflQLm1AyVi04SZFvPcHNJ+lcYES/3xmM8BIHqVwgGQVwIqYNUxU6DYIyOP+1BzqDZl4UXZBO4Jn8JAByLiV+s9zkbm6borLPUBwJMe0Cdqa3TvPGM0S6EOoQXMFK5Q==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN9BRJMR
77/5pUXIX3azbHAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANChlajlzxrBilfuFt0NeQjCmvICKuDRnd+bDSBxAVZcAnFPKPN/ZOUsHIFry+62R4
xmcknYeWtA09QFKdSbyeOUyqI4CmeqxufXPlPk8N2Mjg/Rub53WkREGx7nv335EUtKyIIE
qc7vNaHvrM8CbUwCD53Tmrv126aSxuuDEBhth1CkIT8LZEcTEYRSHAZEojS8TB4UhHLRfm
Rn+DmbJga0IDnPc/ZgNHGTqYx2toV2Fy/DCJ2en2FejJU89J9ZFrGUfz117vVweEVGLCBr
4j10
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC c0DKTFReLRJ6t5bB4GNriU5Q9G90mxSlVRqZOXpU+KScsGKdpRnSrSE5Yed0f68o5Y38Bji+uwy/ERE1trLtK4GbDPAs1GkUcQDEKh9Sw/7jdUWklugQSUS3wCiVkdEDnzZTQvKWFsB9Y4MfQ5R6YAs5WFln/cfEcJqgxvBCa4OZfGQ2eOuDE2xqVvq3MNDnf5jfUw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBTZME+kF
3Bzq+XqVo08S4FAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC/5NwC8S8n04Bskl
P/Wnde2xZxoWXlBYuV8iJ8OmT7RRVEi3NhVGbIJMqlXfTVi67DgfbtMpVNVhO3UMwPAoC4
8zcMmJ/1aA58Y+5H8DuYRMfAnuky6vWJFBA4DXgx/vmrn8UK1E2xgW8dgaEEDlLQPittQc
hlwRhgSZrJoRtQPn8OA5ZNePcblOq1WH6PanQP7Bj2SubMTTZ0Mo+gy7y11wDAMd0MYN6Q
d2biFs9XCB9xGNGQIrgOEUQoFJ8AyrbQzZt3Tr7tthp0GDyWoCNICjY/vKS9Av/xMMHaq9
cjEJOwfxqaJfVrEn2/6DS1t2SyTD9C8imQOI2xz/fdVCaO
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC kS9tQjwByq663/fVd484gYjssB9/HjtR/BC+DQph1pC96UxVcyCiP9naXyl/JicJS2gwpHaqqttDGvB75kpS2KtA1URj/TdiEsTMVMftZMlxr7Hz9oK5iZjbaNaMDyuRXht0vTg00st1Jsixe9/GOVkSMtv2O0OHpnhG/o7gTZPSAiRWrn/+eUH63aZW8jmiABK3FQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAedjCOkt
+sFbLzTS4y12TbAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkCa1NSX8hj+j3jVwv2A2AU/gLRKzX4h+Gwxyxz
JeBT+OyHbzc8MDCIh8a3tf0fJiQ6VJdj3JjhBrp1OWfy2GHkfpMInRlGGz0Hu4XMU702a0
MgwELDyqSpEdZupNMH44pIjkI0iY/ipgwuNDOTIenADwbqdkC2oX9XA3jIutAB++JU4rvR
NwgjPHD1irGOM7Gg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set password ENC ptFK8lZwuQ6om7lAr4C2BvEdI3ve3JrSNLXTF+ucsUVQlEwazxiGKLMNwiwcAl8+FNN8x67fqQA3GIpq6vpcj3G0QmKQccgxxGDYkP4JkZfN8vaw8+9FbTC0yksNGdSHfBqBpWL9uzEF2dz+Ec0G8PI6bamzGqrFt11NA/Q4mWQu4VftqKSQ09hX3K9CYJZAwYNsTw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA1mO561N
c7CpF0rN+BdOBQAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwMcyMNKCNYzFHF
tA305t53D83ogXcTrwO8f3ScWdcLBap5o0aqwfOrswdChdOytbHMx3lmpnLZvFt2JbcqT0
jDm+ZSb5NwFCW2h5MJlnLolIx85H0ab7XO+JhK1c/J3U0K/m0Y6q3uXObJsAInPNAJDjqL
VUxgIU438n7dB/NkWQWNjVaddEO/tK9UzzUd5a5JuG2lsukXLGFRC0XIJ94Q9BFuiziNmX
QUZ7LRqm59ZcsixGSQ1YApEvTZFf+Yd/umWIh9bbHeCAZOWZukDy47VLy2uVd3H+HLOSno
ZBpX7xa3c6mjI/oHgz7lQAybNzbPoJiBKq5VlTBhR9kTdB3JnnzKegLNwRtsdtEim/O4xJ
QPxfwGSzE57M9OgPGZMOuFu8Fh07tV06dUnfe9mGDLiQ3HWCZoRW5tuCE0fsieAseqqEiS
Vy13DPGtkSSLUKmBpJQvR6yK79GtMyIxZEmC43xHmCghHTebSnK45ikagYh0BsK01Q1rx1
syqY2Ul3bwCSCTuK2sjqnmgGEIIUI8Yikj0kDLSVJukfxdjU/c4eOcqj8yuRbQyfzFmHsv
debbeU1+oI08M0c5kKVTNeTWQ0iXuETJX1G3gu44xtkQLbCmF4K3byAPGnR2FIBG8tnPaJ
JCjhZQmN1nohNXt5F7nSALJ3UVSpzD6fnKBQSfxbKN4EAggu0NpX3QyhoDvWx378MRukGn
OkLi2Z7c/iZrS5w6Jt+kTJ7n6T5ciiaIvzgi7YjtS7ogwNQfodpXC/pd9KE/H7hgrtwclt
bP9bkpWQKIh/Z4hl2B8hqHDk1wDhNRHRyT2rvuoipJLroyYAZKxS1qerGuArwmxv1YNeNm
oq5Ibisn/CTLT6zVaKmdHD+qBGd46IlEobgLRd3bmKsBIf5hUfd+LcThhOT4OgjgK2jqAS
zOLrNH/Ns+Ut+tz7DhzoRhoTzfitjKdjHl8libziHU4rbulbEuqhnxlGrb9G6xKeFOG1Ha
JUkWoRzX5/tljM2GZRQciN6BF/L9kDboLnR6V2sOS6r/BlnlUMmKhxC81CTzejn4I+XSYk
Y5dBb9PhA2dJuhkgZEj4vGDkXdnL0fSI9qccHAKkAjd4ECFMRtqjnkdLtUODi6EZiZYDJI
zcVK0VdeqiSP2M+vx2WwLKdwVBdhHXyrxv5JGwKaYkmaYwFCJ6DRttHlaTID4HgjVWJCVR
O9UaKreP6Uz9G/L0J54iEclbiKHkC38/IMhi9XhslLzD39f42oKLedWYTJiVgsr3klwtMk
GvWZyLtg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC PCfu0XXeYxicqFlAq1Cx0TXb3V7h+hg2P1q9EcW/npEG7Q5i44HqA4KDuJ/Q401ZjVUb2dR5pUX/XYETHq9Q5lk3jt7ootwRjFcNOw6C452LRJtJVhKi0wGUy+3I3Eby7+VN3rKNtfAX7iL3CfpOTEdTHHnnsAkOo615fGD5OrZ1TaJzVu79OpLQiOMVYHlKQWPz/w==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBf8C4hJd
+M6AVhFqreO879AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNT2HECamLA8UM
fFNSAnPj7lq5k64lxdOyGKKbIDDF/wS2H8g2ZlCuJwGpgHoVeFPiqQhJMjBSfwWDS8oOZA
po7PyvszP6XAbnIpBHUMDNdUr1Clso9ra9d2oP43fjhzRSHBD0j/x1nJRvse/cP5XuCa4Z
pGFpgVsz7q+XNEXou8YpAndqUebw/wm3MNzS2AE5YYFQofhSKBxyNSYrsPdaoasmwbnGuv
XW9vPFnDxNNJ0IkEUeXAWZaE2sBYP3qD4C97curFpYuAPYH5FnvvMLuUtyRFzYMv3WKi8z
Mw+01rU4yVtCVoAMYCfqjnisIyxgyQHLpLFfWkvIz6IgAQWVtBypJHxiiG2wcLHscWI0gQ
uCMN/n5QkbBcskRpy52lFypQ2eosTLMzrwfqQF5PDoDz/2Jnf5qXK9hQsNA3fHn2KoyODY
VmXb1G044Qq3/3ZsW7zkgWfyWJ1fgcIYiJg+wy/KQBkPlew/m5oheT8bs0aivJ8FW8gS1u
8zq/lBhWxsSsCfD8/nD9ROanz8yArOa8WfF/BFLs1UqkB4oAuVa5dA9xVhIeBbeA6E8eRm
ucu/a6+tmjaELkiwwscurSqEgELD+K5esR23MAe/Aw5BuzGHRdEDwa79PuqtgpMP7QEFND
yL/Xe6E4TGMTV5hQYpj7e5dunhr60rd4kg+ZAgfRwDzOaU2ry7n2bSxY/Cauc/dogM0rbG
SHCohMdMp0We53Y2J7ffmZzDySRIfgxRpjGN/Zv1QH1s3fbqwEG5R2leAlG0+bdN9jXn5F
dcZ4TGrm8wluUwfrU+mXcoAzelwuphNfbzwp0rIEnxIZxd6puFV7Svlsg4STr1YvA98E7N
2gDQhd3vYyIFPZG6CtAjzjP3e4KzEXghjgHXLYI31dS8HCVOKCC91tTc5Ojll76jmakIWT
r9dhSvjkACc688ixxo40qtX79Y33a8lEh1YZqPZ+qF/RgwQS4Wpa8hyZS6xFN2kMtQc9Up
gCurTRhfA9R5c/Mbgn097CYBOwu3nCfcjgBQ03xwmUJpB2pVKngd/dc/n37J2Z97Nl4Wu3
Zs4ftOGyqXgmM61ddTYhF6ZZbpjBkdKFFEfl6XkBZDUiVaMsq7hIiCYUCGE/cvljzYuntt
XEnf4fO8Ifr8sviwPE4gRaHHePPo9EtFAlSewYzeI3M1EkYPAzSf28ztk74FydHUGfqPkF
RjGiTkUG4NozwGmSG3LGYleBc0CySr+j4Q/qiCEgRQpkihrWkO/j+ILiog9Trh5x/+c2X9
V9G26szw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC QEDHsHiur9lmwAthl1Q2c6P9AGDoLWEHR+qpB6QZo14Ym61rM6E9d9gwLx9nJqVUR1Dg16y832S6U0CZvRsn/sJmtUBWk+nUeoHLpwvJ16BssLf8Cuk6LwpeF0OqeCvdzDMthmSrHdWoEZ21KQ1tO+QVY1mfKsHgf3/mryrl9SZ5mTFLXlJBi9RbAYGAtDlTMKDL2g==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBU2aLPen
uU59+GRRZCZgSJAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwEWDeIVUpNfN6N
N9tfe7OnulqQ3OdP7T7M8A596uBvR4P1G7BAcPgC+xoTQP+W94crBOhoq49mlZJBJGnPwg
+ufxwO8eg8NUAPyMAaS6M8yaTcFvopwbZnMo8Ioey1rX/1JD0W+RJwV7N8FM95waqsjDnB
fLQy2F8KvzvycsQF4ATAVPbrkcaED3JxQEiHtlMZuIuCtB3Gq0xYJ6sz84NpW2aXlPFzuu
80YhUVuD7oZESSRIzMZ35/Td1rXeP/JOgFkrL0NSb7RgaHDqFKE4LHC+o+NgskxRPumlhb
H160LskSooMIVZCKGTii/c1Ipo2YVrAeaUrxgRSGQPeHJ4pivs8/bYP9fd1AHQ64UTX56x
P60fOA9lhwQtnlox+7J6H1biMMrwboqpI/19y+Qmfd35jbIUTwzxbEeqw55Vxcn29FGU1S
CtkHwyGB38OFFlawdb05PMT3X5KKXmss8ge4xAoRXooNbVAy6p9R0jrSyU1CKvnYoXPyjd
nEa6FBZTJNo9ygt0TnlNYEpdaCmiknxMxxnHN3oVLpSLeEHjEqFIXwr+322OqN1Wt90pD0
QV/5UxiT+bX55IYcz0F9Y05kw60Okc/Gy6NGPyOjuLpHGgVWI+WDueR5sBFP3nQmUjvCi6
jzzTNgSQV9ED9klycj4NCqNZvbqHAE3PKp5hRkUZ4GB8aGb2NzuUs3cx+JDgLxIW5QC6v6
kfgc1FAYaVH2cm+FHX+pt+uSqB38RE10lnfnR1oG3ldegelN4lJYkibIafYynDrzv1Xi8j
Oqd4z/ds41KcGll9gsWclP7MmhL2s6w/cOOwRvZRDNknK1uA111B+yPdsuA78N0ACYulAX
HT1aiEnwFjfaZauBSPtJex0TbjAQWZ5b6+0XAjkfru+ptV9GfMEsQpfHBIge4JmkcXCFoE
czjAqskJ9YddKe2FfJGxc1jMCkmA+h/2oR8OyMUSGXxTwKLPabeUFwBuPKH56PqAjIPoKW
4h+EPfOx3pPY92rDvZ/ETBNf+o/vvxkOPmh3TSRoo2knQvNuWiQ7OPGXrXa0PeZ1UvDRuU
PMTkbpooKletk49Jw8WOzUqIRd8yF8g2i8tzZ2Xlr8RnOLRBsOzXagjBGyk56kAMhaOOrm
n+MTbxpM61zYilvCOBeSIvzWp4DjjqXfuFcEpzEHDTZ9Yvz474s1qinmgEibtYSoY61d9d
QxAI2xneFlb207A+/PTuFaDoCE9g/CD17Rc+WoCP0eU8p/yaLpWIq0JQyEXK48vKCJcVvM
gs3wZo+Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssh setting
set caname "g-Fortinet_SSH_CA"
set untrusted-caname "g-Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "g-Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "g-Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "g-Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "g-Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "g-Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "g-Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set tunnel-non-http enable
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set block-page-status-code 403
set retry-count 0
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status certificate-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log enable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log enable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log enable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log enable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log enable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log enable
set severity high
end
config main-class 90000000
set status enable
set action block
set log enable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall profile-group
end
config firewall ssl-server
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
end
config firewall security-policy
end
config firewall policy
edit 1
set status enable
set name "Default"
set uuid bdf03fc8-3520-51ed-3963-cb429fce01ab
set srcintf "any"
set dstintf "any"
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set srcaddr6 "all"
set dstaddr6 "all"
set internet-service disable
set internet-service-src disable
set service "ALL"
set dynamic-shaping disable
set passive-wan-health-measurement disable
set ssl-ssh-profile "certificate-inspection"
set auto-asic-offload enable
set session-ttl 0
set fec disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
next
end
config firewall traffic-class
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
end
config firewall DoS-policy6
end
config firewall sniffer
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp settings
set mode disable
end
config switch-controller ptp policy
edit "default"
set status enable
next
end
config switch-controller vlan-policy
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization enable
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set collector-ip 0.0.0.0
set collector-port 0
set transport udp
set level ip
set max-export-pkt-size 512
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 1000
set weight-dfs-channel 500
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel disable
set include-dfs-channel disable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller address
end
config wireless-controller addrgrp
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extender-controller dataplan
end
config extender-controller extender-profile
end
config extender-controller extender
end
config system ips
set signature-hold-time 0h
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set ips-packet-quota 0
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set IPsec-errors-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set log-disk-usage-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
set local-disk-usage 75
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
set restart-period 120
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
set as 0
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC BKa9QHVB49FiaxuCmlj03wbzo1gzQFZ6OLnSHP3Lax1rSWS0+2C2Rw0VEnZB+bQJsoNimpavAcESxldMjCv+BmKmnC6z10pPDW+pWDaPCkyN4PbmvgOWKUt2h8fQvqIWZjcwtyz6v7kMuOaYB7MqOWV/s6m/l2EROoy0LKmB6EDMVRIKps0RSRtJl9c7bJvm8nQAEA==
set auth-password-l2 ENC OOg+RSnqSIHBhT+ARcwwonWGqbsV/W7S/OuVumQKm/ppR8BVeGgca5YdyyfUu0TR0DvcsDp0lhxXFEcFoEx88i6DYAq/T+F3fvLnZLmBD3nHU3Biwe5gt21NaoOMZhiQUzbhy+FJNQX4XHdgvD2EyCGFmWRVOXnt5YwXYfeZFpzCJ5W4htsIORFFIPry2ICGzx6SUw==
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-register-checksum disable
set cisco-crp-prefix disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-tunnel
set status disable
end
end
config vdom
edit TEST
config wireless-controller hotspot20 anqp-venue-name
end
config wireless-controller hotspot20 anqp-venue-url
end
config wireless-controller hotspot20 anqp-network-auth-type
end
config wireless-controller hotspot20 anqp-roaming-consortium
end
config wireless-controller hotspot20 anqp-nai-realm
end
config wireless-controller hotspot20 anqp-3gpp-cellular
end
config wireless-controller hotspot20 anqp-ip-address-type
end
config wireless-controller hotspot20 h2qp-operator-name
end
config wireless-controller hotspot20 h2qp-wan-metric
end
config wireless-controller hotspot20 h2qp-conn-capability
end
config wireless-controller hotspot20 icon
end
config wireless-controller hotspot20 h2qp-osu-provider
end
config wireless-controller hotspot20 qos-map
end
config wireless-controller hotspot20 h2qp-advice-of-charge
end
config wireless-controller hotspot20 h2qp-osu-provider-nai
end
config wireless-controller hotspot20 h2qp-terms-and-conditions
end
config wireless-controller hotspot20 hs-profile
end
config wireless-controller vap
end
config system object-tagging
edit "default"
set address optional
set device optional
set interface optional
set multiple enable
set color 0
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set policer-status enable
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set policer-status enable
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
end
config switch-controller fortilink-settings
end
config system stp
set switch-priority 32768
set hello-time 2
set forward-delay 15
set max-age 20
set max-hops 20
end
config system settings
set comments ''
set opmode nat
set policy-offload-level disable
set ngfw-mode profile-based
set http-external-dest fortiweb
set firewall-session-dirty check-all
set bfd disable
set utf8-spam-tagging enable
set wccp-cache-engine disable
set vpn-stats-log ipsec pptp l2tp ssl
set vpn-stats-period 600
set v4-ecmp-mode source-ip-based
set fw-session-hairpin disable
set prp-trailer-action disable
set snat-hairpin-traffic enable
set dhcp-proxy disable
set central-nat disable
set lldp-reception global
set lldp-transmission global
set link-down-access enable
set nat46-generate-ipv6-fragment-header disable
set nat46-force-ipv4-packet-forwarding disable
set nat64-force-ipv6-packet-forwarding enable
set auxiliary-session disable
set asymroute disable
set asymroute-icmp disable
set tcp-session-without-syn disable
set ses-denied-traffic disable
set strict-src-check disable
set allow-linkdown-path disable
set asymroute6 disable
set asymroute6-icmp disable
set sctp-session-without-init disable
set sip-expectation disable
set sip-nat-trace enable
set h323-direct-model enable
set status enable
set sip-tcp-port 5060
set sip-udp-port 5060
set sip-ssl-port 5061
set sccp-port 2000
set multicast-forward enable
set multicast-ttl-notchange disable
set allow-subnet-overlap disable
set deny-tcp-with-icmp disable
set ecmp-max-paths 255
set discovered-device-timeout 28
set email-portal-check-dns enable
set default-voip-alg-mode proxy-based
set gui-icap disable
set gui-implicit-policy enable
set gui-dns-database disable
set gui-load-balance disable
set gui-multicast-policy disable
set gui-dos-policy enable
set gui-object-colors enable
set gui-voip-profile disable
set gui-ap-profile enable
set gui-security-profile-group disable
set gui-local-in-policy disable
set gui-wanopt-cache disable
set gui-explicit-proxy disable
set gui-dynamic-routing enable
set gui-sslvpn-personal-bookmarks disable
set gui-sslvpn-realms disable
set gui-policy-based-ipsec disable
set gui-threat-weight enable
set gui-spamfilter disable
set gui-file-filter disable
set gui-application-control enable
set gui-ips enable
set gui-endpoint-control enable
set gui-endpoint-control-advanced disable
set gui-dhcp-advanced enable
set gui-vpn enable
set gui-wireless-controller enable
set gui-switch-controller enable
set gui-fortiap-split-tunneling disable
set gui-webfilter-advanced disable
set gui-traffic-shaping enable
set gui-wan-load-balancing enable
set gui-antivirus enable
set gui-webfilter enable
set gui-videofilter enable
set gui-dnsfilter enable
set gui-waf-profile disable
set gui-advanced-policy enable
set gui-allow-unnamed-policy disable
set gui-email-collection disable
set gui-multiple-interface-policy disable
set gui-policy-disclaimer disable
set gui-ztna enable
set location-id 0.0.0.0
set ike-session-resume disable
set ike-quick-crash-detect disable
set ike-dn-format with-space
set ike-port 500
set ike-policy-route disable
set block-land-attack disable
set application-bandwidth-tracking disable
end
config system sit-tunnel
end
config system arp-table
end
config system ipv6-neighbor-cache
end
config system vdom-sflow
set vdom-sflow disable
set interface-select-method auto
end
config system vdom-netflow
set vdom-netflow disable
set interface-select-method auto
end
config system vdom-dns
set vdom-dns disable
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
end
config system replacemsg-group
edit "default"
set comment "Default replacement message group."
set group-type default
next
end
config system session-ttl
set default 3600
end
config system dhcp server
end
config system dhcp6 server
end
config system zone
edit "Outside_Zone"
set description ''
set intrazone deny
set interface "port10"
next
edit "Inside_Zone"
set description ''
set intrazone deny
set interface "port9"
next
end
config firewall address
edit "none"
set uuid 80cf53a0-9fba-51ec-9be6-b74007eabe43
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 255.255.255.255
next
edit "login.microsoftonline.com"
set uuid 80cf6016-9fba-51ec-be0c-028d48d0faf8
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoftonline.com"
set cache-ttl 0
next
edit "login.microsoft.com"
set uuid 80cf6c32-9fba-51ec-c480-ffee0ab26f94
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.microsoft.com"
set cache-ttl 0
next
edit "login.windows.net"
set uuid 80cf7880-9fba-51ec-1117-fb27513a173a
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "login.windows.net"
set cache-ttl 0
next
edit "gmail.com"
set uuid 80cf8424-9fba-51ec-5659-65d02fd5bf5c
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "gmail.com"
set cache-ttl 0
next
edit "wildcard.google.com"
set uuid 80cf8fd2-9fba-51ec-7b0c-cc55cf764b96
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.google.com"
set cache-ttl 0
next
edit "wildcard.dropbox.com"
set uuid 80cf9b8a-9fba-51ec-0acd-a8852f2c1f4a
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "*.dropbox.com"
set cache-ttl 0
next
edit "SSLVPN_TUNNEL_ADDR1"
set uuid 80d94054-9fba-51ec-e630-3567fd1becb8
set type iprange
set comment ''
set color 0
set fabric-object disable
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "all"
set uuid 80d998e2-9fba-51ec-6ae4-b09445ed7230
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid 80d99aea-9fba-51ec-6fe2-a17b98274b3e
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FABRIC_DEVICE"
set uuid 80d99cb6-9fba-51ec-e62e-b841424fa8c0
set type ipmask
set comment "IPv4 addresses of Fabric Devices."
set associated-interface ''
set color 0
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid c0ae3c9c-9fbb-51ec-1447-18c5c1fef0f3
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
edit "10.0.0.0_8"
set uuid 2e3d8790-9fbc-51ec-8bca-5e95c580ea36
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.0.0.0 255.0.0.0
next
edit "192.168.0.0_16"
set uuid 491395a0-9fbc-51ec-1275-3414c9a13da4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.0.0 255.255.0.0
next
edit "172.16.0.0_12"
set uuid 58888298-9fbc-51ec-cca9-312f8a493e61
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.0.0 255.240.0.0
next
edit "Russia"
set uuid 96cea918-9fbe-51ec-e0d6-53c4a1fba7cc
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "RU"
next
edit "China"
set uuid 7c30cee6-9fbf-51ec-5d85-a2ce4f48568b
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "CN"
next
edit "Belarus"
set uuid 8fbf28b8-9fbf-51ec-69ef-572fc83693f8
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "BY"
next
end
config firewall multicast-address
edit "all_hosts"
set type multicastrange
set start-ip 224.0.0.1
set end-ip 224.0.0.1
set comment ''
set associated-interface ''
set color 0
next
edit "all_routers"
set type multicastrange
set start-ip 224.0.0.2
set end-ip 224.0.0.2
set comment ''
set associated-interface ''
set color 0
next
edit "Bonjour"
set type multicastrange
set start-ip 224.0.0.251
set end-ip 224.0.0.251
set comment ''
set associated-interface ''
set color 0
next
edit "EIGRP"
set type multicastrange
set start-ip 224.0.0.10
set end-ip 224.0.0.10
set comment ''
set associated-interface ''
set color 0
next
edit "OSPF"
set type multicastrange
set start-ip 224.0.0.5
set end-ip 224.0.0.6
set comment ''
set associated-interface ''
set color 0
next
edit "all"
set type multicastrange
set start-ip 224.0.0.0
set end-ip 239.255.255.255
set comment ''
set associated-interface ''
set color 0
next
end
config firewall address6-template
end
config firewall address6
edit "all"
set uuid 80cfe3c4-9fba-51ec-b885-7ad5ae0f228a
set type ipprefix
set ip6 ::/0
set color 0
set comment ''
set fabric-object disable
next
edit "none"
set uuid 80cfec3e-9fba-51ec-3afe-9da1db0408ee
set type ipprefix
set ip6 ::/128
set color 0
set comment ''
set fabric-object disable
next
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid 80d9441e-9fba-51ec-fb53-0cb27c846ccb
set type ipprefix
set ip6 fdff:ffff::/120
set color 0
set comment ''
set fabric-object disable
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
set comment ''
set color 0
next
end
config system ipv6-tunnel
end
config firewall addrgrp
edit "G Suite"
set type default
set category default
set uuid 80cfa97c-9fba-51ec-cb88-5fc589094707
set member "gmail.com" "wildcard.google.com"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Microsoft Office 365"
set type default
set category default
set uuid 80cfc24a-9fba-51ec-53bc-6a6c3d6964c6
set member "login.microsoftonline.com" "login.microsoft.com" "login.windows.net"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "IPv4-Private-All-RFC1918"
set type default
set category default
set uuid 87bcd064-9fbc-51ec-c912-c07ba5dfb345
set member "10.0.0.0_8" "172.16.0.0_12" "192.168.0.0_16"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Geo_Block_Group"
set type default
set category default
set uuid a62837de-9fbf-51ec-3ddf-ee9c6f1e1784
set member "Belarus" "China" "Russia"
set comment ''
set exclude disable
set color 6
set fabric-object disable
next
end
config firewall addrgrp6
end
config firewall wildcard-fqdn custom
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
end
config firewall wildcard-fqdn group
end
config firewall service category
edit "General"
set comment "General services."
set fabric-object disable
next
edit "Web Access"
set comment "Web access."
set fabric-object disable
next
edit "File Access"
set comment "File access."
set fabric-object disable
next
edit "Email"
set comment "Email services."
set fabric-object disable
next
edit "Network Services"
set comment "Network services."
set fabric-object disable
next
edit "Authentication"
set comment "Authentication service."
set fabric-object disable
next
edit "Remote Access"
set comment "Remote access."
set fabric-object disable
next
edit "Tunneling"
set comment "Tunneling service."
set fabric-object disable
next
edit "VoIP, Messaging & Other Applications"
set comment "VoIP, messaging, and other applications."
set fabric-object disable
next
edit "Web Proxy"
set comment "Explicit web proxy."
set fabric-object disable
next
end
config firewall service custom
edit "DNS"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 53
set udp-portrange 53
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTP"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 80
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTPS"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 443
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 143
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 993
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DCE-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 135
set udp-portrange 135
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 110
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3S"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 995
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SAMBA"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 139
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 25
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 465
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "KERBEROS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 88 464
set udp-portrange 88 464
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP_UDP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 389
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMB"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 445
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_GET"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_PUT"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL"
set proxy disable
set category "General"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 0
next
edit "ALL_TCP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1-65535
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_UDP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1-65535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_ICMP"
set proxy disable
set category "General"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "ALL_ICMP6"
set proxy disable
set category "General"
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "GRE"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 47
next
edit "AH"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 51
next
edit "ESP"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 50
next
edit "AOL"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5190-5194
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "BGP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 179
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 67-68
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FINGER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 79
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "GOPHER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 70
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "H323"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720 1503
set udp-portrange 1719
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IKE"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 500 4500
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Internet-Locator-Service"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IRC"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6660-6669
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "L2TP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1701
set udp-portrange 1701
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NetMeeting"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NFS"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111 2049
set udp-portrange 111 2049
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NNTP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 119
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NTP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 123
set udp-portrange 123
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "OSPF"
set proxy disable
set category "Network Services"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 89
next
edit "PC-Anywhere"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5631
set udp-portrange 5632
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING"
set proxy disable
set category "Network Services"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111
set udp-portrange 111
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PPTP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1723
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "QUAKE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 26000 27000 27910 27960
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RAUDIO"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 7070
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "REXEC"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 512
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RIP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 520
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RLOGIN"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 513:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RSH"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 514:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SCCP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060
set udp-portrange 5060
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP-MSNmessenger"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1863
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SNMP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 161-162
set udp-portrange 161-162
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SSH"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 22
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SYSLOG"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 514
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TALK"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 517-518
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TELNET"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 23
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TFTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 69
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MGCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 2427 2727
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UUCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 540
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VDOLIVE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7010
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WAIS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 210
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINFRAME"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1494 2598
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "X-WINDOWS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6000-6063
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING6"
set proxy disable
set category ''
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433 1434
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MYSQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3306
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RDP"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VNC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5900
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP6"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 546 547
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SQUID"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3128
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SOCKS"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1080
set udp-portrange 1080
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1512
set udp-portrange 1512
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1812 1813
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS-OLD"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1645 1646
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "CVSPSERVER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2401
set udp-portrange 2401
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "AFS3"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TRACEROUTE"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 33434-33535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RTSP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 554 7070 8554
set udp-portrange 554
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MMS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1755
set udp-portrange 1024-5000
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NONE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "webproxy"
set proxy enable
set category "Web Proxy"
set protocol ALL
set helper auto
set comment ''
set color 0
set visibility enable
set app-service-type disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0-65535:0-65535
next
end
config firewall service group
edit "Email Access"
set proxy disable
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Web Access"
set proxy disable
set member "DNS" "HTTP" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Windows AD"
set proxy disable
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
set comment ''
set color 0
set fabric-object disable
next
edit "Exchange Server"
set proxy disable
set member "DCE-RPC" "DNS" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
end
config firewall internet-service-group
end
config firewall internet-service-extension
end
config firewall internet-service-custom
end
config firewall internet-service-custom-group
end
config system external-resource
end
config vpn certificate ca
end
config vpn certificate remote
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config vpn certificate crl
end
config vpn certificate ocsp-server
end
config vpn certificate setting
set ocsp-status disable
set ocsp-option server
set ocsp-default-server ''
set interface-select-method auto
set check-ca-cert enable
set check-ca-chain disable
set subject-match substring
set subject-set subset
set cn-match substring
set cn-allow-multi enable
config crl-verification
set expiry ignore
set leaf-crl-absence ignore
set chain-crl-absence ignore
end
set strict-ocsp-check disable
set ssl-min-proto-version default
set cmp-save-extra-certs disable
set cmp-key-usage-checking enable
set certname-rsa1024 "Fortinet_SSL_RSA1024"
set certname-rsa2048 "Fortinet_SSL_RSA2048"
set certname-rsa4096 "Fortinet_SSL_RSA4096"
set certname-dsa1024 "Fortinet_SSL_DSA1024"
set certname-dsa2048 "Fortinet_SSL_DSA2048"
set certname-ecdsa256 "Fortinet_SSL_ECDSA256"
set certname-ecdsa384 "Fortinet_SSL_ECDSA384"
set certname-ecdsa521 "Fortinet_SSL_ECDSA521"
set certname-ed25519 "Fortinet_SSL_ED25519"
set certname-ed448 "Fortinet_SSL_ED448"
end
config webfilter ftgd-local-cat
edit "custom1"
set status enable
set id 140
next
edit "custom2"
set status enable
set id 141
next
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "IPS_Test"
set comment ''
set replacemsg-group ''
set block-malicious-url enable
set scan-botnet-connections block
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action block
set quarantine none
next
end
next
edit "gdd-botnet C&C IP blocking"
set comment "This allows you to enable botnet blocking across all traffic that matches the policy by configuring one setting in the GUI"
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
next
end
config sctp-filter profile
end
config firewall shaper traffic-shaper
edit "high-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "medium-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority medium
set per-policy enable
set diffserv disable
set overhead 0
next
edit "low-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority low
set per-policy enable
set diffserv disable
set overhead 0
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "shared-1M-pipe"
set guaranteed-bandwidth 0
set maximum-bandwidth 1024
set bandwidth-unit kbps
set priority high
set per-policy disable
set diffserv disable
set overhead 0
next
end
config firewall shaper per-ip-shaper
end
config firewall proxy-address
end
config firewall proxy-addrgrp
end
config web-proxy profile
end
config web-proxy global
set ssl-cert "Fortinet_Factory"
set ssl-ca-cert "Fortinet_CA_SSL"
set fast-policy-match enable
set ldap-user-cache disable
set proxy-fqdn "default.fqdn"
set max-request-length 8
set max-message-length 32
set strict-web-check disable
set forward-proxy-auth disable
set forward-server-affinity-timeout 30
set max-waf-body-cache-length 32
set webproxy-profile ''
set learn-client-ip disable
end
config web-proxy explicit
set status disable
set ipv6-status disable
set strict-guest disable
set https-replacement-message enable
set ssl-algorithm low
end
config web-proxy forward-server
end
config web-proxy forward-server-group
end
config web-proxy debug-url
end
config web-proxy wisp
end
config wanopt webcache
set max-object-size 512000
set neg-resp-time 0
set fresh-factor 100
set max-ttl 7200
set min-ttl 5
set default-ttl 1440
set ignore-ims disable
set ignore-conditional disable
set ignore-pnc disable
set ignore-ie-reload enable
set cache-expired disable
set cache-cookie disable
set reval-pnc disable
set always-revalidate disable
set cache-by-default disable
set host-validate disable
set external disable
end
config ftp-proxy explicit
set status disable
set ssl disable
end
config web-proxy url-match
end
config application custom
end
config application list
edit "g-default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config application group
end
config dlp filepattern
edit 1
set name "builtin-patterns"
set comment ''
config entries
edit "*.bat"
set filter-type pattern
next
edit "*.com"
set filter-type pattern
next
edit "*.dll"
set filter-type pattern
next
edit "*.doc"
set filter-type pattern
next
edit "*.exe"
set filter-type pattern
next
edit "*.gz"
set filter-type pattern
next
edit "*.hta"
set filter-type pattern
next
edit "*.ppt"
set filter-type pattern
next
edit "*.rar"
set filter-type pattern
next
edit "*.scr"
set filter-type pattern
next
edit "*.tar"
set filter-type pattern
next
edit "*.tgz"
set filter-type pattern
next
edit "*.vb?"
set filter-type pattern
next
edit "*.wps"
set filter-type pattern
next
edit "*.xl?"
set filter-type pattern
next
edit "*.zip"
set filter-type pattern
next
edit "*.pif"
set filter-type pattern
next
edit "*.cpl"
set filter-type pattern
next
end
next
edit 2
set name "all_executables"
set comment ''
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp sensitivity
edit "Private"
next
edit "Critical"
next
edit "Warning"
next
end
config dlp fp-doc-source
end
config dlp sensor
edit "g-default"
set comment "Default sensor."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "g-sniffer-profile"
set comment "Log a summary of email and web traffic."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
end
config webfilter content
end
config webfilter content-header
end
config webfilter urlfilter
end
config videofilter youtube-key
end
config videofilter youtube-channel-filter
end
config videofilter profile
end
config webfilter ips-urlfilter-setting
set device ''
set distance 1
set gateway 0.0.0.0
set geo-filter ''
end
config webfilter ips-urlfilter-setting6
set device ''
set distance 1
set gateway6 ::
set geo-filter ''
end
config emailfilter bword
end
config emailfilter block-allow-list
end
config emailfilter mheader
end
config emailfilter dnsbl
end
config emailfilter iptrust
end
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set url-block-detected high
set botnet-connection-detected critical
config malware
set virus-infected critical
set fortindr critical
set file-blocked low
set command-blocked disable
set oversized disable
set virus-scan-error high
set switch-proto disable
set mimefragmented disable
set virus-file-type-executable medium
set virus-outbreak-prevention critical
set content-disarm medium
set malware-list medium
set ems-threat-feed medium
set fsa-malicious critical
set fsa-high-risk high
set fsa-medium-risk medium
end
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
set level low
next
edit 2
set category 6
set level medium
next
end
end
config icap server
end
config icap profile
edit "default"
set replacemsg-group ''
set request disable
set response disable
set streaming-content-bypass disable
set preview disable
set methods delete get head options post put trace other
set icap-block-log disable
set chunk-encap disable
unset extension-feature
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$user"
set base64-encoding disable
next
edit 2
set name "X-Authenticated-Groups"
set content "$local_grp"
set base64-encoding disable
next
end
next
end
config system network-visibility
set destination-visibility enable
set source-location enable
set destination-hostname-visibility enable
set hostname-ttl 86400
set hostname-limit 5000
set destination-location enable
end
config user certificate
end
config user radius
end
config user tacacs+
end
config user exchange
end
config user ldap
end
config user krb-keytab
end
config user domain-controller
end
config user pop3
end
config user saml
end
config user fsso
end
config user adgrp
end
config user fsso-polling
end
config user fortitoken
end
config user password-policy
end
config user local
end
config user setting
set auth-type http https ftp telnet
set auth-cert "Fortinet_Factory"
set auth-ca-cert ''
set auth-secure-http disable
set auth-http-basic disable
set auth-ssl-allow-renegotiation disable
set auth-src-mac enable
set auth-on-demand implicitly
set auth-timeout 5
set auth-timeout-type idle-timeout
set auth-portal-timeout 3
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
set per-policy-disclaimer disable
set auth-ssl-min-proto-version default
unset auth-ssl-max-proto-version
set auth-ssl-sigalgs all
end
config user peer
end
config user peergrp
end
config user quarantine
set quarantine enable
set traffic-policy ''
set firewall-groups ''
end
config user group
edit "SSO_Guest_Users"
set authtimeout 0
set http-digest-realm ''
next
end
config user security-exempt-list
end
config vpn ssl web realm
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set os-type windows
set type av
set version ''
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set os-type windows
set type fw
set version ''
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set os-type windows
set type av
set version ''
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set os-type windows
set type fw
set version ''
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set os-type windows
set type av
set version ''
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set os-type windows
set type fw
set version ''
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set os-type windows
set type av
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set os-type windows
set type fw
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set os-type windows
set type av
set version ''
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set os-type windows
set type fw
set version ''
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set os-type windows
set type av
set version ''
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set os-type windows
set type av
set version ''
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set os-type windows
set type fw
set version ''
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set os-type windows
set type av
set version ''
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set os-type windows
set type fw
set version ''
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set os-type windows
set type av
set version ''
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set os-type windows
set type fw
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set os-type windows
set type fw
set version ''
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set os-type windows
set type av
set version ''
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set os-type windows
set type fw
set version ''
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set os-type windows
set type av
set version ''
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set os-type windows
set type fw
set version ''
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set os-type windows
set type av
set version ''
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set os-type windows
set type fw
set version ''
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "web-access"
set tunnel-mode disable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set dns-suffix ''
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "tunnel-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode disable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
next
end
config vpn ssl settings
set status enable
set reqclientcert disable
set ssl-max-proto-ver tls1-3
set ssl-min-proto-ver tls1-2
unset banned-cipher
set ciphersuite TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set ssl-insert-empty-fragment enable
set https-redirect disable
set x-content-type-options enable
set ssl-client-renegotiation disable
set force-two-factor-auth disable
set servercert "Fortinet_Factory"
set algorithm high
set idle-timeout 300
set auth-timeout 28800
set login-attempt-limit 2
set login-block-time 60
set login-timeout 30
set dtls-hello-timeout 10
set dns-suffix ''
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set url-obscuration disable
set http-compression disable
set http-only-cookie enable
set port 443
set port-precedence enable
set auto-tunnel-static-route enable
set header-x-forwarded-for add
set dtls-tunnel enable
set check-referer disable
set http-request-header-timeout 20
set http-request-body-timeout 30
set auth-session-check-source-ip enable
set tunnel-connect-without-reauth disable
set hsts-include-subdomains disable
set transform-backward-slashes disable
set encode-2f-sequence disable
set encrypt-and-store-password disable
set client-sigalgs all
set dual-stack-mode disable
set tunnel-addr-assigned-method first-available
set saml-redirect-port 8020
set dtls-max-proto-ver dtls1-2
set dtls-min-proto-ver dtls1-0
end
config vpn ssl web user-group-bookmark
end
config vpn ssl web user-bookmark
end
config vpn ssl client
end
config voip profile
edit "default"
set feature-set proxy
set comment "Default VoIP profile."
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line pass
set malformed-header-via pass
set malformed-header-from pass
set malformed-header-to pass
set malformed-header-call-id pass
set malformed-header-cseq pass
set malformed-header-rack pass
set malformed-header-rseq pass
set malformed-header-contact pass
set malformed-header-record-route pass
set malformed-header-route pass
set malformed-header-expires pass
set malformed-header-content-type pass
set malformed-header-content-length pass
set malformed-header-max-forwards pass
set malformed-header-allow pass
set malformed-header-p-asserted-identity pass
set malformed-header-sdp-v pass
set malformed-header-sdp-o pass
set malformed-header-sdp-s pass
set malformed-header-sdp-i pass
set malformed-header-sdp-c pass
set malformed-header-sdp-b pass
set malformed-header-sdp-z pass
set malformed-header-sdp-k pass
set malformed-header-sdp-a pass
set malformed-header-sdp-t pass
set malformed-header-sdp-r pass
set malformed-header-sdp-m pass
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
edit "strict"
set feature-set proxy
set comment ''
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line discard
set malformed-header-via discard
set malformed-header-from discard
set malformed-header-to discard
set malformed-header-call-id discard
set malformed-header-cseq discard
set malformed-header-rack discard
set malformed-header-rseq discard
set malformed-header-contact discard
set malformed-header-record-route discard
set malformed-header-route discard
set malformed-header-expires discard
set malformed-header-content-type discard
set malformed-header-content-length discard
set malformed-header-max-forwards discard
set malformed-header-allow discard
set malformed-header-p-asserted-identity discard
set malformed-header-sdp-v discard
set malformed-header-sdp-o discard
set malformed-header-sdp-s discard
set malformed-header-sdp-i discard
set malformed-header-sdp-c discard
set malformed-header-sdp-b discard
set malformed-header-sdp-z discard
set malformed-header-sdp-k discard
set malformed-header-sdp-a discard
set malformed-header-sdp-t discard
set malformed-header-sdp-r discard
set malformed-header-sdp-m discard
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
end
config system sdwan
set status disable
set load-balance-mode source-ip-based
set speedtest-bypass-routing disable
set duplication-max-num 2
set neighbor-hold-down disable
set neighbor-hold-down-time 0
set neighbor-hold-boot-time 0
set fail-detect disable
config zone
edit "virtual-wan-link"
set service-sla-tie-break cfg-order
next
end
config health-check
edit "Default_DNS"
set probe-packets enable
set addr-mode ipv4
set system-dns enable
set detect-mode active
set ha-priority 1
set dns-request-domain "www.example.com"
set dns-match-ip 0.0.0.0
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Office_365"
set probe-packets enable
set addr-mode ipv4
set server "www.office.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Gmail"
set probe-packets enable
set addr-mode ipv4
set server "gmail.com"
set detect-mode active
set protocol ping
set ha-priority 1
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
next
end
next
edit "Default_Google Search"
set probe-packets enable
set addr-mode ipv4
set server "www.google.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_FortiGuard"
set probe-packets enable
set addr-mode ipv4
set server "fortiguard.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end
config vpn ipsec phase1
end
config vpn ipsec phase2
end
config vpn ipsec manualkey
end
config vpn ipsec concentrator
end
config vpn ipsec fec
end
config vpn ipsec phase1-interface
end
config vpn ipsec phase2-interface
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config vpn ipsec forticlient
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set use-extreme-db disable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set agelimit 0
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
unset drop-blocked
set store-blocked imap smtp pop3 http ftp nntp imaps smtps pop3s ftps mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
set lowspace ovrw-old
set destination disk
end
config ssh-filter profile
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
end
config webfilter override
end
config webfilter ftgd-local-rating
end
config webfilter search-engine
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "translate"
set hostname "translate\\.google\\..*"
set url "^\\/translate\\?"
set query "u="
set safesearch translate
next
edit "yt-video"
set hostname ''
set url "www.youtube.com/watch"
set query ''
set safesearch yt-video
next
end
config emailfilter profile
edit "default"
set comment "Malware and phishing URL filtering."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
end
config wanopt settings
set host-id "default-id"
set tunnel-ssl-algorithm high
set auto-detect-algorithm simple
set tunnel-optimization balanced
end
config wanopt peer
end
config wanopt auth-group
end
config wanopt profile
edit "default"
set transparent enable
set comments "Default WANopt profile."
set auth-group ''
config http
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config cifs
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config mapi
set status disable
set secure-tunnel disable
set byte-caching enable
set tunnel-sharing private
set log-traffic enable
end
config ftp
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config tcp
set status disable
end
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log disk setting
set status disable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log disk filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
end
config log fortiguard override-setting
set override disable
set access-config enable
end
config log tacacs+accounting setting
set status disable
end
config log tacacs+accounting2 setting
set status disable
end
config log tacacs+accounting3 setting
set status disable
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set log-invalid-packet disable
set local-in-allow disable
set local-in-deny-unicast disable
set local-in-deny-broadcast disable
set local-out disable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set fortiview-weekly-data disable
set expolicy-implicit-log disable
set log-policy-comment disable
set faz-override disable
set syslog-override disable
set rest-api-set disable
set rest-api-get disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
edit "Outside_Pool"
set type overload
set startip 198.36.24.240
set endip 198.36.24.241
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
edit "VIP_Webosphere"
set id 0
set uuid cee90f74-9fbd-51ec-8812-57713fdf5603
set comment ''
set type static-nat
set extip 198.36.24.16
set nat44 enable
set nat46 disable
set mappedip "10.1.48.117"
set extintf "port10"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
end
config firewall vip6
end
config firewall vipgrp
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set password ENC BPJqYaU3IBul6Eu+yWo7I4MCEJYH02tWDlF8NVSjYdnwcK5Z+BkrwnlAflqjuK3+c+b4IxoGMq5YCk2h0t2c67r4zBAwfs+ZBgXVD1KIOAGgCt2eKZKG5SebPfjqeS/C+uNPclAhBjvm6DAVnTq0KxNQ2x/R8m3lN8l5lMKKl1O672ADqNFbJGGFsfXLz2X27QgY0w==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDWMdT3yG
/DLzIBU5O0UtJ/AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgxMcP4nd5bs47/RHx
ArZUDjNCJzDVajX1tIDHffLzzlLm2RRU/wKXccxXn1TC14JdA3gOmS/hFa1C/ctWGGFdz1
RDMGJtXQ8+APtMlY7LoLq0soKjkNkY5KDgGBqbZ8dLcYCKYfl4RoCWGeKNYKjbdudRmuix
GP/Iy8L+8qLZd7rSDA6q48zv82nNbPUCtSgRLiG9/CDTQx1ICwO61rdjQLqvwycJ7//885
eXUyaiDA7DD8p/Q/y3L23iLI/t8VEe7sCeFcoFPmJxKURNoCg119GObjEYNDokpv9QOC2G
/uGE672Yvr9YFLe1RPwWpMgQr05tVu05HiPvRlX+hORf+Q80PQaxyCnSGkGh9FHq2Cph3F
nOlujutMPe0E9do0qGavzo7yw4g4L5fUUxgUoWLZPfE0dt7Dy1IP+kltIUqGu6a2StNq8U
rYEYAjVHzaKoU+95oZLimCj0n61LyCNXVg+gcIb+FIq6B4WQhRNJ0ltK7k5TKvCcnClWzj
DDVeZYF7XOPX9S38MGt9vfWZEF+ZnUrGdl4Py5khdfH99mlSDwt42flFQf2usHNR3ZaaHU
meM/WUb803e5fUpdeWXtOx9b+YmRujD4g0N49/OISwkC0MIfhdG2FDsuvpLiZit7
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC hvMEIsRL/yFwQXpeYJuBtx5+FFd2V1gtbK1MQ2NckqXMWtjMmgDF7KZA6BFNetSOLZoVFVRA9ub9W+eVy9RbCFt2DCDVjlRdJa5bDQHZ66gSOpZOIHJa3dfQhKAjo27QrthE74I3pywR9zdvcC7Rf8DKESGV66GWx7RwbyCYdzh8lbrEXDiAHKF3FBGq6A7EcQqrfw==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCYj0k4bh
mxNdVne/WYI48/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgQHrpN3sAxVooYsKXIb5xGNvvwxUtTIIAisaQ
ftEDAx3nTj7+NLlPATgMRDy12pescKquy79fyCFgENFUP+K2pfPsb2IE/RdTcmBsL0646h
hL2sHeuvZ/mhIMti3oLfj91bBs7TBB2MRvHRYvcZD6rdAkumBmyrSPUO4JwqSPkI68kBVo
C9C5gBWgfhqKs6DGgceAFVxbb9+RWrpH9YCpIA==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC HwsQAyG3QQvdxnQP2uMyV6o+zE6cZPLvVEb04n+ZLiP9gBu632dEz0bsEONpod2Amhxr9Awij0Y3njfoiCSa2N3LTfUHf7Ewjrp9yWR4a1Jc1+NrD2exogpzljfVotd9Rewi7ffxSPYA5ZuU+pf+TrcjW3tk+vIKMI+XAICkoW5MnHsxa36Nh47WuWbDlckTJKASMA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN9BRJMR
77/5pUXIX3azbHAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANChlajlzxrBilfuFt0NeQjCmvICKuDRnd+bDSBxAVZcAnFPKPN/ZOUsHIFry+62R4
xmcknYeWtA09QFKdSbyeOUyqI4CmeqxufXPlPk8N2Mjg/Rub53WkREGx7nv335EUtKyIIE
qc7vNaHvrM8CbUwCD53Tmrv126aSxuuDEBhth1CkIT8LZEcTEYRSHAZEojS8TB4UhHLRfm
Rn+DmbJga0IDnPc/ZgNHGTqYx2toV2Fy/DCJ2en2FejJU89J9ZFrGUfz117vVweEVGLCBr
4j10
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC V075QQRx499zyfx6G73smnU+TiVFjwnwfuBfI2b6xLrOp6TAd9qt4GPIKkNdtiAslTeZ3Xc4627XjzNzw1dAwx0j7Nk/hVoSPCboe7CewxHCw4gV8MufWuWsoocDfOjVs7Pk5RiAl9RscPNg33bK4ST3ngT5yznSDldq6ulcEeZMQGKoZBzulaufkyMVEIe6o38y3Q==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBTZME+kF
3Bzq+XqVo08S4FAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC/5NwC8S8n04Bskl
P/Wnde2xZxoWXlBYuV8iJ8OmT7RRVEi3NhVGbIJMqlXfTVi67DgfbtMpVNVhO3UMwPAoC4
8zcMmJ/1aA58Y+5H8DuYRMfAnuky6vWJFBA4DXgx/vmrn8UK1E2xgW8dgaEEDlLQPittQc
hlwRhgSZrJoRtQPn8OA5ZNePcblOq1WH6PanQP7Bj2SubMTTZ0Mo+gy7y11wDAMd0MYN6Q
d2biFs9XCB9xGNGQIrgOEUQoFJ8AyrbQzZt3Tr7tthp0GDyWoCNICjY/vKS9Av/xMMHaq9
cjEJOwfxqaJfVrEn2/6DS1t2SyTD9C8imQOI2xz/fdVCaO
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC W28Up61fyN5pyvC3j4A0Pyc1KGOBRyZtZhEoopvJikTd1496wj6jAPs012beQOlooE40aqD+LZp+JXqNzO2HV3iczAAcix70fUL8qunwmlVXY26cLA2CGXFkzdrBn/EMhsokgQy1+ouLRFDQsn761p9m69QCuEpdYhnb7zmoNWG4LIVw7fgcxDdZhovWy66j1rGnvQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAedjCOkt
+sFbLzTS4y12TbAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkCa1NSX8hj+j3jVwv2A2AU/gLRKzX4h+Gwxyxz
JeBT+OyHbzc8MDCIh8a3tf0fJiQ6VJdj3JjhBrp1OWfy2GHkfpMInRlGGz0Hu4XMU702a0
MgwELDyqSpEdZupNMH44pIjkI0iY/ipgwuNDOTIenADwbqdkC2oX9XA3jIutAB++JU4rvR
NwgjPHD1irGOM7Gg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set password ENC eDnJxT8KcoDDJfhg8tXLQAIuo4chMo+HvyDVopCPKCAiEu+mkYbaV77Va+tekSA5HY40DyQ3glohiRXl5h9Ifz1EtXNdhx+0DFPUtcwfr1voh6cRqmPWu+yGkxVJXAK3biVV53bsu4R2hZpctLzZeG6Lo04aiGGWiUz2nUi383BY6bIOE+BKVhelPadYwbaywg74oA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA1mO561N
c7CpF0rN+BdOBQAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwMcyMNKCNYzFHF
tA305t53D83ogXcTrwO8f3ScWdcLBap5o0aqwfOrswdChdOytbHMx3lmpnLZvFt2JbcqT0
jDm+ZSb5NwFCW2h5MJlnLolIx85H0ab7XO+JhK1c/J3U0K/m0Y6q3uXObJsAInPNAJDjqL
VUxgIU438n7dB/NkWQWNjVaddEO/tK9UzzUd5a5JuG2lsukXLGFRC0XIJ94Q9BFuiziNmX
QUZ7LRqm59ZcsixGSQ1YApEvTZFf+Yd/umWIh9bbHeCAZOWZukDy47VLy2uVd3H+HLOSno
ZBpX7xa3c6mjI/oHgz7lQAybNzbPoJiBKq5VlTBhR9kTdB3JnnzKegLNwRtsdtEim/O4xJ
QPxfwGSzE57M9OgPGZMOuFu8Fh07tV06dUnfe9mGDLiQ3HWCZoRW5tuCE0fsieAseqqEiS
Vy13DPGtkSSLUKmBpJQvR6yK79GtMyIxZEmC43xHmCghHTebSnK45ikagYh0BsK01Q1rx1
syqY2Ul3bwCSCTuK2sjqnmgGEIIUI8Yikj0kDLSVJukfxdjU/c4eOcqj8yuRbQyfzFmHsv
debbeU1+oI08M0c5kKVTNeTWQ0iXuETJX1G3gu44xtkQLbCmF4K3byAPGnR2FIBG8tnPaJ
JCjhZQmN1nohNXt5F7nSALJ3UVSpzD6fnKBQSfxbKN4EAggu0NpX3QyhoDvWx378MRukGn
OkLi2Z7c/iZrS5w6Jt+kTJ7n6T5ciiaIvzgi7YjtS7ogwNQfodpXC/pd9KE/H7hgrtwclt
bP9bkpWQKIh/Z4hl2B8hqHDk1wDhNRHRyT2rvuoipJLroyYAZKxS1qerGuArwmxv1YNeNm
oq5Ibisn/CTLT6zVaKmdHD+qBGd46IlEobgLRd3bmKsBIf5hUfd+LcThhOT4OgjgK2jqAS
zOLrNH/Ns+Ut+tz7DhzoRhoTzfitjKdjHl8libziHU4rbulbEuqhnxlGrb9G6xKeFOG1Ha
JUkWoRzX5/tljM2GZRQciN6BF/L9kDboLnR6V2sOS6r/BlnlUMmKhxC81CTzejn4I+XSYk
Y5dBb9PhA2dJuhkgZEj4vGDkXdnL0fSI9qccHAKkAjd4ECFMRtqjnkdLtUODi6EZiZYDJI
zcVK0VdeqiSP2M+vx2WwLKdwVBdhHXyrxv5JGwKaYkmaYwFCJ6DRttHlaTID4HgjVWJCVR
O9UaKreP6Uz9G/L0J54iEclbiKHkC38/IMhi9XhslLzD39f42oKLedWYTJiVgsr3klwtMk
GvWZyLtg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC EN/V+AHqmcZwiNqyI95FupIMjIEX7qGcnxnxKzZQAtmywN99HAjFnEZfV9W6jErqIB55tMRdT6T0G3A0BBfxCrBRoFf2ytV4xavecTMU65vjBgRLNHDFBXtM9fh25LZ1EPfEKvKgrfjKk9dXYT7YMArPETzqa6IAZww9/07aVG0BVGPiBqwUsMdSEcvWjJsoa81lYg==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBf8C4hJd
+M6AVhFqreO879AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNT2HECamLA8UM
fFNSAnPj7lq5k64lxdOyGKKbIDDF/wS2H8g2ZlCuJwGpgHoVeFPiqQhJMjBSfwWDS8oOZA
po7PyvszP6XAbnIpBHUMDNdUr1Clso9ra9d2oP43fjhzRSHBD0j/x1nJRvse/cP5XuCa4Z
pGFpgVsz7q+XNEXou8YpAndqUebw/wm3MNzS2AE5YYFQofhSKBxyNSYrsPdaoasmwbnGuv
XW9vPFnDxNNJ0IkEUeXAWZaE2sBYP3qD4C97curFpYuAPYH5FnvvMLuUtyRFzYMv3WKi8z
Mw+01rU4yVtCVoAMYCfqjnisIyxgyQHLpLFfWkvIz6IgAQWVtBypJHxiiG2wcLHscWI0gQ
uCMN/n5QkbBcskRpy52lFypQ2eosTLMzrwfqQF5PDoDz/2Jnf5qXK9hQsNA3fHn2KoyODY
VmXb1G044Qq3/3ZsW7zkgWfyWJ1fgcIYiJg+wy/KQBkPlew/m5oheT8bs0aivJ8FW8gS1u
8zq/lBhWxsSsCfD8/nD9ROanz8yArOa8WfF/BFLs1UqkB4oAuVa5dA9xVhIeBbeA6E8eRm
ucu/a6+tmjaELkiwwscurSqEgELD+K5esR23MAe/Aw5BuzGHRdEDwa79PuqtgpMP7QEFND
yL/Xe6E4TGMTV5hQYpj7e5dunhr60rd4kg+ZAgfRwDzOaU2ry7n2bSxY/Cauc/dogM0rbG
SHCohMdMp0We53Y2J7ffmZzDySRIfgxRpjGN/Zv1QH1s3fbqwEG5R2leAlG0+bdN9jXn5F
dcZ4TGrm8wluUwfrU+mXcoAzelwuphNfbzwp0rIEnxIZxd6puFV7Svlsg4STr1YvA98E7N
2gDQhd3vYyIFPZG6CtAjzjP3e4KzEXghjgHXLYI31dS8HCVOKCC91tTc5Ojll76jmakIWT
r9dhSvjkACc688ixxo40qtX79Y33a8lEh1YZqPZ+qF/RgwQS4Wpa8hyZS6xFN2kMtQc9Up
gCurTRhfA9R5c/Mbgn097CYBOwu3nCfcjgBQ03xwmUJpB2pVKngd/dc/n37J2Z97Nl4Wu3
Zs4ftOGyqXgmM61ddTYhF6ZZbpjBkdKFFEfl6XkBZDUiVaMsq7hIiCYUCGE/cvljzYuntt
XEnf4fO8Ifr8sviwPE4gRaHHePPo9EtFAlSewYzeI3M1EkYPAzSf28ztk74FydHUGfqPkF
RjGiTkUG4NozwGmSG3LGYleBc0CySr+j4Q/qiCEgRQpkihrWkO/j+ILiog9Trh5x/+c2X9
V9G26szw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC fTnMJMWShzuXnAg0CJY52yjGehQI52Sdv2/OxnqY6bkLdfwybESjysakTk50T8uXaYPGSkLGcNH8QtkR7jxOIQRjmwXyDYgh6XBtm9egZrkjvRP/c6l3RSX4h27pe0nBvHzJtNPRMK5ZCSMyB81JBDH0KHXV8kugaTGlSdwYH5YYZdpVCIGbzFl8gPvx0UYEzis85w==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBU2aLPen
uU59+GRRZCZgSJAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwEWDeIVUpNfN6N
N9tfe7OnulqQ3OdP7T7M8A596uBvR4P1G7BAcPgC+xoTQP+W94crBOhoq49mlZJBJGnPwg
+ufxwO8eg8NUAPyMAaS6M8yaTcFvopwbZnMo8Ioey1rX/1JD0W+RJwV7N8FM95waqsjDnB
fLQy2F8KvzvycsQF4ATAVPbrkcaED3JxQEiHtlMZuIuCtB3Gq0xYJ6sz84NpW2aXlPFzuu
80YhUVuD7oZESSRIzMZ35/Td1rXeP/JOgFkrL0NSb7RgaHDqFKE4LHC+o+NgskxRPumlhb
H160LskSooMIVZCKGTii/c1Ipo2YVrAeaUrxgRSGQPeHJ4pivs8/bYP9fd1AHQ64UTX56x
P60fOA9lhwQtnlox+7J6H1biMMrwboqpI/19y+Qmfd35jbIUTwzxbEeqw55Vxcn29FGU1S
CtkHwyGB38OFFlawdb05PMT3X5KKXmss8ge4xAoRXooNbVAy6p9R0jrSyU1CKvnYoXPyjd
nEa6FBZTJNo9ygt0TnlNYEpdaCmiknxMxxnHN3oVLpSLeEHjEqFIXwr+322OqN1Wt90pD0
QV/5UxiT+bX55IYcz0F9Y05kw60Okc/Gy6NGPyOjuLpHGgVWI+WDueR5sBFP3nQmUjvCi6
jzzTNgSQV9ED9klycj4NCqNZvbqHAE3PKp5hRkUZ4GB8aGb2NzuUs3cx+JDgLxIW5QC6v6
kfgc1FAYaVH2cm+FHX+pt+uSqB38RE10lnfnR1oG3ldegelN4lJYkibIafYynDrzv1Xi8j
Oqd4z/ds41KcGll9gsWclP7MmhL2s6w/cOOwRvZRDNknK1uA111B+yPdsuA78N0ACYulAX
HT1aiEnwFjfaZauBSPtJex0TbjAQWZ5b6+0XAjkfru+ptV9GfMEsQpfHBIge4JmkcXCFoE
czjAqskJ9YddKe2FfJGxc1jMCkmA+h/2oR8OyMUSGXxTwKLPabeUFwBuPKH56PqAjIPoKW
4h+EPfOx3pPY92rDvZ/ETBNf+o/vvxkOPmh3TSRoo2knQvNuWiQ7OPGXrXa0PeZ1UvDRuU
PMTkbpooKletk49Jw8WOzUqIRd8yF8g2i8tzZ2Xlr8RnOLRBsOzXagjBGyk56kAMhaOOrm
n+MTbxpM61zYilvCOBeSIvzWp4DjjqXfuFcEpzEHDTZ9Yvz474s1qinmgEibtYSoY61d9d
QxAI2xneFlb207A+/PTuFaDoCE9g/CD17Rc+WoCP0eU8p/yaLpWIq0JQyEXK48vKCJcVvM
gs3wZo+Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssh setting
set caname "g-Fortinet_SSH_CA"
set untrusted-caname "g-Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "g-Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "g-Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "g-Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "g-Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "g-Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "g-Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set tunnel-non-http enable
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set block-page-status-code 403
set retry-count 0
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status certificate-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log enable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log enable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log enable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log enable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log enable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log enable
set severity high
end
config main-class 90000000
set status enable
set action block
set log enable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall profile-group
end
config firewall ssl-server
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
end
config firewall policy
edit 3
set status enable
set name "Block_Countries_In"
set uuid d7dbce76-9fbf-51ec-ab77-fee1db8aeb26
set srcintf "Outside_Zone"
set dstintf "Inside_Zone"
set action deny
set ztna-status disable
set srcaddr "Geo_Block_Group"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic disable
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 4
set status enable
set name "Block_Countries_Out"
set uuid f8b4eb14-9fbf-51ec-ed6e-96e27dc1b1c9
set srcintf "Inside_Zone"
set dstintf "Outside_Zone"
set action deny
set ztna-status disable
set srcaddr "all"
set dstaddr "Geo_Block_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic disable
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 2
set status enable
set name "Webosphere"
set uuid 0d8e5202-9fbe-51ec-0286-714f8e196589
set srcintf "Outside_Zone"
set dstintf "Inside_Zone"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "VIP_Webosphere"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "IPS_Test"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 1
set status enable
set name "Internet_Access"
set uuid bfdac172-9fbc-51ec-a83b-8104f6e36fd1
set srcintf "Inside_Zone"
set dstintf "Outside_Zone"
set action accept
set ztna-status disable
set srcaddr "IPv4-Private-All-RFC1918"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "Outside_Pool"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
end
config firewall traffic-class
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall proxy-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
end
config firewall DoS-policy6
end
config firewall sniffer
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp settings
set mode disable
end
config switch-controller ptp policy
edit "default"
set status enable
next
end
config switch-controller vlan-policy
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization enable
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set collector-ip 0.0.0.0
set collector-port 0
set transport udp
set level ip
set max-export-pkt-size 512
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 1000
set weight-dfs-channel 500
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel disable
set include-dfs-channel disable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller address
end
config wireless-controller addrgrp
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extender-controller dataplan
end
config extender-controller extender-profile
end
config extender-controller extender
end
config system ips
set signature-hold-time 0h
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set ips-packet-quota 0
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set IPsec-errors-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set log-disk-usage-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
set local-disk-usage 75
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
set restart-period 120
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
set as 0
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC tYTPglvrVMcFDaqg6wZw5SxGvllCHIIj+KCVD8Es6At5TSdSLZdYSE2Hkc58H2K3xuHgHypCKTb4LqxJGd8O9YRpfrRo79itvFHtQUA60CSa9pz5cw8mgBYbQ5aN3zjsEzKSjDCH3c+X1lyVWq/RC3bHyFG5mdK5yOZKl5soAVT5LLHAJNTy/aK/J7zwdlGoPKF/4Q==
set auth-password-l2 ENC B6KDjowZVjyzOFMj9gbV5txoyXI5YRKlTfbtSkF4nlk1HUl1MVUoNpIR5O1mBC70YdQr4j/ngaN0M0wrxZf3nuiPGqtBzbQXCqZmlhXx0WmwnGwWb+IJksDhkH4P2q1CyQy24wESr2DzZLB3nEOBnbwYCRTwbFTPmWeh04cDJgu1rbTNKEqpvHY8iS+Kh75LVZiRbA==
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-register-checksum disable
set cisco-crp-prefix disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-tunnel
set status disable
end
end
config vdom
edit scsd
config wireless-controller hotspot20 anqp-venue-name
end
config wireless-controller hotspot20 anqp-venue-url
end
config wireless-controller hotspot20 anqp-network-auth-type
end
config wireless-controller hotspot20 anqp-roaming-consortium
end
config wireless-controller hotspot20 anqp-nai-realm
end
config wireless-controller hotspot20 anqp-3gpp-cellular
end
config wireless-controller hotspot20 anqp-ip-address-type
end
config wireless-controller hotspot20 h2qp-operator-name
end
config wireless-controller hotspot20 h2qp-wan-metric
end
config wireless-controller hotspot20 h2qp-conn-capability
end
config wireless-controller hotspot20 icon
end
config wireless-controller hotspot20 h2qp-osu-provider
end
config wireless-controller hotspot20 qos-map
end
config wireless-controller hotspot20 h2qp-advice-of-charge
end
config wireless-controller hotspot20 h2qp-osu-provider-nai
end
config wireless-controller hotspot20 h2qp-terms-and-conditions
end
config wireless-controller hotspot20 hs-profile
end
config wireless-controller vap
end
config system object-tagging
edit "default"
set address optional
set device optional
set interface optional
set multiple enable
set color 0
next
end
config switch-controller traffic-policy
edit "quarantine"
set description "Rate control for quarantined traffic"
set policer-status enable
set guaranteed-bandwidth 163840
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
edit "sniffer"
set description "Rate control for sniffer mirrored traffic"
set policer-status enable
set guaranteed-bandwidth 50000
set guaranteed-burst 8192
set maximum-burst 163840
set cos-queue 0
next
end
config switch-controller fortilink-settings
end
config system stp
set switch-priority 32768
set hello-time 2
set forward-delay 15
set max-age 20
set max-hops 20
end
config system settings
set comments ''
set opmode nat
set policy-offload-level disable
set ngfw-mode profile-based
set http-external-dest fortiweb
set firewall-session-dirty check-all
set bfd disable
set utf8-spam-tagging enable
set wccp-cache-engine disable
set vpn-stats-log ipsec pptp l2tp ssl
set vpn-stats-period 600
set v4-ecmp-mode source-ip-based
set fw-session-hairpin disable
set prp-trailer-action disable
set snat-hairpin-traffic enable
set dhcp-proxy disable
set central-nat disable
set lldp-reception global
set lldp-transmission global
set link-down-access enable
set nat46-generate-ipv6-fragment-header disable
set nat46-force-ipv4-packet-forwarding disable
set nat64-force-ipv6-packet-forwarding enable
set auxiliary-session disable
set asymroute disable
set asymroute-icmp disable
set tcp-session-without-syn disable
set ses-denied-traffic disable
set strict-src-check disable
set allow-linkdown-path disable
set asymroute6 disable
set asymroute6-icmp disable
set sctp-session-without-init disable
set sip-expectation disable
set sip-nat-trace enable
set h323-direct-model enable
set status enable
set sip-tcp-port 5060
set sip-udp-port 5060
set sip-ssl-port 5061
set sccp-port 2000
set multicast-forward enable
set multicast-ttl-notchange disable
set allow-subnet-overlap disable
set deny-tcp-with-icmp disable
set ecmp-max-paths 255
set discovered-device-timeout 28
set email-portal-check-dns enable
set default-voip-alg-mode proxy-based
set gui-icap disable
set gui-implicit-policy enable
set gui-dns-database disable
set gui-load-balance disable
set gui-multicast-policy disable
set gui-dos-policy enable
set gui-object-colors enable
set gui-voip-profile enable
set gui-ap-profile enable
set gui-security-profile-group disable
set gui-local-in-policy enable
set gui-wanopt-cache disable
set gui-explicit-proxy disable
set gui-dynamic-routing enable
set gui-sslvpn-personal-bookmarks disable
set gui-sslvpn-realms disable
set gui-policy-based-ipsec disable
set gui-threat-weight enable
set gui-spamfilter disable
set gui-file-filter disable
set gui-application-control enable
set gui-ips enable
set gui-endpoint-control enable
set gui-endpoint-control-advanced disable
set gui-dhcp-advanced enable
set gui-vpn enable
set gui-wireless-controller disable
set gui-switch-controller disable
set gui-fortiap-split-tunneling disable
set gui-webfilter-advanced disable
set gui-traffic-shaping enable
set gui-wan-load-balancing enable
set gui-antivirus enable
set gui-webfilter enable
set gui-videofilter enable
set gui-dnsfilter disable
set gui-waf-profile disable
set gui-advanced-policy enable
set gui-allow-unnamed-policy enable
set gui-email-collection disable
set gui-multiple-interface-policy enable
set gui-policy-disclaimer disable
set gui-ztna enable
set location-id 0.0.0.0
set ike-session-resume disable
set ike-quick-crash-detect disable
set ike-dn-format with-space
set ike-port 500
set ike-policy-route disable
set block-land-attack disable
set application-bandwidth-tracking disable
end
config system sit-tunnel
end
config system arp-table
end
config system ipv6-neighbor-cache
end
config system vdom-sflow
set vdom-sflow disable
set interface-select-method auto
end
config system vdom-netflow
set vdom-netflow disable
set interface-select-method auto
end
config system vdom-dns
set vdom-dns disable
set alt-primary 0.0.0.0
set alt-secondary 0.0.0.0
end
config system replacemsg-group
edit "default"
set comment "Default replacement message group."
set group-type default
next
end
config system session-ttl
set default 3600
end
config system dhcp server
end
config system dhcp6 server
end
config system zone
edit "outside"
set description ''
set intrazone allow
set interface "outside lag"
next
edit "inside"
set description ''
set intrazone allow
set interface "inside lag"
next
edit "city_phones"
set description ''
set intrazone allow
set interface "city_phones lag"
next
end
config firewall address
edit "SSLVPN_TUNNEL_ADDR1"
set uuid e532a73a-7e12-51ec-eaa4-fd80b5cf2433
set type iprange
set comment ''
set color 0
set fabric-object disable
set start-ip 10.212.134.200
set end-ip 10.212.134.210
next
edit "all"
set uuid e532ee52-7e12-51ec-f457-f1b91bcd9146
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FIREWALL_AUTH_PORTAL_ADDRESS"
set uuid e532f032-7e12-51ec-a170-071d2e837272
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "FABRIC_DEVICE"
set uuid e532f1fe-7e12-51ec-353b-562e24322ae1
set type ipmask
set comment "IPv4 addresses of Fabric Devices."
set associated-interface ''
set color 0
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "SRIC_BOCES_Firewall"
set uuid 0a853836-7e13-51ec-9f24-1ba72d33daa1
set type ipmask
set comment "SRIC BOCES - Firewall"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 170.161.52.25 255.255.255.255
next
edit "SRIC_BOCES_Server02"
set uuid 0a8557da-7e13-51ec-c417-494db0cf6355
set type ipmask
set comment "SRIC BOCES - Server"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 170.161.52.27 255.255.255.255
next
edit "Barracuda_Internal"
set uuid 0a85b734-7e13-51ec-9de7-2551ebd23a14
set type ipmask
set comment "Barracuda Email Internal"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.7 255.255.255.255
next
edit "CK-Australia-203"
set uuid 0a85db24-7e13-51ec-e8dc-6e152e0c9f88
set type ipmask
set comment "ContentKeeper Australian Support"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 203.22.30.0 255.255.255.0
next
edit "CK-North-America-173"
set uuid 0a85eb6e-7e13-51ec-b550-d2bb16209d28
set type ipmask
set comment "Content Keeper North American Support"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 173.60.169.48 255.255.255.240
next
edit "CK-North-America-202"
set uuid 0a85fc44-7e13-51ec-1227-7c7affdf9177
set type ipmask
set comment "ContentKeeper North American Support"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 202.166.186.0 255.255.255.0
next
edit "CK-North-America-8"
set uuid 0a860e64-7e13-51ec-1994-be9c0841cf2f
set type ipmask
set comment "ContentKeeper North American Support"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 8.19.154.0 255.255.255.0
next
edit "Nimble_Inside_1"
set uuid 0a8af0dc-7e13-51ec-1959-4595795d53d5
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.1.98 255.255.255.255
next
edit "Nimble_Inside_2"
set uuid 0a8b01e4-7e13-51ec-4ace-cb7402c17ed2
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.1.1 255.255.255.255
next
edit "Nimble_Inside_4"
set uuid 0a8b121a-7e13-51ec-f811-fa2c900a5ef3
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.176.98 255.255.255.255
next
edit "Nimble_Support"
set uuid 0a8b21c4-7e13-51ec-1f49-e45d8e196f85
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 198.54.168.5 255.255.255.255
next
edit "ReverseProxy"
set uuid 0a8b6206-7e13-51ec-1d54-4698b6427447
set type ipmask
set comment "Reverseproxy.scsd.ad for ess.scsd.us"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.126 255.255.255.255
next
edit "SafeSchools_01"
set uuid 0a8b91b8-7e13-51ec-0021-b15615764de2
set type ipmask
set comment "IP address for Safe Schools video training. Used to access LDAP authentication."
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 52.27.21.77 255.255.255.255
next
edit "ckf01-ipmi-inside"
set uuid 0a8bff2c-7e13-51ec-7870-a1dd64385e12
set type ipmask
set comment "ContentKeeper Filter 01 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.31 255.255.255.255
next
edit "ckf01-mgmt-inside"
set uuid 0a8c1192-7e13-51ec-c0d0-f22a6fa91961
set type ipmask
set comment "Content Keeper Filter 01 Management Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.21 255.255.255.255
next
edit "ckf02-ipmi-inside"
set uuid 0a8c3050-7e13-51ec-2573-a0f11edca6bb
set type ipmask
set comment "ContentKeeper Filter 02 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.32 255.255.255.255
next
edit "ckf02-mgmt-inside"
set uuid 0a8c3f8c-7e13-51ec-1d27-eaf8ccf9ef20
set type ipmask
set comment "ContentKeeper Filter 02 Management Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.22 255.255.255.255
next
edit "cklb01-ipmi-inside"
set uuid 0a8c5dbe-7e13-51ec-e6fb-16c8e6c67990
set type ipmask
set comment "ContentKeeper Load Balancer 01 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.30 255.255.255.255
next
edit "cklb01-mgmt-inside"
set uuid 0a8c6e94-7e13-51ec-4b2f-58f76d6ebad6
set type ipmask
set comment "ContentKeeper Load Balancer 01 Management Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.20 255.255.255.255
next
edit "ckm01-ipmi-inside"
set uuid 0a8c7dee-7e13-51ec-6d32-46f4bc673474
set type ipmask
set comment "ContentKeeper Mobile 01 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.34 255.255.255.255
next
edit "ckm01-mgmt1-inside"
set uuid 0a8c8cc6-7e13-51ec-f115-0b6a297542de
set type ipmask
set comment "ContentKeeper Mobile 01 Management Port 1"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.24 255.255.255.255
next
edit "ckm01-mgmt2-inside"
set uuid 0a8c9bc6-7e13-51ec-33a0-a5ae3ecae6b0
set type ipmask
set comment "ContentKeeper Mobile 01 Management Port 2"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.28 255.255.255.255
next
edit "ckm02-ipmi-inside"
set uuid 0a8ca9cc-7e13-51ec-c1f0-e7d6c60ef05a
set type ipmask
set comment "ContentKeeper Mobile 02 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.35 255.255.255.255
next
edit "ckm02-mgmt1-inside"
set uuid 0a8cb7be-7e13-51ec-f246-bc5b570431db
set type ipmask
set comment "ContentKeeper Mobile 02 Management Port 1"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.25 255.255.255.255
next
edit "ckm02-mgmt2-inside"
set uuid 0a8cc574-7e13-51ec-13cf-a8b80f0cb328
set type ipmask
set comment "ContentKeeper Mobile 02 Management Port 2"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.29 255.255.255.255
next
edit "ckm03-ipmi-inside"
set uuid 0a8cd4ce-7e13-51ec-8c13-91f16ad43e2d
set type ipmask
set comment "ContentKeeper Mobile 03 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.36 255.255.255.255
next
edit "ckm03-mgmt1-inside"
set uuid 0a8ce25c-7e13-51ec-bdf3-41b908e989a3
set type ipmask
set comment "ContentKeeper Mobile 03 Management Port 1"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.26 255.255.255.255
next
edit "ckm03-mgmt2-inside"
set uuid 0a8cf01c-7e13-51ec-fa38-3626d5600d93
set type ipmask
set comment "ContentKeeper Mobile 03 Management Port 2"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.27 255.255.255.255
next
edit "ckr01-ipmi-inside"
set uuid 0a8cfdb4-7e13-51ec-83bc-6b339ab05bc3
set type ipmask
set comment "ContentKeeper Reporter 01 IPMI Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.33 255.255.255.255
next
edit "ckr01-mgmt-inside"
set uuid 0a8d0c96-7e13-51ec-1143-a48d4f6e5e86
set type ipmask
set comment "ContentKeeper Reporter 01 Management Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.23 255.255.255.255
next
edit "SPD_20_DrKing"
set uuid 0a8db8c6-7e13-51ec-618d-9f2355f1dd27
set type ipmask
set comment "SPD Firewall STEAM at Dr King"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.20.70.10 255.255.255.255
next
edit "SPD_21_Danforth"
set uuid 0a8dc690-7e13-51ec-ccba-6a8478ced467
set type ipmask
set comment "SPD Firewall Brighton Academy"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.21.70.10 255.255.255.255
next
edit "SPD_25_Frazer"
set uuid 0a8df156-7e13-51ec-045b-3fe304ad3b91
set type ipmask
set comment "SPD Firewall Frazer"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.25.70.10 255.255.255.255
next
edit "SPD_44_Seymour"
set uuid 0a8e0cfe-7e13-51ec-d1fb-acfa979014d2
set type ipmask
set comment "SPD Firewall Seymour"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.44.70.10 255.255.255.255
next
edit "SPD_48_Beard"
set uuid 0a8e1afa-7e13-51ec-af98-ef8cf4f83c17
set type ipmask
set comment "SPD Firewall McCarthy at Beard"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.48.70.10 255.255.255.255
next
edit "SPD_53_Blodgett"
set uuid 0a8e29aa-7e13-51ec-6147-dc5f14277b01
set type ipmask
set comment "SPD Firewall Syracuse STEM at Blodgett"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.53.70.10 255.255.255.255
next
edit "SPD_56_SSC"
set uuid 0a8e38aa-7e13-51ec-f2ab-1fa2a023c91d
set type ipmask
set comment "SPD Firewall School Service Center"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.56.70.10 255.255.255.255
next
edit "SPD_09_Grant"
set uuid 0a8e638e-7e13-51ec-62aa-068d4978c68b
set type ipmask
set comment "SPD Firewall Grant"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.9.70.10 255.255.255.255
next
edit "z_BlockIP_001"
set uuid 0a8e7f22-7e13-51ec-a464-6f0420570c82
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.117.232.198 255.255.255.255
next
edit "z_BlockIP_002"
set uuid 0a8e8d32-7e13-51ec-3074-f960ad050544
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.122.33.58 255.255.255.255
next
edit "z_BlockIP_003"
set uuid 0a8e9ad4-7e13-51ec-afe5-67736c5106fa
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.207.169.78 255.255.255.255
next
edit "z_BlockIP_004"
set uuid 0a8eb636-7e13-51ec-db43-20f666350752
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 104.139.74.25 255.255.255.255
next
edit "z_BlockIP_005"
set uuid 0a8fa2f8-7e13-51ec-3eb0-c8f0d55f02aa
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 107.173.6.251 255.255.255.255
next
edit "z_BlockIP_006"
set uuid 0a8fb0ea-7e13-51ec-4632-351b0874f70b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 107.175.69.34 255.255.255.255
next
edit "z_BlockIP_007"
set uuid 0a8fbed2-7e13-51ec-485c-00d4dd86b39d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 119.92.23.203 255.255.255.255
next
edit "z_BlockIP_103"
set uuid 0a8fccc4-7e13-51ec-0b7c-a117a4176016
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 13.111.22.133 255.255.255.255
next
edit "z_BlockIP_008"
set uuid 0a8fda7a-7e13-51ec-97e5-b0b3614af531
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 131.0.142.120 255.255.255.255
next
edit "z_BlockIP_009"
set uuid 0a8fe90c-7e13-51ec-38b7-faece5683353
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 131.196.184.141 255.255.255.255
next
edit "z_BlockIP_010"
set uuid 0a8ff80c-7e13-51ec-340a-6a18d7d1a6c7
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 138.121.24.78 255.255.255.255
next
edit "z_BlockIP_011"
set uuid 0a9005ea-7e13-51ec-9bcb-754fff13b945
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 138.59.233.5 255.255.255.255
next
edit "z_BlockIP_012"
set uuid 0a901436-7e13-51ec-f0ec-13032c6240e0
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 146.185.219.45 255.255.255.255
next
edit "z_BlockIP_013"
set uuid 0a9021ec-7e13-51ec-9359-ba9fae941ad2
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 146.196.122.152 255.255.255.255
next
edit "z_BlockIP_014"
set uuid 0a902fd4-7e13-51ec-e74f-37afbd7490b5
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 146.196.122.167 255.255.255.255
next
edit "z_BlockIP_015"
set uuid 0a905982-7e13-51ec-74fe-54b2c8fb9e45
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 149.154.70.202 255.255.255.255
next
edit "z_BlockIP_104"
set uuid 0a906774-7e13-51ec-d0a7-4d1fcb60531b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 151.80.88.253 255.255.255.255
next
edit "z_BlockIP_105"
set uuid 0a90755c-7e13-51ec-0351-7aa8ac28601d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 152.89.245.207 255.255.255.255
next
edit "z_BlockIP_106"
set uuid 0a908344-7e13-51ec-4977-ffb06b045e2b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 152.89.245.212 255.255.255.255
next
edit "z_BlockIP_016"
set uuid 0a90e5a0-7e13-51ec-a327-b3e7fc9e0063
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 158.69.85.206 255.255.255.255
next
edit "z_BlockIP_107"
set uuid 0a9101a2-7e13-51ec-6314-5b36d2da2325
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 162.255.119.159 255.255.255.255
next
edit "z_BlockIP_017"
set uuid 0a910f94-7e13-51ec-b24f-d92de452f198
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 163.121.188.3 255.255.255.255
next
edit "z_BlockIP_108"
set uuid 0a911d9a-7e13-51ec-0fc4-073146a8cd43
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 164.132.138.130 255.255.255.255
next
edit "z_BlockIP_018"
set uuid 0a912ba0-7e13-51ec-df44-e3422156f07e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 164.132.216.41 255.255.255.255
next
edit "z_BlockIP_019"
set uuid 0a91397e-7e13-51ec-5825-0c4d2091c040
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 168.227.229.112 255.255.255.255
next
edit "z_BlockIP_020"
set uuid 0a91478e-7e13-51ec-a04f-22d125ed226a
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 170.78.99.190 255.255.255.255
next
edit "z_BlockIP_021"
set uuid 0a915738-7e13-51ec-d12b-8b3569087f0e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 170.84.78.186 255.255.255.255
next
edit "z_BlockIP_109"
set uuid 0a91ab02-7e13-51ec-ed0a-9c0dada4669b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 176.126.83.149 255.255.255.255
next
edit "z_BlockIP_022"
set uuid 0a91ba66-7e13-51ec-a150-efd6ce3b3a4d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.103.240.149 255.255.255.255
next
edit "z_BlockIP_023"
set uuid 0a91c862-7e13-51ec-0920-a5db5958614b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.107.51.162 255.255.255.255
next
edit "z_BlockIP_024"
set uuid 0a91d6a4-7e13-51ec-d5cf-be7a38fbfd78
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.124.37.208 255.255.255.255
next
edit "z_BlockIP_025"
set uuid 0a91e4b4-7e13-51ec-c87c-b09a8378aab9
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.36.5.7 255.255.255.255
next
edit "z_BlockIP_026"
set uuid 0a91f2d8-7e13-51ec-48b9-d5924093bfd6
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.52.79.29 255.255.255.255
next
edit "z_BlockIP_027"
set uuid 0a9200ac-7e13-51ec-4b9c-5d652a687afb
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.8.172.86 255.255.255.255
next
edit "z_BlockIP_111"
set uuid 0a920eda-7e13-51ec-f326-8a96fc91c191
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 178.157.82.145 255.255.255.255
next
edit "z_BlockIP_112"
set uuid 0a921cc2-7e13-51ec-9964-adad6b5564d5
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 178.157.82.80 255.255.255.255
next
edit "z_BlockIP_028"
set uuid 0a922abe-7e13-51ec-81b7-f4de201968b9
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 179.189.241.254 255.255.255.255
next
edit "z_BlockIP_029"
set uuid 0a9246b6-7e13-51ec-3da9-2b278d2b01f2
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 180.250.197.188 255.255.255.255
next
edit "z_BlockIP_030"
set uuid 0a925494-7e13-51ec-267e-5c699c3edb7d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 181.115.168.69 255.255.255.255
next
edit "z_BlockIP_031"
set uuid 0a92629a-7e13-51ec-113c-a99e6938839e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 181.129.140.140 255.255.255.255
next
edit "z_BlockIP_032"
set uuid 0a9271ae-7e13-51ec-285f-555b92cb642f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 181.129.49.98 255.255.255.255
next
edit "z_BlockIP_033"
set uuid 0a927fc8-7e13-51ec-bccd-4613f95aba6f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 181.129.93.226 255.255.255.255
next
edit "z_BlockIP_034"
set uuid 0a928e46-7e13-51ec-c80a-8388ff4557bc
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 181.196.61.110 255.255.255.255
next
edit "z_BlockIP_035"
set uuid 0a92c802-7e13-51ec-4528-4a094178f679
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.117.119.163 255.255.255.255
next
edit "z_BlockIP_113"
set uuid 0a92d630-7e13-51ec-6806-adf2aca25360
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.117.73.76 255.255.255.255
next
edit "z_BlockIP_114"
set uuid 0a92e422-7e13-51ec-3bd9-0e7e776e73f3
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.135.81.147 255.255.255.255
next
edit "z_BlockIP_115"
set uuid 0a92f1ec-7e13-51ec-dd5d-271a7d518652
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.141.27.243 255.255.255.255
next
edit "z_BlockIP_116"
set uuid 0a92ffb6-7e13-51ec-27a2-b84e6d0063f2
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.172.129.147 255.255.255.255
next
edit "z_BlockIP_117"
set uuid 0a930d44-7e13-51ec-becf-7b8075e21034
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.175.156.13 255.255.255.255
next
edit "z_BlockIP_118"
set uuid 0a931b18-7e13-51ec-6914-5d08d35511b9
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.180.198.141 255.255.255.255
next
edit "z_BlockIP_119"
set uuid 0a932932-7e13-51ec-5bd3-6e5512188745
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.224.134.124 255.255.255.255
next
edit "z_BlockIP_036"
set uuid 0a9336e8-7e13-51ec-02b7-0ce6191d1c92
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.251.39.9 255.255.255.255
next
edit "z_BlockIP_037"
set uuid 0a935290-7e13-51ec-bcdd-dbeb3fe4be1e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.43.6.87 255.255.255.255
next
edit "z_BlockIP_120"
set uuid 0a936050-7e13-51ec-57c8-5d7f7c473e1f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.65.202.115 255.255.255.255
next
edit "z_BlockIP_038"
set uuid 0a936ef6-7e13-51ec-53cf-6f8bee9d091b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 185.86.150.130 255.255.255.255
next
edit "z_BlockIP_039"
set uuid 0a937f40-7e13-51ec-768b-11316deb4f35
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 186.138.152.228 255.255.255.255
next
edit "z_BlockIP_040"
set uuid 0a938de6-7e13-51ec-0713-d769a21789e4
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 186.183.199.114 255.255.255.255
next
edit "z_BlockIP_041"
set uuid 0a939c28-7e13-51ec-db40-11e72cff9a71
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 186.226.188.105 255.255.255.255
next
edit "z_BlockIP_042"
set uuid 0a93aa10-7e13-51ec-fca1-298336b8cda6
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 186.42.186.202 255.255.255.255
next
edit "z_BlockIP_043"
set uuid 0a93b7bc-7e13-51ec-28f0-9535e81c53cf
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 186.42.226.46 255.255.255.255
next
edit "z_BlockIP_044"
set uuid 0a93c5a4-7e13-51ec-dc3f-4387c52f8f82
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 187.110.100.122 255.255.255.255
next
edit "z_BlockIP_045"
set uuid 0a93d396-7e13-51ec-7fbe-8668df0be053
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 187.58.56.26 255.255.255.255
next
edit "z_BlockIP_046"
set uuid 0a93e142-7e13-51ec-8e36-b87f5a5bc69c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 189.80.134.122 255.255.255.255
next
edit "z_BlockIP_047"
set uuid 0a93ef0c-7e13-51ec-706c-5b984f717f1d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 190.13.160.19 255.255.255.255
next
edit "z_BlockIP_048"
set uuid 0a93fcd6-7e13-51ec-01ad-67c5c6b915ff
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 190.152.4.210 255.255.255.255
next
edit "z_BlockIP_049"
set uuid 0a940b04-7e13-51ec-a9c9-cc450331446c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 190.154.203.218 255.255.255.255
next
edit "z_BlockIP_122"
set uuid 0a9418c4-7e13-51ec-8596-a39159de5513
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 191.101.251.141 255.255.255.255
next
edit "z_BlockIP_050"
set uuid 0a9426c0-7e13-51ec-1b29-e88b2ded8a30
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 191.101.251.146 255.255.255.255
next
edit "z_BlockIP_051"
set uuid 0a9434bc-7e13-51ec-7144-5fee38e77f28
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 191.37.181.152 255.255.255.255
next
edit "z_BlockIP_125"
set uuid 0a9451ae-7e13-51ec-c6da-aa2eaddc131a
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 193.187.172.99 255.255.255.255
next
edit "z_BlockIP_126"
set uuid 0a946248-7e13-51ec-0c21-82d62c111d43
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 193.9.60.148 255.255.255.255
next
edit "z_BlockIP_052"
set uuid 0a94708a-7e13-51ec-fe4a-64b3519c69b6
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 194.1.237.76 255.255.255.255
next
edit "z_BlockIP_053"
set uuid 0a947e9a-7e13-51ec-d292-277281820589
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.123.212.139 255.255.255.255
next
edit "z_BlockIP_054"
set uuid 0a948c82-7e13-51ec-0d2d-da25c4f27e6f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.123.238.13 255.255.255.255
next
edit "z_BlockIP_055"
set uuid 0a949aba-7e13-51ec-720e-e76d921c5a3a
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.123.243.167 255.255.255.255
next
edit "z_BlockIP_056"
set uuid 0a94a8c0-7e13-51ec-be90-4ac6926ce00c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.123.245.47 255.255.255.255
next
edit "z_BlockIP_057"
set uuid 0a94b694-7e13-51ec-c4f9-7e04176ebae9
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.123.246.188 255.255.255.255
next
edit "z_BlockIP_127"
set uuid 0a94c47c-7e13-51ec-820e-4898aeab9df1
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.161.114.191 255.255.255.255
next
edit "z_BlockIP_128"
set uuid 0a94d28c-7e13-51ec-3e88-403ff19fe1e2
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 195.161.62.25 255.255.255.255
next
edit "z_BlockIP_129"
set uuid 0a94e06a-7e13-51ec-b19b-2640c1e60743
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 198.23.208.16 255.255.255.255
next
edit "z_BlockIP_130"
set uuid 0a9597e4-7e13-51ec-d8ab-92f359dc155e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 198.46.190.37 255.255.255.255
next
edit "z_BlockIP_131"
set uuid 0a95cf7a-7e13-51ec-5ea5-0e6e104b297d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 200.35.56.81 255.255.255.255
next
edit "z_BlockIP_058"
set uuid 0a95dda8-7e13-51ec-b6d7-4d21550fb09d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 201.184.69.50 255.255.255.255
next
edit "CK-North-America-202_B"
set uuid 0a95ed16-7e13-51ec-4ac8-6048e8929922
set type ipmask
set comment "Content Keeper North American Support"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 202.166.186.64 255.255.255.255
next
edit "z_BlockIP_059"
set uuid 0a963974-7e13-51ec-d430-5ba664e2edf9
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 212.80.216.167 255.255.255.255
next
edit "z_BlockIP_060"
set uuid 0a97000c-7e13-51ec-0547-279e6bbe4100
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 240.0.0.1 255.255.255.255
next
edit "z_BlockIP_132"
set uuid 0a973e14-7e13-51ec-d233-959184440bf4
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 31.184.255.100 255.255.255.255
next
edit "z_BlockIP_133"
set uuid 0a97a2f0-7e13-51ec-d681-069c63f3601c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 36.66.115.180 255.255.255.255
next
edit "z_BlockIP_061"
set uuid 0a97b100-7e13-51ec-d1e5-2f94f0f68259
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 36.89.85.103 255.255.255.255
next
edit "z_BlockIP_062"
set uuid 0a97bf10-7e13-51ec-2db8-cb64a47c673d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 37.18.30.99 255.255.255.255
next
edit "z_BlockIP_063"
set uuid 0a97cd48-7e13-51ec-c85c-d8c8fd5a2d13
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 37.44.215.169 255.255.255.255
next
edit "z_BlockIP_064"
set uuid 0a97db44-7e13-51ec-0d24-863276e8108c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.127.222.53 255.255.255.255
next
edit "z_BlockIP_065"
set uuid 0a97e968-7e13-51ec-aea1-45c8498ae1bb
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.102 255.255.255.255
next
edit "z_BlockIP_066"
set uuid 0a97f840-7e13-51ec-62fd-9ca3e7af4a23
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.109 255.255.255.255
next
edit "z_BlockIP_067"
set uuid 0a9807b8-7e13-51ec-b681-9bb550c18f31
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.179 255.255.255.255
next
edit "z_BlockIP_068"
set uuid 0a981604-7e13-51ec-0333-60ac71a8bdee
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.18 255.255.255.255
next
edit "z_BlockIP_069"
set uuid 0a98241e-7e13-51ec-93b9-072d9a7df302
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.203 255.255.255.255
next
edit "z_BlockIP_070"
set uuid 0a98322e-7e13-51ec-c5fa-dc32507c198a
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.216 255.255.255.255
next
edit "z_BlockIP_071"
set uuid 0a984052-7e13-51ec-0f63-cc272d94ea42
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.222 255.255.255.255
next
edit "z_BlockIP_072"
set uuid 0a984e94-7e13-51ec-71ac-e3e2c9a118a8
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.53 255.255.255.255
next
edit "z_BlockIP_073"
set uuid 0a985cae-7e13-51ec-33e8-58f8bb003e7c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.58 255.255.255.255
next
edit "z_BlockIP_074"
set uuid 0a986a96-7e13-51ec-681b-e245f7bb5fea
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.160.145.8 255.255.255.255
next
edit "z_BlockIP_075"
set uuid 0a9878ba-7e13-51ec-6851-c48bd0f98c2e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.230.176.158 255.255.255.255
next
edit "z_BlockIP_076"
set uuid 0a9886e8-7e13-51ec-3ae5-0d9241c23652
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.67.228.192 255.255.255.255
next
edit "z_BlockIP_077"
set uuid 0a9894bc-7e13-51ec-4141-a522fe9ba676
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 47.27.175.168 255.255.255.255
next
edit "z_BlockIP_078"
set uuid 0a98a34e-7e13-51ec-c3e9-cb470fa1f89f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 5.189.224.172 255.255.255.255
next
edit "z_BlockIP_079"
set uuid 0a98b172-7e13-51ec-5d25-d716e47fe18e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 5.253.63.106 255.255.255.255
next
edit "z_BlockIP_080"
set uuid 0a98bfaa-7e13-51ec-dccb-cdc29f284588
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 5.4.5.4 255.255.255.255
next
edit "Safeschools_02"
set uuid 777359ae-8faa-51ef-2f8f-4f76e1654996
set type ipmask
set comment "IP address for Safe Schools video training. Used to access LDAP authentication."
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 18.219.244.165 255.255.255.255
next
edit "z_BlockIP_081"
set uuid 0a997bc0-7e13-51ec-eb4a-00ddc2a55df3
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 64.44.51.108 255.255.255.255
next
edit "z_BlockIP_082"
set uuid 0a9989a8-7e13-51ec-1fa6-3538770dbcb8
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 64.44.51.79 255.255.255.255
next
edit "z_BlockIP_083"
set uuid 0a9a46ae-7e13-51ec-7d06-0c81c7eec79e
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 68.186.167.196 255.255.255.255
next
edit "z_BlockIP_084"
set uuid 0a9a926c-7e13-51ec-4153-52249dd62fad
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 78.155.206.85 255.255.255.255
next
edit "z_BlockIP_085"
set uuid 0a9aa086-7e13-51ec-9c17-55082a74ad1b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 78.155.207.139 255.255.255.255
next
edit "z_BlockIP_086"
set uuid 0a9ab17a-7e13-51ec-4cf7-ceeaab5354bc
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 80.173.224.81 255.255.255.255
next
edit "z_BlockIP_087"
set uuid 0a9ac200-7e13-51ec-d5a6-6198c0c47dc8
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 81.177.22.238 255.255.255.255
next
edit "z_BlockIP_088"
set uuid 0a9ad11e-7e13-51ec-2024-3bad38eaaf78
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 82.118.22.57 255.255.255.255
next
edit "z_BlockIP_089"
set uuid 0a9ae014-7e13-51ec-8263-e579e0ecdb96
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 82.118.22.71 255.255.255.255
next
edit "z_BlockIP_090"
set uuid 0a9aefbe-7e13-51ec-d922-2a65477ec45d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 82.146.46.153 255.255.255.255
next
edit "z_BlockIP_091"
set uuid 0a9afdc4-7e13-51ec-3795-03566758e41d
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 82.202.221.160 255.255.255.255
next
edit "z_BlockIP_092"
set uuid 0a9b0bfc-7e13-51ec-b3c2-c16c03a5ea64
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 85.10.234.175 255.255.255.255
next
edit "z_BlockIP_093"
set uuid 0a9b2862-7e13-51ec-066a-eb641b6d1674
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 87.246.7.228 255.255.255.255
next
edit "z_BlockIP_094"
set uuid 0a9b6f0c-7e13-51ec-5bd2-f9f9bb5a1125
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 91.235.129.166 255.255.255.255
next
edit "z_BlockIP_095"
set uuid 0a9b7cea-7e13-51ec-5b5a-8051653fd1e4
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 91.240.84.159 255.255.255.255
next
edit "z_BlockIP_096"
set uuid 0a9b8afa-7e13-51ec-114f-66a82c988f08
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 91.240.85.19 255.255.255.255
next
edit "z_BlockIP_097"
set uuid 0a9b99e6-7e13-51ec-90bf-683357404f31
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 92.223.105.86 255.255.255.255
next
edit "z_BlockIP_098"
set uuid 0a9bb91c-7e13-51ec-d855-c5c614c7200b
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 92.38.160.64 255.255.255.255
next
edit "z_BlockIP_099"
set uuid 0a9bc772-7e13-51ec-afa7-f494cfb93d2f
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 93.189.42.220 255.255.255.255
next
edit "z_BlockIP_100"
set uuid 0a9be40a-7e13-51ec-c824-90d4aedb9623
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 96.36.253.146 255.255.255.255
next
edit "z_BlockIP_101"
set uuid 0a9bf22e-7e13-51ec-22ac-7bc495d1c13c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 97.87.160.98 255.255.255.255
next
edit "Internal_10.0.0.0_8"
set uuid 0a9c4a30-7e13-51ec-b0f3-f5056c9e9184
set type ipmask
set comment "Internal 10.0.0.0/8 Network"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.0.0.0 255.0.0.0
next
edit "SCHC_Remote_Subnet_01"
set uuid 0a9c5872-7e13-51ec-71d1-e5d98bdf2744
set type ipmask
set comment "Syracuse Community Health Center Remote Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.107.100.0 255.255.255.0
next
edit "SCHC_Remote_Subnet_02"
set uuid 0a9c66aa-7e13-51ec-0b13-f8cf0e1a41f3
set type ipmask
set comment "Syracuse Community Health Center Remote Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.107.49.0 255.255.255.0
next
edit "SCHC_Remote_Subnet_03"
set uuid 0a9c74e2-7e13-51ec-998c-d99c0658868f
set type ipmask
set comment "Syracuse Community Health Center Remote Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.107.50.0 255.255.255.0
next
edit "SCHC_15_HWSmith"
set uuid 0a9c840a-7e13-51ec-a07e-4b2db13ebcac
set type ipmask
set comment "Syracuse Community Health Center HW Smith Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.15.107.0 255.255.255.0
next
edit "SCHC_20_DrKing"
set uuid 0a9c9508-7e13-51ec-8b83-42b6d74909c5
set type ipmask
set comment "Syracuse Community Health Center Dr King Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.20.107.0 255.255.255.0
next
edit "SCHC_22_Delaware"
set uuid 0a9ca39a-7e13-51ec-0a9f-ebdd76525017
set type ipmask
set comment "Syracuse Community Health Center Delaware Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.22.107.0 255.255.255.0
next
edit "SCHC_24_Franklin"
set uuid 0a9cbfc4-7e13-51ec-1414-285bfc2f24d2
set type ipmask
set comment "Syracuse Community Health Center Franklin Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.24.107.0 255.255.255.0
next
edit "SCHC_03_PSLA"
set uuid 0a9d14b0-7e13-51ec-a58a-4f4d8285eabf
set type ipmask
set comment "Syracuse Community Health Center PSLA Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.3.107.0 255.255.255.0
next
edit "SCHC_34_DrWeeks"
set uuid 0a9d2306-7e13-51ec-2fb7-1fb43e3e9fea
set type ipmask
set comment "Syracuse Community Health Center Dr Weeks Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.34.107.0 255.255.255.0
next
edit "SCHC_53_Blodgett"
set uuid 0a9d6a5a-7e13-51ec-02c2-b236eac7f9b6
set type ipmask
set comment "Syracuse Community Health Center Blodgett Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.53.107.0 255.255.255.0
next
edit "SCHC_09_Grant"
set uuid 0a9d79fa-7e13-51ec-d6db-70760e87134b
set type ipmask
set comment "Syracuse Community Health Center Grant Subnet"
set associated-interface ''
set color 8
set allow-routing disable
set fabric-object disable
set subnet 10.9.107.0 255.255.255.0
next
edit "z_BlockSub_001"
set uuid 0a9da506-7e13-51ec-d201-bcacc5fd4927
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.139.219.0 255.255.255.0
next
edit "z_BlockSub_002"
set uuid 0a9e083e-7e13-51ec-f632-79c1d919a267
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.89.88.0 255.255.252.0
next
edit "z_BlockSub_003"
set uuid 0a9e245e-7e13-51ec-e050-c5ce7d115206
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 104.140.0.0 255.255.0.0
next
edit "z_BlockSub_004"
set uuid 0a9e3264-7e13-51ec-4fa7-e0148944d1f1
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 104.143.83.0 255.255.255.0
next
edit "z_BlockSub_005"
set uuid 0a9e4fce-7e13-51ec-d96b-83e0927bb63c
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 104.206.0.0 255.255.0.0
next
edit "z_BlockSub_006"
set uuid 0a9e8b92-7e13-51ec-7426-bf2faf9ea1ea
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 107.189.8.0 255.255.252.0
next
edit "z_BlockSub_007"
set uuid 0a9ea802-7e13-51ec-2165-2964d88cd90b
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 108.179.192.0 255.255.192.0
next
edit "z_BlockSub_008"
set uuid 0a9ed2aa-7e13-51ec-630e-083950577ac4
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 112.24.0.0 255.248.0.0
next
edit "z_BlockSub_009"
set uuid 0a9ee0d8-7e13-51ec-4047-1d147eff3a57
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 115.220.0.0 255.255.0.0
next
edit "z_BlockSub_010"
set uuid 0a9eef24-7e13-51ec-97f9-e2fb9c9f8fbf
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 120.52.0.0 255.255.0.0
next
edit "z_BlockSub_011"
set uuid 0a9efd48-7e13-51ec-61b2-d7da31183a31
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 120.55.0.0 255.255.0.0
next
edit "z_BlockSub_012"
set uuid 0a9f0bc6-7e13-51ec-8f8a-06a927c0e878
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 125.64.0.0 255.248.0.0
next
edit "z_BlockSub_013"
set uuid 0aa15fb6-7e13-51ec-2869-f8e52068f378
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 150.107.103.0 255.255.255.0
next
edit "z_BlockSub_014"
set uuid 0aa1dff4-7e13-51ec-8b1f-3408f33014b7
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 162.244.80.0 255.255.252.0
next
edit "z_BlockSub_015"
set uuid 0aa1eed6-7e13-51ec-9ec1-08bc55c60d31
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 162.247.72.0 255.255.252.0
next
edit "z_BlockSub_016"
set uuid 0aa2031c-7e13-51ec-7d95-815042a4b94f
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 162.255.116.0 255.255.252.0
next
edit "z_BlockSub_017"
set uuid 0aa267a8-7e13-51ec-64aa-1de64179c50a
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 170.130.184.0 255.255.252.0
next
edit "Internal_172.16.0.0_12"
set uuid 0aa291ba-7e13-51ec-463b-16725994902b
set type ipmask
set comment "Internal_172.16.0.0_12 Network"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.0.0 255.240.0.0
next
edit "z_BlockSub_019"
set uuid 0aa29ff2-7e13-51ec-ae10-925183a8715f
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 172.246.0.0 255.255.0.0
next
edit "z_BlockSub_020"
set uuid 0aa2bc30-7e13-51ec-e90b-dcc4359e9e4e
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.0.0.0 255.0.0.0
next
edit "z_BlockSub_021"
set uuid 0aa2ca4a-7e13-51ec-0250-68b988254cbf
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 184.104.0.0 255.254.0.0
next
edit "Internal_192.168.0.0_16"
set uuid 0aa2f718-7e13-51ec-935b-eda3f5cd0b31
set type ipmask
set comment "Internal_192.168.0.0_16 Network"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.0.0 255.255.0.0
next
edit "z_BlockSub_022"
set uuid 0aa3ed58-7e13-51ec-41e0-634ef66afbeb
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 198.108.0.0 255.252.0.0
next
edit "z_BlockSub_024"
set uuid 0aa49d84-7e13-51ec-072b-555484ca9908
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 199.249.230.0 255.255.255.0
next
edit "z_BlockSub_025"
set uuid 0aa4bb16-7e13-51ec-38c8-0ad9c21c95cb
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 199.59.240.0 255.255.252.0
next
edit "z_BlockSub_026"
set uuid 0aa626d6-7e13-51ec-4cfa-2e49c64f3ae1
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 202.28.0.0 255.254.0.0
next
edit "z_BlockSub_027"
set uuid 0aa7be10-7e13-51ec-90f8-cbd95276ba3e
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 209.141.32.0 255.255.224.0
next
edit "z_BlockSub_028"
set uuid 0aa7dbe8-7e13-51ec-62b4-5c63ed06e33f
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 209.53.0.0 255.255.0.0
next
edit "z_BlockSub_029"
set uuid 0aa824ae-7e13-51ec-7da2-a96772b87e50
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 217.0.0.0 255.0.0.0
next
edit "z_BlockSub_030"
set uuid 0aa8332c-7e13-51ec-0ef9-9c5d3dd281ac
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 218.102.96.0 255.255.224.0
next
edit "z_BlockSub_031"
set uuid 0aa841c8-7e13-51ec-7155-38a70fed7979
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 23.129.64.0 255.255.255.0
next
edit "z_BlockSub_032"
set uuid 0aa85046-7e13-51ec-9601-7811c6e985a0
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 23.227.128.0 255.255.224.0
next
edit "z_BlockSub_033"
set uuid 0aa87d78-7e13-51ec-69d2-7ff281286854
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 35.0.0.0 255.255.0.0
next
edit "z_BlockSub_034"
set uuid 0aa88c00-7e13-51ec-0e3b-bedcfc65f66e
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 38.39.24.0 255.255.248.0
next
edit "z_BlockSub_035"
set uuid 0aa8d5b6-7e13-51ec-ce55-1ff4a675adb0
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.224.0.0 255.240.0.0
next
edit "z_BlockSub_037"
set uuid 0aaba426-7e13-51ec-a663-289b5d3e7cb0
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 71.244.60.224 255.255.255.240
next
edit "z_BlockSub_038"
set uuid 0aabb204-7e13-51ec-deb0-55bb442c4f70
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 71.64.0.0 255.240.0.0
next
edit "z_BlockSub_039"
set uuid 0aac3026-7e13-51ec-be14-31177632301a
set type ipmask
set comment "Malicious Subnet"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 80.0.0.0 255.0.0.0
next
edit "nimble_Inside_3"
set uuid 0aaca718-7e13-51ec-f746-029225700508
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.16.175.98 255.255.255.255
next
edit "ntss-inside"
set uuid 0aacd620-7e13-51ec-9980-f4e16453c930
set type ipmask
set comment "NTSS"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.68 255.255.255.255
next
edit "city_permited_subnet_1"
set uuid 0aadfece-7e13-51ec-e0e6-75786e1a72fb
set type ipmask
set comment "***Needs to be narrowed***"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.1.0.0 255.255.0.0
next
edit "city_permited_subnet_3"
set uuid 0aae1d32-7e13-51ec-7cc4-d9967b2a27d5
set type ipmask
set comment "***Needs to be examined***"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.1.50.0 255.255.255.0
next
edit "city_permited_subnet_4"
set uuid 0aae2ca0-7e13-51ec-46b6-fee9abfae129
set type ipmask
set comment "***Needs to be examined***"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.1.150.0 255.255.255.0
next
edit "city_permited_subnet_5"
set uuid 0aae3bbe-7e13-51ec-2ff9-d2519e679e77
set type ipmask
set comment "***Needs to be examined***"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.21.150.0 255.255.255.0
next
edit "city_permited_subnet_7"
set uuid 0aae5a22-7e13-51ec-1bc8-4e45084e783a
set type ipmask
set comment "***Needs to be examined***"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.1.7.0 255.255.255.0
next
edit "City_Side_Subnet_1"
set uuid 0aae6922-7e13-51ec-8300-5b8f36afd5b5
set type ipmask
set comment "City\'s Subnet on their side"
set associated-interface ''
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.250.0.0 255.255.0.0
next
edit "City_Side_CGR_01"
set uuid 0aae96c2-7e13-51ec-9c06-d34ccf3630a0
set type ipmask
set comment "City Lights CGR Subnet on City Side"
set associated-interface ''
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.253.17.0 255.255.255.0
next
edit "City_Side_CGR_02"
set uuid 0aaea658-7e13-51ec-631a-97d36a01eb5f
set type ipmask
set comment "City Lights CGR Subnet on City Side"
set associated-interface ''
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.253.18.0 255.255.255.0
next
edit "VPN-Range"
set uuid 0ab10790-7e13-51ec-7f17-ad4fde7906a9
set type iprange
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set start-ip 172.16.251.1
set end-ip 172.16.251.127
next
edit "SPD_Network"
set uuid 0ab119b0-7e13-51ec-257d-2cb06740df37
set type iprange
set comment "Syracuse Police Department Network Range"
set associated-interface ''
set color 2
set fabric-object disable
set start-ip 10.250.100.80
set end-ip 10.250.100.89
next
edit "FCTEMS_ALL_FORTICLOUD_SERVERS"
set uuid f5bafcaa-7e13-51ec-b0b3-fdb26ff0f168
set type dynamic
set sub-type ems-tag
set comment ''
set associated-interface ''
set color 0
set fabric-object disable
set obj-tag ''
set obj-type ip
set tag-detection-level ''
set tag-type ''
next
edit "Russia"
set uuid f7abba8c-996a-51ec-469c-ebb1a1f04d98
set type geography
set comment ''
set associated-interface ''
set color 7
set fabric-object disable
set country "RU"
next
edit "China"
set uuid 0c2898b8-996b-51ec-024d-93bfafa09b92
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "CN"
next
edit "Iran"
set uuid 597d8d6c-9a2e-51ec-7d14-ea715cf8eb34
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "IR"
next
edit "Belarus"
set uuid 41982634-9bce-51ec-7603-fe1807691741
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "BY"
next
edit "North Korea"
set uuid dd05a5c8-9fdf-51ec-0cb2-9aa3eb6f5fd2
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "KP"
next
edit "SSL_VPN_Range"
set uuid 4a55a1c4-a462-51ec-5ec8-dc6f9f0affaa
set type ipmask
set comment "Remote Access VPN IP Range"
set associated-interface "ssl.scsd"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.212.134.0 255.255.255.0
next
edit "United_States"
set uuid f0e62b0a-b99b-51ec-19b2-0c2803cfd88f
set type geography
set comment ''
set associated-interface "outside"
set color 0
set fabric-object disable
set country "US"
next
edit "SRIC_BOCES_Server01"
set uuid f7e1dbfc-c4c2-51ec-7127-11c5f7bdddff
set type ipmask
set comment "SRIC BOCES - Server"
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 170.161.72.15 255.255.255.255
next
edit "z_Ryuk_01"
set uuid 7a6252e8-d083-51ec-8345-e1455ab2c3ba
set type ipmask
set comment "Block IP from Ransomware Attack"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 177.103.240.149 255.255.255.255
next
edit "z_Ryuk_02"
set uuid a40c2bb4-d083-51ec-b323-ade0a55839db
set type ipmask
set comment "Block IP from Ransomware Attack"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 93.189.42.220 255.255.255.255
next
edit "z_BlockIP_134"
set uuid 7006b162-718d-51ed-572a-70f08b7a8f51
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 138.68.50.218 255.255.255.255
next
edit "411App_WebPage"
set uuid b565c704-8158-51ed-a77b-25fb5818f605
set type fqdn
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "411app.scsd.us"
set cache-ttl 0
next
edit "City_Side_Parks_Phone_Subnet"
set uuid 070f12c4-9c14-51ed-40d0-60abf190aa66
set type ipmask
set comment "City Parks & Rec Phones and SIP Trunk Subnet"
set associated-interface ''
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.229.0 255.255.255.0
next
edit "Nigeria"
set uuid 6d8b4142-fbcf-51ed-ab34-cff482e7b308
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "NG"
next
edit "Afghanistan"
set uuid 4ba1ca54-fedd-51ed-668b-74c0f8eb2c0f
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "AF"
next
edit "Brazil"
set uuid e07d88ae-fee0-51ed-1a85-3243b8bb6f28
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "BR"
next
edit "Columbia"
set uuid f7d09e06-fee0-51ed-ab95-bb983e02ab2d
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "CO"
next
edit "India"
set uuid 80e7e05a-fee1-51ed-86c8-55b0bdfcde29
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "IN"
next
edit "Indonesia"
set uuid 9b2c4bcc-fee1-51ed-0958-5f81481b17ca
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "ID"
next
edit "Romania"
set uuid b3cdc296-fee1-51ed-1c4b-22194c9cc41e
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "RO"
next
edit "Thailand"
set uuid cc6085aa-fee1-51ed-6938-e99720fc0e1d
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "TH"
next
edit "Turkey"
set uuid dce3b672-fee1-51ed-28a9-22f266dccd3c
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "TR"
next
edit "Vietnam"
set uuid f1445072-fee1-51ed-4d1d-ac333eb9b62e
set type geography
set comment ''
set associated-interface ''
set color 6
set fabric-object disable
set country "VN"
next
edit "SPD_22_Delaware"
set uuid 5d5f97ce-0a15-51ee-61e0-ba5413639bbe
set type ipmask
set comment "SPD Firewall Delaware"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.22.70.10 255.255.255.255
next
edit "SPD_24_Franklin"
set uuid 9de19392-0a15-51ee-41c9-4a9b29c6ef8d
set type ipmask
set comment "SPD Firewall Franklin"
set associated-interface ''
set color 2
set allow-routing disable
set fabric-object disable
set subnet 10.24.70.10 255.255.255.255
next
edit "z_BlockIP_135"
set uuid 1c05a41e-7da4-51ee-aa5a-0bf5fffe914c
set type ipmask
set comment "Malicious IP Address"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 108.174.5.112 255.255.255.255
next
edit "SPD_Side_Genetec"
set uuid 7812ba2a-bacc-51ee-9526-57c74513772d
set type ipmask
set comment "Genetec Server Range on SPD Side"
set associated-interface "city_phones"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.211.21.16 255.255.255.240
next
edit "ST_External_1"
set uuid e163ed64-cb48-51ee-1912-d43d2f9d8a06
set type ipmask
set comment "SchoolTool IIS #3"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.30 255.255.255.255
next
edit "ST_External_2"
set uuid fe500048-cb48-51ee-f69d-8c68dad3ef7c
set type ipmask
set comment "SchoolTool Reporting"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.109 255.255.255.255
next
edit "ST_External_3"
set uuid 0fb8dfb2-cb49-51ee-46f0-4daba18e5ca0
set type ipmask
set comment "SchoolTool SQL"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.25 255.255.255.255
next
edit "PrintOC-Outside"
set uuid a0f79ad4-dca3-51ee-ac6d-f7175b2033fa
set type ipmask
set comment ''
set associated-interface ''
set color 1
set allow-routing disable
set fabric-object disable
set subnet 198.36.26.119 255.255.255.255
next
edit "ST_External_4"
set uuid 5e2f106e-f748-51ee-4aac-94c43ef48ee4
set type ipmask
set comment "SchoolTool IIS #4"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.35 255.255.255.255
next
edit "ST_External_5"
set uuid 7c0f5756-f748-51ee-1681-4e182cba3f56
set type ipmask
set comment "SchoolTool IIS #2"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.84 255.255.255.255
next
edit "ST_External_6"
set uuid 935836c6-f748-51ee-bc6e-cb945108f3d0
set type ipmask
set comment "SchoolTool IIS #1"
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 172.30.45.107 255.255.255.255
next
edit "SchoolTool_External_Range"
set uuid 91990ea8-f8e4-51ee-d726-ec2b591fc828
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 172.30.44.0 255.255.254.0
next
edit "ckr01-mgmt-inside-temp"
set uuid 07383e54-033a-51ef-4a53-a2740c07fb7e
set type ipmask
set comment "ContentKeeper Reporter 01 Management Port"
set associated-interface ''
set color 19
set allow-routing disable
set fabric-object disable
set subnet 10.251.1.43 255.255.255.255
next
edit "z_BlockIP_141"
set uuid 94a36b7e-0d53-51ef-13e3-5805428d2dbf
set type ipmask
set comment "now.gg"
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 18.238.49.122 255.255.255.255
next
edit "Webosphere_Inside"
set uuid 2e39b0de-3812-51ef-0a90-418dae660dd3
set type ipmask
set comment "SCSD Website"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.117 255.255.255.255
next
edit "Day_Enterprise_Server"
set uuid 2e3a23a2-3812-51ef-98b7-ca00795bc304
set type ipmask
set comment "Day Automation"
set associated-interface "inside"
set color 10
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.108 255.255.255.255
next
edit "Day_VM_Server"
set uuid 2e3a9fda-3812-51ef-3be6-9f968517e7f7
set type ipmask
set comment "Day Automation"
set associated-interface "inside"
set color 10
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.173 255.255.255.255
next
edit "WebCRD"
set uuid 2e3b1a96-3812-51ef-1d34-0d079f65a239
set type ipmask
set comment "printshop.scsd.us"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.96 255.255.255.255
next
edit "Security_01_NOC"
set uuid 2e3b8c42-3812-51ef-123c-196be61209dc
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.1.70.0 255.255.254.0
next
edit "Security_02_ITC"
set uuid 2e3bf42a-3812-51ef-4218-0f0adaa27d79
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.2.70.0 255.255.254.0
next
edit "Security_03_PSLA"
set uuid 2e3c5fe6-3812-51ef-b2bd-f7fe67161cb8
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.3.70.0 255.255.254.0
next
edit "Security_04_Nottingham"
set uuid 2e3ccb52-3812-51ef-f19b-682ad90f6cab
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.4.70.0 255.255.254.0
next
edit "Security_06_Henninger"
set uuid 2e3d35c4-3812-51ef-1bb5-f1a9b710debd
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.6.70.0 255.255.254.0
next
edit "Security_07_Corcoran"
set uuid 2e3da0b8-3812-51ef-6f4b-7fc09625840a
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.7.70.0 255.255.254.0
next
edit "Security_08_Clary"
set uuid 2e3e0d28-3812-51ef-452f-be72cc6c1031
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.8.70.0 255.255.254.0
next
edit "Security_09_Grant"
set uuid 2e3e760a-3812-51ef-e068-d52c1858db48
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.9.70.0 255.255.254.0
next
edit "Security_10_Levy"
set uuid 2e3eddfc-3812-51ef-4f29-a9de01078f75
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.10.70.0 255.255.254.0
next
edit "Security_13_Lincoln"
set uuid 2e3f492c-3812-51ef-1870-4fe13f2e12a3
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.13.70.0 255.255.254.0
next
edit "Security_14_Shea"
set uuid 2e3fb236-3812-51ef-dc25-d8f04ef0b6a0
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.14.70.0 255.255.254.0
next
edit "Security_15_HWSmith"
set uuid 2e402252-3812-51ef-d693-17e769649127
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.15.70.0 255.255.254.0
next
edit "Security_16_Bellevue"
set uuid 2e408c88-3812-51ef-d985-06958db619c9
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.16.70.0 255.255.254.0
next
edit "Security_20_DrKing"
set uuid 2e40f628-3812-51ef-d0f4-964eb7b5e28c
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.20.70.0 255.255.254.0
next
edit "Security_21_Danforth"
set uuid 2e41604a-3812-51ef-fba3-5fd84aa9bb27
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.21.70.0 255.255.254.0
next
edit "Security_22_Delaware"
set uuid 2e41cc7e-3812-51ef-efeb-04312bb2a1eb
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.22.70.0 255.255.254.0
next
edit "Security_23_Elmwood"
set uuid 2e4236dc-3812-51ef-7e00-47389ea40dff
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.23.70.0 255.255.254.0
next
edit "Security_24_Franklin"
set uuid 2e42a48c-3812-51ef-d6dd-39ed3b5d7b01
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.24.70.0 255.255.254.0
next
edit "Security_25_Frazer"
set uuid 2e430e22-3812-51ef-3c9c-7096a7e1d6b2
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.25.70.0 255.255.254.0
next
edit "Security_27_Elmcrest"
set uuid 2e437a60-3812-51ef-960e-f8fe9870a900
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.27.70.0 255.255.254.0
next
edit "Security_28_Latin"
set uuid 2e43e608-3812-51ef-fac9-797593c2500a
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.28.70.0 255.255.254.0
next
edit "Security_29_Huntington"
set uuid 2e4454b2-3812-51ef-3840-17cdf4f1a92c
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.29.70.0 255.255.254.0
next
edit "Security_30_SalemHyde"
set uuid 2e44c1c2-3812-51ef-f3a3-d7a783d71352
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.30.70.0 255.255.254.0
next
edit "Security_33_LeMoyne"
set uuid 2e452b9e-3812-51ef-7baf-ea2884cf8700
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.33.70.0 255.255.254.0
next
edit "Security_34_DrWeeks"
set uuid 2e459548-3812-51ef-7578-1aeba908118d
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.34.70.0 255.255.254.0
next
edit "Security_36_McKinley"
set uuid 2e460000-3812-51ef-8593-773d2753bb04
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.36.70.0 255.255.254.0
next
edit "Security_37_Meachem"
set uuid 2e466a40-3812-51ef-0b61-c16e1216ded8
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.37.70.0 255.255.254.0
next
edit "Security_40_Porter"
set uuid 2e46d598-3812-51ef-7793-f3e067198d9a
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.40.70.0 255.255.254.0
next
edit "Security_41_BOVA"
set uuid 2e473f24-3812-51ef-bb0c-d32b6497463a
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.41.70.0 255.255.254.0
next
edit "Security_42_Roberts"
set uuid 2e47a932-3812-51ef-66c0-d8b766ad51ee
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.42.70.0 255.255.254.0
next
edit "Security_44_Seymour"
set uuid 2e4812d2-3812-51ef-f4ed-a1483c8f6a63
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.44.70.0 255.255.254.0
next
edit "Security_45_EdSmith"
set uuid 2e487c68-3812-51ef-b81a-cd974e7efc5c
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.45.70.0 255.255.254.0
next
edit "Security_46_Phoenix"
set uuid 2e48e82e-3812-51ef-60eb-a9b2719fbaec
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.46.70.0 255.255.254.0
next
edit "Security_47_McCarthy"
set uuid 2e4953fe-3812-51ef-fbd2-7ce41bb97e0b
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.47.70.0 255.255.254.0
next
edit "Security_48_Beard"
set uuid 2e49bcea-3812-51ef-b048-eb00716913c2
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.48.70.0 255.255.254.0
next
edit "Security_49_VanDuyn"
set uuid 2e4a2734-3812-51ef-bf5e-0b623b270dc7
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.49.70.0 255.255.254.0
next
edit "Security_51_Webster"
set uuid 2e4a914c-3812-51ef-299b-02d6c7ecee86
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.51.70.0 255.255.254.0
next
edit "Security_53_Blodgett"
set uuid 2e4afc2c-3812-51ef-aeda-b356ecf7f6b4
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.53.70.0 255.255.254.0
next
edit "Security_54_JVC"
set uuid 2e4b6658-3812-51ef-c4a2-d4624e5b529b
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.54.70.0 255.255.254.0
next
edit "Security_55_CentralOffice"
set uuid 2e4bd570-3812-51ef-51ac-4f6a430d5bd3
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.55.70.0 255.255.254.0
next
edit "Security_56_SSC"
set uuid 2e4c3d4e-3812-51ef-c3f1-1f32b2c96221
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.56.70.0 255.255.254.0
next
edit "Security_57_Transportation"
set uuid 2e4ca9b4-3812-51ef-e5df-43e48b4a055b
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.57.70.0 255.255.254.0
next
edit "Security_60_PDC"
set uuid 2e4d119c-3812-51ef-7e54-0a6673d08df7
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.60.70.0 255.255.254.0
next
edit "Security_86_StLucy"
set uuid 2e4d7a74-3812-51ef-d951-bda817edf1b7
set type ipmask
set comment ''
set associated-interface "inside"
set color 25
set allow-routing disable
set fabric-object disable
set subnet 10.86.70.0 255.255.254.0
next
edit "psdevdb1"
set uuid 2e4de022-3812-51ef-6eb1-fb714a8b8a3f
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.136 255.255.255.255
next
edit "hypprodweb1"
set uuid 2e4e59da-3812-51ef-9149-6e005bac3437
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.84 255.255.255.255
next
edit "psprddb1"
set uuid 2e4ed05e-3812-51ef-5091-0bb71324dd53
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.138 255.255.255.255
next
edit "psqasdb1"
set uuid 2e4f47b4-3812-51ef-3ff1-1779368ab9dc
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.137 255.255.255.255
next
edit "psdevfin"
set uuid 2e4fbece-3812-51ef-5994-dade1d0ff5b7
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.122 255.255.255.255
next
edit "psdevhcm"
set uuid 2e50367e-3812-51ef-5e52-aadc6c2618af
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.125 255.255.255.255
next
edit "psprdess"
set uuid 2e50ada2-3812-51ef-5b75-14efafbaff20
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.200 255.255.255.255
next
edit "psprdfin"
set uuid 2e5124e4-3812-51ef-3c9f-7a6e9d7671dc
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.120 255.255.255.255
next
edit "psprdhcm"
set uuid 2e519c26-3812-51ef-dbd1-bc7cd8b4640f
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.123 255.255.255.255
next
edit "psprdrpx"
set uuid 2e5214b2-3812-51ef-cfd6-5d98c1c81a18
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.201 255.255.255.255
next
edit "psqasfin"
set uuid 2e528ece-3812-51ef-f39d-813404cc90c6
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.121 255.255.255.255
next
edit "psqashcm"
set uuid 2e53061a-3812-51ef-7c41-8f6d25c4ca26
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.124 255.255.255.255
next
edit "pstools"
set uuid 2e537dde-3812-51ef-7794-fba7fd170422
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.130 255.255.255.255
next
edit "hypprodweb2"
set uuid 2e53f6f6-3812-51ef-77a9-df6d255ec88a
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.85 255.255.255.255
next
edit "hypprodess"
set uuid 2e546e10-3812-51ef-9210-5ffc3f576e14
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.83 255.255.255.255
next
edit "hypprodwin7"
set uuid 2e54e7c8-3812-51ef-cbeb-b300c98992d4
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.86 255.255.255.255
next
edit "psnagus"
set uuid 2e55d5d4-3812-51ef-e4cf-0652f68b0363
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.131 255.255.255.255
next
edit "psupgfin"
set uuid 2e564fe6-3812-51ef-98e6-fa41a9ac2c37
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.150 255.255.255.255
next
edit "psupghcm"
set uuid 2e56c908-3812-51ef-96d7-715ba38493ed
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.151 255.255.255.255
next
edit "hypdeveb"
set uuid 2e5741f8-3812-51ef-990f-955316f81064
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.50 255.255.255.255
next
edit "hypdevw1"
set uuid 2e57bb6a-3812-51ef-2cc2-e3819c0b4717
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.51 255.255.255.255
next
edit "hypdevw3"
set uuid 2e58343c-3812-51ef-deb3-e6ac61ae4732
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.59 255.255.255.255
next
edit "hypprdeb"
set uuid 2e58acd2-3812-51ef-d169-355a6a12dae5
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.53 255.255.255.255
next
edit "hypprdw1"
set uuid 2e59248c-3812-51ef-acf0-d684d4ab99f0
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.54 255.255.255.255
next
edit "hypprdw2"
set uuid 2e599c50-3812-51ef-e6c2-ceddbe66d6c7
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.55 255.255.255.255
next
edit "hypqaeb"
set uuid 2e5a14f0-3812-51ef-e85b-801a55858873
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.56 255.255.255.255
next
edit "hypqaw1"
set uuid 2e5a8ef8-3812-51ef-014b-4c3cac480b1b
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.57 255.255.255.255
next
edit "hypqaw2"
set uuid 2e5b0694-3812-51ef-798c-7bc63cc8e340
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.58 255.255.255.255
next
edit "Nighttime_Inside"
set uuid 2e5b8222-3812-51ef-94a7-96006969bb11
set type ipmask
set comment "Nighttime sends backups"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.191 255.255.255.255
next
edit "411app"
set uuid 2e5bf3a6-3812-51ef-a114-396893680a5e
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.216 255.255.255.255
next
edit "411sql"
set uuid 2e5c4e00-3812-51ef-f180-bb36d41da284
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.225 255.255.255.255
next
edit "DocHolliday"
set uuid 2e5ca954-3812-51ef-2c03-522988a5c39d
set type ipmask
set comment "WebCRD Server"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.78 255.255.255.255
next
edit "Day_Continuum_Server"
set uuid 2e5d1af6-3812-51ef-6816-2d136d63430c
set type ipmask
set comment "Day Automation"
set associated-interface "inside"
set color 10
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.188 255.255.255.255
next
edit "Genetec"
set uuid 2e5d949a-3812-51ef-407b-6187d0785301
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.70.30 255.255.255.255
next
edit "DC01_A"
set uuid 2e5ded50-3812-51ef-d0c4-fef62bc79a80
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.10 255.255.255.255
next
edit "DC01_B"
set uuid 2e5e6ef6-3812-51ef-5037-1eb8074e6ba1
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.95 255.255.255.255
next
edit "DC01_C"
set uuid 2e5ef0d8-3812-51ef-648b-2bff2ce1781b
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.120 255.255.255.255
next
edit "HVDC02"
set uuid 2e5f727e-3812-51ef-caba-3c4cae318ffe
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.21.48.10 255.255.255.255
next
edit "HVDC03_A"
set uuid 2e5ff726-3812-51ef-e135-1ea4a2e02941
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.95 255.255.255.255
next
edit "HVDC03_B"
set uuid 2e6078c2-3812-51ef-6edb-89b964cdf564
set type ipmask
set comment "Domain Controller for DNS and LDAP"
set associated-interface "inside"
set color 14
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.10 255.255.255.255
next
edit "Tim PC"
set uuid 2e614496-3812-51ef-85a0-9e389e54366a
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.7.137 255.255.255.255
next
edit "CGR_16_Bellevue"
set uuid 2e61a2d8-3812-51ef-1f9d-aed76078eb1a
set type ipmask
set comment "City Lights CGR - 16_Bellevue"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.16.233.11 255.255.255.255
next
edit "CGR_55_CentralOffice"
set uuid 2e622c80-3812-51ef-d3f3-56d779628a78
set type ipmask
set comment "City Lights CGR - 55_Central Offices"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.55.233.11 255.255.255.255
next
edit "CGR_45_EdSmith"
set uuid 2e62b3b2-3812-51ef-8619-73e434821b49
set type ipmask
set comment "City Lights CGR - 45_EdSmith"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.45.233.11 255.255.255.255
next
edit "CGR_23_Elmwood"
set uuid 2e6336a2-3812-51ef-1ed3-c83cbb8c6430
set type ipmask
set comment "City Lights CGR - 23_Elmwood"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.23.233.11 255.255.255.255
next
edit "CGR_24_Franklin"
set uuid 2e63b9d8-3812-51ef-b2b0-64d7747a79ad
set type ipmask
set comment "City Lights CGR - 24_Franklin"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.24.233.11 255.255.255.255
next
edit "CGR_29_Huntington"
set uuid 2e643f48-3812-51ef-2731-080a39e51b76
set type ipmask
set comment "City Lights CGR - 29_Huntington"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.29.233.11 255.255.255.255
next
edit "CGR_15_HWSmith"
set uuid 2e64c3e6-3812-51ef-97c7-7f955a7eaf39
set type ipmask
set comment "City Lights CGR - 15_HWSmith"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.15.233.11 255.255.255.255
next
edit "CGR_48_Beard"
set uuid 2e6546c2-3812-51ef-d158-8dda08100f51
set type ipmask
set comment "City Lights CGR - 48_Beard"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.48.233.11 255.255.255.255
next
edit "CGR_36_McKinley"
set uuid 2e65ca52-3812-51ef-18b9-69eedbd15983
set type ipmask
set comment "City Lights CGR - 36_McKinley"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.36.233.11 255.255.255.255
next
edit "CGR_37_Meachem"
set uuid 2e664de2-3812-51ef-f01b-1fa3b6b71280
set type ipmask
set comment "City Lights CGR - 37_Meachem"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.37.233.11 255.255.255.255
next
edit "CGR_40_Porter"
set uuid 2e66d1ea-3812-51ef-bf14-bfa158784723
set type ipmask
set comment "City Lights CGR - 40_Porter"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.40.233.11 255.255.255.255
next
edit "CGR_30_SalemHyde"
set uuid 2e675642-3812-51ef-9b61-6882408843cb
set type ipmask
set comment "City Lights CGR - 30_SalemHyde"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.30.233.11 255.255.255.255
next
edit "CGR_44_Seymour"
set uuid 2e67dca2-3812-51ef-f408-37f72e66ea29
set type ipmask
set comment "City Lights CGR - 44_Seymour"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.44.233.11 255.255.255.255
next
edit "CGR_49_VanDuyn"
set uuid 2e686064-3812-51ef-ad9e-1b98d30e1e08
set type ipmask
set comment "City Lights CGR - 49_VanDuyn"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.49.233.11 255.255.255.255
next
edit "CGR_51_Webster"
set uuid 2e68e41c-3812-51ef-0c16-696ccedc62c8
set type ipmask
set comment "City Lights CGR - 51_Webster"
set associated-interface "inside"
set color 28
set allow-routing disable
set fabric-object disable
set subnet 10.51.233.11 255.255.255.255
next
edit "z_BlockIP_000"
set uuid 2e6a5bc6-3812-51ef-d792-e7c7ce024bd7
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.117.232.199 255.255.255.255
next
edit "hypdevw2"
set uuid 2e6ac5fc-3812-51ef-61ea-1b3941426666
set type ipmask
set comment "Hyperion"
set associated-interface "inside"
set color 22
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.52 255.255.255.255
next
edit "Access_Control_01_NOC"
set uuid 2e6b45e0-3812-51ef-c686-97daa5222233
set type ipmask
set comment "01_NOC_Access_Control"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.1.72.0 255.255.255.0
next
edit "Access_Control_02_ITC"
set uuid 2e6bc7f4-3812-51ef-e362-cdb493e5b8b5
set type ipmask
set comment "02_ITC_Access_Control"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.2.72.0 255.255.255.0
next
edit "Access_Control_03_PSLA"
set uuid 2e6c49ea-3812-51ef-5b68-f380d5f9754d
set type ipmask
set comment "Access Control PSLA at Fowler"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.3.72.0 255.255.255.0
next
edit "Access_Control_04_Nottingham"
set uuid 2e6cd248-3812-51ef-f3bc-0052c1e495f0
set type ipmask
set comment "Access Control Nottingham"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.4.72.0 255.255.255.0
next
edit "Access_Control_06_Henninger"
set uuid 2e6d5a6a-3812-51ef-76bd-af366b59b33a
set type ipmask
set comment "Access Control Henninger"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.6.72.0 255.255.255.0
next
edit "Access_Control_07_Corcoran"
set uuid 2e6de0c0-3812-51ef-1887-13f7b83496d0
set type ipmask
set comment "Access Control Corcoran"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.7.72.0 255.255.255.0
next
edit "Access_Control_08_Clary"
set uuid 2e6e63e2-3812-51ef-4c88-72223f592c5d
set type ipmask
set comment "Access Control Clary"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.8.72.0 255.255.255.0
next
edit "Access_Control_09_Grant"
set uuid 2e6ee61e-3812-51ef-525f-732f6ef2c376
set type ipmask
set comment "Access Control Grant"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.9.72.0 255.255.255.0
next
edit "Access_Control_10_Levy"
set uuid 2e6f6b16-3812-51ef-6711-f2c7300c56bd
set type ipmask
set comment "Access Control Levy"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.10.72.0 255.255.255.0
next
edit "Access_Control_40_Porter"
set uuid 2e6fedf2-3812-51ef-12bc-90c91dc77219
set type ipmask
set comment "Access Control Porter"
set associated-interface "inside"
set color 29
set allow-routing disable
set fabric-object disable
set subnet 10.40.72.0 255.255.255.0
next
edit "PeopleTools"
set uuid 2e706d72-3812-51ef-bdb3-aaf48ad72387
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.100 255.255.255.255
next
edit "psupgfin2"
set uuid 2e715d7c-3812-51ef-f7d4-7bff580c2701
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.117 255.255.255.255
next
edit "psupghcm2"
set uuid 2e71d8e2-3812-51ef-251a-1f1670a20bba
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.116 255.255.255.255
next
edit "pum_a"
set uuid 2e725114-3812-51ef-8ff8-d68259b63c4f
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.111 255.255.255.255
next
edit "pum_b"
set uuid 2e72c9a0-3812-51ef-cf04-6971eee5d46a
set type ipmask
set comment "Peoplesoft"
set associated-interface "inside"
set color 20
set allow-routing disable
set fabric-object disable
set subnet 10.1.18.112 255.255.255.255
next
edit "SMTP_Office365_a"
set uuid 2e7387aa-3812-51ef-ef37-3f7e9704f71c
set type ipmask
set comment "Microsoft to Barracuda Archivers"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 104.47.0.0 255.255.128.0
next
edit "SMTP_Office365_b"
set uuid 2e74019e-3812-51ef-4354-8a438c54cafc
set type ipmask
set comment "Microsoft to Barracuda Archivers"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 40.92.0.0 255.254.0.0
next
edit "SMTP_Office365_c"
set uuid 2e7479da-3812-51ef-e686-2e2c26262564
set type ipmask
set comment "Microsoft to Barracuda Archivers"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 40.107.0.0 255.255.0.0
next
edit "SMTP_Office365_d"
set uuid 2e74f1d0-3812-51ef-0469-bd9d6a3d5870
set type ipmask
set comment "Microsoft to Barracuda Archivers"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 52.100.0.0 255.252.0.0
next
edit "City_Side_VoIP_30"
set uuid 2e75e252-3812-51ef-58bf-c049447f60ec
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.30.0 255.255.255.0
next
edit "City_Side_VoIP_56"
set uuid 2e767488-3812-51ef-5e78-8b95bdcfd038
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.56.0 255.255.255.0
next
edit "City_Side_VoIP_61"
set uuid 2e7705ec-3812-51ef-7ec4-7bfa0a233031
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.61.0 255.255.255.0
next
edit "City_Side_VoIP_62"
set uuid 2e77982c-3812-51ef-2390-2a90da7a147c
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.62.0 255.255.255.0
next
edit "City_Side_VoIP_63"
set uuid 2e782b0c-3812-51ef-9607-aab4541a7a4f
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.63.0 255.255.255.0
next
edit "City_Side_VoIP_64"
set uuid 2e78c0ee-3812-51ef-7575-b1d643b4e1e3
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.64.0 255.255.255.0
next
edit "City_Side_VoIP_65"
set uuid 2e7951e4-3812-51ef-a483-cefb159e4ed9
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.65.0 255.255.255.0
next
edit "City_Side_VoIP_66"
set uuid 2e79e3ac-3812-51ef-2382-ee82da6df09c
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.66.0 255.255.255.0
next
edit "City_Side_VoIP_67"
set uuid 2e7a7498-3812-51ef-47a0-77e6c80a37f0
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.67.0 255.255.255.0
next
edit "City_Side_VoIP_68"
set uuid 2e7b0ed0-3812-51ef-236d-d8d0e67db7c3
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.68.0 255.255.255.0
next
edit "City_Side_VoIP_72"
set uuid 2e7ba0de-3812-51ef-ad4b-e4816cfae8eb
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.72.0 255.255.255.0
next
edit "City_Side_VoIP_74"
set uuid 2e7c31ac-3812-51ef-d321-515bdc528759
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.74.0 255.255.255.0
next
edit "City_Side_VoIP_75"
set uuid 2e7cd09e-3812-51ef-f73c-3736aae85e1d
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.75.0 255.255.255.0
next
edit "City_Side_VoIP_76"
set uuid 2e7d66bc-3812-51ef-4435-0dd0a77e41d4
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.76.0 255.255.255.0
next
edit "City_Side_VoIP_77"
set uuid 2e7dfaa0-3812-51ef-1dcc-ac90ff8926e2
set type ipmask
set comment "City Side VoIP - Includes DPW Router"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.77.0 255.255.255.0
next
edit "City_Side_VoIP_88"
set uuid 2e7e9d20-3812-51ef-a121-e17d044527ab
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.88.0 255.255.255.0
next
edit "City_Side_VoIP_132"
set uuid 2e824e0c-3812-51ef-f898-e663bcc71d4d
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.132.0 255.255.255.0
next
edit "City_Side_VoIP_1_Park_Place_A"
set uuid 2e82eb6e-3812-51ef-28df-f089494b8399
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.249.0.44 255.255.255.255
next
edit "CUCM_BRIGHTON"
set uuid 2e84266e-3812-51ef-7fbc-1b9b90bf7194
set type ipmask
set comment "SCSD Cisco Call Managers"
set associated-interface "inside"
set color 5
set allow-routing disable
set fabric-object disable
set subnet 10.21.150.0 255.255.255.0
next
edit "CUCM_ITC_NOC"
set uuid 2e84a602-3812-51ef-1f08-b0824da72239
set type ipmask
set comment "SCSD Cisco Call Managers"
set associated-interface "inside"
set color 5
set allow-routing disable
set fabric-object disable
set subnet 10.1.150.0 255.255.255.0
next
edit "City_Side_VoIP_1_Park_Place_B"
set uuid 2e852c3a-3812-51ef-5972-e8a0b63c2239
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.235.40.0 255.255.248.0
next
edit "City_Side_VoIP_Router_A"
set uuid 2e85c0be-3812-51ef-4fde-59fdeaf89e37
set type ipmask
set comment "City Side VoIP Router"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.51.21 255.255.255.255
next
edit "City_Side_VoIP_Router_B"
set uuid 2e8658b2-3812-51ef-1bc1-a384901e859e
set type ipmask
set comment "City Side VoIP Router"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.250.51.23 255.255.255.255
next
edit "SPD_Side_A"
set uuid 2e86ed36-3812-51ef-bc52-99bc1c0d3116
set type ipmask
set comment "SPD Side Firewall"
set associated-interface "city_phones"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.250.100.80 255.255.255.248
next
edit "SPD_Side_B"
set uuid 2e877e4a-3812-51ef-bee7-291cc3a2ffc2
set type ipmask
set comment "SPD Side Firewall"
set associated-interface "city_phones"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.250.100.88 255.255.255.254
next
edit "County_Network"
set uuid 2e88108a-3812-51ef-cd0f-4d778254e364
set type ipmask
set comment "Onondaga County Purchasing Department"
set associated-interface "city_phones"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.250.100.90 255.255.255.255
next
edit "City_Side_VoIP_Water_DPW_Recorder"
set uuid 2e88a766-3812-51ef-02f0-7201a3ca1654
set type ipmask
set comment "City Side VoIP"
set associated-interface "city_phones"
set color 28
set allow-routing enable
set fabric-object disable
set subnet 10.249.0.46 255.255.255.255
next
edit "Microsoft 1"
set uuid 2e8937da-3812-51ef-b1d2-ca37982a8931
set type ipmask
set comment "Located in India"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 13.71.55.58 255.255.255.255
next
edit "NVR-NOC"
set uuid 2e8b1f00-3812-51ef-c77d-2c26f6c4ec72
set type ipmask
set comment "NVR ITC Data Center"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.38 255.255.255.255
next
edit "NVR-FAILOVER"
set uuid 2e8baf10-3812-51ef-8b00-96ee8c525b78
set type ipmask
set comment "NVR ITC Data Center"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.27 255.255.255.255
next
edit "NVR-RING1-CLAR"
set uuid 2e8c402e-3812-51ef-031a-918838096acc
set type ipmask
set comment "NVR Clary MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.8.70.11 255.255.255.255
next
edit "NVR-RING1-CLAR2"
set uuid 2e8ccdbe-3812-51ef-01d4-64b342dd0863
set type ipmask
set comment "NVR Clary MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.8.70.14 255.255.255.255
next
edit "NVR-RING1-CORC"
set uuid 2e8d5b4e-3812-51ef-4bce-463e1972710d
set type ipmask
set comment "NVR Corcoran MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.7.70.11 255.255.255.255
next
edit "NVR-RING1-CORC2"
set uuid 2e8de9ec-3812-51ef-707c-e5b7a3e71805
set type ipmask
set comment "NVR Corcoran MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.7.70.14 255.255.255.255
next
edit "NVR-RING2-DANF"
set uuid 2e8e77d6-3812-51ef-c33f-d198b590fd67
set type ipmask
set comment "NVR Danforth MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.21.70.11 255.255.255.255
next
edit "NVR-RING2-DANF2"
set uuid 2e8f06e2-3812-51ef-6d49-fa55f583384e
set type ipmask
set comment "NVR Danforth MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.21.70.14 255.255.255.255
next
edit "NVR-RING3-PSLA"
set uuid 2e8f9594-3812-51ef-6d7c-ae678fe27db1
set type ipmask
set comment "NVR PSLA MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.3.70.11 255.255.255.255
next
edit "NVR-RING3-PSLA2"
set uuid 2e902220-3812-51ef-058c-f3733759fcab
set type ipmask
set comment "NVR PSLA MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.3.70.14 255.255.255.255
next
edit "NVR-RING4-BLOD"
set uuid 2e90af56-3812-51ef-cced-171e6c20b418
set type ipmask
set comment "NVR Blodgett MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.53.70.11 255.255.255.255
next
edit "NVR-RING4-FRAZ"
set uuid 2e913d90-3812-51ef-c0ea-fcbcd4d6898e
set type ipmask
set comment "NVR Frazier MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.25.70.11 255.255.255.255
next
edit "NVR-RING5-CENT"
set uuid 2e91cb84-3812-51ef-22a2-955a2f9a33ce
set type ipmask
set comment "NVR Central Offices MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.55.70.11 255.255.255.255
next
edit "NVR-RING6-EDSM"
set uuid 2e925e32-3812-51ef-67f9-0d97f42396ed
set type ipmask
set comment "NVR Ed Smith MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.45.70.11 255.255.255.255
next
edit "NVR-RING6-HWSM"
set uuid 2e92edfc-3812-51ef-112a-22daa18f37c5
set type ipmask
set comment "NVR HW Smith MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.15.70.11 255.255.255.255
next
edit "NVR-RING6-HWSM2"
set uuid 2e938046-3812-51ef-299c-2a23949e8924
set type ipmask
set comment "NVR HW Smith MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.15.70.14 255.255.255.255
next
edit "NVR-RING6-NOTT"
set uuid 2e940fb6-3812-51ef-fd41-139f79b2b442
set type ipmask
set comment "NVR Nottingham MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.4.70.11 255.255.255.255
next
edit "NVR-RING7-BELL"
set uuid 2e94a002-3812-51ef-0538-0864ebf47db1
set type ipmask
set comment "NVR Bellevue MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.16.70.11 255.255.255.255
next
edit "NVR-RING7-GRAN"
set uuid 2e952ffe-3812-51ef-6ce3-589ebc24e5aa
set type ipmask
set comment "NVR Grant 2nd Floor IDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.9.70.11 255.255.255.255
next
edit "NVR-RING7-GRAN2"
set uuid 2e95c428-3812-51ef-d63b-377d7622dc5c
set type ipmask
set comment "NVR Grant 2nd Floor IDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.9.70.14 255.255.255.255
next
edit "NVR-RING8-HENN"
set uuid 2e965596-3812-51ef-413b-89dc595f4cff
set type ipmask
set comment "NVR Henninger MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.6.70.11 255.255.255.255
next
edit "NVR-RING8-HENN2"
set uuid 2e96e5f6-3812-51ef-8a91-7ace2a3cf879
set type ipmask
set comment "NVR Henninger MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.6.70.14 255.255.255.255
next
edit "NVR-RING8-HUNT"
set uuid 2e977804-3812-51ef-13ec-3ce3a7d8527c
set type ipmask
set comment "NVR Huntington MDF"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.29.70.11 255.255.255.255
next
edit "Genetec-Dir"
set uuid 2e98a224-3812-51ef-3d97-373a03eb6782
set type ipmask
set comment "Genetec Directory"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.141 255.255.255.255
next
edit "Genetec-DirBU"
set uuid 2e9931a8-3812-51ef-f5a6-c411ca6a996d
set type ipmask
set comment "Genetec Directory Backup"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.22 255.255.255.255
next
edit "Genetec-Media"
set uuid 2e99c46a-3812-51ef-61be-9ee216810db9
set type ipmask
set comment "Genetec Media Server"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.143 255.255.255.255
next
edit "Genetec-MRouter"
set uuid 2e9a53c6-3812-51ef-7c4d-7cd90c655325
set type ipmask
set comment "Genetec Media Server"
set associated-interface "inside"
set color 2
set allow-routing enable
set fabric-object disable
set subnet 10.1.70.145 255.255.255.255
next
edit "MS_Teams_External_A"
set uuid 2e9aed04-3812-51ef-0136-7ba1f35d0eeb
set type ipmask
set comment "MS Teams for SBC"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 13.107.64.0 255.255.192.0
next
edit "MS_Teams_External_B"
set uuid 2e9b6018-3812-51ef-c328-260f6a644bac
set type ipmask
set comment "MS Teams for SBC"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 52.112.0.0 255.252.0.0
next
edit "SBC-NOC"
set uuid 2e9bcbfc-3812-51ef-38e5-74d95f48b935
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.1.150.21 255.255.255.255
next
edit "SBC-DAN"
set uuid 2e9c3830-3812-51ef-4c60-7db18a7653cf
set type ipmask
set comment "Moved to Brighton Academy 09FEB2024"
set associated-interface "inside"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.21.150.21 255.255.255.255
next
edit "DataTools"
set uuid 2e9cc674-3812-51ef-defd-d24f4e74d72f
set type ipmask
set comment "ODBC Connection to ST DB"
set associated-interface "inside"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.1.48.67 255.255.255.255
next
edit "ST_Internal_2"
set uuid 2e9d4bc6-3812-51ef-094f-c611eced0efa
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.1.40.191 255.255.255.255
next
edit "Tableau"
set uuid 2ea0f60e-3812-51ef-370d-a3bc1770ec83
set type ipmask
set comment "ODBC connections to ST DB"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.61 255.255.255.255
next
edit "21JumpSt"
set uuid 2ea168be-3812-51ef-db8c-4f2bc50e9d12
set type ipmask
set comment "Jumpbox for SchoolTool"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.128 255.255.255.255
next
edit "Fileserver03"
set uuid 2ea1db5a-3812-51ef-5b80-afbfd3e511a3
set type ipmask
set comment "Cloud ST to write SMB Here"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.97 255.255.255.255
next
edit "SchoolTool webjs"
set uuid 3f911952-63a1-51ef-055d-a8bb6cdce37e
set type ipmask
set comment "SchoolTool"
set associated-interface "inside"
set color 18
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.102 255.255.255.255
next
edit "Server_40"
set uuid dd2d842c-9202-51ef-e573-d3a5b9382b0a
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.0 255.255.255.0
next
edit "Server_48"
set uuid ee0acae8-9202-51ef-cc94-0172e12879ff
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.0 255.255.255.0
next
edit "Test_10.10.1.20"
set uuid 52b4b918-a761-51ef-0e97-8258e27acae4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.10.1.20 255.255.255.255
next
edit "AW_inbound.us002-prod.arcticwolf.net"
set uuid ac339358-b89e-51ef-9652-3f49525d9caa
set type iprange
set comment "Arctic Wolf"
set associated-interface "outside"
set color 0
set fabric-object disable
set start-ip 3.145.238.128
set end-ip 3.145.238.159
next
edit "AW_device-activation.us-global-prod.arcticwolf.net"
set uuid de129e78-b89e-51ef-09cf-d9c639a159f2
set type iprange
set comment "Arctic Wolf"
set associated-interface "outside"
set color 0
set fabric-object disable
set start-ip 35.84.197.208
set end-ip 35.84.197.228
next
edit "AW_drs.us-global-prod.arcticwolf.net"
set uuid 05491eae-b89f-51ef-d4a6-28f59982bfd3
set type iprange
set comment "Arctic Wolf"
set associated-interface "outside"
set color 0
set fabric-object disable
set start-ip 44.239.235.232
set end-ip 44.239.235.239
next
edit "AW_auth.arcticwolf.com"
set uuid 2c2ce9ec-b89f-51ef-caa8-f54744732c4a
set type fqdn
set comment "Arctic Wolf"
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "auth.arcticwolf.com"
set cache-ttl 0
next
edit "AW_Scanner_MerryChristmas"
set uuid 2d70cf84-c142-51ef-24fe-a71259b9d091
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.222 255.255.255.255
next
edit "DPS_local_subnet_1"
set uuid 1872df9a-0031-51f0-fff1-2f495ac5a299
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "DPS_remote_subnet_1"
set uuid 1875f7ac-0031-51f0-9045-63b87b789405
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 0.0.0.0 0.0.0.0
next
edit "Schroeder _CT_NOC_CVM"
set uuid 254d5e0a-108c-51f0-dfeb-a62486678a88
set type ipmask
set comment "Nutanix CVM"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.181 255.255.255.255
next
edit "Pigpen_CT_NOC_CVM"
set uuid 6fa1cf36-108c-51f0-3fcf-358ad088c599
set type ipmask
set comment "Nutanix CVM"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.101.180.26 255.255.255.255
next
edit "RedBaron_CT_NOC_CVM"
set uuid 934e4f40-108c-51f0-391f-e78de4d94e80
set type ipmask
set comment "Nutanix CVM"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.101.180.27 255.255.255.255
next
edit "Sally_CT_NOC_CVM"
set uuid a831d95e-108c-51f0-155b-2f6e5780d286
set type ipmask
set comment "Nutanix CVM"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.101.180.29 255.255.255.255
next
edit "Patty_CT_NOC_CVM"
set uuid bd9813da-108c-51f0-7114-bf7598e28c78
set type ipmask
set comment "Nutanix CVM"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.101.180.30 255.255.255.255
next
edit "Nutanix_Support1"
set uuid 4fae5c16-108d-51f0-6e40-311b1a74a075
set type fqdn
set comment ''
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "nsc01.nutanix.net"
set cache-ttl 0
next
edit "Nutanix_Support2"
set uuid 6120f3f0-108d-51f0-5630-197da97dc590
set type fqdn
set comment ''
set associated-interface "outside"
set color 0
set allow-routing disable
set fabric-object disable
set fqdn "nsc02.nutanix.net"
set cache-ttl 0
next
edit "z_BlockIP_138"
set uuid 58423e20-13de-51f0-cc56-a934e8e4ba17
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 172.86.91.155 255.255.255.255
next
edit "z_BlockIP_139"
set uuid 7cd8879e-13de-51f0-709e-21f1d1ba5fc2
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.35.189.221 255.255.255.255
next
edit "z_BlockIP_140"
set uuid 95657290-13de-51f0-e7da-09b7938391c8
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 94.131.101.15 255.255.255.255
next
edit "z_BlockIP_142"
set uuid efabc0b8-146c-51f0-a02b-f597c1b43b4e
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.35.189.104 255.255.255.255
next
edit "z_BlockIP_143"
set uuid 046daeb2-146d-51f0-7d98-622be44b9b60
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 172.86.112.56 255.255.255.255
next
edit "z_BlockIP_144"
set uuid 1af72b86-146d-51f0-9cb8-2b6595e3acc8
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 194.116.173.199 255.255.255.255
next
edit "z_BlockIP_145"
set uuid 2f795822-146d-51f0-6612-b046db3e5f87
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 172.86.84.61 255.255.255.255
next
edit "z_BlockIP_146"
set uuid 487077ca-146d-51f0-3740-5075e4d52ccc
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.35.188.34 255.255.255.255
next
edit "z_BlockIP_147"
set uuid 5d713d80-146d-51f0-0f64-f5c6c4406f37
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 74.119.194.18 255.255.255.255
next
edit "z_BlockIP_148"
set uuid 7453f038-146d-51f0-f9ec-496161d3e5da
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 141.98.168.11 255.255.255.255
next
edit "z_BlockIP_149"
set uuid 8e83d9be-146d-51f0-4050-36e1f57c4395
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 103.35.188.74 255.255.255.255
next
edit "z_BlockIP_150"
set uuid b57bd490-146d-51f0-cc95-f2ffd9228010
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 5.180.24.94 255.255.255.255
next
edit "z_BlockIP_151"
set uuid f1c6c9f0-146d-51f0-3a97-96506f18b483
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 141.98.168.14 255.255.255.255
next
edit "z_BlockIP_"
set uuid 085d1296-146e-51f0-ba96-01b5a721554c
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 45.150.65.206 255.255.255.255
next
edit "z_BlockRange_01"
set uuid 8231582a-146e-51f0-dfa1-c1d13529cd9e
set type iprange
set comment ''
set associated-interface "outside"
set color 6
set fabric-object disable
set start-ip 103.35.188.0
set end-ip 103.35.189.255
next
edit "z_BlockRange_02"
set uuid 14d4694c-146f-51f0-55c7-d87753f474c2
set type iprange
set comment ''
set associated-interface "outside"
set color 6
set fabric-object disable
set start-ip 172.86.84.0
set end-ip 172.86.84.255
next
edit "z_BlockRange_03"
set uuid 71037f82-146f-51f0-0bba-151f28bb65cb
set type iprange
set comment ''
set associated-interface "outside"
set color 6
set fabric-object disable
set start-ip 194.116.173.0
set end-ip 194.116.173.255
next
edit "z_BlockSub_040"
set uuid 1ad02664-1470-51f0-b041-d7042e3fac13
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 74.119.194.0 255.255.255.0
next
edit "z_BlockSub_041"
set uuid 2d280994-1470-51f0-91f2-7a6ba071f4d3
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 141.98.168.0 255.255.255.0
next
edit "z_BlockSub_042"
set uuid 3e9c1cec-1470-51f0-1bf9-4166e7829b7a
set type ipmask
set comment ''
set associated-interface "outside"
set color 6
set allow-routing disable
set fabric-object disable
set subnet 5.180.24.0 255.255.255.0
next
edit "ITC_Cafe_POS"
set uuid 7148484e-1eb8-51f0-93f0-89e1e17b8459
set type ipmask
set comment "Point of Sale"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.2.4.125 255.255.255.255
next
edit "Clary_POS"
set uuid aa69572e-1f78-51f0-8e55-990ffcc20c10
set type ipmask
set comment "Point of Sale"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.8.1.47 255.255.255.255
next
edit "Porter_POS"
set uuid bc8ffcd2-1f78-51f0-f64f-f1c4fe4ff0d8
set type ipmask
set comment "Point of Sale"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.40.1.69 255.255.255.255
next
edit "AW_Scanner _HappyHalloween"
set uuid 9fb2fdb4-2b60-51f0-8a8f-4471a0b9504d
set type ipmask
set comment "Scanner for Servers Only"
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.211 255.255.255.255
next
edit "AW_Scanner_HappyNewYear"
set uuid ccc13e06-37d6-51f0-90fa-b431bbedeb9b
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.23 255.255.255.255
next
edit "AW_Scanner_DiaDeLosMuertos"
set uuid e5b1284a-37d6-51f0-bdda-03d8b5eafabe
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.223 255.255.255.255
next
edit "AW_Scanner_LaborDay"
set uuid 2c3cebc8-37d7-51f0-9b22-a2d152101c85
set type ipmask
set comment ''
set associated-interface "inside"
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.40.241 255.255.255.255
next
edit "RAP-Users"
set uuid 4e13b516-56ad-51f0-e3fa-4c5a809bb62b
set type ipmask
set comment ''
set associated-interface "RAP"
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.79.1.0 255.255.255.0
next
edit "RAP-MGMT"
set uuid f774e6e6-5b69-51f0-39da-abc1cff227c7
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 192.168.79.0 255.255.255.0
next
edit "Sys-Net-Admins"
set uuid 80075770-5c35-51f0-bcdc-56db865aaadb
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.1.6.0 255.255.255.0
next
edit "Elastic"
set uuid 51f90cec-73c4-51f0-b8ea-111a26d3685a
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 10.1.48.121 255.255.255.255
next
edit "DPS_10.46.0.0/16"
set uuid 44a6e67a-a391-51f0-5e80-df4e3e70b7b5
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 10.46.0.0 255.255.0.0
next
edit "DPS_Internal"
set uuid 71dd8dd8-a391-51f0-a4af-42b2e4c6d5a4
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing disable
set fabric-object disable
set subnet 192.168.46.0 255.255.255.0
next
edit "DPS_192.168.146.0/24"
set uuid f4443f7e-a391-51f0-64c9-bc053e765462
set type ipmask
set comment ''
set associated-interface ''
set color 0
set allow-routing enable
set fabric-object disable
set subnet 192.168.146.0 255.255.255.0
next
end
config firewall multicast-address
edit "all_hosts"
set type multicastrange
set start-ip 224.0.0.1
set end-ip 224.0.0.1
set comment ''
set associated-interface ''
set color 0
next
edit "all_routers"
set type multicastrange
set start-ip 224.0.0.2
set end-ip 224.0.0.2
set comment ''
set associated-interface ''
set color 0
next
edit "Bonjour"
set type multicastrange
set start-ip 224.0.0.251
set end-ip 224.0.0.251
set comment ''
set associated-interface ''
set color 0
next
edit "EIGRP"
set type multicastrange
set start-ip 224.0.0.10
set end-ip 224.0.0.10
set comment ''
set associated-interface ''
set color 0
next
edit "OSPF"
set type multicastrange
set start-ip 224.0.0.5
set end-ip 224.0.0.6
set comment ''
set associated-interface ''
set color 0
next
edit "all"
set type multicastrange
set start-ip 224.0.0.0
set end-ip 239.255.255.255
set comment ''
set associated-interface ''
set color 0
next
end
config firewall address6-template
end
config firewall address6
edit "all"
set uuid e52cf0d8-7e12-51ec-1275-31d4022ee116
set type ipprefix
set ip6 ::/0
set color 0
set comment ''
set fabric-object disable
next
edit "none"
set uuid e52cf880-7e12-51ec-b41d-7762f92296f5
set type ipprefix
set ip6 ::/128
set color 0
set comment ''
set fabric-object disable
next
edit "SSLVPN_TUNNEL_IPv6_ADDR1"
set uuid e532aa50-7e12-51ec-b590-d170cf3f3cae
set type ipprefix
set ip6 fdff:ffff::/120
set color 0
set comment ''
set fabric-object disable
next
end
config firewall multicast-address6
edit "all"
set ip6 ff00::/8
set comment ''
set color 0
next
end
config system ipv6-tunnel
end
config firewall addrgrp
edit "IPv4-Private-All-RFC1918"
set type default
set category default
set uuid 4bbed1ae-7e13-51ec-2177-83c901c98655
set member "Internal_10.0.0.0_8" "Internal_172.16.0.0_12" "Internal_192.168.0.0_16"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "SCHC_Local_Subnets_Group"
set type default
set category default
set uuid 4bd0f942-7e13-51ec-a7f5-127312ca3ffb
set member "SCHC_03_PSLA" "SCHC_09_Grant" "SCHC_15_HWSmith" "SCHC_20_DrKing" "SCHC_22_Delaware" "SCHC_24_Franklin" "SCHC_34_DrWeeks" "SCHC_53_Blodgett"
set comment ''
set exclude disable
set color 8
set fabric-object disable
next
edit "SCHC_Remote_Subnets_Group"
set type default
set category default
set uuid 4bd1573e-7e13-51ec-41d2-798b0b4dc1b4
set member "SCHC_Remote_Subnet_02" "SCHC_Remote_Subnet_01" "SCHC_Remote_Subnet_03"
set comment "Syracuse Community Health Center Remote Subnets Group"
set exclude disable
set color 8
set fabric-object disable
next
edit "Country Block"
set type default
set category default
set uuid b8e577b0-996b-51ec-2488-38d9ac0d4594
set member "China" "Russia" "Iran" "Belarus" "North Korea" "Nigeria" "Afghanistan" "Brazil" "Columbia" "India" "Indonesia" "Romania" "Thailand" "Turkey" "Vietnam"
set comment ''
set exclude disable
set color 6
set fabric-object disable
next
edit "City_Side_VoIP_Park_Place_Group"
set type default
set category default
set uuid c478eae8-103f-51ee-dbce-9ac9740ebb59
set member "City_Side_VoIP_1_Park_Place_A" "City_Side_VoIP_1_Park_Place_B"
set comment ''
set color 28
set allow-routing enable
set fabric-object disable
next
edit "SchoolTool_Cloud_Internal"
set type default
set category default
set uuid e8f4f95c-11fb-51ef-0f50-e994ff62b405
set member "21JumpSt" "DataTools" "Fileserver03" "Nighttime_Inside" "Tableau" "DC01_A" "DC01_B" "DC01_C" "HVDC02" "HVDC03_A" "HVDC03_B" "DocHolliday" "SchoolTool webjs" "Elastic"
set comment "Access for SchoolTool Cloud"
set exclude disable
set color 0
set fabric-object disable
next
edit "CONTENTKEEPER-REMOTE-SUPPORT"
set type default
set category default
set uuid aa27c3ac-3812-51ef-205d-ea551ecbc635
set member "CK-North-America-202" "CK-Australia-203" "CK-North-America-173" "CK-North-America-8" "CK-North-America-202_B"
set comment "ContentKeeper Remote Support Networks"
set exclude disable
set color 19
set fabric-object disable
next
edit "Nimble_Inside_Grp"
set type default
set category default
set uuid aa292e2c-3812-51ef-c510-a4adc16d7de2
set member "Nimble_Inside_4" "Nimble_Inside_2" "Nimble_Inside_1" "nimble_Inside_3"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "SRICBOCES-OUTSIDE"
set type default
set category default
set uuid aa29ac62-3812-51ef-0eaa-eef60c6adc0a
set member "SRIC_BOCES_Server02" "SRIC_BOCES_Firewall" "SRIC_BOCES_Server01"
set comment "Eastern Suffolk BOCES"
set exclude disable
set color 0
set fabric-object disable
next
edit "SPD_Firewalls_Our_Side"
set type default
set category default
set uuid aa2c7802-3812-51ef-a555-2e23aa32adb6
set member "SPD_09_Grant" "SPD_48_Beard" "SPD_56_SSC" "SPD_21_Danforth" "SPD_25_Frazer" "SPD_53_Blodgett" "SPD_20_DrKing" "SPD_44_Seymour" "SPD_22_Delaware" "SPD_24_Franklin"
set comment "SPD firewalls on our internal network."
set exclude disable
set color 2
set fabric-object disable
next
edit "City_Permited_Subnets_Group"
set type default
set category default
set uuid aa2d8ea4-3812-51ef-34dd-45fea29eb110
set member "city_permited_subnet_4" "city_permited_subnet_1" "city_permited_subnet_5" "city_permited_subnet_3" "city_permited_subnet_7"
set comment "Subnets City is allowed to on our side"
set exclude disable
set color 28
set fabric-object disable
next
edit "City_Subnets_Group"
set type default
set category default
set uuid aa2e5bae-3812-51ef-80f7-04846a6eb832
set member "City_Side_Subnet_1" "City_Side_CGR_01" "City_Side_CGR_02" "City_Side_VoIP_Water_DPW_Recorder"
set comment "City subnets on their side"
set exclude disable
set color 28
set fabric-object disable
next
edit "Day_Server_Group"
set type default
set category default
set uuid aa32f010-3812-51ef-5fa0-cf356abb1823
set member "Day_Enterprise_Server" "Day_VM_Server" "Day_Continuum_Server"
set comment ''
set exclude disable
set color 10
set fabric-object disable
next
edit "Security_VLAN_70_Group"
set type default
set category default
set uuid aa337134-3812-51ef-73dd-5f02711c5574
set member "Security_01_NOC" "Security_02_ITC" "Security_03_PSLA" "Security_04_Nottingham" "Security_06_Henninger" "Security_07_Corcoran" "Security_08_Clary" "Security_09_Grant" "Security_10_Levy" "Security_13_Lincoln" "Security_14_Shea" "Security_15_HWSmith" "Security_16_Bellevue" "Security_20_DrKing" "Security_21_Danforth" "Security_22_Delaware" "Security_23_Elmwood" "Security_24_Franklin" "Security_25_Frazer" "Security_27_Elmcrest" "Security_28_Latin" "Security_29_Huntington" "Security_30_SalemHyde" "Security_33_LeMoyne" "Security_34_DrWeeks" "Security_36_McKinley" "Security_37_Meachem" "Security_40_Porter" "Security_41_BOVA" "Security_42_Roberts" "Security_44_Seymour" "Security_45_EdSmith" "Security_46_Phoenix" "Security_47_McCarthy" "Security_48_Beard" "Security_49_VanDuyn" "Security_51_Webster" "Security_53_Blodgett" "Security_54_JVC" "Security_55_CentralOffice" "Security_56_SSC" "Security_57_Transportation" "Security_60_PDC" "Security_86_StLucy"
set comment ''
set exclude disable
set color 25
set fabric-object disable
next
edit "Peoplesoft_RDP_Group"
set type default
set category default
set uuid aa391c2e-3812-51ef-aac6-a9c2c240f250
set member "psdevfin" "psdevhcm" "psprdess" "psprdfin" "psprdhcm" "psprdrpx" "psqasfin" "psqashcm" "pstools" "psnagus" "psupgfin" "psupghcm" "PeopleTools" "psdevdb1" "psprddb1" "psqasdb1" "psupgfin2" "psupghcm2" "pum_a" "pum_b"
set comment ''
set exclude disable
set color 20
set fabric-object disable
next
edit "Hyperion_Server_Group"
set type default
set category default
set uuid aa3b0188-3812-51ef-2304-b0a83ac1d228
set member "hypprodess" "hypprodweb1" "hypprodweb2" "hypprodwin7" "hypdeveb" "hypdevw1" "hypdevw3" "hypprdeb" "hypprdw1" "hypprdw2" "hypqaeb" "hypqaw1" "hypqaw2" "hypdevw2"
set comment ''
set exclude disable
set color 22
set fabric-object disable
next
edit "Peoplesoft_SSH_Group"
set type default
set category default
set uuid aa3c572c-3812-51ef-ccf5-4737d40135d2
set member "psdevdb1" "psprddb1" "psqasdb1"
set comment ''
set exclude disable
set color 21
set fabric-object disable
next
edit "Safeschools_Group"
set type default
set category default
set uuid aa3cbc76-3812-51ef-91fc-34f3eee1d46d
set member "SafeSchools_01" "Safeschools_02"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "411_Group"
set type default
set category default
set uuid aa3d105e-3812-51ef-5de4-066c1e7b3896
set member "411app" "411sql" "411App_WebPage"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Domain_Controller_Group"
set type default
set category default
set uuid aa3d77c4-3812-51ef-6a6e-a5b7cfcf0fb9
set member "DC01_A" "DC01_B" "DC01_C" "HVDC02" "HVDC03_A" "HVDC03_B"
set comment ''
set exclude disable
set color 14
set fabric-object disable
next
edit "City_CGRs_Group"
set type default
set category default
set uuid aa3e1c06-3812-51ef-ffb7-683d5074b203
set member "CGR_16_Bellevue" "CGR_55_CentralOffice" "CGR_45_EdSmith" "CGR_23_Elmwood" "CGR_24_Franklin" "CGR_29_Huntington" "CGR_15_HWSmith" "CGR_48_Beard" "CGR_36_McKinley" "CGR_37_Meachem" "CGR_40_Porter" "CGR_30_SalemHyde" "CGR_44_Seymour" "CGR_49_VanDuyn" "CGR_51_Webster"
set comment "City CGRs on our side"
set exclude disable
set color 28
set fabric-object disable
next
edit "CK_Inside_Group"
set type default
set category default
set uuid aa3fc362-3812-51ef-a851-28c50a715c3b
set member "ckf01-ipmi-inside" "ckf01-mgmt-inside" "ckf02-ipmi-inside" "ckf02-mgmt-inside" "cklb01-ipmi-inside" "cklb01-mgmt-inside" "ckm01-ipmi-inside" "ckm01-mgmt1-inside" "ckm01-mgmt2-inside" "ckm02-ipmi-inside" "ckm02-mgmt1-inside" "ckm02-mgmt2-inside" "ckm03-ipmi-inside" "ckm03-mgmt1-inside" "ckm03-mgmt2-inside" "ckr01-ipmi-inside" "ckr01-mgmt-inside" "ckr01-mgmt-inside-temp"
set comment "Content Keeper Inside Address Group"
set exclude disable
set color 19
set fabric-object disable
next
edit "Block_List_Group"
set type default
set category default
set uuid aa418db4-3812-51ef-0dbd-c632fab294fa
set member "z_BlockIP_001" "z_BlockIP_002" "z_BlockIP_003" "z_BlockIP_004" "z_BlockIP_005" "z_BlockIP_006" "z_BlockIP_008" "z_BlockIP_009" "z_BlockIP_010" "z_BlockIP_011" "z_BlockIP_012" "z_BlockIP_013" "z_BlockIP_014" "z_BlockIP_015" "z_BlockIP_016" "z_BlockIP_017" "z_BlockIP_018" "z_BlockIP_019" "z_BlockIP_020" "z_BlockIP_021" "z_BlockIP_022" "z_BlockIP_024" "z_BlockIP_025" "z_BlockIP_026" "z_BlockIP_027" "z_BlockIP_028" "z_BlockIP_030" "z_BlockIP_031" "z_BlockIP_032" "z_BlockIP_033" "z_BlockIP_034" "z_BlockIP_035" "z_BlockIP_036" "z_BlockIP_037" "z_BlockIP_038" "z_BlockIP_039" "z_BlockIP_040" "z_BlockIP_041" "z_BlockIP_042" "z_BlockIP_043" "z_BlockIP_044" "z_BlockIP_045" "z_BlockIP_046" "z_BlockIP_047" "z_BlockIP_048" "z_BlockIP_052" "z_BlockIP_053" "z_BlockIP_054" "z_BlockIP_055" "z_BlockIP_056" "z_BlockIP_057" "z_BlockIP_058" "z_BlockIP_059" "z_BlockIP_060" "z_BlockIP_061" "z_BlockIP_062" "z_BlockIP_063" "z_BlockIP_064" "z_BlockIP_065" "z_BlockIP_066" "z_BlockIP_067" "z_BlockIP_068" "z_BlockIP_069" "z_BlockIP_070" "z_BlockIP_071" "z_BlockIP_072" "z_BlockIP_073" "z_BlockIP_074" "z_BlockIP_075" "z_BlockIP_076" "z_BlockIP_077" "z_BlockIP_078" "z_BlockIP_079" "z_BlockIP_080" "z_BlockIP_081" "z_BlockIP_082" "z_BlockIP_083" "z_BlockIP_084" "z_BlockIP_085" "z_BlockIP_086" "z_BlockIP_087" "z_BlockIP_088" "z_BlockIP_089" "z_BlockIP_090" "z_BlockIP_091" "z_BlockIP_092" "z_BlockIP_093" "z_BlockIP_094" "z_BlockIP_095" "z_BlockIP_096" "z_BlockIP_097" "z_BlockIP_098" "z_BlockIP_099" "z_BlockIP_100" "z_BlockIP_101" "z_BlockIP_007" "z_BlockIP_049" "z_BlockIP_050" "z_BlockIP_051" "z_BlockIP_103" "z_BlockIP_104" "z_BlockIP_105" "z_BlockIP_106" "z_BlockIP_107" "z_BlockIP_108" "z_BlockIP_109" "z_BlockIP_111" "z_BlockIP_112" "z_BlockIP_113" "z_BlockIP_114" "z_BlockIP_115" "z_BlockIP_116" "z_BlockIP_117" "z_BlockIP_118" "z_BlockIP_119" "z_BlockIP_120" "z_BlockIP_122" "z_BlockIP_125" "z_BlockIP_126" "z_BlockIP_127" "z_BlockIP_128" "z_BlockIP_129" "z_BlockIP_130" "z_BlockIP_131" "z_BlockIP_132" "z_BlockIP_133" "z_BlockSub_001" "z_BlockSub_002" "z_BlockSub_003" "z_BlockSub_004" "z_BlockSub_005" "z_BlockSub_006" "z_BlockSub_007" "z_BlockSub_008" "z_BlockSub_009" "z_BlockSub_010" "z_BlockSub_011" "z_BlockSub_012" "z_BlockSub_013" "z_BlockSub_014" "z_BlockSub_015" "z_BlockSub_016" "z_BlockSub_017" "z_BlockSub_019" "z_BlockSub_020" "z_BlockSub_021" "z_BlockSub_022" "z_BlockSub_024" "z_BlockSub_025" "z_BlockSub_026" "z_BlockSub_027" "z_BlockSub_028" "z_BlockSub_030" "z_BlockSub_031" "z_BlockSub_032" "z_BlockSub_033" "z_BlockSub_034" "z_BlockSub_035" "z_BlockSub_037" "z_BlockSub_038" "z_BlockSub_039" "z_Ryuk_01" "z_Ryuk_02" "z_BlockIP_023" "z_BlockIP_029" "z_BlockIP_134" "z_BlockIP_135" "z_BlockIP_000" "z_BlockIP_138" "z_BlockIP_139" "z_BlockIP_140" "z_BlockIP_141" "z_BlockIP_142" "z_BlockIP_143" "z_BlockIP_144" "z_BlockIP_145" "z_BlockIP_146" "z_BlockIP_147" "z_BlockIP_148" "z_BlockIP_149" "z_BlockIP_150" "z_BlockRange_01" "z_BlockRange_02" "z_BlockRange_03" "z_BlockSub_040" "z_BlockSub_041" "z_BlockSub_042"
set comment "IPs and Subnets to be blocked as Malicious"
set exclude disable
set color 6
set fabric-object disable
next
edit "City_Side_CGR_Group"
set type default
set category default
set uuid aa686434-3812-51ef-7899-4b9bccb37ebf
set member "City_Side_CGR_01" "City_Side_CGR_02"
set comment "City Lights CGR Subnets on their side."
set color 28
set allow-routing enable
set fabric-object disable
next
edit "Access_Control_VLAN_72_Group"
set type default
set category default
set uuid aa68f926-3812-51ef-89a0-b97518058f99
set member "Access_Control_40_Porter" "Access_Control_01_NOC" "Access_Control_02_ITC" "Access_Control_03_PSLA" "Access_Control_04_Nottingham" "Access_Control_06_Henninger" "Access_Control_07_Corcoran" "Access_Control_08_Clary" "Access_Control_09_Grant" "Access_Control_10_Levy"
set comment ''
set exclude disable
set color 25
set fabric-object disable
next
edit "SMTP_Office365_Group"
set type default
set category default
set uuid aa6a399e-3812-51ef-acbb-6c6309b27822
set member "SMTP_Office365_a" "SMTP_Office365_b" "SMTP_Office365_c" "SMTP_Office365_d"
set comment "Microsoft to Barracuda Archivers"
set exclude disable
set color 0
set fabric-object disable
next
edit "City_Side_VoIP_Group"
set type default
set category default
set uuid aa6adb24-3812-51ef-571f-95a97db26ef6
set member "City_Side_VoIP_30" "City_Side_VoIP_56" "City_Side_VoIP_61" "City_Side_VoIP_62" "City_Side_VoIP_63" "City_Side_VoIP_64" "City_Side_VoIP_65" "City_Side_VoIP_66" "City_Side_VoIP_67" "City_Side_VoIP_68" "City_Side_VoIP_72" "City_Side_VoIP_74" "City_Side_VoIP_75" "City_Side_VoIP_76" "City_Side_VoIP_77" "City_Side_VoIP_88" "City_Side_VoIP_132" "City_Side_VoIP_1_Park_Place_A" "City_Side_VoIP_1_Park_Place_B" "City_Side_VoIP_Router_A" "City_Side_VoIP_Router_B"
set comment "City VoIP Group - except Parks and Water Recorder"
set color 28
set allow-routing enable
set fabric-object disable
next
edit "SPD_Side_Firewall_Group"
set type default
set category default
set uuid aa6d9634-3812-51ef-6a32-4cf9774f0418
set member "SPD_Side_A" "SPD_Side_B"
set comment "IP Range of SPD Side Firewalls"
set color 2
set allow-routing enable
set fabric-object disable
next
edit "Country Allow"
set type default
set category default
set uuid aa6f1d7e-3812-51ef-e339-c0bde8205826
set member "Microsoft 1"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "Peoplesoft_Audit_Group"
set type default
set category default
set uuid aa6f6504-3812-51ef-8624-ff5d573953d9
set member "psdevfin" "psdevhcm" "psprdfin" "psprdhcm" "psqasfin" "psqashcm"
set comment "Group allowed for PS Auditors"
set exclude disable
set color 20
set fabric-object disable
next
edit "Genetec_Inside_Group"
set type default
set category default
set uuid aa700f9a-3812-51ef-0b35-4e734284056a
set member "NVR-NOC" "NVR-FAILOVER" "NVR-RING1-CLAR" "NVR-RING1-CLAR2" "NVR-RING1-CORC" "NVR-RING1-CORC2" "NVR-RING2-DANF" "NVR-RING2-DANF2" "NVR-RING3-PSLA" "NVR-RING3-PSLA2" "NVR-RING4-BLOD" "NVR-RING4-FRAZ" "NVR-RING5-CENT" "NVR-RING6-EDSM" "NVR-RING6-HWSM" "NVR-RING6-HWSM2" "NVR-RING6-NOTT" "NVR-RING7-BELL" "NVR-RING7-GRAN" "NVR-RING7-GRAN2" "NVR-RING8-HENN" "NVR-RING8-HENN2" "NVR-RING8-HUNT" "Genetec-Dir" "Genetec-DirBU" "Genetec-Media" "Genetec-MRouter"
set comment "District NVRs and Genetec Servers for SPD Federation"
set color 2
set allow-routing enable
set fabric-object disable
next
edit "MS_Teams_External_Group"
set type default
set category default
set uuid aa735ca4-3812-51ef-7d47-0f749ac8c71e
set member "MS_Teams_External_A" "MS_Teams_External_B"
set comment ''
set exclude disable
set color 0
set fabric-object disable
next
edit "SchoolTool_AWS_Internal"
set type default
set category default
set uuid aa73bee2-3812-51ef-edf2-99e1febb065d
set member "DataTools" "ST_Internal_2"
set comment ''
set color 0
set allow-routing enable
set fabric-object disable
next
edit "SchoolTool_AWS_External"
set type default
set category default
set uuid aa742c2e-3812-51ef-0138-94244ea9e863
set member "ST_External_4" "ST_External_5" "ST_External_6" "ST_External_1" "ST_External_2" "ST_External_3"
set comment ''
set color 0
set allow-routing enable
set fabric-object disable
next
edit "HighStreet_Local"
set type default
set category default
set uuid 78ada470-9200-51ef-09f9-010e8400e8c6
set member "DataTools" "Nighttime_Inside"
set comment "Internal IPs for Highstreet Tunnel"
set exclude disable
set color 0
set fabric-object disable
next
edit "DPS_local"
set type default
set category default
set uuid 18747224-0031-51f0-ab1a-753462a66a8a
set member "DPS_local_subnet_1"
set comment "VPN: DPS (Created by VPN wizard)"
set color 0
set allow-routing enable
set fabric-object disable
next
edit "DPS_remote"
set type default
set category default
set uuid 1877201e-0031-51f0-c53a-c65db3b7cf04
set member "DPS_remote_subnet_1"
set comment "VPN: DPS (Created by VPN wizard)"
set color 0
set allow-routing enable
set fabric-object disable
next
edit "Nutanix_CVM"
set type default
set category default
set uuid 04b90a30-108d-51f0-5083-ae8f26a6df27
set member "Patty_CT_NOC_CVM" "Pigpen_CT_NOC_CVM" "RedBaron_CT_NOC_CVM" "Sally_CT_NOC_CVM" "Schroeder _CT_NOC_CVM"
set comment "Nutanix CVM"
set exclude disable
set color 0
set fabric-object disable
next
edit "Nutanix_Remote_Support"
set type default
set category default
set uuid 8af52872-108d-51f0-388f-2074e203d032
set member "Nutanix_Support1" "Nutanix_Support2"
set comment "Nutanix Remote Support Web addresses"
set exclude disable
set color 0
set fabric-object disable
next
edit "POS_Machines"
set type default
set category default
set uuid cd4af3b0-1f78-51f0-8c6f-c35b55c719b6
set member "Clary_POS" "ITC_Cafe_POS" "Porter_POS"
set comment "Point of Sale Machines"
set exclude disable
set color 0
set fabric-object disable
next
end
config firewall addrgrp6
end
config firewall wildcard-fqdn custom
edit "g-Adobe Login"
set uuid b5c2c426-7e12-51ec-c8c7-42a0753234df
set wildcard-fqdn "*.adobelogin.com"
set color 0
set comment ''
next
edit "g-Gotomeeting"
set uuid b5c2d1dc-7e12-51ec-0033-c7d538e5fdef
set wildcard-fqdn "*.gotomeeting.com"
set color 0
set comment ''
next
edit "g-Windows update 2"
set uuid b5c2d93e-7e12-51ec-1050-7b6ae64065ac
set wildcard-fqdn "*.windowsupdate.com"
set color 0
set comment ''
next
edit "g-adobe"
set uuid b5c2c30e-7e12-51ec-1da6-1db9bca6406e
set wildcard-fqdn "*.adobe.com"
set color 0
set comment ''
next
edit "g-android"
set uuid b5c2c520-7e12-51ec-66f1-404afb0dad1a
set wildcard-fqdn "*.android.com"
set color 0
set comment ''
next
edit "g-apple"
set uuid b5c2c61a-7e12-51ec-b2cc-2b03b1ad8ac0
set wildcard-fqdn "*.apple.com"
set color 0
set comment ''
next
edit "g-appstore"
set uuid b5c2c714-7e12-51ec-072f-a8d60b6da6c9
set wildcard-fqdn "*.appstore.com"
set color 0
set comment ''
next
edit "g-auth.gfx.ms"
set uuid b5c2c80e-7e12-51ec-3653-8016dcbc28a4
set wildcard-fqdn "*.auth.gfx.ms"
set color 0
set comment ''
next
edit "g-autoupdate.opera.com"
set uuid b5c2de52-7e12-51ec-9c10-927947a6ab3a
set wildcard-fqdn "*autoupdate.opera.com"
set color 0
set comment ''
next
edit "g-cdn-apple"
set uuid 4fcf159e-7cda-51ed-d7ef-7d1c0f82091c
set wildcard-fqdn "*.cdn-apple.com"
set color 0
set comment ''
next
edit "g-citrix"
set uuid b5c2c908-7e12-51ec-01b1-b38ce4989cbb
set wildcard-fqdn "*.citrixonline.com"
set color 0
set comment ''
next
edit "g-dropbox.com"
set uuid b5c2ca02-7e12-51ec-43dc-489077effa44
set wildcard-fqdn "*.dropbox.com"
set color 0
set comment ''
next
edit "g-eease"
set uuid b5c2cafc-7e12-51ec-0777-7e7243cc25fe
set wildcard-fqdn "*.eease.com"
set color 0
set comment ''
next
edit "g-firefox update server"
set uuid b5c2cbf6-7e12-51ec-d213-27b68033a384
set wildcard-fqdn "aus*.mozilla.org"
set color 0
set comment ''
next
edit "g-fortinet"
set uuid b5c2ccf0-7e12-51ec-0b36-46ab64c1ba89
set wildcard-fqdn "*.fortinet.com"
set color 0
set comment ''
next
edit "g-google-drive"
set uuid b5c2cee4-7e12-51ec-9ea0-220ca0ebde0f
set wildcard-fqdn "*drive.google.com"
set color 0
set comment ''
next
edit "g-google-play"
set uuid b5c2db46-7e12-51ec-efc3-be1c278ba621
set wildcard-fqdn "*play.google.com"
set color 0
set comment ''
next
edit "g-google-play2"
set uuid b5c2cfde-7e12-51ec-3f42-4089eb70f096
set wildcard-fqdn "*.ggpht.com"
set color 0
set comment ''
next
edit "g-google-play3"
set uuid b5c2d0d8-7e12-51ec-b5df-6cd900ac767d
set wildcard-fqdn "*.books.google.com"
set color 0
set comment ''
next
edit "g-googleapis.com"
set uuid b5c2cdea-7e12-51ec-c49f-497c9a8f0cc4
set wildcard-fqdn "*.googleapis.com"
set color 0
set comment ''
next
edit "g-icloud"
set uuid b5c2d344-7e12-51ec-c8c1-97b23449d39e
set wildcard-fqdn "*.icloud.com"
set color 0
set comment ''
next
edit "g-itunes"
set uuid b5c2d452-7e12-51ec-d0f4-1605cffaa5b0
set wildcard-fqdn "*itunes.apple.com"
set color 0
set comment ''
next
edit "g-live.com"
set uuid b5c2da42-7e12-51ec-980b-fefb8446bc74
set wildcard-fqdn "*.live.com"
set color 0
set comment ''
next
edit "g-microsoft"
set uuid b5c2d54c-7e12-51ec-66f6-895f67d8072d
set wildcard-fqdn "*.microsoft.com"
set color 0
set comment ''
next
edit "g-mzstatic-apple"
set uuid 4fcf1652-7cda-51ed-df9f-4d198b596ae5
set wildcard-fqdn "*.mzstatic.com"
set color 0
set comment ''
next
edit "g-skype"
set uuid b5c2d646-7e12-51ec-2218-dc4a982afb68
set wildcard-fqdn "*.messenger.live.com"
set color 0
set comment ''
next
edit "g-softwareupdate.vmware.com"
set uuid b5c2d740-7e12-51ec-15f8-f8ef25f4ea30
set wildcard-fqdn "*.softwareupdate.vmware.com"
set color 0
set comment ''
next
edit "g-swscan.apple.com"
set uuid b5c2dd44-7e12-51ec-5fa2-8d51ab678ea9
set wildcard-fqdn "*swscan.apple.com"
set color 0
set comment ''
next
edit "g-update.microsoft.com"
set uuid b5c2dc40-7e12-51ec-7df9-3371c69c0ffb
set wildcard-fqdn "*update.microsoft.com"
set color 0
set comment ''
next
edit "g-verisign"
set uuid b5c2d83a-7e12-51ec-e82e-ffa878b96855
set wildcard-fqdn "*.verisign.com"
set color 0
set comment ''
next
edit "YouTube"
set uuid 91c47920-ca34-51ec-0617-1271440b944a
set wildcard-fqdn "*youtube.com*"
set color 0
set comment ''
next
end
config firewall wildcard-fqdn group
end
config firewall service category
edit "General"
set comment "General services."
set fabric-object disable
next
edit "Web Access"
set comment "Web access."
set fabric-object disable
next
edit "File Access"
set comment "File access."
set fabric-object disable
next
edit "Email"
set comment "Email services."
set fabric-object disable
next
edit "Network Services"
set comment "Network services."
set fabric-object disable
next
edit "Authentication"
set comment "Authentication service."
set fabric-object disable
next
edit "Remote Access"
set comment "Remote access."
set fabric-object disable
next
edit "Tunneling"
set comment "Tunneling service."
set fabric-object disable
next
edit "VoIP, Messaging & Other Applications"
set comment "VoIP, messaging, and other applications."
set fabric-object disable
next
edit "Web Proxy"
set comment "Explicit web proxy."
set fabric-object disable
next
end
config firewall service custom
edit "DNS"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 53
set udp-portrange 53
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTP"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 80
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "HTTPS"
set proxy disable
set category "Web Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 443
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 143
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IMAPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 993
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DCE-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 135
set udp-portrange 135
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 110
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "POP3S"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 995
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SAMBA"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 139
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTP"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 25
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMTPS"
set proxy disable
set category "Email"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 465
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "KERBEROS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 88 464
set udp-portrange 88 464
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "LDAP_UDP"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 389
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SMB"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 445
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_GET"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FTP_PUT"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 21
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL"
set proxy disable
set category "General"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 0
next
edit "ALL_TCP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1-65535
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_UDP"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1-65535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "ALL_ICMP"
set proxy disable
set category "General"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "ALL_ICMP6"
set proxy disable
set category "General"
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
unset icmptype
next
edit "GRE"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 47
next
edit "AH"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 51
next
edit "ESP"
set proxy disable
set category "Tunneling"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 50
next
edit "AOL"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5190-5194
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "BGP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 179
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 67-68
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "FINGER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 79
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "GOPHER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 70
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "H323"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720 1503
set udp-portrange 1719
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IKE"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 500 4500
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Internet-Locator-Service"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IRC"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6660-6669
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "L2TP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1701
set udp-portrange 1701
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NetMeeting"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1720
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NFS"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111 2049
set udp-portrange 111 2049
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NNTP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 119
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NTP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 123
set udp-portrange 123
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "OSPF"
set proxy disable
set category "Network Services"
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 89
next
edit "PC-Anywhere"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5631
set udp-portrange 5632
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING"
set proxy disable
set category "Network Services"
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set icmptype 8
unset icmpcode
next
edit "TIMESTAMP"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 13
unset icmpcode
next
edit "INFO_REQUEST"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 15
unset icmpcode
next
edit "INFO_ADDRESS"
set proxy disable
set category ''
set protocol ICMP
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 17
unset icmpcode
next
edit "ONC-RPC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 111
set udp-portrange 111
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PPTP"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1723
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "QUAKE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 26000 27000 27910 27960
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RAUDIO"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 7070
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "REXEC"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 512
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RIP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 520
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RLOGIN"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 513:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RSH"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 514:512-1023
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SCCP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060
set udp-portrange 5060
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SIP-MSNmessenger"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1863
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SNMP"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 161-162
set udp-portrange 161-162
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SSH"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 22
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SYSLOG"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 514
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TALK"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 517-518
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TELNET"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 23
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TFTP"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 69
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MGCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 2427 2727
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UUCP"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 540
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VDOLIVE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7010
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WAIS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 210
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINFRAME"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1494 2598
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "X-WINDOWS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6000-6063
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "PING6"
set proxy disable
set category ''
set protocol ICMP6
set helper auto
set comment ''
set color 0
set visibility disable
set fabric-object disable
set icmptype 128
unset icmpcode
next
edit "MS-SQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433 1434
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MYSQL"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3306
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RDP"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "VNC"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5900
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "DHCP6"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 546 547
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SQUID"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3128
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SOCKS"
set proxy disable
set category "Tunneling"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1080
set udp-portrange 1080
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "WINS"
set proxy disable
set category "Remote Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1512
set udp-portrange 1512
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS"
set proxy disable
set category "Authentication"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1812 1813
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RADIUS-OLD"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1645 1646
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "CVSPSERVER"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2401
set udp-portrange 2401
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "AFS3"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7000-7009
set udp-portrange 7000-7009
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TRACEROUTE"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 33434-33535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "RTSP"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 554 7070 8554
set udp-portrange 554
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "MMS"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1755
set udp-portrange 1024-5000
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "NONE"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "webproxy"
set proxy enable
set category "Web Proxy"
set protocol ALL
set helper auto
set comment ''
set color 0
set visibility enable
set app-service-type disable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 0-65535:0-65535
next
edit "TCP-109"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 109
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-1433"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1433
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-15000-19999"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 15000-19999
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-1521"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1521
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-1859"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1859
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-1935"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 1935
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-20"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 20
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-2195"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2195
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-2196"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2196
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-2525"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 2525
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-3268"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3268
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-3269"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3269
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-3520"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 3520
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-389"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 389
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-49152-65535"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 49152-65535
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5001"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5001
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5060"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5060
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5061"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5061
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5120"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5120
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5122-5127"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5122-5127
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-587"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 587
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5901"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5901
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-5937"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5937
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-623"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 623
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-636"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 636
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-6502-6510"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 6502-6510
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-7578"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7578
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-7582"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 7582
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-8000"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 8000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-8080"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 8080
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-8082"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 8082
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-809"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 809
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-110"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 110
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-143"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 143
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-1433"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1433
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-25"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 25
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-2525"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 2525
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-3389"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 3389
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-3478"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 3478
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-443"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 443
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-465"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 465
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-50000-52399"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 50000-52399
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-5001"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 5001
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-587"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 587
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-60000-61799"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 60000-61799
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-623"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 623
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-80"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 80
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-993"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 993
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-995"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 995
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-SRC-1025-65535-DST-3544"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 3544:1025-65535
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "UDP-SRC-3544-DST-1025-65535"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 1025-65535:3544
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "IP-27"
set proxy disable
set category ''
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 27
next
edit "IP-4"
set proxy disable
set category ''
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 4
next
edit "IP-41"
set proxy disable
set category ''
set protocol IP
set helper auto
set comment ''
set color 0
set visibility enable
set fabric-object disable
set protocol-number 41
next
edit "Webosphere_Data"
set proxy disable
set category "File Access"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 41000-41500
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-9000-9100"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 9000-9100
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP_UDP-18443"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "VDI desktop"
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 18443
set udp-portrange 18443
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP-19000"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 19000
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP_UDP-8100"
set proxy disable
set category ''
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment ''
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 8100
set udp-portrange 8100
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP 5500"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "SPD Genetec Federation"
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5500
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "TCP 4502"
set proxy disable
set category "General"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "SPD Genetec Federation"
set color 2
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 4502
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Genetec Federation"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "SPD Genetec Federation"
set color 2
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
set tcp-portrange 5500 4502 554 560 960 5004
unset udp-portrange
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "SBC-UDP-Range"
set proxy disable
set category "Network Services"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "For SBC"
set color 0
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn ''
unset tcp-portrange
set udp-portrange 3478-3481
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
edit "Zoom UDP Ports"
set proxy disable
set category "VoIP, Messaging & Other Applications"
set protocol TCP/UDP/SCTP
set helper auto
set check-reset-range default
set comment "Firewall rules for Zoom Phone"
set color 2
set visibility enable
set fabric-object disable
set iprange 0.0.0.0
set fqdn "static.zdassets.com"
unset tcp-portrange
set udp-portrange 20000-64000:390 20000-64000:5091 49152-65535:8801-8810 49152-65535:3478 49152-65535:3479
unset sctp-portrange
set tcp-halfclose-timer 0
set tcp-halfopen-timer 0
set tcp-timewait-timer 0
set tcp-rst-timer 0
set udp-idle-timer 0
set session-ttl 0
next
end
config firewall service group
edit "Email Access"
set proxy disable
set member "DNS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Web Access"
set proxy disable
set member "DNS" "HTTP" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Windows AD"
set proxy disable
set member "DCE-RPC" "DNS" "KERBEROS" "LDAP" "LDAP_UDP" "SAMBA" "SMB"
set comment ''
set color 0
set fabric-object disable
next
edit "Exchange Server"
set proxy disable
set member "DCE-RPC" "DNS" "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_3520_2"
set proxy disable
set member "TCP-3520"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_5120_3"
set proxy disable
set member "TCP-5120"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_5122_5127_4"
set proxy disable
set member "TCP-5122-5127"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_5900_5"
set proxy disable
set member "VNC"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_5901_6"
set proxy disable
set member "TCP-5901"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_623_7"
set proxy disable
set member "TCP-623"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_7578_8"
set proxy disable
set member "TCP-7578"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_7582_9"
set proxy disable
set member "TCP-7582"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_www_10"
set proxy disable
set member "HTTP"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-Mobility_tcp_8080_2"
set proxy disable
set member "TCP-8080"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-Mobility_tcp_993_3"
set proxy disable
set member "IMAPS"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper_UDP_4500"
set proxy disable
set member "IKE"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper_UDP_500"
set proxy disable
set member "IKE"
set comment ''
set color 0
set fabric-object disable
next
edit "Day-Server_tcp_6502_6510_2"
set proxy disable
set member "TCP-6502-6510"
set comment ''
set color 0
set fabric-object disable
next
edit "Oracle-SQL_tcp_sqlnet_2"
set proxy disable
set member "TCP-1521"
set comment ''
set color 0
set fabric-object disable
next
edit "POP-2"
set proxy disable
set member "TCP-109"
set comment ''
set color 0
set fabric-object disable
next
edit "POP-3"
set proxy disable
set member "POP3"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports_tcp_https_11"
set proxy disable
set member "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-MGMT-Ports_tcp_https_2"
set proxy disable
set member "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-MGMT-Ports_tcp_ssh_3"
set proxy disable
set member "SSH"
set comment ''
set color 0
set fabric-object disable
next
edit "ContentKeeper-Mobility_tcp_https_4"
set proxy disable
set member "HTTPS"
set comment ''
set color 0
set fabric-object disable
next
edit "Airwatch_Services_Group"
set proxy disable
set member "HTTP" "HTTPS" "Internet-Locator-Service" "SMTP" "SMTPS" "TCP-1433" "TCP-2195" "TCP-2196" "TCP-3268" "TCP-3269" "TCP-636"
set comment "Air watch service group"
set color 0
set fabric-object disable
next
edit "ContentKeeper-IPMI-Ports"
set proxy disable
set member "ContentKeeper-IPMI-Ports_tcp_3520_2" "ContentKeeper-IPMI-Ports_tcp_5120_3" "ContentKeeper-IPMI-Ports_tcp_5122_5127_4" "ContentKeeper-IPMI-Ports_tcp_5900_5" "ContentKeeper-IPMI-Ports_tcp_5901_6" "ContentKeeper-IPMI-Ports_tcp_623_7" "ContentKeeper-IPMI-Ports_tcp_7578_8" "ContentKeeper-IPMI-Ports_tcp_7582_9" "ContentKeeper-IPMI-Ports_tcp_www_10" "ContentKeeper-IPMI-Ports_tcp_https_11"
set comment "Content Keeper IPMI Ports"
set color 0
set fabric-object disable
next
edit "Email_Services_Group"
set proxy disable
set member "HTTP" "HTTPS" "IMAP" "IMAPS" "POP3" "POP3S" "SMTP" "SMTPS" "TCP-2525" "TCP-587" "UDP-110" "UDP-143" "UDP-25" "UDP-2525" "UDP-465" "UDP-587" "UDP-993" "UDP-995"
set comment ''
set color 0
set fabric-object disable
next
edit "CK_Mobile_Services_Group"
set proxy disable
set member "HTTPS" "IMAPS" "TCP-8080" "IKE"
set comment ''
set color 19
set fabric-object disable
next
edit "CK_Support_Services_Group"
set proxy disable
set member "HTTP" "HTTPS" "SSH" "TCP-3520" "TCP-5120" "TCP-5122-5127" "TCP-5901" "TCP-623" "TCP-7578" "TCP-7582" "VNC"
set comment ''
set color 19
set fabric-object disable
next
end
config firewall internet-service-group
edit "Microsoft_ISDB_Both"
set comment ''
set direction both
set member "Microsoft-Azure" "Microsoft-Azure.AD" "Microsoft-Azure.Data.Factory" "Microsoft-Azure.Monitor" "Microsoft-Azure.Power.BI" "Microsoft-Azure.SQL" "Microsoft-Azure.Virtual.Desktop" "Microsoft-Dynamics" "Microsoft-Office365.Published" "Microsoft-Office365.Published.Allow" "Microsoft-Office365.Published.Optimize" "Microsoft-Office365.Published.USGOV" "Microsoft-Outlook" "Microsoft-Skype_Teams" "Microsoft-Teams.Published.Worldwide.Allow" "Microsoft-Teams.Published.Worldwide.Optimize" "Microsoft-WNS"
next
edit "Microsoft_ISDB_Destination"
set comment ''
set direction destination
set member "Microsoft-DNS" "Microsoft-FTP" "Microsoft-ICMP" "Microsoft-Inbound_Email" "Microsoft-Intune" "Microsoft-Microsoft.Update" "Microsoft-NetBIOS.Name.Service" "Microsoft-NetBIOS.Session.Service" "Microsoft-NTP" "Microsoft-Office365" "Microsoft-Other" "Microsoft-Outbound_Email" "Microsoft-RTMP" "Microsoft-SSH" "Microsoft-Web"
next
end
config firewall internet-service-extension
end
config firewall internet-service-custom
end
config firewall internet-service-custom-group
end
config system external-resource
end
config vpn certificate ca
end
config vpn certificate remote
edit "REMOTE_Cert_2"
set remote "-----BEGIN CERTIFICATE-----
MIIC8DCCAdigAwIBAgIQV7cBJRgkyKtNQWP0X4bEgTANBgkqhkiG9w0BAQsFADA0
MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZp
Y2F0ZTAeFw0yNDAyMDkxNzI4NDdaFw0yNzAyMDkxNzI4NDdaMDQxMjAwBgNVBAMT
KU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wZ6Ksep4BC7Yn1/Rhwh5qAKVgg3
cZew/4sqvDhu0uyUq7+9+P6Q69ZbB3FNcAQy7E1sknsR0xmLJnHcGjPm3v+tkEqN
4s9TR7WJObdvwyJDUxDq5gAfb0AifvBegyCVVDFwtOXaEkPrZNKDtIOPg0/yIXQx
v21m0cY7hwKF0QQ+gq5qWD93C8qoC6dSj4V/Os1AweORsB/6l7Hrb1i0PP5evtDT
2QYMYORRG55sdwmmvy+H/qwuArH/2FWVUJ37B3EdWn+tXldijK7QYJyyvUtWhwXm
7j7MnguDsIACNoyneB+PWzzH0XmaAI2YABkVqK6+4NzZac6CDjlvPLxvQQIDAQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAITRfPbWnIVPbdwOXZzI6y1EsvwZYQcE5Qcx5l
1+DCQBNmRqpYxCdLDSyt6YicD6PMFV3H4kNk7v3UmE4Cmkgg2r6G84F6StqpHLSP
A8rIMmLoqroxsKbe0jDkUpWzTyynZG4ZJfRsd7ayMi9T90Twa4o2xFRsF6E4BFh4
yfCKuss3AHbIXndlQf18Sge6AH171C3yUX39+hMH4OfTJkJ+H0xQ6tw+AfWG3DBG
+Hgj/pk6puKbnQXfjigBdlqYklwIwbxs0AjPty4Mm+9N06zf2vXDjypSD1AiIW6E
rN9aZiizMJXvJ5rIXOJlhJJjj+nD2lOkIaw2NSjtSkZSs/fP
-----END CERTIFICATE-----"
set range vdom
set source user
next
end
config vpn certificate local
edit "Fortinet_CA_SSL"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_CA_Untrusted"
set comments "This is the default CA certificate the SSL Inspection will use when generating new server certificates."
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_RSA4096"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA1024"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_DSA2048"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA256"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA384"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ECDSA521"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED25519"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Fortinet_SSL_ED448"
set comments "This certificate is embedded in the hardware at the factory and is unique to this unit. "
unset private-key
unset certificate
set range global
set source factory
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "Star Cert Expire 4-24"
set password ENC YJs/oQKVMcGBPY+6f6Er9JB6O/Y3StNpN+7RNyG9SLzwCIREuw2n9gUyWYMCL3TMNHPVsz6ra7XCZWZzTJNKQly8qnh6/2NXjswt0ADdXhhuiPP2fvDG6+b6eLjGGv/0NatcfVeBBGzcCDpB6ELxQqgfMLvxlpkUum4vGVSpZIX3LebQOuGNOwVDaT08n7LO4ow6jQ==
set comments ''
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI1ADRyf0mn6MCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHep5aYeGg2qBIIEyJss+VGI9fab
GXfYkRhYis5+Bb6qDjU2sylCENby2UbwoNX9ACIkZPXShnBae96I0aYnWAVZz6zg
eC8xTh2HBX20vTg4smsqG7Trifuok6BcNa52BHR0QCHmm3gf8JMqZgVT3cYZFiAX
mFdwkt3ISRqtKBkqFd1bauz/J1ADRL+NptllvI/TKjo0fEp0M3PcYLp6G4j5rG+3
oJd48xoq8bcEAUv73WRcKDo5L5GRJK46Tqjk8O9RE78Z9790bRrI9jwRE88BsBrz
LwPF/o49l+jXWCUZhm73nypzDZV//kzXBnY5ji0cL+PSPqW3CWhDb9aXDM+hdPUM
WIp44ESgDfa0avKrp94cT7gqek14WLQxr+IOQRDU4WNUjkRvxStJPSnGvw/BMGR7
kxFjkP8rqxDbFCpszidJywr9j+yH4od/BYPgJRsjfNJmckE71uIg83LB+2uEnqKw
ckoaT9qJnOH9R+OEMqXPfnZwJct9jmlXuuSRVWjHCILnkAN6BuKCT44PLrO4VOc/
u9gHB0449nxJFFXMLOLfjDHElxgyWankhMOFVXE3l+V+ig3Izl1pamhwNfguhz00
yw7ds3w15BazrCemdCcIvEEqmDSnMvSXTuKoq/qSYgjvcYOAtS2zf1YmRBATBPR2
Z4yDiSshHgIQ/nN9BwvGRQSFafEPWC4z/89hyjVZ5xbgU7NeY3V5EjXY/srW/iut
dDkikmvuNbjDeG/D/kLuSbbkzUHFJ9qLe+Auag58EmguicoFIfaeCAY82qWpHVxH
cqnvXHFdmKVWWY2PA/ToN/r7Xw5/NgVxgD+u6Qk+w2hpnyweeL1sym8Qasd/U6ql
42HctiqzVZ3BEOMw4sJbkkdiGYzrop6oU741dq38c2riibHBwN39MjyrErIUvidt
tCUZa2m+wgVA7i2hXZAdXAt38ISrrhi4q18+fIv5udx87P9J2zzALRGdIyByKrTV
zvW2ll4WPxgVTkBaCmZgAAf0QAXW6IeuWIKsWhA6mYWVyJXvU9GcFqZtP+7Wq5J7
9RzIXQ705LAbbwVIfiQyds7kPqbhanbJgSxxFUSY8t3nyoxRWKkZFq3KpsOGOlCX
9K+GB+vVnqPvCPc8uaeXpm+batwklgdVqYv8Ak3IBLOz63ZS4IV/bKJPm5uH66TQ
7RL5vUJkLTSQSngA9jHZRAC3+JpPrKEw8NfU/p7F1gstuUPRWF9sJkym6wVmqnPJ
iFqT8A858hYNc15tgTEUDGD+DXsGRxxXo9tVNay/TSNC+hyPRCLFh958o3/0VOmc
VqKJ4Qbhv8fxIx5ImlnD8H8asyb8UdfmOKDwZLv5xEzwvNmLBA60OMJ2VRPEPgGv
5YRowHZw+ccdFBGBuBjk1j6qvGd1kUydp7B/og6ZUF/IdVCwleko0+BWndKpmoC3
cMvfvp4QcPaAm6Hcm6kZzSgrVK2wS5EaF96RNHCwI8gKBTsDU1lDaMIuAvXcfBtJ
/pGQHTvl+OIg02gcxia0vjgyWQ+590qCRM1FwYDWSuuU8mziz+Luqz9bBu5Kyf0/
6+vXGpYGUzGS8dV4pVG1MQmVpCABz+mDiTCn+8m5RTyb76sffbKkN8u/RbOshzOm
cVowKhN/KIoUbz4pdJbJ+g==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIG3jCCBcagAwIBAgIQBkygNqmaAydvr/1eZIzsFjANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMw
MzIyMDAwMDAwWhcNMjQwNDAyMjM1OTU5WjBvMQswCQYDVQQGEwJVUzERMA8GA1UE
CBMITmV3IFlvcmsxETAPBgNVBAcTCFN5cmFjdXNlMSYwJAYDVQQKEx1TeXJhY3Vz
ZSBDaXR5IFNjaG9vbCBEaXN0cmljdDESMBAGA1UEAwwJKi5zY3NkLnVzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyzN6qnwFYTN5h7unveT3vCYHcbn
yrovwH1MYGNS8l/C6UOpU43UojHSzdklCRzhQWMzwrJqbGHhKUgCugDDJ6TUGsWO
KMox7/+xqhWYiAxex+sLfadUig6JgLZEvJQOFT8HQP0FNxwgHIzy7LFOXUEQRt1n
JO049X+yZg11FE4kGzKZQSzPuJy/KIh55tig+sMo51e37YpK9qnx/x7MsGjwXvGK
JGifG6VSJOviut+uVNxSuefXAYAHLxTZ4LQ5nVzjIOlPQoxZgxfZkj6dplQLXDE0
whXK7TaPGL6WSmaEGIg5C2mIxMPymaISghuQIINGQsywKqMClEhR8V3eMwIDAQAB
o4IDijCCA4YwHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0O
BBYEFPeSzw2sCNFgYQPercSi9KIznqgdMB0GA1UdEQQWMBSCCSouc2NzZC51c4IH
c2NzZC51czAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMIGfBgNVHR8EgZcwgZQwSKBGoESGQmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
LmNvbS9EaWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDBI
oEagRIZCaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJU
TFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkw
JwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBhwYIKwYB
BQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
UQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAJBgNVHRMEAjAAMIIB
fQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDuzdBk1dsazsVct520zROiModGfLzs
3sNRSFlGcR+1mwAAAYcJ3nn5AAAEAwBGMEQCIH55K36zsYtpJs1YQkdxFXRTWpDC
NABjpEHQtvEL2KG9AiAgaDXY/QuJTUuJ9xtV5u8YiK04wPO6v1wM+oPkm/hEFwB1
AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABhwneekgAAAQDAEYw
RAIgVL4VSfUWqo8Qf/c6Z+Wit4TDCQ7cB94A3lJkqBsPGd8CIBlvUZ1XAfClnh/C
wjKDK0fafVOb3H89G8iI2TLO8C8JAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB
2bu/qznYhHMAAAGHCd56HAAABAMASDBGAiEAvp1Q11dD5sKNIsk2Uy6M3o4Kpxg2
XZcwh6fnbcI7rOICIQC27p7LOeQjP+n3EwRp5hi+zfP5x/v79psDqUJCqnzpnjAN
BgkqhkiG9w0BAQsFAAOCAQEAl/4QUf47tVSZONXQcGl0CJY4eU1IIxKAAE5XS1nr
fvDgBcI2rFG4Jn43ghzkbmSPw22RBucXd6qgfJICg/WTQ1EsGunwejP2GdfZ/ITa
3GDyrqdMkSpPFZS9CeXHcwFHi1K2UHrq5ghD6aKvX4dtJIFTWWFOaJrb+g9qyJy9
sMhFRziGc36r1lRGNx2HiBvq1hqIELbO5uooHIEUq6eZVUknk/zX3vH9vhJdguzQ
BNwP6wAdtj1tPBmjFV3qMjrZtgPyl+p1r4WCqyml6j8P5mUlWgtsCLo4oId++lL+
UrU6RSClqgz4I6f0rJZ21YK2JWlVSRuJoCVOpezPzqqP3g==
-----END CERTIFICATE-----"
set range vdom
set source user
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "StartCert-Expire042025"
set password ENC pvj0HM3i73tJ5wnxetLS0T9umAv1Ofl3Lf+amZeziPKKGWjOw15celuK8qaWnc0ToJw/qkUYJ6BMXy4ITUlsiAUdOZRnSSItsnbVRemyOko0w4EBXhwXX/9Un9d/GoTbv8UbvBSR3PiZ+e0Zkvd/eKZNB0IA8AhrHOb3PouCjnmDTuhvbs2k35bVfjOa2DmWqWVrwg==
set comments ''
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI0Cphpabjgl8CAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNvUw+brcAxIBIIEyPpJlqMsUNp/
cG1PvyzPAiqL/7SIIfQ5VPis/pejLoFAmBOZKq8feNRFCozr/uP+xRJdv3SDzzGu
loLoRVuXpqHuAxL4snS7H4engkrfUaMgnI0VOQeZMpW9epWBgLy0HoCMW5UUmISL
dIRAKOx8jl7yX30s0rcG3y1/KEOBFlHJwpokVNliA3KawSmECfi27jlYm2jDfyOm
XJ5LGeoUE5FzI7vMRG73Z45yKjn0QHh9L+gPAvk99SNnzx9BZX1iuSGIQil9oAgZ
AcK5UazBPcV92wZvaOiTLGmVef9a45X4N0tiEOV4JGLOuGrP1cH63YmjQ4GEGyUj
1ETa4Rf1E0JoLP1woYMVq7mXY+f3Iv2nlsqXm0/Dde9JFZ3imvExOlmA8K9ifYCD
YoivQzFCyFklGX0TkzAhuCnqvq6Fhv40uIGXKckRRv5dqD+xWqIXPNvzxewZC6Qa
q4HH0FGwAmpBUYh8pKP5KqsA0EsnsOkbEEoiwtC9F1tSH08BzkUQvzj1bx8CMeas
tiED16maGTh95ciYCNmoV4YxqmBZ2PPsE6LPE5wYNg9DkqdD5yOCL1rpiKCt19xB
qcHe4cLt5CaZiXOqIvk+Jo3HaXX2p0cWaDzMrgonXOSeeu7No2y9uniAQeeLzCC3
CYUVKyv7p8xp0dHiQmhZ/VwxqgOMEL4E87QDTpHFQ2b9oU7+Bj9wGkEgsOgTjDJQ
P3QalCcu8UQOtLnSUYMwtis+xqXcmf8jd+U+dLxgfl0osv3TSEkVNsP5HGkllnFc
GWPutpcTRKQ+dkRhaoc+HoD2FqjTvOnQEgsIWxGItIAFcH9numRtYklwTviNudWg
DplRvHZDwkx/UrCmoJG+xme5yq+H/UUFtHN1kGenQKdc5B7PvdHnGAlPVPcZeQOT
PkAYwvTxWBDIOIGrlAtyoolHEhwys2O3QFGYtkHnaWUFArdtFEC2NOfZVOP5JqrT
HdCJLcQYJF7Mci3aqwP4WnnDzNrAVkgX/MwzpHEI8G7DN2c5P0COtbaFAClE4nXt
1kQsCOkHj2/avcPnYhecAc9fgoZ1Q1Q1+CunV124rLmzXujAbSM9EFsOKOC1+Qkr
x6MGrE1yI1uLoHFa8dHf1xOvjl43dSjW/8T5SRCF9uj4G1jDfsKVaHeBWpnNgANA
a0cK+TV+yYEGlnWWgf3f8Iej76UVVUvsFcdtstNtLHdAZkODJdh5Sh9FvP3KRrJS
UJ1tDtsGzUYSeGCjLQN7EzsM8vWSNhBeDZOWI5HPAQuhyUsCrXfT6oSaGu3tRQaL
3DWizzc/ZClqd+UmoOQ1zFp2YhVLTKx7NO8aQ+FNAP5lQpFSLHiOnVeVzD6ZISI4
i+6mzF6UdsXueY9WYRcxmmHmenTuWgGEIju8XB57JoCmuC9QeEuyrBQgmpexSAzN
DDJjJbDfO051IS5BNRTVoh+WP+XCAzrb+F9CaocXGScVPD0GYQ/4J5mHCX/U1e08
TCqfaHxJDaatQy1PoHzqfUVR+0Px9GywXtEUMOWy5nwZGO0qn5sKPwr+RPaTeBb5
wFo4LXgz2Mc5CUj42QJoOqqrbv+zUSAcywLzVBro+RXeIQXNhJU/S3nGw0uM0kc+
jKHiEWTRxiK/NMCnECCWEw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIG4jCCBcqgAwIBAgIQDzJ753SaEbPwC2TYhqhgzzANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjQw
NDAxMDAwMDAwWhcNMjUwNDA0MjM1OTU5WjBvMQswCQYDVQQGEwJVUzERMA8GA1UE
CBMITmV3IFlvcmsxETAPBgNVBAcTCFN5cmFjdXNlMSYwJAYDVQQKEx1TeXJhY3Vz
ZSBDaXR5IFNjaG9vbCBEaXN0cmljdDESMBAGA1UEAwwJKi5zY3NkLnVzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+HVfutRSccIQwsqEE+s02bTscFy
flgp/jvqOX+Kgv8SK60K+nRXFNl82cC0HXBYUPSCTtvmXj/mTVew4eX+zGFXTUxk
3rCIWByTKh4bFQb7uVk0TpqT3RKCnQ3YWdKGYrM4FkxVx4royioW3IFKVKqeowS5
BQvl3u2xtw4+VJ9TwDXR7tiiCEHGor8Y2P3DOEs4MqrhRLjeCFCMp6mF/mTkp7d6
JIwvtYTkZ6YrbdZ58MHFzzwZRt5NPxlWg7xyi0lmiCnw2RcEA3r9mmMHcCQrC7id
3GAdTjaJ81mHnxY2b8yiysaHjaO1MTeDAWRc1XupSOghXunmJk6v1LShFwIDAQAB
o4IDjjCCA4owHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0O
BBYEFJQQH8YDCXs0QPOtYp9lE6BCT0wJMB0GA1UdEQQWMBSCCSouc2NzZC51c4IH
c2NzZC51czA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRw
Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRw
Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1
NjIwMjBDQTEtMS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9E
aWdpQ2VydEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYB
BQUHAQEEezB5MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
UQYIKwYBBQUHMAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
dEdsb2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAA
MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwBOdaMnXJoQwzhbbNTfP1LrHfDg
jhuNacCx+mSxYpo53wAAAY6XVFePAAAEAwBIMEYCIQCc+xSNwzXetTtvOPCJx1JU
M4iWpsp0DLtg1rlvqrD08AIhANTznGg0ThlDqySyPljqziQR6dT1dsZSpxX8l63+
EnPhAHUAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGOl1RX0AAA
BAMARjBEAiBXdIyvEB6QMac+52GoUnsasIezhpaptfUF3whQz+ZAKQIgEI0Ac3mb
3SnXTJ9mgrIGnCORMntNEeuIP5Usr2VzNdIAdgDm0jFjQHeMwRBBBtdxuc7B0kD2
loSG+7qHMh39HjeOUAAAAY6XVFfeAAAEAwBHMEUCIQCSw1D2KKcbgN5JBvbSUUNH
k405DDKKSCiikV8iDVsQRgIgaKA4XiJwS4ANGdRCb59DvO3W+tE5gbJqpJ+GM5tm
ZwAwDQYJKoZIhvcNAQELBQADggEBACCmDXWJXOO/W2p3mLeKh3ASS7HjXoSrxrrC
DhpPeYLY6IeOgZ/YswemPl3zXhNwKzD9dDgagnShy+DvnIdCHxKZV05q50OmADFl
0LMh83Y46QJiJ15m1kL5vQM/gGlc4ZpN9PfOJQaotaLNYfVIatW+1gpr8yUCreIO
SOlFKpjC5EsU/mMZsFxN7d2k1IUpNjlimSShkVYcZhJUG5lKBs9R7sSSvIeA6CHW
YkZwsmfv+q3EI9HX4ULuOFo0GfXjdbUR4kRE2EoLk+0prTGuR4pVQI0psfBbaj3K
5yKXZASmPsxLukdMfZH90zyej7K2KPnPza/P2PubGx7U0snfo7Q=
-----END CERTIFICATE-----"
set range vdom
set source user
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
edit "StarCert-Expire03202026"
set password ENC goF9gdO2sKzCztpb8F1xt6WKHVtUCl/s61QOPZW1/Qht7FFynU5X/0+/zEyHksGMwBl9AgF5PDrNXsBeDe/lsJDaq3icsZ/pIWD8+MWR3AG49HRmasN56rwvcXUMNyK0i4U6WWRE4ofB+W63G6KNvW/gSAsYJKSuWGbK57xyxIeZepb6bjUAkNUJgnfhHTt5Ye7IVQ==
set comments ''
set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQInDBkEw6MI/QCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPSxL5hV/T4zBIIEyHTk6a3M1W+a
uJiYl1Ln13cI+0Ug9q65pExS0kdxX+vD7uas6rvZsUZzW/w5FGM5yXhfrxgqX3oh
gUaf4F/EEeAvbAJEbMipp+n1qXF7SQhmqg4zs3vzyfFeiAyxFdZeESFsZWSQxIN8
N4L+F/CmFCr5+yyEC/wPQJq08s+KW/soC5PDP166kLSIxL8ALdVCRWaqPZ0WI/Al
mVLiA8vYpYNDuP3u1BMML6qw83ir1HrhXcupuGTxF80Yg36+jlgyYyeCBgvqWqun
BYiO6NpriIvDMNcXmr/Xz201u6coYRydUNFJJK+xyGcbtdfR50axHh/BFsTju5SN
hApwEhL6b/K62wnoKovDUyeEvktkporETpqGddddT2k5NfTG+wjXZTpoO7yo3sMw
rhI2QeoN9P4ezdSvVWsn8qpX2Vnx/Sj3lXKYOwfhFvwXn+ZOcorGWDi/k2sZ6T6j
8NVe8+WPWkBkMm5kuKss73R3tXHC7JO5q2q2RxEP6UY+Lcio0IBMQTAiaESm/cai
s7tHGzaskJnsb/Wxl0/tQgjzaweWVk25wYETXPuXozNKrU2s95hoCzjjcJYyfk4g
RQ+eO04zg+IPZBIh1pgGlYdzM4MvRUOUOy2HLuVz7c4gdYAltd2rhtPnJ0pFrzso
kirXUdIHQVeQaPR/B6IDg7o32xkl3v/VAUZzcFg144RXXPc1tlSHzVfrDDRnkaXg
PVQ87s8QcFhwugtvza6B4JODKK8WLmpx0BrJr6EadAeFHPhf54n3DgxzyhM2b0v1
1N3kDY81akp6igHv95EWMwANqrtAYWzjabra/kx2Q1luJsTU7UgyeaYlA3k0X/2S
JOWZf/PLmJ4BQTN+pGAAsiqzz/6s8EyIjSOqdqILGCDsmScAUDeZQRb0jGMixQlf
MGQ7H0I0PUvYqJ5fDcaEbqu4lkrsmqW/pWbJJXc48a0aev+nldHYWe+/Swap6TSD
MEbjhKwUyhS9oRPaT5cyPxrTR1+5Z5LFn96Md8+tm2hYRBWjwItxRU5FNa3T9jVD
8XD3/+lGQJQBewfMPSEb6icjEFPeKx/pwoUMuCdSgzzJdcqFBJ5dtQ7Pne5Zvmgg
M3M9ObQ/+r7s30xzQhZZYMk0ka8hEqvpQD4TJruo+QMtybuMThZuJmaB+UZhzCs7
ztchXu/sQzDgYIQtQJMOqD/9J9yvn65fgphKaoafM3hP8DgQ9awdL6YAB5Mmf1q4
BJE6hir4/8dbSZEpdEodb3DJ5SU2yjRhr/TJmUYUhrv4iOd4NENCdoO4oBntOkS7
hve8lprXDSBbZF/3c48/rNIERioH50d7fklPjTco4DbxwZYSShNJ9aZBi8aNc7Yl
t7ECpwK8RcOHNqR75f1JmpEL3k1rNMBS4DwbuKyjUHxMcCSQY0LQHMd2gnGqGFcw
k2I6PdGbRbG1Kx6CKhaJbfdnH6WojCbUjTrw+/dPjNp6SVyoZaA1/1InXIiGLtJF
vwRyPirLJsVFvg3YapmMsKVaJi4Eh+U8C1T4Cxxp32D4hSnTEDsgHm/ThMeyLCzd
1b57e1iy1r+6lCtlCqdOS8QZg72+SfUhiuLtNxBHxjEKgriS2ZXCzSlnSmNx6mfX
5/3NfdyRBAt7pPDAqABVKw==
-----END ENCRYPTED PRIVATE KEY-----"
set certificate "-----BEGIN CERTIFICATE-----
MIIG2jCCBcKgAwIBAgIQBEdfHQ5i8A9R/h7gVSxl4zANBgkqhkiG9w0BAQsFADBZ
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE
aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjUw
MzIxMDAwMDAwWhcNMjYwMzIwMjM1OTU5WjBvMQswCQYDVQQGEwJVUzERMA8GA1UE
CBMITmV3IFlvcmsxETAPBgNVBAcTCFN5cmFjdXNlMSYwJAYDVQQKEx1TeXJhY3Vz
ZSBDaXR5IFNjaG9vbCBEaXN0cmljdDESMBAGA1UEAwwJKi5zY3NkLnVzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4dcPhj5rvQaIBSxUDzBr8KxwKw7
8EDAmOM6q9e7qo5IKWFigoYYuhp7yGVzxL7MKeHQM4Lj7wCApZJgTPynvW6tj7Tk
hMAfdYELB1KE9pOJnZsVipuS+bRRc3bGBMW47HFggNKu30oiIsaRY0lBVu6/R01B
TmSG8+Nvq8S4+RqsGLmp3H6L4JqMvnCoMl6jeVTUkEJziAp0aHVr8+BFszpmavUo
jA7epe8kofY9o5bxhKsZus18rYoAgV4MPhk6f6NCWowyMYABa9ciBtmxGhxFCnju
3ED68exn2q7nJSA7Rx/DixYfvwwjxTKHhxlDbojw+6LCJQKN8knvFOFyVwIDAQAB
o4IDhjCCA4IwHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oDHb7tzRcwHQYDVR0O
BBYEFDjz+efeVgFKxI6a15vnMMte60znMBQGA1UdEQQNMAuCCSouc2NzZC51czA+
BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRp
Z2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5k
aWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEt
MS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEds
b2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUHAQEEezB5
MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUH
MAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcy
VExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYB
BAHWeQIEAgSCAW8EggFrAWkAdQAOV5S8866pPjMbLJkHs/eQ35vCPXEyJd0hqSWs
YcVOIQAAAZW5bcSoAAAEAwBGMEQCICyM3piBJwJgAawHNzKV/ZXrnoe0AdAeD7t6
BSCaTIuVAiBIDIkZ95sMOPdzP+VUA3umHGkqn2jMcV6gvISSHcyqEQB3AGQRxGyk
EuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAABlbltxN0AAAQDAEgwRgIhAJyk
XDU85LqooegQSH2tu2sfKNOcsYgAy1aD8sKfsRvAAiEA92hsc8WYijQAALbtJ9DM
pe4XjMHj9CrzeFKSL2+GcpMAdwDLOPcViXyEoURfW8Hd+8lu8ppZzUcKaQWFsMsU
wxRY5wAAAZW5bcTvAAAEAwBIMEYCIQDDMPALNiQLIxhh/Uid+0jyWIsZmTCuoH9R
C1TVojs5QgIhAJsvEygigzHRdQSsNwYs2LApdFaGkbiAfrRvrC15Nbu3MA0GCSqG
SIb3DQEBCwUAA4IBAQCa8zDuxeUlkvxq1/8WNSGBP18Q9p6JkoyW1tLb209Bqsnk
a8LpTQRWy6GfnM8Fgn5P6d/JjxtdXgVfAWoQi95mc/PL9RrhQsf43UWfMQXQyk/j
d0Y6AreSLGHaNYh7NRogZQ1WhAJtyPYR2BkSve2LqywBcLvfWWdqoJsmsJ/TnIdX
QjZlInO1DdZocw2hWK7ahE5DDV5JIiUqCYKUdUce66tvnhiiS7QRsm8ZMo3HePTl
glOKnVPlyTcEMuj9RZ3Iyl0qC1BkprUkasqWXwWJN1kZzEFkGMA1jqeRPeu1XVjF
QgYEdGedMPX6WOCfiCmU2q5BfcjO9j58XC9iQYyI
-----END CERTIFICATE-----"
set range vdom
set source user
set source-ip 0.0.0.0
set ike-localid-type asn1dn
set enroll-protocol none
next
end
config vpn certificate crl
end
config vpn certificate ocsp-server
end
config vpn certificate setting
set ocsp-status disable
set ocsp-option server
set ocsp-default-server ''
set interface-select-method auto
set check-ca-cert enable
set check-ca-chain disable
set subject-match substring
set subject-set subset
set cn-match substring
set cn-allow-multi enable
config crl-verification
set expiry ignore
set leaf-crl-absence ignore
set chain-crl-absence ignore
end
set strict-ocsp-check disable
set ssl-min-proto-version default
set cmp-save-extra-certs disable
set cmp-key-usage-checking enable
set certname-rsa1024 "Fortinet_SSL_RSA1024"
set certname-rsa2048 "Fortinet_SSL_RSA2048"
set certname-rsa4096 "Fortinet_SSL_RSA4096"
set certname-dsa1024 "Fortinet_SSL_DSA1024"
set certname-dsa2048 "Fortinet_SSL_DSA2048"
set certname-ecdsa256 "Fortinet_SSL_ECDSA256"
set certname-ecdsa384 "Fortinet_SSL_ECDSA384"
set certname-ecdsa521 "Fortinet_SSL_ECDSA521"
set certname-ed25519 "Fortinet_SSL_ED25519"
set certname-ed448 "Fortinet_SSL_ED448"
end
config webfilter ftgd-local-cat
edit "custom1"
set status enable
set id 140
next
edit "custom2"
set status enable
set id 141
next
end
config ips sensor
edit "g-default"
set comment "Prevent critical attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-sniffer-profile"
set comment "Monitor IPS attacks."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set block-malicious-url disable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location all
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
edit "Incoming_IPS"
set comment ''
set replacemsg-group ''
set block-malicious-url enable
set scan-botnet-connections disable
set extended-log disable
config entries
edit 1
set location server
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action block
set quarantine none
next
end
next
edit "Outgoing_IPS"
set comment ''
set replacemsg-group ''
set block-malicious-url enable
set scan-botnet-connections block
set extended-log disable
config entries
edit 1
set location client
set severity medium high critical
set protocol all
set os all
set application all
set status default
set log enable
set log-packet disable
set log-attack-context disable
set action default
set quarantine none
next
end
next
end
config sctp-filter profile
end
config firewall shaper traffic-shaper
edit "high-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "medium-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority medium
set per-policy enable
set diffserv disable
set overhead 0
next
edit "low-priority"
set guaranteed-bandwidth 0
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority low
set per-policy enable
set diffserv disable
set overhead 0
next
edit "guarantee-100kbps"
set guaranteed-bandwidth 100
set maximum-bandwidth 1048576
set bandwidth-unit kbps
set priority high
set per-policy enable
set diffserv disable
set overhead 0
next
edit "shared-1M-pipe"
set guaranteed-bandwidth 0
set maximum-bandwidth 1024
set bandwidth-unit kbps
set priority high
set per-policy disable
set diffserv disable
set overhead 0
next
end
config firewall shaper per-ip-shaper
end
config firewall proxy-address
end
config firewall proxy-addrgrp
end
config web-proxy profile
end
config web-proxy global
set ssl-cert "Fortinet_Factory"
set ssl-ca-cert "Fortinet_CA_SSL"
set fast-policy-match enable
set ldap-user-cache disable
set proxy-fqdn "default.fqdn"
set max-request-length 8
set max-message-length 32
set strict-web-check disable
set forward-proxy-auth disable
set forward-server-affinity-timeout 30
set max-waf-body-cache-length 32
set webproxy-profile ''
set learn-client-ip disable
end
config web-proxy explicit
set status disable
set ipv6-status disable
set strict-guest disable
set https-replacement-message enable
set ssl-algorithm low
end
config web-proxy forward-server
end
config web-proxy forward-server-group
end
config web-proxy debug-url
end
config web-proxy wisp
end
config wanopt webcache
set max-object-size 512000
set neg-resp-time 0
set fresh-factor 100
set max-ttl 7200
set min-ttl 5
set default-ttl 1440
set ignore-ims disable
set ignore-conditional disable
set ignore-pnc disable
set ignore-ie-reload enable
set cache-expired disable
set cache-cookie disable
set reval-pnc disable
set always-revalidate disable
set cache-by-default disable
set host-validate disable
set external disable
end
config ftp-proxy explicit
set status disable
set ssl disable
end
config web-proxy url-match
end
config application custom
end
config application list
edit "g-default"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-sniffer-profile"
set comment "Monitor all applications."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection enable
unset options
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log enable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log disable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log disable
unset p2p-block-list
set deep-app-inspection disable
set options allow-dns
config entries
edit 1
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
edit "App_Ctrl_1"
set comment ''
set replacemsg-group ''
set extended-log disable
set other-application-action pass
set app-replacemsg enable
set other-application-log enable
set enforce-default-app-port disable
set force-inclusion-ssl-di-sigs disable
set unknown-application-action pass
set unknown-application-log enable
unset p2p-block-list
set deep-app-inspection enable
set options allow-dns
config entries
edit 1
set application 43541 48977 48976 47822
set action pass
set log disable
set log-packet disable
set rate-count 0
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
edit 2
set application 17405
set action pass
set log disable
set log-packet disable
set rate-count 0
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
edit 3
set application 39243 42662 16171 25953 38547 16270
set action pass
set log disable
set log-packet disable
set rate-count 0
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
edit 4
set category 2 6
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action block
set log enable
set log-packet disable
set session-ttl 0
set quarantine none
next
edit 5
set category 25
set protocols all
set vendor all
set technology all
set behavior all
set popularity 1 2 3 4 5
set action pass
set log disable
set log-packet disable
set session-ttl 0
set shaper ''
set shaper-reverse ''
set per-ip-shaper ''
set quarantine none
next
end
set control-default-network-services disable
next
end
config application group
end
config dlp filepattern
edit 1
set name "builtin-patterns"
set comment ''
config entries
edit "*.bat"
set filter-type pattern
next
edit "*.com"
set filter-type pattern
next
edit "*.dll"
set filter-type pattern
next
edit "*.doc"
set filter-type pattern
next
edit "*.exe"
set filter-type pattern
next
edit "*.gz"
set filter-type pattern
next
edit "*.hta"
set filter-type pattern
next
edit "*.ppt"
set filter-type pattern
next
edit "*.rar"
set filter-type pattern
next
edit "*.scr"
set filter-type pattern
next
edit "*.tar"
set filter-type pattern
next
edit "*.tgz"
set filter-type pattern
next
edit "*.vb?"
set filter-type pattern
next
edit "*.wps"
set filter-type pattern
next
edit "*.xl?"
set filter-type pattern
next
edit "*.zip"
set filter-type pattern
next
edit "*.pif"
set filter-type pattern
next
edit "*.cpl"
set filter-type pattern
next
end
next
edit 2
set name "all_executables"
set comment ''
config entries
edit "bat"
set filter-type type
set file-type bat
next
edit "exe"
set filter-type type
set file-type exe
next
edit "elf"
set filter-type type
set file-type elf
next
edit "hta"
set filter-type type
set file-type hta
next
end
next
end
config dlp sensitivity
edit "Private"
next
edit "Critical"
next
edit "Warning"
next
end
config dlp fp-doc-source
end
config dlp sensor
edit "g-default"
set comment "Default sensor."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
unset summary-proto
next
edit "g-sniffer-profile"
set comment "Log a summary of email and web traffic."
set feature-set flow
set replacemsg-group ''
set dlp-log enable
set extended-log disable
set nac-quar-log disable
unset full-archive-proto
set summary-proto smtp pop3 imap http-get http-post
next
end
config webfilter content
end
config webfilter content-header
end
config webfilter urlfilter
end
config videofilter youtube-key
end
config videofilter youtube-channel-filter
end
config videofilter profile
end
config webfilter ips-urlfilter-setting
set device ''
set distance 1
set gateway 0.0.0.0
set geo-filter ''
end
config webfilter ips-urlfilter-setting6
set device ''
set distance 1
set gateway6 ::
set geo-filter ''
end
config emailfilter bword
end
config emailfilter block-allow-list
end
config emailfilter mheader
end
config emailfilter dnsbl
end
config emailfilter iptrust
end
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set url-block-detected high
set botnet-connection-detected critical
config malware
set virus-infected critical
set fortindr critical
set file-blocked low
set command-blocked disable
set oversized disable
set virus-scan-error high
set switch-proto disable
set mimefragmented disable
set virus-file-type-executable medium
set virus-outbreak-prevention critical
set content-disarm medium
set malware-list medium
set ems-threat-feed medium
set fsa-malicious critical
set fsa-high-risk high
set fsa-medium-risk medium
end
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
edit 15
set category 96
set level medium
next
end
config application
edit 1
set category 2
set level low
next
edit 2
set category 6
set level medium
next
end
end
config icap server
end
config icap profile
edit "default"
set replacemsg-group ''
set request disable
set response disable
set streaming-content-bypass disable
set preview disable
set methods delete get head options post put trace other
set icap-block-log disable
set chunk-encap disable
unset extension-feature
config icap-headers
edit 1
set name "X-Authenticated-User"
set content "$user"
set base64-encoding disable
next
edit 2
set name "X-Authenticated-Groups"
set content "$local_grp"
set base64-encoding disable
next
end
next
end
config system network-visibility
set destination-visibility enable
set source-location enable
set destination-hostname-visibility enable
set hostname-ttl 86400
set hostname-limit 5000
set destination-location enable
end
config user certificate
end
config user radius
end
config user tacacs+
end
config user exchange
end
config user ldap
edit "HVDC03.scsd.ad"
set server "10.1.48.95"
set secondary-server ''
set tertiary-server ''
set source-ip ''
set source-port 0
set cnid "sAMAccountName"
set dn "dc=scsd,dc=ad"
set type regular
set two-factor disable
set username "fortinet ldap"
set password ENC MTAwNEE9KEQkPwRrCgUGcEQPdGDqOTnITAjFrKKxrViQrYIKoGmAmTZin+255Sf2ZNBZxZyeSf+CNSul/lZDrGRJq/KzGdSoRROYiB9VLCeN5dCPmHhfkngZw+k9PBNYl+2Cy35B7RrSUv9Ppp8M9/J6mXR7uNl9FjEglnGD3ld+BIOKRwmaVXQ2nolOoAmfF+YELQ==
set group-member-check user-attr
set group-search-base ''
set group-filter ''
set secure disable
set port 389
set password-expiry-warning disable
set password-renewal disable
set member-attr "memberOf"
set account-key-processing same
set account-key-filter "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"
unset search-type
set obtain-user-info enable
set user-info-exchange-server ''
set interface-select-method auto
set antiphish disable
next
edit "HVDC02.scsd.ad"
set server "10.21.48.10"
set secondary-server ''
set tertiary-server ''
set source-ip ''
set source-port 0
set cnid "sAMAccountName"
set dn "dc=scsd,dc=ad"
set type regular
set two-factor disable
set username "fortinet ldap"
set password ENC MTAwNEE9KEQkPwRrCgUGcEQPdGDqOTnITAjFrKKxrViQrYIKoGmAmTZin+255Sf2ZNBZxZyeSf+CNSul/lZDrGRJq/KzGdSoRROYiB9VLCeN5dCPmHhfkngZw+k9PBNYl+2Cy35B7RrSUv9Ppp8M9/J6mXR7uNl9FjEglnGD3ld+BIOKRwmaVXQ2nolOoAmfF+YELQ==
set group-member-check user-attr
set group-search-base ''
set group-filter ''
set secure disable
set port 389
set password-expiry-warning disable
set password-renewal disable
set member-attr "memberOf"
set account-key-processing same
set account-key-filter "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"
unset search-type
set obtain-user-info enable
set user-info-exchange-server ''
set interface-select-method auto
set antiphish disable
next
edit "DC01.scsd.ad"
set server "10.1.40.10"
set secondary-server ''
set tertiary-server ''
set source-ip ''
set source-port 0
set cnid "sAMAccountName"
set dn "dc=scsd,dc=ad"
set type regular
set two-factor disable
set username "fortinet ldap"
set password ENC MTAwNEE9KEQkPwRrCgUGcEQPdGDqOTnITAjFrKKxrViQrYIKoGmAmTZin+255Sf2ZNBZxZyeSf+CNSul/lZDrGRJq/KzGdSoRROYiB9VLCeN5dCPmHhfkngZw+k9PBNYl+2Cy35B7RrSUv9Ppp8M9/J6mXR7uNl9FjEglnGD3ld+BIOKRwmaVXQ2nolOoAmfF+YELQ==
set group-member-check user-attr
set group-search-base ''
set group-filter ''
set secure disable
set port 389
set password-expiry-warning disable
set password-renewal disable
set member-attr "memberOf"
set account-key-processing same
set account-key-filter "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"
unset search-type
set obtain-user-info enable
set user-info-exchange-server ''
set interface-select-method auto
set antiphish disable
next
end
config user krb-keytab
end
config user domain-controller
end
config user pop3
end
config user saml
edit "azure"
set cert "StarCert-Expire03202026"
set entity-id "https://vpn.scsd.us:10443/remote/saml/metadata"
set single-sign-on-url "https://vpn.scsd.us:10443/remote/saml/login"
set single-logout-url "https://vpn.scsd.us:10443/remote/saml/logout"
set idp-entity-id "https://sts.windows.net/46bdfafa-75e0-4634-9a6b-43b9574e6f0a/"
set idp-single-sign-on-url "https://login.microsoftonline.com/46bdfafa-75e0-4634-9a6b-43b9574e6f0a/saml2"
set idp-single-logout-url "https://login.microsoftonline.com/46bdfafa-75e0-4634-9a6b-43b9574e6f0a/saml2"
set idp-cert "REMOTE_Cert_2"
set user-name "username"
set group-name "group"
set digest-method sha256
set limit-relaystate disable
set clock-tolerance 15
set adfs-claim disable
next
edit "scsd_user_sso"
set cert "StarCert-Expire03202026"
set entity-id "https://vpn.scsd.us:10443/remote/saml/metadata"
set single-sign-on-url "https://vpn.scsd.us:10443/remote/saml/login"
set single-logout-url "https://vpn.scsd.us:10443/remote/saml/logout"
set idp-entity-id "https://sts.windows.net/5021feae-da5a-4d27-8d9d-4927b39324c7/"
set idp-single-sign-on-url "https://login.microsoftonline.com/5021feae-da5a-4d27-8d9d-4927b39324c7/saml2"
set idp-single-logout-url "https://login.microsoftonline.com/5021feae-da5a-4d27-8d9d-4927b39324c7/saml2"
set idp-cert "REMOTE_Cert_2"
set user-name "username"
set group-name "group"
set digest-method sha256
set limit-relaystate disable
set clock-tolerance 15
set adfs-claim disable
next
edit "scsd_user2_sso"
set cert "StarCert-Expire03202026"
set entity-id "https://vpn.scsd.us:10443/remote/saml/metadata/"
set single-sign-on-url "https://vpn.scsd.us:10443/remote/saml/login"
set single-logout-url "https://vpn.scsd.us:10443/remote/saml/logout"
set idp-entity-id "https://sts.windows.net/ac4a0b00-0f87-48ae-8d66-1a74019ca4ec/"
set idp-single-sign-on-url "https://login.microsoftonline.com/ac4a0b00-0f87-48ae-8d66-1a74019ca4ec/saml2"
set idp-single-logout-url "https://login.microsoftonline.com/ac4a0b00-0f87-48ae-8d66-1a74019ca4ec/saml2"
set idp-cert "REMOTE_Cert_2"
set user-name "username"
set group-name "group"
set digest-method sha256
set limit-relaystate disable
set clock-tolerance 15
set adfs-claim disable
next
end
config user fsso
edit "Orion"
set type default
set server "10.1.48.37"
set port 8000
set password ENC SolQ9+k0kiMmO5Gfiz+NRx/sVZWu90Gsu+EbLe6DVr7blcf+evWrsb2fEuUKu1dRs4P8y7GU1odIa9/B1uPg7OvR3MLs8mZWrLfZdE9u8p/j4xUzSjpYmat6cmQSkXCClOtjPlQw19CCjXipPOp/zxa8/Sr188Z9ClsNdKWyTECB0HHIUJr7wpybUMQBJPXT+p8Tqg==
set server2 ''
set port2 8000
set password2 ENC ST7AwiGYBiwcFDJwDylT13xMEwtafXMw+TphX0vwWafX9ZZSWGifNZNPmelo3hNm1aWSV+etbYu9bF5hl3nNP+Kx9XAvzYbOfe4c4o2NiqDQzB6cqHf4v6X2oJDe9+87QWcxAlOCSRM4DXycI9Rc1W/gov2XhZQOL/dytRnq7ZmrLF7sM63w5jXa1OsirQ4mDWH3bA==
set server3 ''
set port3 8000
set password3 ENC 1CNSs1xfocCvZ8Y6NW7miSzFiLX+WI2NtGH6tiB4m4JBRRaIAfNND7e+jcWhk2lvhZc15X0MIsILQKdz8jqyvCLbkBZ3MBb5A/fhnGQLeutdXGc+m4vnApDKHtvclPiu0f6wc4XrTlvQQ+mFE3xkSrHF3w0j1OlWgrh8zF9r1ZIUTer5vPsssaaicSPXWIFg0ZJC5w==
set server4 ''
set port4 8000
set password4 ENC 7yUfTjqMrKnrO9d5uusdgK2Pyqai/Oao1J/tPhYj3mRxqGWxAATBBOz1qhH1Yc4eLqwlQaHEVwdd1kI/lUq7ZlssG0kq9yMhdwsi9ud6fGUSMXq5GqIQ9eqQFeeGH2CaYpkG39+gM+SA97UyiHiin7qKGiQ3/PBNx6C5zqiaRBB1rUTzjSRx9pADMvq5DgrE0a6UGg==
set server5 ''
set port5 8000
set password5 ENC /6yYlvDzDsnkuBBgzVJ07rMk6DwwJaqwkeDsNRhAiyVshgCZKD7AANAKppw9MrVrMGG9P5mlZEuNeSfn11iyPEll/mKo6InAlFE1f0bLgMQhxfZH3r49yRsEc7n+duWyPOBNKbBVHCETfE+PBui06JLvIndYqPHUmajAnjNhK5+EQGHwaJzhDqEvtb/57LYCiuz6hA==
set logon-timeout 5
set ldap-server ''
set group-poll-interval 0
set user-info-server ''
set ssl disable
set source-ip 0.0.0.0
set source-ip6 ::
set interface-select-method auto
next
end
config user adgrp
edit "CN=ST_STU_7-12GRADE,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_DOC,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_ACCESS411,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_WEBCRD,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VPN_FORTINET,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_AE_BLDG_SECY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_AE_SUPP_CENSUS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_AE_BLDG_TEACH,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_AE_BLDG_COUNSELOR,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_AE_BLDG_ADMIN,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GPO-ACCESSIBILITYALLOW-STUDENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_DISTRICTWEBSITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ACCOUNTING_FTP_UPLOAD_TO_ALLOVUE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WINDOWS_UPGRADE_AVAILABLE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV173538,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CONFIGMGR REMOTE CONTROL USERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T02_254_5518A,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T02_254_6518A,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T04_LIBWRKRM_5518A,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=AZURE_MFA_ENABLED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSTOOLS_DEVELOPER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FORTINETRO,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FORTINETADMINS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T57_110_330AC,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OSA-TECH-COMPUTERS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T42_LIBRARY_4518A,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_ELMS_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_ELMS_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_ELMS_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_PREK_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_FAMENG,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HYPERACCESS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_PSLA_FIELDDOOR_EXTENDEDWORKDAY_LIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_PSLA_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_PSLA_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_PSLA_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOFTWAREUPDATES_SERVER_EXCLUDE_CUA,OU=SERVERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FIREFOX,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SCCM_TECHS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_DAYAUTOMATION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CORCORAN_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CORCORAN_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CORCORAN_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_NOTTINGHAM_WORKDAY_M,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_HIGH_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_MIDDLE_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_K8_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_ELEMENTARY_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_ALL_HIGH_SCHOOLS_M_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_HIGH_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_MIDDLE_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_K8_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_ALL_ELEMENTARY_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HENNINGER_ELEVATOR,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-LICENSEONLY,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-AFTEREFFECTS,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-INDESIGNCC,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-ILLUSTRATORCC,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-PREMIEREPROCC,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-PHOTOSHOPCC,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DW-ADOBE-ACROBATCC,OU=NEW ADOBE GROUPS - TEMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_STAFF_A3_CONFERENCECALLING,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BRIGHTON_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BRIGHTON_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BRIGHTON_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HENNINGER_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HENNINGER_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CLARY_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CLARY_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_ITC_OSA_NOC_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HENNINGER_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_CLARY_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_ITC_OSA_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_USERDEFSCREEN-REGIST,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_EXTENDEDWORKDAY_M,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_UNLIMITED_M,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_WORKDAY_M,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_STLUCY_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_SUMR-CENSUS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_STLUCY_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_STLUCY_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_STLUCY_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WEEKLY_REPORTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ACCOUNTABILITY_ARCHIVE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WACOMTABLET,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RAPTORTECH,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_PROG-CIP,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_SERVICEMAILBOXES_A1_EMAIL_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSTOOLS_CACHE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ARC_ADVENTURES,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GPO-CONFIGMGRSTARTUP,OU=SECURITYGROUPS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_NOTTINGHAM_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_NOTTINGHAM_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_NOTTINGHAM_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_SYRSTEMATBLODGETT_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_SYRSTEMATBLODGETT_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_SYRSTEMATBLODGETT_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HUNTINGTON_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HUNTINGTON_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_HUNTINGTON_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_EDSMITH_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_EDSMITH_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_EDSMITH_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRAZER_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRAZER_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRAZER_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BELLEVUE_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BELLEVUE_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_BELLEVUE_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CBT-QUESTAR_SECURE_BROWSER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_GRANT_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_GRANT_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_GRANT_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SKYWALKER_REPORTS_RW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_ADDRESS-EDIT,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_NOND_COUNSGUID_VO,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_ITTECH_TEMPADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WABBITEMU,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_VIEW_EXPORT,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_VIEWONLY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_DW_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRANKLIN_UNLIMITED,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRANKLIN_EXTENDEDWORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_CENTRALOFFICES_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_ADMINS,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_OSA-DELETE,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_AC_FRANKLIN_WORKDAY,OU=ACCESS-CONTROL,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEMADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_IK_PROV,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOFTWAREUPDATES_SERVER_PROD_HIGHRISK,OU=SERVERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOFTWAREUPDATES_SERVER_PROD_MEDRISK,OU=SERVERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOFTWAREUPDATES_SERVER_PROD_LOWRISK,OU=SERVERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_TRANSPORTATION_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_CEDARPATH_DISTADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_PDC_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_SCHOOLSC_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_LEVY_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_HEARINGOFF_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_CO_SUPER_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_CENTRALREG_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_BOVA_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_WEBSTER_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_VANDUYN_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_SYRSTEMATBLODGETT_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_SYRLATIN_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_STEAMATKING_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_SEYMOUR_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_SALEMHYDE_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_ROBERTS_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_PSLA_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_PFLA_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_PORTER_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_OASIS_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_NOTTINGHAM_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_MEACHEM_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_MCKINLEYBRIGHTON_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_MCCARTHYATBEARD_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_LINCOLN_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_LEMOYNE_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_ITC_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_HUNTINGTON_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_HENNINGER_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_HWSMITH_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_GRANT_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_FRAZER_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_FRANKLIN_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_ELMS_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_ELMCREST_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_EDSMITH_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DRWEEKS_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DELAWAREPRIMARY_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_CORCORAN_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_CLARY_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_BRIGHTON_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_BELLEVUE_BLDGADMIN,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_REMOTEDESKTOP_SECURITY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_DPS,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_ITSYSADM,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_CAM_DW_ITTECH,OU=SECURITY-CAMERAS,OU=SECURITYGROUPS-GENETEC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_SECURITY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STAFF_PROJECTPLAN_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_SUMR-SCHEDULING,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_SUMR-SECY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_SUMR-ADMIN,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOFTWAREUPDATES_SERVER_PILOT,OU=SERVERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=L02_NURSE_XM1246,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=O365GROUPSCREATORS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_OUTSIDE_ACCOUNTS_A1_EMAIL_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VDI_POOLUSERS-BASIC-STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_PROJOFFICE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_PROJOFFICE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STAFF_A3_OUTLOOK_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_OSA-ASSESSMENT,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_HYPPRODESS_ORACLE_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYRPRINT2TEST,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FTP_ACCESS_MRROBOT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_AW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_STUDENTSOW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_LOCKERMAINT,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_HCM_PSOFT_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_FIN_SCSD_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_FIN_PSOFT_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SECURITY ADMINISTRATOR,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SECURITY READER,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ADMINS_SERVER_BTPROS,OU=IT ENGINEER,OU=OUTSIDE ACCOUNTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_COMMUNICATIONS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-OFFICE-365-STUDENTS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-OFFICE-365-FACULTY_W_VISIO,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VEXOS_UTILITY,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VEXCODE_IQ_BLOCKS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T28_LIBLAB_3508A,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_MEDICAL_VO,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PAPERCUT_OA,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-OFFICE-365-FACULTY,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-OFFICE-2019,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REIMAGEAVAILABLE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_USERDEFSCREEN-NATAMER,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VISUALIZER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_AFTERSCHOOLPROG,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T45__LIBRARY_5508A,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_NOND_UPKADMIN,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEM MANAGED ACCOUNTS GROUP,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ENTERPRISE KEY ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=KEY ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STORAGE REPLICA ADMINISTRATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSLA_FS_OBERNESSER_STUDENTS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_COUNSELING,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV186149,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COR_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CRC_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSB_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STA_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COR_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CRC_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PCC_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STA_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FDS_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSB_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OSA_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BOV_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=145_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=321_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=321_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=086_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=086_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=074_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=076_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=071_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=048_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=048_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=067_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=023_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=023_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AV185472,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CONTENTSUBMITTERS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV186148,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_353,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_320,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_321,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_ATTENDANCEREPORTS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV177223,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OAE_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OAE_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DNSUPDATEPROXY,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ILLUSTRATOR-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PPN_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PPN_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSLA_FS_TEACHERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV60285,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV181129,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV185049,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_SENTRY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RAP_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=320_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=353_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RAP_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=353_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_BIC,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=320_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV160649,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV187766,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=008_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_049,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_051,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_015,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_008,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_036,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_034,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_040,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_030,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_037,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_646,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_364,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_016,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_054,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_009,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_042,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_027,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_044,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_045,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_608,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_029,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_033,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_322,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_048,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_328,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_013,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_363,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_303,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_025,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_024,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_001,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_006,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_007,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STU_BLDG_004,OU=SECURITYGROUPS-BUILDINGS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=353_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OAE_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=321_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=320_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=042_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_NOND_BASE,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ACCESS411_RAWDATA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VENDOR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=042_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=033_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TRP_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=042_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=033_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TRP_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_DISCIPLINE,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=007_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CO-STUSPPTSVCS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VOIP ADMIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=048_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV156574,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_OSA-SECURITY-FACULTY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_SIERRA-CEDAR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=001_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=036_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=036_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=054_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=054_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_STSHARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=045_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DESKTOP_LOCAL_ADMIN,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=045_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=055_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV154000,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UPK_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV182145,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_ATTENDANCE,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UPK_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=015_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=AUTOCAD,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=364_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=364_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=015_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=030_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=009_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=007_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=030_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=004_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=363_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=009_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=007_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=044_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCB_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PDC_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=055_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCB_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=363_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=044_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=004_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PDC_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=066_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=013_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=328_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=303_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=051_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=029_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=027_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=008_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=040_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=303_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=021_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=008_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWD_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=037_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=006_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SSC_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=024_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=034_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=025_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=040_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=328_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=049_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=024_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=016_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=006_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=049_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=322_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=025_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=034_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=037_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWD_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=016_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=051_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=322_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=027_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=029_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=013_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=021_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AVF112924,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=020_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=020_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_DOCUWARE_HRIMPORT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_TRANSPORTATION,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_SOCIALWKR,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=022_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=022_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV186330,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_TEACH,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_THERAPIST,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NETFLIX,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV162164,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_OSA-VIEWONLY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_AD,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CO-VIEWONLY,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_VAS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DHCP ADMINISTRATORS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_SPECPROG-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LOGMEIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GALAXY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TECHSHARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV172975,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV182116,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P23_AV182633,OU=P23_ELMWOOD,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_O365_RFP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_CENSUS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV159233,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV167598,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV187108,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CO-SPED,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TEXASINSTRUMENTS_SMARTVIEWEMULATOR,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_REPORTBUILDER,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV187221,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV173190,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV173387,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HR ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ACROBAT-PSLA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_SECY_MSHS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_LMS,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV158791,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_SPECPROG-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CO-ENL,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_DOCUWARE_IMPORT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_SECY_ES,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_CUSTOMEXPORT,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_COURSECAT,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CONTENTKEEPER_CLIENT,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_HEALTHSVC,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV207634,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P27_AVF112148,OU=P27_ELMCREST,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV186579,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AV999972,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV173353,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV60282,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV158802,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV176680,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181448,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV999973,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV999974,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV180435,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV999975,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV160634,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV167669,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV166757,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P57_AV182176,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV181526,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SVR_RDP_ORIONAPP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SVR_ADM_ORIONAPP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P57_AV182175,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P57_AV999976,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P57_AV185793,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P57_AV999977,OU=P57_TRANSPORTATION,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV181527,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV194203,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV187107,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV184840,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV172974,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV172973,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV159234,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV157310,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV154074,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV59543,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV59464,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV157308,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV99978,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV60782,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV99979,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV99980,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV60237,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV185794,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV185795,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV184924,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV167897,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AV161742,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AVF113661,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AVF113325,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_AVF113290,OU=P55_CENTRALOFFICE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AV182284,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AV173200,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AV173201,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AVF113184,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AV166815,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P54_AV181707,OU=P54_JOHNSONCENTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV181445,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV187724,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV186333,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV181446,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV181447,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P53_AV999981,OU=P53_BLODGETT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P51_AV185051,OU=P51_WEBSTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P51_AV186150,OU=P51_WEBSTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P51_AV184214,OU=P51_WEBSTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P51_AV187819,OU=P51_WEBSTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P51_AV182632,OU=P51_WEBSTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P48_AV59590,OU=P48_BEARD,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P48_AV188136,OU=P48_BEARD,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P48_AV177471,OU=P48_BEARD,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P47_AV178262,OU=P47_MCCARTHY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P47_AV181441,OU=P47_MCCARTHY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P47_AV177611,OU=P47_MCCARTHY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=INVENTOR,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-INDESIGN-CO,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ILLUSTRATOR-CO,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PAPERCUT_ALLACCESS,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PREMIEREPRO-CO,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PHOTOSHOP-CO,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CO-UPK,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV161795,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_OSA,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV173188,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STAFF_A3_TEAMS_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DNSADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV208551,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_ADMIN,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV187905,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_SUPP_SCHEDULING,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV188240,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_BLDG_COUNSELOR,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_CRC,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV999982,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=T02_LIBRARY_5518A,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_SU,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CONSULTANTS_IKSYSTEMS,OU=APPLICATION SUPPORT,OU=OUTSIDE ACCOUNTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_FT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OSA_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PREMIEREPRO-PSLA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PHOTOSHOP-PSLA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ELA_ONENOTE_EARLYLIT_CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ELA_ONENOTE_WRITING_CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_CONFIRMINTERVIEWS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_RM105_LAB_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CBT-QUESTAR_SECURE_BROWSER-LEGACY,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P02_OFFICE,OU=P02_ITC,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS LAB RM305 LEX E460DN,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=006_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PREMIEREPRO-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P02_GENERAL,OU=P02_ITC,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAC_NA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P47_AV173386,OU=P47_MCCARTHY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P27_AV182713,OU=P27_ELMCREST,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P27_AV182744,OU=P27_ELMCREST,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV168199,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STAFF_A3_BASE_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-INDESIGN-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PHOTOSHOP-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P34_AV186000,OU=P34_DRWEEKS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_OUTSIDE_ACCOUNTS_A1PLUS_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STUDENTS_A3_BASE_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LICENSING_O365_STUDENTS_A3_EMAIL_M,OU=LICENSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ACVPN,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV999984,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AVF110804,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV168337,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AVF110817,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REVIT,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV175376,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=001_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV174854,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P60_AV60781,OU=P60_PDC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ST_DEPT_OSA-SUPERUSER,OU=SECURITYGROUPS-SCHOOLTOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV182115,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P10_AVF113324,OU=P10_LEVY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TECHINFO,OU=DISTRIBUTIONGROUPS,OU=EMAILSPECIALOBJECTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV58838,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV60902,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV186167,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV186295,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV185800,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV167896,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV182628,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV161880,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV188406,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_GENERAL,OU=P55_CENTRAL_OFFICE,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV185043,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV179205,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV175487,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV175378,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV173295,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV171335,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV60464,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV60366,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV167365,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV179663,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV169970,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P45_AV185053,OU=P45_EDSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P44_AV181440,OU=P44_SEYMORE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P44_AV157367,OU=P44_SEYMORE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV181438,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV175377,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV173189,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV173191,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV160638,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AVF112234,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV999985,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P42_AV60766,OU=P42_ROBERTS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P40_AV184766,OU=P40_PORTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P40_AV59212,OU=P40_PORTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P40_AV60455,OU=P40_PORTER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P37_AV180434,OU=P37_MEACHEM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P37_AVF153596,OU=P37_MEACHEM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P37_AV60449,OU=P37_MEACHEM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P37_AV999989,OU=P37_MEACHEM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P37_AV186433,OU=P37_MEACHEM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P36_AV181436,OU=P36_MCKINLEY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P36_AV180433,OU=P36_MCKINLEY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P36_AV169615,OU=P36_MCKINLEY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P36_AV159702,OU=P36_MCKINLEY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P34_AV181443,OU=P34_DRWEEKS,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P33_AV181439,OU=P33_LEMOYNE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P33_AV186425,OU=P33_LEMOYNE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P33_AV60901,OU=P33_LEMOYNE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV185042,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV185077,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV168198,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV167484,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV158255,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV155019,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P30_AV154486,OU=P30_SALEMHYDE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV999990,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV186165,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV172795,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV155296,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV153482,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV60360,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV59199,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P29_AV161797,OU=P29_HUNTINGTON,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV999991,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P24_AV999993,OU=P24_FRANKLIN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P24_AV999992,OU=P24_FRANKLIN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV59251,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV59250,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV185050,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV187225,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV157335,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV157685,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P28_AV176029,OU=P28_HUGHES,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRINTER_INSTALLERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV180432,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV182634,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV182631,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV175375,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P25_AV60679,OU=P25_FRAZER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P24_AV188211,OU=P24_FRANKLIN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P24_AV60459,OU=P24_FRANKLIN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV185044,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV181122,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV156012,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV156004,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV156011,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AVF112928,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV60454,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV60677,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P22_AV60262,OU=P22_DELAWARE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV58848,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV187899,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV179828,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV179827,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV175371,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV167730,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV60457,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P21_AV161799,OU=P21_DANFORTH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_DATA_REPOSITORY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV186576,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AV185048,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AVF113182,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AV60453,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AV60361,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P20_AV160689,OU=P20_DRKING,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AV182443,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AV175379,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AVF113323,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AV60269,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AV60981,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P15_AV188285,OU=P15_HWSMITH,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV999994,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV185041,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV187109,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV155295,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P13_AV182113,OU=P13_LINCOLN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AV182766,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OSA-TESTGROUP,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PHOTOSHOP-FRANKLIN,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV999999,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AV175372,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AV168195,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AVF112510,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P09_AV160456,OU=P09_GRANT,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV158790,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AVF111593,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV181442,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV182421,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV182332,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV174527,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV174526,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AVF112837,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P07_AV176678,OU=P07_CORCORAN,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AVF110802,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV182458,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV187111,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV181065,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV175370,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P08_AV173541,OU=P08_CLARY,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AVF111591,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV188551,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV167694,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV175743,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV173199,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV172940,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV999995,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV60768,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV60284,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV60287,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV162742,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV162747,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV186166,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV176642,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV182629,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P06_AV185076,OU=P06_HENNINGER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AVF111587,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AVF111588,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV187898,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV185046,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV174855,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV174856,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV174853,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV186161,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV168197,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV999996,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV166046,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AVF113493,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV60771,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV59205,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV999997,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P04_AV176679,OU=P04_NOTTINGHAM,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV184768,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181074,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV173539,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV173540,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181288,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181286,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181123,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181121,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181124,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV181125,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P03_AV175744,OU=P03_FOWLER,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AVF111595,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AVF110812,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV181437,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV185473,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV60949,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AVF113443,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV187266,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV160660,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV182322,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_AV999998,OU=P01_ITC,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EDEFFECT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ACROBAT-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EMPLOY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EMPSVCS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_ESS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_TRANSP-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_STAFFRLTN-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_VPI-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_RECRUIT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_CALL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-INDESIGN-WESTSIDE,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-INDESIGN-PSLA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ILLUSTRATOR-WESTSIDE,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ILLUSTRATOR-PSLA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-AFTEREFFECTS-ITC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PREMIEREPRO-WESTSIDE,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-PHOTOSHOP-WESTSIDE,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ACROBAT-CO,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_211_6508A,OU=P55_CENTRAL_OFFICE,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=052_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_HENN-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VDI_POOLUSERS-PLTW-STU,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_DATA-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VDI_HORIZONCLIENT,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_RISKMGT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OPERATIONS,OU=DISTRIBUTIONGROUPS,OU=EMAILSPECIALOBJECTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_BENE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VDI_POOLUSERS-PLTW-STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_106_307,OU=P55_CENTRAL_OFFICE,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ACROBAT-OSA,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=028_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=028_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SCSDAPCALERTS,OU=DISTRIBUTIONGROUPS,OU=EMAILSPECIALOBJECTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_EC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_HWSM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P55_103_3005AC,OU=P55_CENTRAL_OFFICE,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_COUNTY_STAFF,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VCENTER_ADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_COR_CORE,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_EFRT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=052_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=010_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=010_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=003_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=003_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_EC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=034_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_PURCH-READ,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COR_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_FOODSVCS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SPED-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_BUDGET-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ENL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_TRANSP-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SCITECH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_ESS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_HEALTHSVCS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_COMM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_PD-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_LIB-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SALEM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_ACCTPAY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_LIB-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_CLARY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_PSLA-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DRKING-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_COMM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_ROBERTS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_VAND-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_SCHPSYCH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MONTLEMOYNE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_WSA-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_HEALTHSVCS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SYRLAT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_CORC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_CRC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_DANF-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_HENN-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DELES-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_TEST-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_ACCTPAY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_RISKMGT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_RECRUIT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ART-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_SCHSCRTY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_MCCARTHY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_CALL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_PURCH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_PAY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ENL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_REFORM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_CRC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_CTE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_JVC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DRWEEKS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_TEST-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_COUNS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SEYM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_REFORM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_MATH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_BUDGET-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_NOTT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_HUGHES-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SCITECH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EDEFFECT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_STAFFRLTN-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_TECH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ELA-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_TECH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EMPLOY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_LEMOYNE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_VPI-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ART-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MEACH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_FOODSVCS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_PAY-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_ELA-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_FRANK-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DELPRI-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_GRANT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SOCST-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_BELL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA_DATA-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_PZONE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_PD-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN_PURCH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_FACIL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_MATH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MCKBR-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_CTE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_FRAZ-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_EDSM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_BENE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_PEHEAFAC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_ELMS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_ELMCREST-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_ATH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_HUNT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_HWSM-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_WEB-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_STUBEHAVIOR-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SOCST-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_ITC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_HR_EMPSVCS-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_PEHEAFAC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_LINC-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_PORT-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_CORE-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_FIN-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_MENTAL-EDIT,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_7_CORCORAN,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_6_HENNINGER,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALL_PAPERCUT_USERS,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_24_FRANKLIN,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_33_LEMOYNE,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_54_JVC,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_364_WSA,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_49_VAN DUYN,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_48_BEARD,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=P01_OSA_3005AC,OU=PAPERCUT_GROUPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_42_ROBERTS,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_15_H.W. SMITH,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_44_SEYMOUR,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_328_SYR LATIN,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_13_LINCOLN,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_51_WEBSTER,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_30_SALEM,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_40_PORTER,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_8_CLARY,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_37_MEACHEM,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_20_KING,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_16_BELLEVUE,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_303_PSLA,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_1_ITC,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_21_DANFORTH,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_36_MCKINLEY-BRIGHTON,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_9_GRANT,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_322_DELAWARE,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_CURR_SPED-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_34_WEEKS,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_29_HUNTINGTON,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_363_ELMS,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_27_ELMCREST,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_45_ED SMITH,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_4_NOTTINGHAM,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_25_FRAZER,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_FACIL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_HUGHES-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MCKBR-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SALEM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SYRLAT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_CORC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_CLARY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_HUNT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_ROBERTS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_WSA-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PCC_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_STUBEHAVIOR-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_SCHPSYCH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_PZONE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT_MENTAL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_STUSPPRT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OSA-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_DEPT_OPS_SCHSCRTY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_REQ_SHARE_10_LEVY,OU=COUNTYREQUSITIONS,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CONT_ADMINUSERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_LOCAL_ADMIN_SCHOOLTOOL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_ARCH_READONLY,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SCANNING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRINT_TOSHIBA_VIRT_USER,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TEMPNETFLIX,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ERIC_TEST,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CONT_ENTRYEDIT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_RAPSHARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CONT_READONLY,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CONT_EDIT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PERS3,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CLIENT_ADMINUSERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_COUNS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_TL_ATH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_LINC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_GRANT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_FRAZ-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_ELMS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_EDSM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_MS_DANF-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_PSLA-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_NOTT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS_ITC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_HS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_WEB-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_VAND-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_SEYM-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_PORT-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MONTLEMOYNE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_MEACH-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_LEMOYNE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_FRANK-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DRWEEKS-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DRKING-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DELPRI-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_DELES-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES_BELL-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_ES-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_MCCARTHY-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_JVC-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_ELMCREST-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP_CORE-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPO_SCH_AP-CONTRIBUTE,OU=SECURITYGROUPS-SHAREPOINTONLINE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_ADMINGRPRAP,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BT_PROS_TEST,OU=IT ENGINEER,OU=OUTSIDE ACCOUNTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_FULLACCESS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CLIENT_EDIT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GPO-ALLOWRUNAS,OU=SECURITYGROUPS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CLIENT_READONLY,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FMP_CLIENT_ENTRYEDIT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLEVER_SHORTCUTS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SCHOOLTOOL4FTP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-LICENSEONLY,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_TB_HR_STAFF,OU=SECURITYGROUPS-DEPARTMENT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PAPERCUTADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TECH_PRINT_USERS,OU=TEST,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_OPSDOCS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=YOUTUBE,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_VANDUYN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_JVC,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ESCHOLAR EDM SVC ACCT NOTIFICATIONS,OU=DISTRIBUTIONGROUPS,OU=EMAILSPECIALOBJECTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FUSION360,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_MCCARTHY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IOSCAN,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=015_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_SCSD_DIRECTORS,OU=SECURITYGROUPS-POSITIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_BELLEVUE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GEOSHARE_STUDENTS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_DANFORTH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_RM_B5_PLTW_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IZO_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IZO_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_ELMCREST,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_DRWEEKS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_SCSD_SUPER_CHIEFS,OU=SECURITYGROUPS-POSITIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_SCSD_PRINCIPALS,OU=SECURITYGROUPS-POSITIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_SCSD_ASSISTANTSUP,OU=SECURITYGROUPS-POSITIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-ONEDRIVE-CLIENT,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEC_SCSD_BOE,OU=SECURITYGROUPS-POSITIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LASLINKS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_WESTSIDE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_DELAWARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_MSAP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_HRMS_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TABLEAUDESKTOP,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WSLC_TEACHERSHARE_CONF_RW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WSLC_TEACHERSHARE_CONF_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TELEFORM_APPS_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WSLC_TEACHERSHARE_RW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WXO_DEV,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ACCOUNTING_SHAREPOINT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOPOSTPROCESSING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MSOL_AD_SYNC_RICHCOEXISTENCE,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_FOWLER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPHERE2,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=POWERSETTINGS-NOSLEEP,OU=SECURITYGROUPS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=POWERSETTINGS-NONE,OU=SECURITYGROUPS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_PSLA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TABLEAU_WIN7,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_APPR_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HUNTINGTON_TOSHIBA_GROUP_MULTI,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TEACHSCAPE_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VPN_ACCESS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OSA_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_BENEFITS_ARCHIVE_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_ROOM_A204_LEX_T644,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ESCHOLAR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_BENEFITS_ARCHIVE_RW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_ROOM_A328_TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=003_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PAYROLLACCOUNTING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_CONTRACTS_VIEW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ALL_PREK,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GEOCLASS_TEACHER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_LIBRARY_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-DREAMWEAVER-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_HCM_OUT_READ_DELETE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBOTC,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_HCM_SCSD_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BEARD_PARPRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BLENDER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-AUDITION-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_FACILITIES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_RM_301 _TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_LIBRARY_TOSHIBA MFP,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=KODU,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_QAS_HCM_IN_WRITE_DELETE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_TEACHERS_ROOM_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRT_ITC-OSA_STAFF,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EASYTEACH_FIX,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_PORTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=001_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_FINSRSTAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSLA_FS_MAZZAFERRO_STUDENTS,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRT_ITC-OSA_CAO_SECURE,OU=PRINTER_DEPLOYMENT,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEYMOUR_ROOM_215A_TOSHIBA_456,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_GRANT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COMMVAULT ADMINS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_HENNINGER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_LEMOYNE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_HUNTINGTON,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_WEBSTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_CLARY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_HWSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_LATIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_BEARD,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_DRKING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_CORCORAN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_SALEMHYDE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_ITC,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_ROBERTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_PREK_RW,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_SEYMOUR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_FRANKLIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_FRAZER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_MEACHEM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MEDICAL_ADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_ELMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_PREK_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_HUGHES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_MCKINLEY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_NOTTINGHAM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_EDSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SMARTVIEW,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MED_LINCOLN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HYPERION_CONSULTANTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VAN DUYN_LAB_RM203_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL3FIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL3HR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL2FIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_SUMMERSCHOOLS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UPK_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TRP_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STA_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SSC_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RAP_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSB_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PPN_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PDC_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCB_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IZO_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HEO_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FDS_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWD_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CRC_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=902_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=840_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=839_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=821_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=364_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=363_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=345_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=328_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=322_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=303_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=298_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=275_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=240_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=145_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=140_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=095_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=090_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=089_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=086_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=080_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=076_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=074_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=072_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=071_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=067_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=066_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=055_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=054_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=052_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=051_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=049_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=045_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=044_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=040_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=037_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=036_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=033_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=030_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=029_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=028_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=027_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=025_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=024_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=023_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=022_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=021_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=020_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=016_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=013_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=010_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=009_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=004_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BOV_EXCEPTION,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SSC_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PCC_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HEO_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FDS_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BOV_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=902_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=840_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=839_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=821_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=345_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=298_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=275_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=240_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=145_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=140_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=095_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=090_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=089_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=080_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=076_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=074_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=072_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=071_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=067_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=066_FACULTY,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HEO_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=902_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=840_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=839_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=821_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=345_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=298_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=275_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=240_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=140_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=095_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=090_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=089_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=080_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=072_STAFF,OU=SECURITYGROUPS-LOCATIONBASED,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_AST_CONSULTANTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-AFTEREFFECTS-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_HYPERION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HUGHES_LIBRARY_AV59250_LEX_T644,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL4HR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_FIN_PSOFTCUSTOM_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOPRO,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL2HR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-INDESIGN-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_HCM_PSOFTCUSTOM_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-ILLUSTRATOR-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSATICKETENTRY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-PHOTOSHOP-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-PREMIEREPRO-ITC,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TELEFORM_INSTALLS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CISCOCALLMANAGERBILLINGRECIPIENTS,OU=SERVICEACCOUNTS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BRIDGEDESIGNER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NETSUPPORT STUDENT,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_CRCADMIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HYPERION,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DWCC-ACROBAT-MISC,OU=CC-DISTRICT WIDE LICENSING,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CC-PSLA,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSALEVEL4FIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_GUIDANCE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_FIN_PSOFT_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TM_STAFF_RELATIONS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TEST_ACCESS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=KITE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_CLERICALSTAFF,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_VIEWONLY,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_FIN_PSOFTCUSTOM_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PSTOOLS_DEVELOPERS_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REMOTEDESKTOP_OSA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_HCM_IN_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_FIN_OUT_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_SCSD_UPK,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_VANDUYN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCKINLEY_ALL_WORKROOM_TOSHIBA_COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_GRANT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_DRKING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GRANT_LIB_237_366_PRINTERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_CLARY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_MAINOFFICE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_DEV_FIN_PSOFT_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_EDSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_SYRACUSE_LATIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_SALEMHYDE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VANDUYN_MAIN_OFFICE_TOSHIBA_PRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BLENDEDLEARNING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_RM_B111_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_HCM_OUT_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_HCM_PSOFT_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_MAIN_OFFICE_COLOR_TOSHIBA_MFP,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TEAM_ACADEMICS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCKINLEY_LIBRARY_LEX_MX310,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_DEV_HCM_PSOFT_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DATADRIVENCLASSROOM_EXAMSCANNER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_FIN_IN_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SPECIALED_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_MAIN_OFFICE_COLOR_TOSHIBA_MFP,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_GUIDANCE_OFFICE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_ELL,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HW_SMITH_ALL_TOSHIBAS_EXCEPTMAINOFFICE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_DEV_HCM_SCSD_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_DEV_FIN_SCSD_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ENSEMBLE_PSLAMATH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MEACHEM_MAIN_OFFICE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EMAIL_STUDENTINFOUPDATES_ACCESS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PSOFT_PRD_HCM_PSOFTCUSTOM_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SCRATCH,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_MAIN_OFFICE_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COPIER_6_FOWLER_RM141A,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ITC,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_DRKING,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_SALEMHYDE,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_LIBRARY_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_VANDUYN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ALL,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VAN DUYN_TEACHERS_WORKROOM_TOSHIBA_COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DATAANALYSTS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TALENT_MANAGEMENT_FULL_CONTROL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-PHOTOSTORY3,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_DISCP_DROPBOX,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SECURITY_DEPT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REMOTEASSISTANCEUSERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MEACHEM_LIBRARY_LEX_E260DN,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HW_SMITH_ROOM_A12_TOSHIBAS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_MAIN_OFFICE_COLOR_TOSHIBA_MFP,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSLA_RM202_LAB_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_NOTT,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_LEMOYNE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_FRANKLIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_BELLEVUE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_MSAP_HOMEBOUND,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_TRANSPORTATION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_PORTER,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_DRWEEKS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_LINCOLN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_HUGHES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_ALL_PRINTERS_X32,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_SEYMOUR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_RM250_AV182145_LEX_C748,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSLA_MAIN_OFFICE_COLOR_TOSHIBA_MFP,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_HUNTINGTON,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_OSA_DATA_SHARES_WRITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EMAIL_STATUS_CHECK,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ELMS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_STDAN_HEADSTART,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_DANFORTH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_PORTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TALENT_MANAGMENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_WEBSTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_QUAD1_PRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_MEDICALREGISTRATIONSTAFF,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_ELMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_ROBERTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FACEBOOK,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LINKEDIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_HWSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_FRAZER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_DELAWARE_PRIMARY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_BEARD_PREK,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TELEFORM_APPS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ELMS_MAIN_OFFICE_AV178262_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_SYRLATIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_SPED,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_MEACHEM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_CRCDADMIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_SUPPORTPROGRAMS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_MCKINLEY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_QUAD2_PRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DRWEEKS_ALL_TOSHIBA COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FRANKLIN_ROOM_208_TOSHIBA_457,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_WESTSIDE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RECORDSUSERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PAYROLL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_COPYROOM135_TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DRKING_MAINOFFICE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PINTEREST,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MICROSOFT-MOVIEMAKER,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LEMOYNE TOSHIBA COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SMARTBOARDSOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HUGHES_TOSHIBA_COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_BELLEVUE,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ELMS_ROOM176_LEXMARK,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=INSTAGRAM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_PTECH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_MCKINBRIGHTON,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_LIBRARY_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_ITC,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_PRINTER_9,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=AUDACITY,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HENNINGER_LIBRARY_TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_MAIN_OFFICE_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_RM105_LAB_LEX_E450,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_ROBERTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ITC_LIBRARY_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_HEALTH_SERVICES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ROBERTS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_QUAD3_PRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER_ACCESS_TELECOMM,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_DANFORTH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_SEYMOUR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_MERRICK_HEADSTART,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_QUAD4_PRINTER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOOGLE CHROME,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_GRANT_CATHCHAR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSAFULLACCESS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_EDSMITH_SUMNER,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_CORC,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_DELAWARE,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_REGISTRATIONSTAFF,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_ALL_PRINTERS_X64,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_PSLA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_PRE_KSTAFF,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LOGGERPRO,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_BLDGADMINS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOOGLEEARTH-PLUGIN,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOCIAL MEDIA ADULTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VISITOR_ADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_CABHORSE_SALVARMY,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_BENEFITS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_MANOS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_ELMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_PTECH,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSLA_RM203_LAB_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_JOWONIO,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_CLARY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_LIBRARY_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_FRANKLIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCKINLEY_LAB_RM134_LEX_MX310,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_WORKCOMP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOOGLEEARTH,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_HEARING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_ADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ERWINNURSERY,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_EDULOG_ELT_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_WESTSIDE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_VIEWALL,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_LEMOYNE,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HENN-ADOBEDESIGNPREMIUM,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_SUMNER_HEADSTART,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_MEACHEM,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_PRINTER_10,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_BOARD_RECS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_POMPEII_CATHCHAR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_FRAZER,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_PSLA,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HUNTINGTON,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_STUDENT_SUPPORT_SERVICES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_VINCENTHOUSE,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ATONEMENT,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=INSPIRATION9,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_LEARNASGROW,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_NOTT_NRSTEM,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_SUPERADMIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_TEACHERS_ROOM_TOSHIBA_COPIERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HWSMITH,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CISCOWORKS,OU=DISTRIBUTIONGROUPS,OU=EMAILSPECIALOBJECTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_CORC_IB,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_STBRIGID_HEADSTART,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_ELMCREST_SMALLWONDERS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HUNTINGTONFAMCTR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_TM_HS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_GRANT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HAWLEY_CATHCHAR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_DRWEEKS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=AFTERSCHOOL,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_WEBSTER,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_ADMIN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_PARKSIDE_ARCOFONONDAGA,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_PARKST_CATHCHAR,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HENN_HCP,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_GUIDANCE_OFFICE_LEX_MX310,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_RM273_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IT DEPT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HUGHES_COLOR_LEX_C935,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_CAREER_LAB_HPLJ2420,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_HUNTINGTON,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_TEACHERS_RM8_PRINTERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_HSCOUNSELORS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_EDSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CO_PHYS_ED_TOSHIBA_STUDIO305,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SLORESULTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_RM250_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ESL-SHARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FOWLER_COSMETOLOGY_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REGENTS_SUMMER_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_HWSMITH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_EDULOG_ELT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REGENTS_SUMMER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_P_HENN,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_MSCOUNSELORS,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_FRAZER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_LINCOLN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SLORESULTS_RO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_MSAP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_RM71_LEXE260,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BOVAIMAGES,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SC_R_ADMIND,OU=SECURITYGROUPS-SMARTCHOICE,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CHANGE_PW,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROOM_A12_TOSHIBAS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_PARKSIDEPK,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_NOTTINGHAM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_HENNINGER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_FOWLER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_DELAWARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_CORCORAN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_SS_BUILDING_MEN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLASSMATES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ASK.FM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TAGGED,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MEETME,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MEETUP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VINE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VK,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TUMBLR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BEARD_PRE_K_OFFICE_TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_GUIDANCE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_RM118A_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PERS2,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PLTW-LOCAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ABSLTTR,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TELECOM_TECHS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYNREVOICEUSERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSOFT_ACCESS_ADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRSTAFF,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTASUPLOOKUP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SOLOSUITE6PLUS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PS_OSA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TWITTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCKINLEY_MAIN_OFFICE_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRMSPMVIEW,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SR_WUFOO_REGISTRATION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PLTW-MACHINES,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BASICSTAMP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ESCHOOLPLUS ADMINS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HATS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PURCHASING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DRKING_ROOMB115_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ACCOUNTING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ITC-LABS,OU=001 - CENTRAL TECH,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAFAPPROVAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NUTRIKIDS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_FISCAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DELAWARE_LAPTOP_CARTS_X131,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GRANTS_READ,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_EARLYCHILDHOOD,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_CONTRACTS_RECEIVING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE__OSA_ADS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SR_WUFOO_LATIN_SCHOOL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SEON,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PAYFTP,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_IB,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SR_WUFOO_DATA,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_MAIN_OFFICE_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NAUGHTY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_ALL_QUAD_PRINTERS,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_NOTTINGHAM_STEM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_RM324_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPECIAL_ED_REG,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_CENTRAL_REGISTRATION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MCKINLEY_MAIN_OFFICE_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DRKING_WORKROOM_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_ESL_APPLICANTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_RM324_STEM_LAB_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FINANCE MAILBOX PERMISSIONS GROUP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MINITAB17,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CISCOACSADMIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ROBERTS_RM140_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_TEACHERS_ROOM_LEX_T644,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CORCORAN_LIBRARY_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CPS,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_AS400-ARCHIVE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SCCMFULLADMIN,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TMTEAM,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_LIBRARY_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GRANTS_FULL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT-PRODUCTIONPREMIUM,OU=ADOBE SOFTWARE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_OSA_DATA_SHARES,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EINSTRUCTION_WORKSPACE,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DANFORTH_MAINOFFICE_LEX_C748DE,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HOOTSUITE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FLICKR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SR_WUFOO_SUMMER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLARY_RM70_E460DN,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BEARD_MAINOFFICE_TOSHIBA,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ENSEMBLEUSERS,OU=SERVICE ACCOUNTS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_REG_HENNINGER_HEALTH_CAREERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOOGLE SKETCHUP,OU=SCCM SOFTWARE INSTALL GROUPS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_EDULOG_DYN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_MAINOFFICE_LEX_MS510,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOTT_GW15_TOSHIBA_COPIER,OU=SCCM PRINTER INSTALLS,OU=BUILDINGS,OU=WORKSTATIONS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BOVASCAN,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CISCOCALLMGRALERT,OU=SERVICEACCOUNTS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=POLICE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_DATAWAREHOUSE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COGNOS AUTHORS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEM GALAXY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COGNOS ADMINS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_NOTICEOFCLAIMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NOBARBYPASS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNADDRESSEDMESSAGES31F2136C,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEMEVENTMESSAGES4F1A2404,OU=GROUPS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ACCOUNTING DEPARTMENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CERTSVC_DCOM_ACCESS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CISCOEMERGENCYRESPONDERADMINS,OU=SERVICEACCOUNTS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ESCHOOLPLUS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE ENTERPRISE SERVERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PASSWORDPROPDENY,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTICKETWXO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOSEARCH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTICKETHRMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAHRADMINS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE INSTALL DOMAIN SERVERS,CN=MICROSOFT EXCHANGE SYSTEM OBJECTS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOPAYROLLSTAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SPECIALPROGRAMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRMSPM,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTICKETAPPLICATION,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSFINACCT,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOFISCAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAHRMSSEARCH,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_SUPERINTENDENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PROGRAMMERS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOPAYROLLADMIN,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NVISION USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LMS-LOCAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HEALTHOFFICECO,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NEWEMPENTRYAPP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PRINTSHOP,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALLSUBSCRIBERS20FB0106,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IBM PEOPLESOFT,OU=IBM,OU=VENDORS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_GUIDANCECOUNSELORS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTASTAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_OSA_ACCOUNTABILITY,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_PERS1,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=OPERATIONS DOCUWARE,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BYPASS CONTENT FILTERING,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=STAFF ID CARDS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RECORD,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPS SYSTEM ADMINS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAWXOSUPERVISOR,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PSOFT ADMINS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPECEDSCAN,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_CONTRACTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HRTAFISCAL,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WESTSIDE STUDENTS,OU=STUDENTS,OU=WSLC USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DELAWARE.SBITBEHAVIORTEAM,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RISK MANAGEMENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CHILDREN,OU=STUDENTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MAILBOXMGMT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_LMS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ADULTS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TRANS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXAMGEN,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALLSUBSCRIBERS4F1A2404,OU=GROUPS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IBM SHAREPOINT USERS,OU=IBM,OU=VENDORS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DHCP USERS,OU=SERVICE ACCOUNTS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SENIOR STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EDULOGUSERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PTSD,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=LOCAL ADMINISTRATOR CAPABILITY ON THEIR COMPUTER,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BENEFITS DEPARTMENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SG_BUDGET DEPARTMENT,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALLSUBSCRIBERS31F2136C,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALANY,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SPI SYSTEM ADMINS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SHARE_QDLS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WEBSMS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TECHS,OU=SECURITYGROUPS-MISC,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WEBSMS ADMINS,OU=ESCHOOL USERS,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=FINSTAFF,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNADDRESSEDMESSAGES20FB0106,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TTK,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ADMIN LIST MANAGERS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNITYVOICEMAILONLYUSERS,OU=GROUPS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEMEVENTMESSAGES31F2136C,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNITYADMINEMAILGROUP,OU=SERVICEACCOUNTS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SYSTEMEVENTMESSAGES20FB0106,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HEALTHYSHOTS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNADDRESSEDMESSAGES4F1A2404,OU=GROUPS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ACS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SAY_YES,OU=STAFF,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HELPSERVICESGROUP,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IIS_WPG,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WIRELESS,OU=SERVICE ACCOUNTS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UNITYEXCHANGEADMINS,OU=SERVICEACCOUNTS,OU=UNITY,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GOOGLE PLUS,OU=SCSDUSERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE DOMAIN SERVERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=TERMINAL SERVER LICENSE SERVERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=IIS_IUSRS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DOMAIN ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ADMINISTRATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ENTERPRISE ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GUESTS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=BACKUP OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REMOTE DESKTOP USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CERTIFICATE SERVICE DCOM ACCESS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DOMAIN COMPUTERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ACCOUNT OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRE-WINDOWS 2000 COMPATIBLE ACCESS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DENIED RODC PASSWORD REPLICATION GROUP,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=WINDOWS AUTHORIZATION ACCESS GROUP,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REMOTE MANAGEMENT USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=GROUP POLICY CREATOR OWNERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SCHEMA ADMINS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CERT PUBLISHERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PROTECTED USERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ACCESS CONTROL ASSISTANCE OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CLONEABLE DOMAIN CONTROLLERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HYPER-V ADMINISTRATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RDS MANAGEMENT SERVERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RDS ENDPOINT SERVERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RDS REMOTE ACCESS SERVERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=READ-ONLY DOMAIN CONTROLLERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DOMAIN CONTROLLERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=REPLICATOR,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PRINT OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RAS AND IAS SERVERS,OU=SERVICE ACCOUNTS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PERFORMANCE LOG USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ENTERPRISE READ-ONLY DOMAIN CONTROLLERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EVENT LOG READERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ALLOWED RODC PASSWORD REPLICATION GROUP,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=CRYPTOGRAPHIC OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DOMAIN GUESTS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DISTRIBUTED COM USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DOMAIN USERS,CN=USERS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=INCOMING FOREST TRUST BUILDERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PERFORMANCE MONITOR USERS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=NETWORK CONFIGURATION OPERATORS,CN=BUILTIN,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE IMPORT EXPORT AND DELETE,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DISCOVERY MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=SERVER MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=DELEGATED SETUP,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HYGIENE MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=COMPLIANCE MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=MANAGED AVAILABILITY SERVERS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE WINDOWS PERMISSIONS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=ORGANIZATION MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RECIPIENT MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=VIEW-ONLY ORGANIZATION MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=PUBLIC FOLDER MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=UM MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=HELP DESK,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=RECORDS MANAGEMENT,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE TRUSTED SUBSYSTEM,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGELEGACYINTEROP,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE PUBLIC FOLDER ADMINISTRATORS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE VIEW-ONLY ADMINISTRATORS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE RECIPIENT ADMINISTRATORS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE ORGANIZATION ADMINISTRATORS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
edit "CN=EXCHANGE SERVERS,OU=MICROSOFT EXCHANGE SECURITY GROUPS,DC=SCSD,DC=AD"
set server-name "Orion"
next
end
config user fsso-polling
end
config user fortitoken
end
config user password-policy
end
config user local
edit "jorge-mike"
set status enable
set type password
set two-factor disable
set email-to ''
set sms-server fortiguard
set sms-phone ''
set passwd-policy ''
set passwd-time 2025-10-03 12:14:17
set authtimeout 0
set auth-concurrent-override disable
set ppk-secret ENC Xdqqntr9shAwTNHyEDRdtcOd6/iMKlSL+tb7JZvEBkL9wXRka/leBcEZVwGZgjL95PpIARgKhSZfb0b1WN6kD0rnZESx/+Mh4xyhdnIyyp0c8nhP9dyn+mIuAHShaKKYxFOk65MIp4fNFmtRYGGF72IUvPeiL0a2k3+tG3gJzShq+pVkvJDoFqltImACITrtTlnIIw==
set ppk-identity ''
set passwd ENC 8bdnDDRnGdGuzhmLaKSUH1It4F61Lx1CxPNwKXFZQ5tIbxf9gEz6G3O1aAmvxjckfE2Ioao2VpBMVLyX8AS/IDfJuu5jjuyJU75t0yqi/4BkAWZlvyvdcuPbL1i7uIwuULYUEJpUwO9Ni7qEjxpe17n3nHr6dOl/onsGbRIMtrVj9eJNQCvZvN60nopG2Rn4trDOuw==
next
end
config user setting
set auth-type http https ftp telnet
set auth-cert "Fortinet_Factory"
set auth-ca-cert ''
set auth-secure-http disable
set auth-http-basic disable
set auth-ssl-allow-renegotiation disable
set auth-src-mac enable
set auth-on-demand implicitly
set auth-timeout 5
set auth-timeout-type idle-timeout
set auth-portal-timeout 3
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
set per-policy-disclaimer disable
set auth-ssl-min-proto-version default
unset auth-ssl-max-proto-version
set auth-ssl-sigalgs all
end
config user peer
end
config user peergrp
end
config user quarantine
set quarantine enable
set traffic-policy ''
set firewall-groups ''
end
config user group
edit "SSO_Guest_Users"
set authtimeout 0
set http-digest-realm ''
next
edit "SSL_VPN_Full_Access"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=VPN_Fortinet,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=VPN_Fortinet,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=VPN_Fortinet,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Web_Servers_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_DistrictWebsite,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_DistrictWebsite,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_DistrictWebsite,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_SchoolTool_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_SchoolTool,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_SchoolTool,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_SchoolTool,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_DayAuto_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_DayAutomation,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_DayAutomation,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_DayAutomation,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Security_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Hyperion_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=VPN_Hyperion,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=VPN_Hyperion,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=VPN_Hyperion,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Peoplesoft_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=VPN_Peoplesoft,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=VPN_Peoplesoft,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=VPN_Peoplesoft,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_WebCRD_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_WebCRD,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_WebCRD,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_WebCRD,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Access411_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "HVDC03.scsd.ad" "DC01.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=VPN_Access_Access411,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=VPN_Access_Access411,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=VPN_Access_Access411,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_DocHolliday_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_Doc,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_Doc,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_Doc,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Access_Control_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "DC01.scsd.ad" "HVDC03.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=Server_Local_Admin_Security,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "VPN_Auditor_Group"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "HVDC02.scsd.ad" "HVDC03.scsd.ad" "DC01.scsd.ad"
config match
edit 1
set server-name "DC01.scsd.ad"
set group-name "CN=VPN_Auditors,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 2
set server-name "HVDC02.scsd.ad"
set group-name "CN=VPN_Auditors,OU=SCSDUsers,DC=scsd,DC=ad"
next
edit 3
set server-name "HVDC03.scsd.ad"
set group-name "CN=VPN_Auditors,OU=SCSDUsers,DC=scsd,DC=ad"
next
end
next
edit "FortiGateAccess"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "azure" "jorge-mike"
config match
edit 1
set server-name "azure"
set group-name "5021feae-da5a-4d27-8d9d-4927b39324c7"
next
end
next
edit "SSL_VPN_SCSD_USER"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "scsd_user_sso"
next
edit "SSL_VPN_SCSD_USER2"
set group-type firewall
set authtimeout 0
set auth-concurrent-override disable
set http-digest-realm ''
set member "scsd_user2_sso"
config match
edit 1
set server-name "scsd_user2_sso"
set group-name "ac4a0b00-0f87-48ae-8d66-1a74019ca4ec"
next
end
next
end
config user security-exempt-list
end
config vpn ssl web realm
end
config vpn ssl web host-check-software
edit "FortiClient-AV"
set os-type windows
set type av
set version ''
set guid "1A0271D5-3D4F-46DB-0C2C-AB37BA90D9F7"
next
edit "FortiClient-FW"
set os-type windows
set type fw
set version ''
set guid "528CB157-D384-4593-AAAA-E42DFF111CED"
next
edit "FortiClient-AV-Vista"
set os-type windows
set type av
set version ''
set guid "385618A6-2256-708E-3FB9-7E98B93F91F9"
next
edit "FortiClient-FW-Vista"
set os-type windows
set type fw
set version ''
set guid "006D9983-6839-71D6-14E6-D7AD47ECD682"
next
edit "FortiClient5-AV"
set os-type windows
set type av
set version ''
set guid "5EEDDB8C-C27A-6714-3657-DBD811D1F1B7"
next
edit "AVG-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "17DDD097-36FF-435F-9E1B-52D74245D6BF"
next
edit "AVG-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "8DECF618-9569-4340-B34A-D78D28969B66"
next
edit "AVG-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "0C939084-9E57-CBDB-EA61-0B0C7F62AF82"
next
edit "AVG-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "34A811A1-D438-CA83-C13E-A23981B1E8F9"
next
edit "CA-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "17CFD1EA-56CF-40B5-A06B-BD3A27397C93"
next
edit "CA-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "6B98D35F-BB76-41C0-876B-A50645ED099A"
next
edit "CA-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "38102F93-1B6E-4922-90E1-A35D8DC6DAA3"
next
edit "CA-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "3EED0195-0A4B-4EF3-CC4F-4F401BDC245F"
next
edit "CA-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "06D680B0-4024-4FAB-E710-E675E50F6324"
next
edit "CA-Personal-Firewall"
set os-type windows
set type fw
set version ''
set guid "14CB4B80-8E52-45EA-905E-67C1267B4160"
next
edit "F-Secure-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E7512ED5-4245-4B4D-AF3A-382D3F313F15"
next
edit "F-Secure-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "D4747503-0346-49EB-9262-997542F79BF4"
next
edit "F-Secure-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "15414183-282E-D62C-CA37-EF24860A2F17"
next
edit "F-Secure-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "2D7AC0A6-6241-D774-E168-461178D9686C"
next
edit "Kaspersky-AV"
set os-type windows
set type av
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-FW"
set os-type windows
set type fw
set version ''
set guid "2C4D4BC6-0793-4956-A9F9-E252435469C0"
next
edit "Kaspersky-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "AE1D740B-8F0F-D137-211D-873D44B3F4AE"
next
edit "Kaspersky-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "9626F52E-C560-D06F-0A42-2E08BA60B3D5"
next
edit "McAfee-Internet-Security-Suite-AV"
set os-type windows
set type av
set version ''
set guid "84B5EE75-6421-4CDE-A33A-DD43BA9FAD83"
next
edit "McAfee-Internet-Security-Suite-FW"
set os-type windows
set type fw
set version ''
set guid "94894B63-8C7F-4050-BDA4-813CA00DA3E8"
next
edit "McAfee-Internet-Security-Suite-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "86355677-4064-3EA7-ABB3-1B136EB04637"
next
edit "McAfee-Internet-Security-Suite-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "BE0ED752-0A0B-3FFF-80EC-B2269063014C"
next
edit "McAfee-Virus-Scan-Enterprise"
set os-type windows
set type av
set version ''
set guid "918A2B0B-2C60-4016-A4AB-E868DEABF7F0"
next
edit "Norton-360-2.0-AV"
set os-type windows
set type av
set version ''
set guid "A5F1BC7C-EA33-4247-961C-0217208396C4"
next
edit "Norton-360-2.0-FW"
set os-type windows
set type fw
set version ''
set guid "371C0A40-5A0C-4AD2-A6E5-69C02037FBF3"
next
edit "Norton-360-3.0-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-360-3.0-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "E10A9785-9598-4754-B552-92431C1C35F8"
next
edit "Norton-Internet-Security-FW"
set os-type windows
set type fw
set version ''
set guid "7C21A4C9-F61F-4AC4-B722-A6E19C16F220"
next
edit "Norton-Internet-Security-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Norton-Internet-Security-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Symantec-Endpoint-Protection-AV"
set os-type windows
set type av
set version ''
set guid "FB06448E-52B8-493A-90F3-E43226D3305C"
next
edit "Symantec-Endpoint-Protection-FW"
set os-type windows
set type fw
set version ''
set guid "BE898FE3-CD0B-4014-85A9-03DB9923DDB6"
next
edit "Symantec-Endpoint-Protection-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855"
next
edit "Symantec-Endpoint-Protection-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "B0F2DB13-C654-2E74-30D4-99C9310F0F2E"
next
edit "Panda-Antivirus+Firewall-2008-AV"
set os-type windows
set type av
set version ''
set guid "EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A"
next
edit "Panda-Antivirus+Firewall-2008-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Panda-Internet-Security-AV"
set os-type windows
set type av
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2006~2007-FW"
set os-type windows
set type fw
set version ''
set guid "4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0"
next
edit "Panda-Internet-Security-2008~2009-FW"
set os-type windows
set type fw
set version ''
set guid "7B090DC0-8905-4BAF-8040-FD98A41C8FB8"
next
edit "Sophos-Anti-Virus"
set os-type windows
set type av
set version ''
set guid "3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW"
set os-type windows
set type fw
set version ''
set guid "0786E95E-326A-4524-9691-41EF88FB52EA"
next
edit "Sophos-Enpoint-Secuirty-and-Control-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "479CCF92-4960-B3E0-7373-BF453B467D2C"
next
edit "Sophos-Enpoint-Secuirty-and-Control-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "7FA74EB7-030F-B2B8-582C-1670C5953A57"
next
edit "Trend-Micro-AV"
set os-type windows
set type av
set version ''
set guid "7D2296BC-32CC-4519-917E-52E652474AF5"
next
edit "Trend-Micro-FW"
set os-type windows
set type fw
set version ''
set guid "3E790E9E-6A5D-4303-A7F9-185EC20F3EB6"
next
edit "Trend-Micro-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "48929DFC-7A52-A34F-8351-C4DBEDBD9C50"
next
edit "Trend-Micro-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "70A91CD9-303D-A217-A80E-6DEE136EDB2B"
next
edit "ZoneAlarm-AV"
set os-type windows
set type av
set version ''
set guid "5D467B10-818C-4CAB-9FF7-6893B5B8F3CF"
next
edit "ZoneAlarm-FW"
set os-type windows
set type fw
set version ''
set guid "829BDA32-94B3-44F4-8446-F8FCFF809F8B"
next
edit "ZoneAlarm-AV-Vista-Win7"
set os-type windows
set type av
set version ''
set guid "D61596DF-D219-341C-49B3-AD30538CBC5B"
next
edit "ZoneAlarm-FW-Vista-Win7"
set os-type windows
set type fw
set version ''
set guid "EE2E17FA-9876-3544-62EC-0405AD5FFB20"
next
edit "ESET-Smart-Security-AV"
set os-type windows
set type av
set version ''
set guid "19259FAE-8396-A113-46DB-15B0E7DFA289"
next
edit "ESET-Smart-Security-FW"
set os-type windows
set type fw
set version ''
set guid "211E1E8B-C9F9-A04B-6D84-BC85190CE5F2"
next
end
config vpn ssl web portal
edit "full-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url ''
set hide-sso-credential enable
next
edit "web-access"
set tunnel-mode disable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set dns-suffix ''
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "tunnel-access"
set tunnel-mode enable
set ipv6-tunnel-mode enable
set web-mode disable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSLVPN_TUNNEL_ADDR1"
set split-tunneling enable
set split-tunneling-routing-negate disable
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
set ipv6-split-tunneling enable
set ipv6-split-tunneling-routing-negate disable
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
next
edit "SCSD_VPN_FULL_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "IPv4-Private-All-RFC1918"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "SchoolTool_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download disable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark disable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "Obiwan_RDP"
set apptype rdp
set description ''
set host "10.1.48.202"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "HanSolo_RDP"
set apptype rdp
set description ''
set host "10.1.48.201"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "C3PO_RDP"
set apptype rdp
set description ''
set host "10.1.48.133"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Chewbacca_RDP"
set apptype rdp
set description ''
set host "10.1.48.129"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Skywalker_RDP"
set apptype rdp
set description ''
set host "10.1.48.63"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Yoda_RDP"
set apptype rdp
set description ''
set host "10.1.48.103"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "MANDO_RDP"
set apptype rdp
set description ''
set host "10.1.40.72"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "GROGU_RDP"
set apptype rdp
set description ''
set host "10.1.40.224"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
end
next
end
set display-connection-tools disable
set display-history disable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SCSD SchoolTool VPN"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set hide-sso-credential enable
next
edit "Website_Server_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark disable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "Webosphere_RDP"
set apptype rdp
set description ''
set host "10.1.48.117"
set keyboard-layout en-us
set security rdp
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Webosphere_FTP"
set apptype ftp
set description ''
set folder "10.1.48.117"
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
next
end
next
end
set display-connection-tools disable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD Website VPN Portal"
set redir-url ''
set theme mariner
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "DayAutomation_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "Day_Enterprise_Server"
set apptype rdp
set description ''
set host "10.1.40.108"
set keyboard-layout en-us
set security rdp
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Day_VM_Server"
set apptype rdp
set description ''
set host "10.1.40.173"
set keyboard-layout en-us
set security rdp
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "Day_Continuum_Server"
set apptype rdp
set description ''
set host "10.1.40.188"
set keyboard-layout en-us
set security rdp
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
end
next
end
set display-connection-tools disable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD Day Automation VPN Portal"
set redir-url ''
set theme melongene
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "Security_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD Security VPN Portal"
set redir-url ''
set theme mariner
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "Hyperion_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD_Hyperion_VPN_Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "Peoplesoft_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD_Peoplesoft_VPN_Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "WebCRD_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD_WebCRD_VPN_Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "Access411_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download disable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark disable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "411app"
set apptype rdp
set description ''
set host "10.1.40.216"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "411sql"
set apptype rdp
set description ''
set host "10.1.40.225"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "411app HomePage"
set apptype web
set description ''
set url "https://411app.scsd.us"
set sso disable
next
end
next
end
set display-connection-tools disable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD Access411 VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set hide-sso-credential enable
next
edit "DocHolliday_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD DocHolliday Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "AccessControl_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history disable
set display-status disable
set rewrite-ip-uri-ui disable
set heading "SCSD Access Control VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url enable
set windows-forticlient-download-url "https://links.fortinet.com/forticlient/win/vpnagent"
set macos-forticlient-download-url "https://links.fortinet.com/forticlient/mac/vpnagent"
set hide-sso-credential enable
next
edit "Auditor_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download disable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "Finance"
set apptype web
set description ''
set url "http://psprdfin.scsd.ad/psp/FPRD/"
set sso disable
next
edit "HR"
set apptype web
set description ''
set url "http://psprdhcm.scsd.ad/psp/HPRD"
set sso disable
next
end
next
end
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SSL-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard disable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set hide-sso-credential enable
next
edit "Azure_Test_Portal"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download enable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8" "IPv4-Private-All-RFC1918"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "Azure-VPN Portal"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set forticlient-download-method direct
set customize-forticlient-download-url disable
set hide-sso-credential enable
next
edit "SCSD_USER_PORTAL"
set tunnel-mode enable
set ipv6-tunnel-mode disable
set web-mode enable
set allow-user-access web ftp smb sftp telnet ssh vnc rdp ping
set limit-user-logins disable
set forticlient-download disable
set ip-mode range
set auto-connect disable
set keep-alive disable
set save-password disable
set ip-pools "SSL_VPN_Range"
set split-tunneling enable
set split-tunneling-routing-negate disable
set split-tunneling-routing-address "Internal_10.0.0.0_8" "IPv4-Private-All-RFC1918"
set dns-server1 0.0.0.0
set dns-server2 0.0.0.0
set dns-suffix ''
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable
config bookmark-group
edit "gui-bookmarks"
next
end
set display-connection-tools enable
set display-history enable
set display-status enable
set rewrite-ip-uri-ui disable
set heading "SCSD-USER-PORTAL"
set redir-url ''
set theme neutrino
set custom-lang ''
set smb-ntlmv1-auth disable
set smb-min-version smbv2
set smb-max-version smbv3
set use-sdwan disable
set clipboard enable
set default-window-width 1024
set default-window-height 768
set host-check none
set mac-addr-check disable
set os-check disable
set hide-sso-credential enable
next
end
config vpn ssl settings
set status enable
set reqclientcert disable
set ssl-max-proto-ver tls1-3
set ssl-min-proto-ver tls1-2
unset banned-cipher
set ciphersuite TLS-AES-128-GCM-SHA256 TLS-AES-256-GCM-SHA384 TLS-CHACHA20-POLY1305-SHA256
set ssl-insert-empty-fragment enable
set https-redirect disable
set x-content-type-options enable
set ssl-client-renegotiation disable
set force-two-factor-auth disable
set servercert "StarCert-Expire03202026"
set algorithm high
set idle-timeout 3600
set auth-timeout 36000
set login-attempt-limit 2
set login-block-time 60
set login-timeout 180
set dtls-hello-timeout 10
set tunnel-ip-pools "SSL_VPN_Range"
set dns-suffix ''
set dns-server1 10.1.40.10
set dns-server2 10.21.48.10
set wins-server1 0.0.0.0
set wins-server2 0.0.0.0
set ipv6-dns-server1 ::
set ipv6-dns-server2 ::
set ipv6-wins-server1 ::
set ipv6-wins-server2 ::
set url-obscuration disable
set http-compression disable
set http-only-cookie enable
set port 10443
set port-precedence enable
set auto-tunnel-static-route enable
set header-x-forwarded-for add
set source-interface "outside"
set source-address "all"
set source-address-negate disable
set source-address6 "all"
set source-address6-negate disable
set default-portal "tunnel-access"
config authentication-rule
edit 1
set groups "SSL_VPN_Full_Access"
set portal "SCSD_VPN_FULL_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 2
set groups "VPN_SchoolTool_Group"
set portal "SchoolTool_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 4
set groups "VPN_Web_Servers_Group"
set portal "Website_Server_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 5
set groups "VPN_DayAuto_Group"
set portal "DayAutomation_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 6
set groups "VPN_Security_Group"
set portal "Security_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 7
set groups "VPN_Hyperion_Group"
set portal "Hyperion_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 8
set groups "VPN_Peoplesoft_Group"
set portal "Peoplesoft_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 9
set groups "VPN_WebCRD_Group"
set portal "WebCRD_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 10
set groups "VPN_Access411_Group"
set portal "Access411_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 11
set groups "VPN_DocHolliday_Group"
set portal "DocHolliday_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 12
set groups "VPN_Access_Control_Group"
set portal "AccessControl_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 13
set groups "VPN_Auditor_Group"
set portal "Auditor_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 14
set groups "FortiGateAccess"
set portal "Azure_Test_Portal"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 15
set groups "SSL_VPN_SCSD_USER"
set portal "SCSD_USER_PORTAL"
set realm ''
set client-cert disable
set cipher high
set auth any
next
edit 16
set groups "SSL_VPN_SCSD_USER2"
set portal "SCSD_USER_PORTAL"
set realm ''
set client-cert disable
set cipher high
set auth any
next
end
set dtls-tunnel enable
set check-referer disable
set http-request-header-timeout 60
set http-request-body-timeout 60
set auth-session-check-source-ip enable
set tunnel-connect-without-reauth disable
set hsts-include-subdomains disable
set transform-backward-slashes disable
set encode-2f-sequence disable
set encrypt-and-store-password disable
set client-sigalgs all
set dual-stack-mode disable
set tunnel-addr-assigned-method first-available
set saml-redirect-port 8020
set dtls-max-proto-ver dtls1-2
set dtls-min-proto-ver dtls1-0
end
config vpn ssl web user-group-bookmark
end
config vpn ssl web user-bookmark
edit "vpn_user1#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "tmarri81#SSL_VPN_Full_Access"
set custom-lang ''
config bookmarks
edit "TimMac_FTP"
set apptype ftp
set description ''
set folder "10.1.7.110"
set sso disable
next
edit "My_PC"
set apptype rdp
set description ''
set host "10.1.7.137"
set keyboard-layout en-us
set security any
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
edit "My Mac"
set apptype vnc
set description ''
set host "10.1.7.110"
set port 5900
set logon-user "tmarris"
set logon-password ENC uazzGWuiTLcKDBLOcrUVngpV82yxbKWQQEhAZAk3vtNcpM02O0IFo07YY79qUARi+hmwnA+KXOXrotuLXuLZaKaMTF88WUuroFtZzoSAup6tFVptZIettXR/U5sT2pw6cMP5keTk9nBvrEgi2dM8oNGCwr3k3UWeLV5OsrjlBd5heWkOTpRT5MA67nAMmxWfx09BDg==
set color-depth 16
next
end
next
edit "tmarri81.admin#VPN_SchoolTool_Group"
set custom-lang ''
next
edit "dteacher#VPN_PrintServer_Group"
set custom-lang ''
next
edit "gdaniels.admin#VPN_PrintServer_Group"
set custom-lang ''
next
edit "gdaniels#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "tmarri81.admin#SSL_VPN_Full_Access"
set custom-lang ''
config bookmarks
edit "MrRobot_FTP"
set apptype ftp
set description ''
set folder "10.1.40.101"
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
next
edit "Obiwan_RDP"
set apptype rdp
set description ''
set host "10.1.48.202"
set keyboard-layout en-us
set security rdp
set send-preconnection-id disable
set load-balancing-info ''
set restricted-admin disable
set port 3389
set color-depth 16
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
set width 0
set height 0
next
end
next
edit "tmarri81.la#SSL_VPN_Full_Access"
set custom-lang ''
config bookmarks
edit "MrRobot_FTP"
set apptype ftp
set description ''
set folder "10.1.40.101"
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
next
end
next
edit "hrice.oa#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "tmarri81#VPN_Security_Group"
set custom-lang ''
next
edit "timoon67#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "tmarri81.la#VPN_Hyperion_Group"
set custom-lang ''
next
edit "tmarri81.la#VPN_Peoplesoft_Group"
set custom-lang ''
next
edit "tmarri81.la#VPN_WebCRD_Group"
set custom-lang ''
next
edit "webcrdsupport#VPN_WebCRD_Group"
set custom-lang ''
next
edit "tmarri81.la#VPN_DocHolliday_Group"
set custom-lang ''
next
edit "mnichols.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "ddunn.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "jgriffin.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "swalts49#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "Bstrohm_admin#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "jgumpert#VPN_Peoplesoft_Group"
set custom-lang ''
next
edit "gedelstein#VPN_DayAuto_Group"
set custom-lang ''
next
edit "tmarri81.la#VPN_DayAuto_Group"
set custom-lang ''
next
edit "wlakie.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "Katapult.oa#VPN_DocHolliday_Group"
set custom-lang ''
next
edit "aolEVA60#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "aoleva60#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "hebuck02#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "kcampion.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "jchapman.oa#VPN_Hyperion_Group"
set custom-lang ''
next
edit "btrzaskos.oa#VPN_DayAuto_Group"
set custom-lang ''
next
edit "ysun.oa#VPN_Hyperion_Group"
set custom-lang ''
next
edit "sreddy.OA#VPN_Hyperion_Group"
set custom-lang ''
next
edit "bstrohm_admin#SSL_VPN_Full_Access"
set custom-lang ''
next
edit "navd.oa#VPN_Peoplesoft_Group"
set custom-lang ''
config bookmarks
edit "SCSD PS DEV"
set apptype web
set description ''
set url "http://psdevhcm.scsd.ad/psp/HDEV/?cmd=login&languageCd=ENG&"
set sso disable
next
end
next
end
config vpn ssl client
end
config voip profile
edit "default"
set feature-set proxy
set comment "Default VoIP profile."
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line pass
set malformed-header-via pass
set malformed-header-from pass
set malformed-header-to pass
set malformed-header-call-id pass
set malformed-header-cseq pass
set malformed-header-rack pass
set malformed-header-rseq pass
set malformed-header-contact pass
set malformed-header-record-route pass
set malformed-header-route pass
set malformed-header-expires pass
set malformed-header-content-type pass
set malformed-header-content-length pass
set malformed-header-max-forwards pass
set malformed-header-allow pass
set malformed-header-p-asserted-identity pass
set malformed-header-sdp-v pass
set malformed-header-sdp-o pass
set malformed-header-sdp-s pass
set malformed-header-sdp-i pass
set malformed-header-sdp-c pass
set malformed-header-sdp-b pass
set malformed-header-sdp-z pass
set malformed-header-sdp-k pass
set malformed-header-sdp-a pass
set malformed-header-sdp-t pass
set malformed-header-sdp-r pass
set malformed-header-sdp-m pass
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
edit "strict"
set feature-set proxy
set comment ''
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line discard
set malformed-header-via discard
set malformed-header-from discard
set malformed-header-to discard
set malformed-header-call-id discard
set malformed-header-cseq discard
set malformed-header-rack discard
set malformed-header-rseq discard
set malformed-header-contact discard
set malformed-header-record-route discard
set malformed-header-route discard
set malformed-header-expires discard
set malformed-header-content-type discard
set malformed-header-content-length discard
set malformed-header-max-forwards discard
set malformed-header-allow discard
set malformed-header-p-asserted-identity discard
set malformed-header-sdp-v discard
set malformed-header-sdp-o discard
set malformed-header-sdp-s discard
set malformed-header-sdp-i discard
set malformed-header-sdp-c discard
set malformed-header-sdp-b discard
set malformed-header-sdp-z discard
set malformed-header-sdp-k discard
set malformed-header-sdp-a discard
set malformed-header-sdp-t discard
set malformed-header-sdp-r discard
set malformed-header-sdp-m discard
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
edit "parks_sip"
set feature-set proxy
set comment "VoIP Profile for Parks SIP"
config sip
set status enable
set rtp enable
set nat-port-range 5117-65533
set open-register-pinhole enable
set open-contact-pinhole enable
set strict-register enable
set register-rate 0
set invite-rate 0
set max-dialogs 0
set max-line-length 998
set block-long-lines enable
set block-unknown enable
set call-keepalive 0
set block-ack disable
set block-bye disable
set block-cancel disable
set block-info disable
set block-invite disable
set block-message disable
set block-notify disable
set block-options disable
set block-prack disable
set block-publish disable
set block-refer disable
set block-register disable
set block-subscribe disable
set block-update disable
set register-contact-trace disable
set open-via-pinhole disable
set open-record-route-pinhole enable
set rfc2543-branch disable
set log-violations disable
set log-call-summary enable
set nat-trace enable
set subscribe-rate 0
set message-rate 0
set notify-rate 0
set refer-rate 0
set update-rate 0
set options-rate 0
set ack-rate 0
set prack-rate 0
set info-rate 0
set publish-rate 0
set bye-rate 0
set cancel-rate 0
set preserve-override disable
set no-sdp-fixup disable
set contact-fixup enable
set max-idle-dialogs 0
set block-geo-red-options disable
set hosted-nat-traversal disable
set hnt-restrict-source-ip disable
set max-body-length 0
set unknown-header pass
set malformed-request-line pass
set malformed-header-via pass
set malformed-header-from pass
set malformed-header-to pass
set malformed-header-call-id pass
set malformed-header-cseq pass
set malformed-header-rack pass
set malformed-header-rseq pass
set malformed-header-contact pass
set malformed-header-record-route pass
set malformed-header-route pass
set malformed-header-expires pass
set malformed-header-content-type pass
set malformed-header-content-length pass
set malformed-header-max-forwards pass
set malformed-header-allow pass
set malformed-header-p-asserted-identity pass
set malformed-header-sdp-v pass
set malformed-header-sdp-o pass
set malformed-header-sdp-s pass
set malformed-header-sdp-i pass
set malformed-header-sdp-c pass
set malformed-header-sdp-b pass
set malformed-header-sdp-z pass
set malformed-header-sdp-k pass
set malformed-header-sdp-a pass
set malformed-header-sdp-t pass
set malformed-header-sdp-r pass
set malformed-header-sdp-m pass
set provisional-invite-expiry-time 210
set ips-rtp enable
set ssl-mode off
end
config sccp
set status enable
set block-mcast disable
set verify-header disable
set log-call-summary disable
set log-violations disable
set max-calls 0
end
next
end
config system sdwan
set status disable
set load-balance-mode source-ip-based
set speedtest-bypass-routing disable
set duplication-max-num 2
set neighbor-hold-down disable
set neighbor-hold-down-time 0
set neighbor-hold-boot-time 0
set fail-detect disable
config zone
edit "virtual-wan-link"
set service-sla-tie-break cfg-order
next
end
config health-check
edit "Default_DNS"
set probe-packets enable
set addr-mode ipv4
set system-dns enable
set detect-mode active
set ha-priority 1
set dns-request-domain "www.example.com"
set dns-match-ip 0.0.0.0
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Office_365"
set probe-packets enable
set addr-mode ipv4
set server "www.office.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_Gmail"
set probe-packets enable
set addr-mode ipv4
set server "gmail.com"
set detect-mode active
set protocol ping
set ha-priority 1
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 2
next
end
next
edit "Default_Google Search"
set probe-packets enable
set addr-mode ipv4
set server "www.google.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
edit "Default_FortiGuard"
set probe-packets enable
set addr-mode ipv4
set server "fortiguard.com"
set detect-mode active
set protocol http
set port 0
set ha-priority 1
set http-get "/"
set http-agent "Chrome/ Safari/"
set http-match ''
set interval 1000
set probe-timeout 1000
set failtime 5
set recoverytime 10
set probe-count 30
set diffservcode 000000
set update-cascade-interface enable
set update-static-route enable
set sla-fail-log-period 0
set sla-pass-log-period 0
set threshold-warning-packetloss 0
set threshold-alert-packetloss 0
set threshold-warning-latency 0
set threshold-alert-latency 0
set threshold-warning-jitter 0
set threshold-alert-jitter 0
config sla
edit 1
set link-cost-factor latency jitter packet-loss
set latency-threshold 250
set jitter-threshold 50
set packetloss-threshold 5
next
end
next
end
end
config vpn ipsec phase1
end
config vpn ipsec phase2
end
config vpn ipsec manualkey
end
config vpn ipsec concentrator
end
config vpn ipsec fec
end
config vpn ipsec phase1-interface
edit "SRIC_BOCES"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 14
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 170.161.52.25
set monitor ''
set add-gw-route disable
set psksecret ENC VfwFjiI7LU47vf8pI5fkMwsyn+R6NwkJSA9lbM4TNUEDy/k5l93jMcy20CskKHZmZJvOc9WByZNHdRwGPi5k3PzDbIG049uoEDUUXv7RVS0jsDOrHBAOKl97X8GKhShDtJ7+ky0o1bISFhx+z0kpeB0V2vU4QFlY7rquVfNcMhs72OtwGrP7x6rBuWoTleuNu1rN1g==
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "vpn-042e9903"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 198.36.24.5
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 19
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 52.61.115.188
set monitor ''
set add-gw-route disable
set psksecret ENC pgnEiLI+KRc+PpaJbpMRzj5LYY2VqBK7fkJc0rK8DZthFdzrTiOemGkd/AAZfYDfQzjXE2ImkUPGDg7kE/bpX7zb1Q+YN2F/weXGZLFLFiC2YeJHAtw4S3S3Sxyu0oF0IX4qMRQxN3KMQoNDHw4SCZ28uySpMuSGdEB3VU3aMrixvI/aj7ZM5FI6RNyVptPig/gdUw==
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 30
next
edit "SCHC"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 209.217.202.173
set monitor ''
set add-gw-route disable
set psksecret ENC 3F3hUIePVaRfY+I8wb/5TSpoxIg1qHmE83OjoC12VxjhTgVMpbe+q+OFQVKPz43vDsp26IG1wHhwnwvcUWUcFMVsyhaC6vWBagpJ7bl5T5yQmahbN2O9xEE3PFLdEYBnw7cVHfYgqKI+OnK1AIHSXgczu4TF7OS0mW8O68ss8I1MJOp6tUK5I133uvZuqy0SXjvZvg==
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "vpn-0fc50345"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 1
set local-gw 198.36.24.5
set keylife 28800
set authmethod psk
set mode main
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes128-sha1
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments "SchoolTool Tunnel"
set npu-offload enable
set dhgrp 2
set suite-b disable
set wizard-type custom
set xauthtype disable
set mesh-selector-type disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set remote-gw 34.194.174.170
set monitor ''
set add-gw-route disable
set psksecret ENC hc9/IG0PLZc8nqoYi1AAzwJIUQjxZIH3/Rg3UC/t8SaPTSWlkg7+MqkQLSrfEC3jm1DxUyDRUr0tcq6QOdi4Hyf6PotXxoFyOC8CFqyTOExapKsx9TXEuHMnFDT5n1kOxyGymGnmMFy7k77gcSAnZr0TG+O0EGMG/AB70wqWhdiYonlDuXbTQKsQjB3srbUpO4R7ng==
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "vpn-0403e61"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 198.36.24.5
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments "eScholar Tunnel"
set npu-offload enable
set dhgrp 19
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 44.216.12.227
set monitor ''
set add-gw-route disable
set psksecret ENC EATGPi9D0scvkZvkpkFaOzrdUUZXZ4uOYcdZx2rM61DfX2MhXPfEhRGsOpgn4Gj5PlYXtIME7DvK0YuoHZHzR2sLfnSPHe15YMWsqA6L0kaUdMIAM3OTP7vT0F9QDdYF6IagN0NMPhAWvCAfRCb0ZHOnt3hO/jEc0DEeNPWakjY4P5yrzzzEBzjVYEVQ11g2nVwQPQ==
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 30
next
edit "Highstreet"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 198.36.24.5
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes128-sha1
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 2
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 3.20.191.182
set monitor ''
set add-gw-route disable
set psksecret ENC JPr8gHWNJOHu51rYeimLjd4gIenOITSQkJuwQmpov1tp2X+/mi1yOMu/ArMbVGVHCpkkGaJd5TlV8+iQernJ0zbmIFVphMzp31ipxtYKwCcU16QbNutuRQHTCkacgfJITMzelqbTn1yX8gQmOfc+Nm5Ff21IusnWMuCX2e1JnSlsWXk93jGFKPZJ49jNodtEkyu0hA==
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "Highstreet_2"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 28800
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes128-sha1
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 2
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 3.146.135.243
set monitor ''
set add-gw-route disable
set psksecret ENC F42JFLCV4o51MG3dJgMhxed+wKbyPNe3o/gzPVt+S1v2nPkRxaRrDHd35UTK1e2aVDhnYx3jOStK78bFmN+EyABmiaM+7D75bTUZNH9RNPXbV3QfAupRCCkJYqVzw8IcD1XEaRepKx4kJJ0sYas+vLv0zC0XVpl6mdynwdhVQ44it345OAc8hEF79t+M1ReMlLe+IA==
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "DPS"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments "VPN: DPS"
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal enable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 24.39.213.214
set monitor ''
set add-gw-route disable
set psksecret ENC /mqtKX5AoPJ4lKLOsjT8SiIxw9IfSbyAqR+BYCF3BcuxyfkSPZuWZaoDN4qSAQNSuJWVNlk5cMWNVTqS39vYpMxrPYEUgFSdBCqG74v8pulNq3wdcvr0NacmGlbjjXTK9txdlxiJCqsF1DII5lVQxG4/gIvxd7gq2gCzs5hqm54K7uu6GfJqavCu7OXOk0Er2v6ODw==
set keepalive 10
set dpd-retrycount 3
set dpd-retryinterval 20
next
edit "RAP"
set type static
set interface "outside lag"
set ip-version 4
set ike-version 2
set local-gw 0.0.0.0
set keylife 86400
set authmethod psk
unset authmethod-remote
set peertype any
set net-device disable
set passive-mode disable
set exchange-interface-ip disable
set aggregate-member disable
set mode-cfg disable
set proposal aes256-sha256
set localid ''
set localid-type auto
set auto-negotiate enable
set negotiate-timeout 30
set fragmentation enable
set ip-fragmentation post-encapsulation
set dpd on-demand
set forticlient-enforcement disable
set comments ''
set npu-offload enable
set dhgrp 14 5
set suite-b disable
set eap disable
set ppk disable
set wizard-type custom
set reauth disable
set idle-timeout disable
set ha-sync-esp-seqno enable
set fgsp-sync disable
set inbound-dscp-copy disable
set auto-discovery-sender disable
set auto-discovery-receiver disable
set auto-discovery-forwarder disable
set encapsulation none
set nattraversal disable
set esn disable
set fragmentation-mtu 1200
set childless-ike disable
set rekey enable
set fec-egress disable
set fec-ingress disable
set network-overlay disable
set remote-gw 24.105.188.54
set monitor ''
set add-gw-route disable
set psksecret ENC Z7BghtxJ2bqbW81y491GQQbgm1fjmiQANIsczpkGL3stZKLQ/8cwEZjrwuOz3EQWG01Wr+5BgqsAMAXN1iSNAf3o0mHay3lhCPF5VU+FZa11576VRaTNR2QozweDDXgS7stmj3pIic3SArdqsIhSeQinRu+85AEzfvlkn4KgBm14I9tdZiueScCjz+2grJ1iAbDYNg==
set dpd-retrycount 3
set dpd-retryinterval 20
next
end
config vpn ipsec phase2-interface
edit "SRIC_BOCES"
set phase1name "SRIC_BOCES"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type ip
set src-port 0
set dst-addr-type ip
set dst-port 0
set keylifeseconds 28800
set src-start-ip 198.36.24.68
set dst-start-ip 170.161.52.27
next
edit "vpn-042e9903"
set phase1name "vpn-042e9903"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 16
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.48.0 255.255.255.0
set dst-subnet 10.222.0.0 255.255.0.0
next
edit "SCHC"
set phase1name "SCHC"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type name
set src-port 0
set dst-addr-type name
set dst-port 0
set keylifeseconds 28800
set src-name "SCHC_Local_Subnets_Group"
set dst-name "SCHC_Remote_Subnets_Group"
next
edit "vpn-0fc50345"
set phase1name "vpn-0fc50345"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set diffserv disable
set protocol 0
set src-addr-type name
set src-port 0
set dst-addr-type name
set dst-port 0
set keylifeseconds 3600
set src-name "SchoolTool_Cloud_Internal"
set dst-name "SchoolTool_External_Range"
next
edit "vpn-0403e61"
set phase1name "vpn-0403e61"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 16
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.48.0 255.255.255.0
set dst-subnet 10.11.0.0 255.255.240.0
next
edit "Highstreet"
set phase1name "Highstreet"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.0.0 255.255.192.0
set dst-subnet 10.51.62.0 255.255.255.0
next
edit "Highstreet_2"
set phase1name "Highstreet_2"
set proposal aes128-sha1
set pfs enable
set ipv4-df disable
set dhgrp 2
set replay enable
set auto-negotiate enable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 3600
set src-subnet 10.1.0.0 255.255.0.0
set dst-subnet 10.51.62.32 255.255.255.240
next
edit "DPS"
set phase1name "DPS"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments "VPN: DPS"
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 43200
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
edit "RAP"
set phase1name "RAP"
set proposal aes256-sha256
set pfs enable
set ipv4-df disable
set dhgrp 14 5
set replay enable
set keepalive disable
set auto-negotiate disable
set inbound-dscp-copy phase1
set auto-discovery-sender phase1
set auto-discovery-forwarder phase1
set keylife-type seconds
set encapsulation tunnel-mode
set comments ''
set initiator-ts-narrow disable
set diffserv disable
set protocol 0
set src-addr-type subnet
set src-port 0
set dst-addr-type subnet
set dst-port 0
set keylifeseconds 43200
set src-subnet 0.0.0.0 0.0.0.0
set dst-subnet 0.0.0.0 0.0.0.0
next
end
config vpn ipsec manualkey-interface
end
config vpn pptp
set status disable
end
config vpn l2tp
set status disable
set lcp-max-echo-fails 3
set hello-interval 60
end
config vpn ipsec forticlient
end
config dnsfilter domain-filter
end
config dnsfilter profile
edit "default"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
unset options
config filters
edit 1
set category 2
set action monitor
next
edit 2
set category 7
set action monitor
next
edit 3
set category 8
set action monitor
next
edit 4
set category 9
set action monitor
next
edit 5
set category 11
set action monitor
next
edit 6
set category 12
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 0
set action monitor
next
edit 12
set category 57
set action monitor
next
edit 13
set category 63
set action monitor
next
edit 14
set category 64
set action monitor
next
edit 15
set category 65
set action monitor
next
edit 16
set category 66
set action monitor
next
edit 17
set category 67
set action monitor
next
edit 18
set category 26
set action block
set log enable
next
edit 19
set category 61
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet enable
set safe-search disable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
edit "DNS_Profile"
set comment "Default dns filtering."
config domain-filter
unset domain-filter-table
end
config ftgd-dns
set options error-allow
config filters
edit 1
set category 12
set action monitor
next
edit 2
set category 2
set action monitor
next
edit 3
set category 7
set action monitor
next
edit 4
set category 8
set action monitor
next
edit 5
set category 9
set action monitor
next
edit 6
set category 11
set action monitor
next
edit 7
set category 13
set action monitor
next
edit 8
set category 14
set action monitor
next
edit 9
set category 15
set action monitor
next
edit 10
set category 16
set action monitor
next
edit 11
set category 57
set action monitor
next
edit 12
set category 63
set action monitor
next
edit 13
set category 64
set action monitor
next
edit 14
set category 65
set action monitor
next
edit 15
set category 66
set action monitor
next
edit 16
set category 67
set action monitor
next
edit 17
set category 26
set action monitor
next
edit 18
set category 61
set action monitor
next
edit 19
set category 86
set action monitor
next
edit 20
set category 88
set action monitor
next
edit 21
set category 90
set action monitor
next
edit 22
set category 91
set action monitor
next
edit 23
set category 0
set action monitor
next
end
end
set log-all-domain disable
set sdns-ftgd-err-log enable
set sdns-domain-log enable
set block-action redirect
set block-botnet disable
set safe-search disable
set redirect-portal 0.0.0.0
set redirect-portal6 ::
next
end
config system gre-tunnel
end
config system ipsec-aggregate
end
config system ipip-tunnel
end
config system mobile-tunnel
end
config system pppoe-interface
end
config system vxlan
end
config system geneve
end
config system virtual-wire-pair
end
config system dns-database
end
config system dns-server
end
config log custom-field
end
config antivirus settings
set machine-learning-detection enable
set use-extreme-db disable
set grayware enable
set override-timeout 0
set cache-infected-result enable
end
config antivirus quarantine
set agelimit 0
set maxfilesize 0
set quarantine-quota 0
unset drop-infected
set store-infected imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
unset drop-blocked
set store-blocked imap smtp pop3 http ftp nntp imaps smtps pop3s ftps mapi cifs ssh
unset drop-machine-learning
set store-machine-learning imap smtp pop3 http ftp nntp imaps smtps pop3s https ftps mapi cifs ssh
set lowspace ovrw-old
set destination disk
end
config ssh-filter profile
end
config antivirus profile
edit "g-default"
set comment "Scan files and block viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Scan files and monitor viruses."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set replacemsg-group ''
set feature-set flow
set mobile-malware-db enable
config http
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config ftp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config imap
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config pop3
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config smtp
set av-scan block
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
set executables virus
end
config nntp
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config cifs
set av-scan disable
set outbreak-prevention disable
set external-blocklist disable
set quarantine disable
unset archive-block
unset archive-log
set emulator enable
end
config nac-quar
set infected none
set log disable
end
set outbreak-prevention-archive-scan disable
set external-blocklist-enable-all enable
set ems-threat-feed disable
set av-virus-log enable
set av-block-log enable
set extended-log disable
next
end
config file-filter profile
edit "g-default"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
edit "g-sniffer-profile"
set comment "File type inspection."
set feature-set flow
set replacemsg-group ''
set log enable
set extended-log disable
set scan-archive-contents enable
next
end
config webfilter profile
edit "g-default"
set comment "Default web filtering."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action block
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-sniffer-profile"
set comment "Monitor web traffic."
set feature-set flow
set replacemsg-group ''
unset options
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
set options ftgd-disable
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 1
set action monitor
set log enable
next
edit 3
set category 2
set action monitor
set log enable
next
edit 4
set category 3
set action monitor
set log enable
next
edit 5
set category 4
set action monitor
set log enable
next
edit 6
set category 5
set action monitor
set log enable
next
edit 7
set category 6
set action monitor
set log enable
next
edit 8
set category 7
set action monitor
set log enable
next
edit 9
set category 8
set action monitor
set log enable
next
edit 10
set category 9
set action monitor
set log enable
next
edit 11
set category 11
set action monitor
set log enable
next
edit 12
set category 12
set action monitor
set log enable
next
edit 13
set category 13
set action monitor
set log enable
next
edit 14
set category 14
set action monitor
set log enable
next
edit 15
set category 15
set action monitor
set log enable
next
edit 16
set category 16
set action monitor
set log enable
next
edit 17
set category 17
set action monitor
set log enable
next
edit 18
set category 18
set action monitor
set log enable
next
edit 19
set category 19
set action monitor
set log enable
next
edit 20
set category 20
set action monitor
set log enable
next
edit 21
set category 23
set action monitor
set log enable
next
edit 22
set category 24
set action monitor
set log enable
next
edit 23
set category 25
set action monitor
set log enable
next
edit 24
set category 26
set action monitor
set log enable
next
edit 25
set category 28
set action monitor
set log enable
next
edit 26
set category 29
set action monitor
set log enable
next
edit 27
set category 30
set action monitor
set log enable
next
edit 28
set category 31
set action monitor
set log enable
next
edit 29
set category 33
set action monitor
set log enable
next
edit 30
set category 34
set action monitor
set log enable
next
edit 31
set category 35
set action monitor
set log enable
next
edit 32
set category 36
set action monitor
set log enable
next
edit 33
set category 37
set action monitor
set log enable
next
edit 34
set category 38
set action monitor
set log enable
next
edit 35
set category 39
set action monitor
set log enable
next
edit 36
set category 40
set action monitor
set log enable
next
edit 37
set category 41
set action monitor
set log enable
next
edit 38
set category 42
set action monitor
set log enable
next
edit 39
set category 43
set action monitor
set log enable
next
edit 40
set category 44
set action monitor
set log enable
next
edit 41
set category 46
set action monitor
set log enable
next
edit 42
set category 47
set action monitor
set log enable
next
edit 43
set category 48
set action monitor
set log enable
next
edit 44
set category 49
set action monitor
set log enable
next
edit 45
set category 50
set action monitor
set log enable
next
edit 46
set category 51
set action monitor
set log enable
next
edit 47
set category 52
set action monitor
set log enable
next
edit 48
set category 53
set action monitor
set log enable
next
edit 49
set category 54
set action monitor
set log enable
next
edit 50
set category 55
set action monitor
set log enable
next
edit 51
set category 56
set action monitor
set log enable
next
edit 52
set category 57
set action monitor
set log enable
next
edit 53
set category 58
set action monitor
set log enable
next
edit 54
set category 59
set action monitor
set log enable
next
edit 55
set category 61
set action monitor
set log enable
next
edit 56
set category 62
set action monitor
set log enable
next
edit 57
set category 63
set action monitor
set log enable
next
edit 58
set category 64
set action monitor
set log enable
next
edit 59
set category 65
set action monitor
set log enable
next
edit 60
set category 66
set action monitor
set log enable
next
edit 61
set category 67
set action monitor
set log enable
next
edit 62
set category 68
set action monitor
set log enable
next
edit 63
set category 69
set action monitor
set log enable
next
edit 64
set category 70
set action monitor
set log enable
next
edit 65
set category 71
set action monitor
set log enable
next
edit 66
set category 72
set action monitor
set log enable
next
edit 67
set category 75
set action monitor
set log enable
next
edit 68
set category 76
set action monitor
set log enable
next
edit 69
set category 77
set action monitor
set log enable
next
edit 70
set category 78
set action monitor
set log enable
next
edit 71
set category 79
set action monitor
set log enable
next
edit 72
set category 80
set action monitor
set log enable
next
edit 73
set category 81
set action monitor
set log enable
next
edit 74
set category 82
set action monitor
set log enable
next
edit 75
set category 83
set action monitor
set log enable
next
edit 76
set category 84
set action monitor
set log enable
next
edit 77
set category 85
set action monitor
set log enable
next
edit 78
set category 86
set action monitor
set log enable
next
edit 79
set category 87
set action monitor
set log enable
next
edit 80
set category 88
set action monitor
set log enable
next
edit 81
set category 89
set action monitor
set log enable
next
edit 82
set category 90
set action monitor
set log enable
next
edit 83
set category 91
set action monitor
set log enable
next
edit 84
set category 92
set action monitor
set log enable
next
edit 85
set category 93
set action monitor
set log enable
next
edit 86
set category 94
set action monitor
set log enable
next
edit 87
set category 95
set action monitor
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
edit "g-wifi-default"
set comment "Default configuration for offloading WiFi traffic."
set feature-set flow
set replacemsg-group ''
set options block-invalid-url
set https-replacemsg enable
unset ovrd-perm
set post-action normal
config override
set ovrd-cookie deny
set ovrd-scope user
set profile-type list
set ovrd-dur-mode constant
set ovrd-dur 15m
end
config web
set bword-threshold 10
unset bword-table
unset urlfilter-table
unset content-header-list
set blocklist disable
unset allowlist
end
config ftgd-wf
unset options
unset ovrd
config filters
edit 1
set category 0
set action monitor
set log enable
next
edit 2
set category 2
set action block
set log enable
next
edit 3
set category 7
set action block
set log enable
next
edit 4
set category 8
set action block
set log enable
next
edit 5
set category 9
set action block
set log enable
next
edit 6
set category 11
set action block
set log enable
next
edit 7
set category 12
set action block
set log enable
next
edit 8
set category 13
set action block
set log enable
next
edit 9
set category 14
set action block
set log enable
next
edit 10
set category 15
set action block
set log enable
next
edit 11
set category 16
set action block
set log enable
next
edit 12
set category 26
set action block
set log enable
next
edit 13
set category 57
set action block
set log enable
next
edit 14
set category 61
set action block
set log enable
next
edit 15
set category 63
set action block
set log enable
next
edit 16
set category 64
set action block
set log enable
next
edit 17
set category 65
set action block
set log enable
next
edit 18
set category 66
set action block
set log enable
next
edit 19
set category 67
set action block
set log enable
next
edit 20
set category 86
set action block
set log enable
next
edit 21
set category 88
set action block
set log enable
next
edit 22
set category 90
set action block
set log enable
next
edit 23
set category 91
set action block
set log enable
next
end
set rate-javascript-urls enable
set rate-css-urls enable
set rate-crl-urls enable
end
set log-all-url disable
set web-content-log enable
set web-filter-command-block-log enable
set web-filter-cookie-log enable
set web-url-log enable
set web-invalid-domain-log enable
set web-ftgd-err-log enable
set extended-log disable
next
end
config webfilter override
end
config webfilter ftgd-local-rating
end
config webfilter search-engine
edit "g-baidu"
set hostname ".*\\.baidu\\.com"
set url "^\\/s?\\?"
set query "wd="
set safesearch disable
next
edit "g-baidu2"
set hostname ".*\\.baidu\\.com"
set url "^\\/(ns|q|m|i|v)\\?"
set query "word="
set safesearch disable
next
edit "g-baidu3"
set hostname "tieba\\.baidu\\.com"
set url "^\\/f\\?"
set query "kw="
set safesearch disable
next
edit "g-bing"
set hostname ".*\\.bing\\..*"
set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?"
set query "q="
set safesearch header
next
edit "g-google"
set hostname ".*\\.google\\..*"
set url "^\\/((custom|search|images|videosearch|webhp)\\?)"
set query "q="
set safesearch url
set safesearch-str "&safe=active"
next
edit "g-google-translate-1"
set hostname "translate\\.google\\..*"
set url "^\\/translate"
set query "u="
set safesearch translate
next
edit "g-google-translate-2"
set hostname ".*\\.translate\\.goog"
set url "^\\/"
set query ''
set safesearch translate
next
edit "g-twitter"
set hostname "twitter\\.com"
set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName"
set query "variables="
set safesearch translate
next
edit "g-vimeo"
set hostname ".*vimeo.*"
set url "^\\/search\\?"
set query "q="
set safesearch header
next
edit "g-yahoo"
set hostname ".*\\.yahoo\\..*"
set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)"
set query "p="
set safesearch url
set safesearch-str "&vm=r"
next
edit "g-yandex"
set hostname "yandex\\..*"
set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?"
set query "text="
set safesearch url
set safesearch-str "&family=yes"
next
edit "g-youtube"
set hostname ".*youtube.*"
set url ''
set query ''
set safesearch header
next
edit "g-yt-channel"
set hostname ''
set url "www.youtube.com/channel"
set query ''
set safesearch yt-channel
next
edit "g-yt-pattern"
set hostname ''
set url "youtube.com/channel/"
set query ''
set safesearch yt-pattern
next
edit "g-yt-scan-1"
set hostname ''
set url "www.youtube.com/user/"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-2"
set hostname ''
set url "www.youtube.com/youtubei/v1/browse"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-3"
set hostname ''
set url "www.youtube.com/youtubei/v1/player"
set query ''
set safesearch yt-scan
next
edit "g-yt-scan-4"
set hostname ''
set url "www.youtube.com/youtubei/v1/navigator"
set query ''
set safesearch yt-scan
next
edit "translate"
set hostname "translate\\.google\\..*"
set url "^\\/translate\\?"
set query "u="
set safesearch translate
next
edit "yt-video"
set hostname ''
set url "www.youtube.com/watch"
set query ''
set safesearch yt-video
next
end
config emailfilter profile
edit "default"
set comment "Malware and phishing URL filtering."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
edit "sniffer-profile"
set comment "Malware and phishing URL monitoring."
set feature-set flow
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
unset options
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
unset spam-bal-table
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
end
config wanopt settings
set host-id "default-id"
set tunnel-ssl-algorithm high
set auto-detect-algorithm simple
set tunnel-optimization balanced
end
config wanopt peer
end
config wanopt auth-group
end
config wanopt profile
edit "default"
set transparent enable
set comments "Default WANopt profile."
set auth-group ''
config http
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config cifs
set status disable
set secure-tunnel disable
set byte-caching enable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config mapi
set status disable
set secure-tunnel disable
set byte-caching enable
set tunnel-sharing private
set log-traffic enable
end
config ftp
set status disable
set secure-tunnel disable
set byte-caching enable
set ssl disable
set prefer-chunking fix
set protocol-opt protocol
set tunnel-sharing private
set log-traffic enable
end
config tcp
set status disable
end
next
end
config system speed-test-server
end
config log memory setting
set status enable
end
config log disk setting
set status disable
end
config log eventfilter
set event enable
set system enable
set vpn enable
set user enable
set router enable
set wireless-activity enable
set wan-opt enable
set endpoint enable
set ha enable
set security-rating enable
set fortiextender enable
set connector enable
set sdwan enable
set cifs enable
set switch-controller enable
end
config log memory filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log disk filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set dlp-archive enable
set gtp enable
end
config log fortiguard override-setting
set override disable
set access-config enable
end
config log tacacs+accounting setting
set status disable
end
config log tacacs+accounting2 setting
set status disable
end
config log tacacs+accounting3 setting
set status disable
end
config log tacacs+accounting filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting2 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log tacacs+accounting3 filter
set login-audit enable
set config-change-audit enable
set cli-cmd-audit enable
end
config log null-device setting
set status disable
end
config log null-device filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set ztna-traffic enable
set anomaly enable
set voip enable
set gtp enable
end
config log setting
set resolve-ip disable
set resolve-port enable
set log-user-in-upper disable
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
set log-invalid-packet disable
set local-in-allow enable
set local-in-deny-unicast enable
set local-in-deny-broadcast enable
set local-out enable
set neighbor-event disable
set brief-traffic-format disable
set user-anonymize disable
set fortiview-weekly-data disable
set expolicy-implicit-log disable
set log-policy-comment disable
set faz-override disable
set syslog-override disable
set rest-api-set disable
set rest-api-get disable
end
config log gui-display
set resolve-hosts enable
set resolve-apps enable
set fortiview-unscanned-apps disable
end
config system lldp network-policy
end
config firewall schedule onetime
end
config firewall schedule recurring
edit "always"
set start 00:00
set end 00:00
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
edit "none"
set start 00:00
set end 00:00
set day none
set color 0
set fabric-object disable
next
edit "default-darrp-optimize"
set start 01:00
set end 01:30
set day sunday monday tuesday wednesday thursday friday saturday
set color 0
set fabric-object disable
next
end
config firewall schedule group
end
config firewall ippool
edit "ippool-198.36.23.251"
set type overload
set startip 198.36.23.251
set endip 198.36.23.251
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.252"
set type overload
set startip 198.36.23.252
set endip 198.36.23.252
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.253"
set type overload
set startip 198.36.23.253
set endip 198.36.23.253
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "ippool-198.36.23.254"
set type overload
set startip 198.36.23.254
set endip 198.36.23.254
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "NTSS_Outside"
set type overload
set startip 198.36.24.68
set endip 198.36.24.68
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "Nighttime_Outside"
set type overload
set startip 198.36.24.191
set endip 198.36.24.191
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "MailOut_Outside"
set type overload
set startip 198.36.22.227
set endip 198.36.22.227
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "SBC-NOC-Outside"
set type overload
set startip 198.36.26.37
set endip 198.36.26.37
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
edit "SBC-DAN-Outside"
set type overload
set startip 198.36.26.38
set endip 198.36.26.38
set arp-reply enable
set arp-intf ''
set associated-interface ''
set cgn-client-ipv6shift 0
set comments ''
set nat64 disable
next
end
config firewall ippool6
end
config firewall ldb-monitor
end
config firewall vip
edit "vip-ntss"
set id 0
set uuid 019d266e-8aea-51ec-5a6d-3ce1e812fbc7
set comment "SRIC BOCES Tunnel
170.161.52.27 (SRIC Server) - This is the source address needed for the tunnel
170.161.52.25 (SRIC Firewall)
description Eastern Suffolk BOCES access to NTSS.scsd.ad"
set type static-nat
set src-filter "170.161.52.27-170.161.52.27"
set extip 198.36.24.68
set nat44 enable
set nat46 disable
set mappedip "10.1.48.68"
set extintf "SRIC_BOCES"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-ckf01-ipmi"
set id 0
set uuid 182e5dc4-3814-51ef-1f60-7a5101da1d49
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.31
set nat44 enable
set nat46 disable
set mappedip "10.251.1.31"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckf01-mgmt"
set id 0
set uuid 4cb4c57e-3814-51ef-ae28-ede27d47bf7b
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.21
set nat44 enable
set nat46 disable
set mappedip "10.251.1.21"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckf02-ipmi"
set id 0
set uuid 4cb5a6ba-3814-51ef-3bb9-e1145e881eea
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.32
set nat44 enable
set nat46 disable
set mappedip "10.251.1.32"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckf02-mgmt"
set id 0
set uuid 4cb6778e-3814-51ef-b079-6bee7b612b04
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.22
set nat44 enable
set nat46 disable
set mappedip "10.251.1.22"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-cklb01-ipmi"
set id 0
set uuid 4cb747d6-3814-51ef-ed5e-abf9bb10fdfd
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.30
set nat44 enable
set nat46 disable
set mappedip "10.251.1.30"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-cklb01-mgmt"
set id 0
set uuid 4cb817e2-3814-51ef-a6b9-e2ec27a786d9
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.20
set nat44 enable
set nat46 disable
set mappedip "10.251.1.20"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm01-mgmt2"
set id 0
set uuid 4cb8e80c-3814-51ef-a35b-315efa7dbae5
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.28
set nat44 enable
set nat46 disable
set mappedip "10.251.1.28"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckr01-mgmt"
set id 0
set uuid 4cb9b7b4-3814-51ef-0a0a-159d0462a95b
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.23
set nat44 enable
set nat46 disable
set mappedip "10.251.1.23"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckr01-ipmi"
set id 0
set uuid 4cba8a0e-3814-51ef-933f-dc12861357c8
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.33
set nat44 enable
set nat46 disable
set mappedip "10.251.1.33"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm01-ipmi"
set id 0
set uuid 4cbb5cc2-3814-51ef-d2d2-30175df89fc5
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.34
set nat44 enable
set nat46 disable
set mappedip "10.251.1.34"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm01-mgmt"
set id 0
set uuid 4cbc307a-3814-51ef-94c5-7603749aa0c3
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.24
set nat44 enable
set nat46 disable
set mappedip "10.251.1.24"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm02-ipmi"
set id 0
set uuid 4cbd0464-3814-51ef-4878-149a385d9ccc
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.35
set nat44 enable
set nat46 disable
set mappedip "10.251.1.35"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm02-mgmt"
set id 0
set uuid 4cbde500-3814-51ef-2f58-5ad5413e0fdb
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.25
set nat44 enable
set nat46 disable
set mappedip "10.251.1.25"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm02-mgmt2"
set id 0
set uuid 4cbebe26-3814-51ef-9c4f-ebf322c92bcf
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.29
set nat44 enable
set nat46 disable
set mappedip "10.251.1.29"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm03-ipmi"
set id 0
set uuid 4cbf9ada-3814-51ef-1856-c23a1876c458
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.36
set nat44 enable
set nat46 disable
set mappedip "10.251.1.36"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm03-mgmt1"
set id 0
set uuid 4cc07d24-3814-51ef-334a-7254f7207aa2
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.26
set nat44 enable
set nat46 disable
set mappedip "10.251.1.26"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-ckm03-mgmt2"
set id 0
set uuid 4cc15b0e-3814-51ef-7d53-2db88888654b
set comment "ContentKeeper"
set type static-nat
set extip 198.36.26.27
set nat44 enable
set nat46 disable
set mappedip "10.251.1.27"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 19
next
edit "vip-scsdess"
set id 0
set uuid 4cc237c2-3814-51ef-0f22-8f9cbd1f5422
set comment "ESS"
set type static-nat
set extip 198.36.24.100
set nat44 enable
set nat46 disable
set mappedip "10.1.140.14"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-applecaching"
set id 0
set uuid 4cc32e34-3814-51ef-54ec-fece8f0e63ff
set comment "Apple caching server for managing Apple device updates"
set type static-nat
set extip 198.36.24.57
set nat44 enable
set nat46 disable
set mappedip "10.1.40.107"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-DC01"
set id 0
set uuid 4cc42b40-3814-51ef-cbf3-ca98747ea836
set comment "Domain Controller for LDAP"
set type static-nat
set extip 198.36.25.45
set nat44 enable
set nat46 disable
set mappedip "10.1.40.95"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 14
next
edit "vip-tableau"
set id 0
set uuid 4cc52bc6-3814-51ef-cf97-1d0d949ddbfa
set comment "Tableau"
set type static-nat
set extip 198.36.24.61
set nat44 enable
set nat46 disable
set mappedip "10.1.140.12"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-ns1"
set id 0
set uuid 4cc618ce-3814-51ef-c89b-024f2f4a81a1
set comment "DNS External"
set type static-nat
set extip 198.36.22.245
set nat44 enable
set nat46 disable
set mappedip "10.1.48.45"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-ns2"
set id 0
set uuid 4cc706b2-3814-51ef-18c4-e5899f7e11f9
set comment "DNS External"
set type static-nat
set extip 198.36.22.19
set nat44 enable
set nat46 disable
set mappedip "10.1.40.41"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-webhelpdesk"
set id 0
set uuid 4cc7f892-3814-51ef-7018-37ffd3853699
set comment "Web Help Desk"
set type static-nat
set extip 198.36.25.20
set nat44 enable
set nat46 disable
set mappedip "10.1.140.6"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Airwatchapp"
set id 0
set uuid 4cc8cf60-3814-51ef-1af9-2acefc11dd3d
set comment "Airwatch (Workspace One) MDM"
set type static-nat
set extip 198.36.24.56
set nat44 enable
set nat46 disable
set mappedip "10.1.140.9"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Webosphere"
set id 0
set uuid 4cc9ccbc-3814-51ef-91cd-a46609fda116
set comment "SCSD Website"
set type static-nat
set extip 198.36.24.16
set nat44 enable
set nat46 disable
set mappedip "10.1.140.11"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Neutrons"
set id 0
set uuid 4ccddf5a-3814-51ef-3e3d-ff4174850fb8
set comment "Address Lookup"
set type static-nat
set extip 198.36.24.210
set nat44 enable
set nat46 disable
set mappedip "10.1.40.210"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Barracuda-Archive-2"
set id 0
set uuid 4ccec60e-3814-51ef-cc48-1f1992586cfc
set comment "Barracuda Email"
set type static-nat
set extip 198.36.22.229
set nat44 enable
set nat46 disable
set mappedip "10.1.40.17"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-Barracuda-Archive-1"
set id 0
set uuid 4ccfca7c-3814-51ef-5463-b9aabcab7272
set comment "Barracuda Email"
set type static-nat
set extip 198.36.22.228
set nat44 enable
set nat46 disable
set mappedip "10.1.40.16"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip enable
set portforward disable
set gratuitous-arp-interval 0
set srcintf-filter "outside lag"
set ssl-client-rekey-count 0
set color 0
next
edit "vip-hybrid-email"
set id 0
set uuid 4cd2bade-3814-51ef-b000-fcd64653853f
set comment "Email"
set type static-nat
set extip 198.36.22.143
set nat44 enable
set nat46 disable
set mappedip "10.1.48.49"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-sbc-noc"
set id 0
set uuid 4cd3887e-3814-51ef-dd48-07aa68d5f442
set comment "Ribbon ITC NOC"
set type static-nat
set extip 198.36.26.37
set nat44 enable
set nat46 disable
set mappedip "10.1.150.21"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-sbc-dan"
set id 0
set uuid 4cd45ae2-3814-51ef-0822-d90db6ed1249
set comment "Ribbon Danforth"
set type static-nat
set extip 198.36.26.38
set nat44 enable
set nat46 disable
set mappedip "10.21.150.21"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-PrintOC"
set id 0
set uuid 4cd61d78-3814-51ef-8af3-e31c8d493648
set comment "Oracle Printer"
set type static-nat
set extip 198.36.26.119
set nat44 enable
set nat46 disable
set mappedip "10.1.40.219"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
edit "vip-EMS"
set id 0
set uuid 14ab8176-bcb3-51ef-1b1c-bed2b8e8c1c7
set comment "FortiClient EMS"
set type static-nat
set extip 198.36.24.202
set nat44 enable
set nat46 disable
set mappedip "10.1.40.22"
set extintf "outside lag"
set arp-reply enable
set nat-source-vip disable
set portforward disable
set gratuitous-arp-interval 0
set ssl-client-rekey-count 0
set color 0
next
end
config firewall vip6
end
config firewall vipgrp
edit "vip-grp-ck-mgmt-filters"
set uuid 78de6ccc-3814-51ef-23c0-dcb93868df60
set interface "outside lag"
set color 19
set comments ''
set member "vip-ckf01-mgmt" "vip-ckf02-mgmt"
next
edit "vip-grp-ck-all"
set uuid 78dfd3f0-3814-51ef-f216-14fb3630abb1
set interface "outside lag"
set color 19
set comments ''
set member "vip-ckf01-ipmi" "vip-ckf01-mgmt" "vip-ckf02-ipmi" "vip-ckf02-mgmt" "vip-cklb01-ipmi" "vip-cklb01-mgmt" "vip-ckm01-ipmi" "vip-ckm01-mgmt" "vip-ckm01-mgmt2" "vip-ckm02-ipmi" "vip-ckm02-mgmt" "vip-ckm02-mgmt2" "vip-ckm03-ipmi" "vip-ckm03-mgmt1" "vip-ckm03-mgmt2" "vip-ckr01-ipmi" "vip-ckr01-mgmt"
next
edit "vip-grp-ckm-mgmt"
set uuid 78e1fac2-3814-51ef-9800-25b03ba42f19
set interface "outside lag"
set color 19
set comments ''
set member "vip-ckm01-mgmt" "vip-ckm01-mgmt2" "vip-ckm02-mgmt" "vip-ckm02-mgmt2" "vip-ckm03-mgmt1" "vip-ckm03-mgmt2"
next
edit "vip-grp-barracuda_Archivers"
set uuid 78e4ebf6-3814-51ef-da75-f835efea27dd
set interface "outside lag"
set color 0
set comments ''
set member "vip-Barracuda-Archive-1" "vip-Barracuda-Archive-2"
next
end
config firewall vipgrp6
end
config firewall ssh local-key
edit "g-Fortinet_SSH_DSA1024"
set password ENC Y9xX3mdkzIHV2YcNU8hUQXJ3MMURIZTO910yZ+TgBxRyTnaYOmRd613Cci1FR6SPADgjQFnsolMG1r731m53K5U9NQDSame1zg9OJ4N5InakFb5JjonmVe+sc82tBH9w7tY0DNOeUb9QY+8dgQFWF+TPXE3ftXScvdI2bezecQXI5kliJvOqhyQrXCEJSh39VHaXSA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDWMdT3yG
/DLzIBU5O0UtJ/AAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDho
KqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTq
a7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq
7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXk
jxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFR
XsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEe
P+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5
lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11G
wlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQAAAHgxMcP4nd5bs47/RHx
ArZUDjNCJzDVajX1tIDHffLzzlLm2RRU/wKXccxXn1TC14JdA3gOmS/hFa1C/ctWGGFdz1
RDMGJtXQ8+APtMlY7LoLq0soKjkNkY5KDgGBqbZ8dLcYCKYfl4RoCWGeKNYKjbdudRmuix
GP/Iy8L+8qLZd7rSDA6q48zv82nNbPUCtSgRLiG9/CDTQx1ICwO61rdjQLqvwycJ7//885
eXUyaiDA7DD8p/Q/y3L23iLI/t8VEe7sCeFcoFPmJxKURNoCg119GObjEYNDokpv9QOC2G
/uGE672Yvr9YFLe1RPwWpMgQr05tVu05HiPvRlX+hORf+Q80PQaxyCnSGkGh9FHq2Cph3F
nOlujutMPe0E9do0qGavzo7yw4g4L5fUUxgUoWLZPfE0dt7Dy1IP+kltIUqGu6a2StNq8U
rYEYAjVHzaKoU+95oZLimCj0n61LyCNXVg+gcIb+FIq6B4WQhRNJ0ltK7k5TKvCcnClWzj
DDVeZYF7XOPX9S38MGt9vfWZEF+ZnUrGdl4Py5khdfH99mlSDwt42flFQf2usHNR3ZaaHU
meM/WUb803e5fUpdeWXtOx9b+YmRujD4g0N49/OISwkC0MIfhdG2FDsuvpLiZit7
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-dss AAAAB3NzaC1kc3MAAACBAMlbbf4IhF0Mh2eRvDhoKqePrDh946N1KbbbOWbHWOeBVolyr5KCTbfgv6f0a3VW8ATXZH9OMz0uYjTTQII3rp1XTqa7a3TzdPoTM9bO27PDLTp07LqM1kRSps/8oSsZ4h/kGu3fuke/MfTiAn7hAfdJYcANGbDq7tfTXlPaY3VhAAAAFQD/+3WBsGEG6BjC2UUehkA3aDAFmwAAAIBeIcQedn7rLkV2N27gXkjxfrbW6FMwfiEoJC6mZ0NvSuOqzOcrAzsnAydVy38cIlTdGwXhoHA5Jd2Cr0gV2p1R1WFRXsBWpNqDorVNCdimLM16NBAcwjVjarpNuk3egjdAhdbGsnDxHH54XCdIP3FyyTuh2ljDEeP+bc6eQJGxPgAAAIEAjK1lJYaCHrAZhcWJIITih4QFsQ8XZeKzp40YIjzXVf27HBCFHVz5lEv4MtiFxhDKur0lO+2uHOLY+0xsgfM0fe7S/cAKRx/5UZkCmU5s6CkvZjIEPDZ4tvn11GwlULTcjyZ2uwCo8Xd7QjnOUs8YNsRSO8hzWO5aB9aZ7OEDhiQ="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA256"
set password ENC 49oRIInvPlx7npGFnRgcR6cSUK/OAz6Ka2Wmm6yZDPmKzel0+9zuRJWy9rtYWsO146Ena4xMZHs79QtLWebYNwJ0vcsWCbclbD0ke9agm52d5lbtUkKcAt+PxupCeakxAhlYzBHZuhr3xReFgAnYmlWuEDjakyFB5Zyl3KHqf9VcrHPz6Z8eNA22iRysubh2ebZ2/w==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABCYj0k4bh
mxNdVne/WYI48/AAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
dHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvK
y7MHqF8ARHi1glc6RSoarryTUQuCIAAACgQHrpN3sAxVooYsKXIb5xGNvvwxUtTIIAisaQ
ftEDAx3nTj7+NLlPATgMRDy12pescKquy79fyCFgENFUP+K2pfPsb2IE/RdTcmBsL0646h
hL2sHeuvZ/mhIMti3oLfj91bBs7TBB2MRvHRYvcZD6rdAkumBmyrSPUO4JwqSPkI68kBVo
C9C5gBWgfhqKs6DGgceAFVxbb9+RWrpH9YCpIA==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMQSAUWeMnwS2TQbQWW3h890GnmzeJSwIq2rEIew+gyij4UMAjpsRmztvKy7MHqF8ARHi1glc6RSoarryTUQuCI="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA384"
set password ENC /kAIGz1wkRtokWhycIbhmeDyK1BlRDlzePeSVSP0+CY2EJaNEhb9oR/orohu9DkB6+/dSlNB0q4hiknRg2jZ1ey8M9/sLGjYBmLZrEMzNJvTWhKM7VovITXKP3yj4VVnvYDEzVAQHZEVSSe6ss1NOZmoIbmT5AtPb3VpmFy7qGb8lDLiCiqtcRvuHa+dFeX0uj0ZgA==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBN9BRJMR
77/5pUXIX3azbHAAAAEAAAAAEAAACIAAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlz
dHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMj
U5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXx
dgAAANChlajlzxrBilfuFt0NeQjCmvICKuDRnd+bDSBxAVZcAnFPKPN/ZOUsHIFry+62R4
xmcknYeWtA09QFKdSbyeOUyqI4CmeqxufXPlPk8N2Mjg/Rub53WkREGx7nv335EUtKyIIE
qc7vNaHvrM8CbUwCD53Tmrv126aSxuuDEBhth1CkIT8LZEcTEYRSHAZEojS8TB4UhHLRfm
Rn+DmbJga0IDnPc/ZgNHGTqYx2toV2Fy/DCJ2en2FejJU89J9ZFrGUfz117vVweEVGLCBr
4j10
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEYsR4/2sjh+OMgxpEBi/72jNVXnBwUHpkOneWiESbnCoIWvKp8h0RjNMjU5Tj5yP6txNtuAIt8NVvUcVhj9ZtIOWAsA7bDDRZGYv+/80R4N7Z0OnShs9iuYSb0+FQXxdg=="
set source built-in
next
edit "g-Fortinet_SSH_ECDSA521"
set password ENC uQFvSNKh9omV29kUxynenwJzerBTotbeH95wBgTomLSHyG3JfmWFoHc+x/r2TOC5fABiXGf3BEZAIiqpVX1FOzi0L2z1C1tv4wfM1pABtB29PxxO0a4Zo75C2TcCwirzIBe26GthQyR6Y43KE1DbYz2btZfIpjDSfB5I7asBIbzRg1xTJPY/nquRqiT+5JRV8usfPQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBTZME+kF
3Bzq+XqVo08S4FAAAAEAAAAAEAAACsAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlz
dHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdF
t5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+K
HPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RAAAAQC/5NwC8S8n04Bskl
P/Wnde2xZxoWXlBYuV8iJ8OmT7RRVEi3NhVGbIJMqlXfTVi67DgfbtMpVNVhO3UMwPAoC4
8zcMmJ/1aA58Y+5H8DuYRMfAnuky6vWJFBA4DXgx/vmrn8UK1E2xgW8dgaEEDlLQPittQc
hlwRhgSZrJoRtQPn8OA5ZNePcblOq1WH6PanQP7Bj2SubMTTZ0Mo+gy7y11wDAMd0MYN6Q
d2biFs9XCB9xGNGQIrgOEUQoFJ8AyrbQzZt3Tr7tthp0GDyWoCNICjY/vKS9Av/xMMHaq9
cjEJOwfxqaJfVrEn2/6DS1t2SyTD9C8imQOI2xz/fdVCaO
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACaKKuE8V8VNj3xOI4Cz0NpoN8KJMJWRxuLPTYtMBFzACZdDsfmQdZQdFt5J++GxB6Y6XgNd5eg4/W0YU1z35BJ6QEuCMrZli2/4vtPy8DPeRMR2hpHOC/BuqnEER+KHPehHHl1Du644EQUmgPailxPEBDJKJcA8PgrFsN5h0iHx4C6RA=="
set source built-in
next
edit "g-Fortinet_SSH_ED25519"
set password ENC zpC0P5ByFkIBjVgnkTaq0H2Hi/mhIP92Qb3PUeoTqN+8FrsJIdsRgJ7T9HhhlBxlJBis4De9NKkrQ8NSER0PSTUZsuBYOmjaZEbQXNZykTc/+lXuh/I6hpbYKF358tRVHZlySm0lSX9gsWLhRkdqPXPKy/7I3nreMqMmLvwuuBQzCOn6E7IXeAPO1ZNz+/5H1g5OwQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAedjCOkt
+sFbLzTS4y12TbAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd
3JUEAvHnugjOGiXz5Puxg/8YfanOAAAAkCa1NSX8hj+j3jVwv2A2AU/gLRKzX4h+Gwxyxz
JeBT+OyHbzc8MDCIh8a3tf0fJiQ6VJdj3JjhBrp1OWfy2GHkfpMInRlGGz0Hu4XMU702a0
MgwELDyqSpEdZupNMH44pIjkI0iY/ipgwuNDOTIenADwbqdkC2oX9XA3jIutAB++JU4rvR
NwgjPHD1irGOM7Gg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHEZ/PIMBDv6gqd3JUEAvHnugjOGiXz5Puxg/8YfanO"
set source built-in
next
edit "g-Fortinet_SSH_RSA2048"
set password ENC EL0ghl3BVi5+4/Gf6lnqdj0LM1XIWHI57vPSiFyA2di+LitpfRojbgUBptDuRMP3za/wU0VDcHOOHpH29g9DiGa11MTt52j6MEk3gDUpJN90uYIY+mlHrc5mPLgmxQeJhus2Nc90a7y+0oVtwj/83dwtXH5rKKNJ5vqSm5U/skO8QNyLwvtrz3Spcte7BKrgzQddwg==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABA1mO561N
c7CpF0rN+BdOBQAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhh
Q5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7
A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GK
hFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvC
HA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8z
OSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0vAAADwMcyMNKCNYzFHF
tA305t53D83ogXcTrwO8f3ScWdcLBap5o0aqwfOrswdChdOytbHMx3lmpnLZvFt2JbcqT0
jDm+ZSb5NwFCW2h5MJlnLolIx85H0ab7XO+JhK1c/J3U0K/m0Y6q3uXObJsAInPNAJDjqL
VUxgIU438n7dB/NkWQWNjVaddEO/tK9UzzUd5a5JuG2lsukXLGFRC0XIJ94Q9BFuiziNmX
QUZ7LRqm59ZcsixGSQ1YApEvTZFf+Yd/umWIh9bbHeCAZOWZukDy47VLy2uVd3H+HLOSno
ZBpX7xa3c6mjI/oHgz7lQAybNzbPoJiBKq5VlTBhR9kTdB3JnnzKegLNwRtsdtEim/O4xJ
QPxfwGSzE57M9OgPGZMOuFu8Fh07tV06dUnfe9mGDLiQ3HWCZoRW5tuCE0fsieAseqqEiS
Vy13DPGtkSSLUKmBpJQvR6yK79GtMyIxZEmC43xHmCghHTebSnK45ikagYh0BsK01Q1rx1
syqY2Ul3bwCSCTuK2sjqnmgGEIIUI8Yikj0kDLSVJukfxdjU/c4eOcqj8yuRbQyfzFmHsv
debbeU1+oI08M0c5kKVTNeTWQ0iXuETJX1G3gu44xtkQLbCmF4K3byAPGnR2FIBG8tnPaJ
JCjhZQmN1nohNXt5F7nSALJ3UVSpzD6fnKBQSfxbKN4EAggu0NpX3QyhoDvWx378MRukGn
OkLi2Z7c/iZrS5w6Jt+kTJ7n6T5ciiaIvzgi7YjtS7ogwNQfodpXC/pd9KE/H7hgrtwclt
bP9bkpWQKIh/Z4hl2B8hqHDk1wDhNRHRyT2rvuoipJLroyYAZKxS1qerGuArwmxv1YNeNm
oq5Ibisn/CTLT6zVaKmdHD+qBGd46IlEobgLRd3bmKsBIf5hUfd+LcThhOT4OgjgK2jqAS
zOLrNH/Ns+Ut+tz7DhzoRhoTzfitjKdjHl8libziHU4rbulbEuqhnxlGrb9G6xKeFOG1Ha
JUkWoRzX5/tljM2GZRQciN6BF/L9kDboLnR6V2sOS6r/BlnlUMmKhxC81CTzejn4I+XSYk
Y5dBb9PhA2dJuhkgZEj4vGDkXdnL0fSI9qccHAKkAjd4ECFMRtqjnkdLtUODi6EZiZYDJI
zcVK0VdeqiSP2M+vx2WwLKdwVBdhHXyrxv5JGwKaYkmaYwFCJ6DRttHlaTID4HgjVWJCVR
O9UaKreP6Uz9G/L0J54iEclbiKHkC38/IMhi9XhslLzD39f42oKLedWYTJiVgsr3klwtMk
GvWZyLtg==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6yuGwlJhhQ5ooqzfMY+4le85cWCqHdzonf4BkYtV2p0GGpmKUo0kpnQ0EbmEWRmAiPN8J6BJyHvpcv7A0a68OyTLXULSEopL0c0rrdqeK3p3oxVRn6oLbwqQvVmBZCGr+Mtak0Djw7ZM7yKMky5GKhFlZj7dZFLrzth2nQmReu93F+HkSF8iOpaqna/sTvPVqN/WLVC1CaB+Qcb6AsyMmLsTsvCHA1336eWq3M3hU14tsO5S8uDls2pfD2NaZx8VXr+00OvGSOqqZdY8cukv+xJ5IdRe2ui8zOSbh5m5OFc2DdfZ+PpQ9nU+DEDBpCSir/ovPDmsTtvqX2VClGn0v"
set source built-in
next
end
config firewall ssh local-ca
edit "g-Fortinet_SSH_CA"
set password ENC P4wjZtqu8uzHlVWquUnrT3mlsbBKmg8sRUuOiTH+G1rayO3mQx8EI5F9aizdA6GPxFZIvUP6AqrLIvyHC89MBYaq3MK6JtypEB6jPOgnNEeff29Jh0LZ1chILz/nrxEl0rFkgadwvXcqfFpkF5MkOhqn9jOREbMrbcVeIIMaWlgHOKmVaHj2fPvtQeczOpR4Y+nvag==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBf8C4hJd
+M6AVhFqreO879AAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAAC
NC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+U
ZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGP
E/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7A
TB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIa
Mk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9AAADwNT2HECamLA8UM
fFNSAnPj7lq5k64lxdOyGKKbIDDF/wS2H8g2ZlCuJwGpgHoVeFPiqQhJMjBSfwWDS8oOZA
po7PyvszP6XAbnIpBHUMDNdUr1Clso9ra9d2oP43fjhzRSHBD0j/x1nJRvse/cP5XuCa4Z
pGFpgVsz7q+XNEXou8YpAndqUebw/wm3MNzS2AE5YYFQofhSKBxyNSYrsPdaoasmwbnGuv
XW9vPFnDxNNJ0IkEUeXAWZaE2sBYP3qD4C97curFpYuAPYH5FnvvMLuUtyRFzYMv3WKi8z
Mw+01rU4yVtCVoAMYCfqjnisIyxgyQHLpLFfWkvIz6IgAQWVtBypJHxiiG2wcLHscWI0gQ
uCMN/n5QkbBcskRpy52lFypQ2eosTLMzrwfqQF5PDoDz/2Jnf5qXK9hQsNA3fHn2KoyODY
VmXb1G044Qq3/3ZsW7zkgWfyWJ1fgcIYiJg+wy/KQBkPlew/m5oheT8bs0aivJ8FW8gS1u
8zq/lBhWxsSsCfD8/nD9ROanz8yArOa8WfF/BFLs1UqkB4oAuVa5dA9xVhIeBbeA6E8eRm
ucu/a6+tmjaELkiwwscurSqEgELD+K5esR23MAe/Aw5BuzGHRdEDwa79PuqtgpMP7QEFND
yL/Xe6E4TGMTV5hQYpj7e5dunhr60rd4kg+ZAgfRwDzOaU2ry7n2bSxY/Cauc/dogM0rbG
SHCohMdMp0We53Y2J7ffmZzDySRIfgxRpjGN/Zv1QH1s3fbqwEG5R2leAlG0+bdN9jXn5F
dcZ4TGrm8wluUwfrU+mXcoAzelwuphNfbzwp0rIEnxIZxd6puFV7Svlsg4STr1YvA98E7N
2gDQhd3vYyIFPZG6CtAjzjP3e4KzEXghjgHXLYI31dS8HCVOKCC91tTc5Ojll76jmakIWT
r9dhSvjkACc688ixxo40qtX79Y33a8lEh1YZqPZ+qF/RgwQS4Wpa8hyZS6xFN2kMtQc9Up
gCurTRhfA9R5c/Mbgn097CYBOwu3nCfcjgBQ03xwmUJpB2pVKngd/dc/n37J2Z97Nl4Wu3
Zs4ftOGyqXgmM61ddTYhF6ZZbpjBkdKFFEfl6XkBZDUiVaMsq7hIiCYUCGE/cvljzYuntt
XEnf4fO8Ifr8sviwPE4gRaHHePPo9EtFAlSewYzeI3M1EkYPAzSf28ztk74FydHUGfqPkF
RjGiTkUG4NozwGmSG3LGYleBc0CySr+j4Q/qiCEgRQpkihrWkO/j+ILiog9Trh5x/+c2X9
V9G26szw==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFNnS0wAACNC7cmBTwevE7FFFZPhHXFDgx7O22zzpcKONRKhLz+8Y4ux808lIz580foslhpIMeoEKX+UZpI93sBxVJZnZtVJgLf6rxjuWMFKDss1+PtXEz5uct3gPK95d/TWd+HzhGEz47PeFQizGPE/hMl+XxJ8UEyPqlBO/Wh5+C8Sy4SU+wngUmaLgBDeA09x4it2ZZsa/oofRaXaPrAJLU7ATB7reUBNnUR/mml1k6FYfx0CJ2JxR1gx3r/fSRadZj807gGNfiSbcYNxNyy/XQ5n+0BsIaMk342Zpr4ijnwM5qzrA45aHB3ZxAvx+xVdTrQkyfiJ6nZWI+CKQ9"
set source built-in
next
edit "g-Fortinet_SSH_CA_Untrusted"
set password ENC sl2ju+B/R4aqafx+irXNsRMmQwzhMrZe+huL2+ZG2u1KbOvH3Ym1FkEcJUWbHtGpMt2qfE2nIqH2ZNiMLEJ//iGRE7HGf+olk6oRvuUlvgqxAN0ExM3pZJqYWpcLIzGGpH75v95hI5Yi9FlDNt3oeBuLyZztq/nSE9mN5F3J1YHz7W464cyx7U/PBUVQvhAtwBNwjQ==
set private-key "-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBU2aLPen
uU59+GRRZCZgSJAAAAEAAAAAEAAAEXAAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9
RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lE
ZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eU
iw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFG
Xi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mv
NVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZlAAADwEWDeIVUpNfN6N
N9tfe7OnulqQ3OdP7T7M8A596uBvR4P1G7BAcPgC+xoTQP+W94crBOhoq49mlZJBJGnPwg
+ufxwO8eg8NUAPyMAaS6M8yaTcFvopwbZnMo8Ioey1rX/1JD0W+RJwV7N8FM95waqsjDnB
fLQy2F8KvzvycsQF4ATAVPbrkcaED3JxQEiHtlMZuIuCtB3Gq0xYJ6sz84NpW2aXlPFzuu
80YhUVuD7oZESSRIzMZ35/Td1rXeP/JOgFkrL0NSb7RgaHDqFKE4LHC+o+NgskxRPumlhb
H160LskSooMIVZCKGTii/c1Ipo2YVrAeaUrxgRSGQPeHJ4pivs8/bYP9fd1AHQ64UTX56x
P60fOA9lhwQtnlox+7J6H1biMMrwboqpI/19y+Qmfd35jbIUTwzxbEeqw55Vxcn29FGU1S
CtkHwyGB38OFFlawdb05PMT3X5KKXmss8ge4xAoRXooNbVAy6p9R0jrSyU1CKvnYoXPyjd
nEa6FBZTJNo9ygt0TnlNYEpdaCmiknxMxxnHN3oVLpSLeEHjEqFIXwr+322OqN1Wt90pD0
QV/5UxiT+bX55IYcz0F9Y05kw60Okc/Gy6NGPyOjuLpHGgVWI+WDueR5sBFP3nQmUjvCi6
jzzTNgSQV9ED9klycj4NCqNZvbqHAE3PKp5hRkUZ4GB8aGb2NzuUs3cx+JDgLxIW5QC6v6
kfgc1FAYaVH2cm+FHX+pt+uSqB38RE10lnfnR1oG3ldegelN4lJYkibIafYynDrzv1Xi8j
Oqd4z/ds41KcGll9gsWclP7MmhL2s6w/cOOwRvZRDNknK1uA111B+yPdsuA78N0ACYulAX
HT1aiEnwFjfaZauBSPtJex0TbjAQWZ5b6+0XAjkfru+ptV9GfMEsQpfHBIge4JmkcXCFoE
czjAqskJ9YddKe2FfJGxc1jMCkmA+h/2oR8OyMUSGXxTwKLPabeUFwBuPKH56PqAjIPoKW
4h+EPfOx3pPY92rDvZ/ETBNf+o/vvxkOPmh3TSRoo2knQvNuWiQ7OPGXrXa0PeZ1UvDRuU
PMTkbpooKletk49Jw8WOzUqIRd8yF8g2i8tzZ2Xlr8RnOLRBsOzXagjBGyk56kAMhaOOrm
n+MTbxpM61zYilvCOBeSIvzWp4DjjqXfuFcEpzEHDTZ9Yvz474s1qinmgEibtYSoY61d9d
QxAI2xneFlb207A+/PTuFaDoCE9g/CD17Rc+WoCP0eU8p/yaLpWIq0JQyEXK48vKCJcVvM
gs3wZo+Q==
-----END OPENSSH PRIVATE KEY-----
"
set public-key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAkdHRAAn9RFuj2QchmT42CoWPCms0batL22xzsj2QMSujfcXCEQHjWx/gY+jZyGw2nAOFrzr8IVS5lEZKMiF89/zydMxQjr1MTelfPuYo855TZF4DELCK3O/zWwGLIgSboQft2RfZkSJFBb8NM4eUiw9CxJLUawWeYkGTslFv3gqh6HbZuw2WUx5pqmU7UibkOgp0eWHejkf031O+X49yZr3uFGXi/bd6oNNfHIdeSS8RJNC+4N2NUrB4NX87pM1TOLmZ9tAMlGJKX05UL4rli2UnIXkhP6mvNVdObU6Vk/dHf31QCWuLNSbH2nydYNs6JcQnoybJnzq6EggViAZl"
set source built-in
next
end
config firewall ssh setting
set caname "g-Fortinet_SSH_CA"
set untrusted-caname "g-Fortinet_SSH_CA_Untrusted"
set hostkey-rsa2048 "g-Fortinet_SSH_RSA2048"
set hostkey-dsa1024 "g-Fortinet_SSH_DSA1024"
set hostkey-ecdsa256 "g-Fortinet_SSH_ECDSA256"
set hostkey-ecdsa384 "g-Fortinet_SSH_ECDSA384"
set hostkey-ecdsa521 "g-Fortinet_SSH_ECDSA521"
set hostkey-ed25519 "g-Fortinet_SSH_ED25519"
set host-trusted-checking enable
end
config firewall ssh host-key
end
config firewall decrypted-traffic-mirror
end
config firewall access-proxy-virtual-host
end
config firewall access-proxy-ssh-client-cert
end
config firewall access-proxy
end
config firewall access-proxy6
end
config firewall ipmacbinding setting
set bindthroughfw disable
set bindtofw disable
end
config firewall ipmacbinding table
end
config firewall profile-protocol-options
edit "default"
set comment "All default services."
set replacemsg-group ''
set oversize-log disable
set switching-protocols-log disable
config http
set ports 80
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
unset options
set comfort-interval 10
set comfort-amount 1
set range-block disable
set strip-x-forwarded-for disable
unset post-lang
set streaming-content-bypass enable
set switching-protocols bypass
set unknown-http-version reject
set tunnel-non-http enable
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set block-page-status-code 403
set retry-count 0
set tcp-window-type auto-tuning
set ssl-offloaded no
set address-ip-rating enable
end
config ftp
set ports 21
set status enable
set inspect-all disable
set options splice
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
set explicit-ftp-tls disable
end
config imap
set ports 143
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config mapi
set ports 135
set status enable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config pop3
set ports 110
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set ssl-offloaded no
end
config smtp
set ports 25
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options fragmail splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set server-busy disable
set ssl-offloaded no
end
config nntp
set ports 119
set status enable
set inspect-all disable
set proxy-after-tcp-handshake disable
set options splice
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
end
config ssh
unset options
set comfort-interval 10
set comfort-amount 1
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set stream-based-uncompressed-limit 0
set scan-bzip2 enable
set tcp-window-type auto-tuning
set ssl-offloaded no
end
config dns
set ports 53
set status enable
end
config cifs
set ports 445
set status enable
unset options
set oversize-limit 10
set uncompressed-oversize-limit 10
set uncompressed-nest-limit 12
set scan-bzip2 enable
set tcp-window-type auto-tuning
set server-credential-type none
end
config mail-signature
set status disable
set signature ''
end
set rpc-over-http disable
next
end
config firewall ssl-ssh-profile
edit "certificate-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status certificate-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "deep-inspection"
set comment "Read-only deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type fortiguard-category
set fortiguard-category 31
next
edit 2
set type fortiguard-category
set fortiguard-category 33
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 29
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 30
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 31
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 2
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 29
set type fortiguard-category
set fortiguard-category 31
next
edit 30
set type fortiguard-category
set fortiguard-category 33
next
edit 31
set type fortiguard-category
set fortiguard-category 25
next
edit 32
set type wildcard-fqdn
set wildcard-fqdn "g-cdn-apple"
next
edit 33
set type wildcard-fqdn
set wildcard-fqdn "g-mzstatic-apple"
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
edit "no-inspection"
set comment "Read-only profile that does no inspection."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "custom-cert-inspection"
set comment "Read-only SSL handshake inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status certificate-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set cert-probe-failure block
set min-allowed-ssl-version tls-1.1
end
config ftps
set status disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set status disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set block-blocklisted-certificates enable
set caname "Fortinet_CA_SSL"
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
next
edit "SCSD custom-deep-inspection"
set comment "Customizable deep inspection profile."
config ssl
set inspect-all disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set min-allowed-ssl-version tls-1.1
end
config https
set ports 443
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set sni-server-cert-check enable
set min-allowed-ssl-version tls-1.1
end
config ftps
set ports 990
set status deep-inspection
set client-certificate bypass
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
set min-allowed-ssl-version tls-1.1
end
config imaps
set ports 993
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config pop3s
set ports 995
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config smtps
set ports 465
set status deep-inspection
set proxy-after-tcp-handshake disable
set client-certificate inspect
set unsupported-ssl-version allow
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
config ssh
set ports 22
set status disable
set inspect-all disable
set unsupported-version bypass
set ssh-tun-policy-check disable
set ssh-algorithm compatible
end
config dot
set status disable
set client-certificate bypass
set unsupported-ssl-version block
set unsupported-ssl-cipher allow
set unsupported-ssl-negotiation allow
set expired-server-cert block
set revoked-server-cert block
set untrusted-server-cert allow
set cert-validation-timeout allow
set cert-validation-failure block
end
set allowlist disable
set block-blocklisted-certificates enable
config ssl-exempt
edit 1
set type wildcard-fqdn
set wildcard-fqdn "g-adobe"
next
edit 2
set type wildcard-fqdn
set wildcard-fqdn "g-Adobe Login"
next
edit 3
set type wildcard-fqdn
set wildcard-fqdn "g-android"
next
edit 4
set type wildcard-fqdn
set wildcard-fqdn "g-apple"
next
edit 5
set type wildcard-fqdn
set wildcard-fqdn "g-appstore"
next
edit 6
set type wildcard-fqdn
set wildcard-fqdn "g-auth.gfx.ms"
next
edit 7
set type wildcard-fqdn
set wildcard-fqdn "g-autoupdate.opera.com"
next
edit 8
set type wildcard-fqdn
set wildcard-fqdn "g-citrix"
next
edit 9
set type wildcard-fqdn
set wildcard-fqdn "g-dropbox.com"
next
edit 10
set type wildcard-fqdn
set wildcard-fqdn "g-eease"
next
edit 11
set type wildcard-fqdn
set wildcard-fqdn "g-firefox update server"
next
edit 12
set type wildcard-fqdn
set wildcard-fqdn "g-fortinet"
next
edit 13
set type wildcard-fqdn
set wildcard-fqdn "g-google-drive"
next
edit 14
set type wildcard-fqdn
set wildcard-fqdn "g-google-play"
next
edit 15
set type wildcard-fqdn
set wildcard-fqdn "g-google-play2"
next
edit 16
set type wildcard-fqdn
set wildcard-fqdn "g-google-play3"
next
edit 17
set type wildcard-fqdn
set wildcard-fqdn "g-googleapis.com"
next
edit 18
set type wildcard-fqdn
set wildcard-fqdn "g-Gotomeeting"
next
edit 19
set type wildcard-fqdn
set wildcard-fqdn "g-icloud"
next
edit 20
set type wildcard-fqdn
set wildcard-fqdn "g-itunes"
next
edit 21
set type wildcard-fqdn
set wildcard-fqdn "g-live.com"
next
edit 22
set type wildcard-fqdn
set wildcard-fqdn "g-microsoft"
next
edit 23
set type wildcard-fqdn
set wildcard-fqdn "g-skype"
next
edit 24
set type wildcard-fqdn
set wildcard-fqdn "g-softwareupdate.vmware.com"
next
edit 25
set type wildcard-fqdn
set wildcard-fqdn "g-swscan.apple.com"
next
edit 26
set type wildcard-fqdn
set wildcard-fqdn "g-update.microsoft.com"
next
edit 27
set type wildcard-fqdn
set wildcard-fqdn "g-verisign"
next
edit 28
set type wildcard-fqdn
set wildcard-fqdn "g-Windows update 2"
next
edit 29
set type fortiguard-category
set fortiguard-category 31
next
edit 30
set type fortiguard-category
set fortiguard-category 33
next
edit 31
set type fortiguard-category
set fortiguard-category 25
next
end
set server-cert-mode re-sign
set caname "Fortinet_CA_SSL"
set untrusted-caname "Fortinet_CA_Untrusted"
set ssl-exemption-ip-rating enable
set ssl-exemption-log disable
set ssl-anomaly-log enable
set ssl-negotiation-log disable
set ssl-server-cert-log disable
set ssl-handshake-log disable
set rpc-over-https disable
set mapi-over-https disable
set supported-alpn all
set use-ssl-server disable
next
end
config waf profile
edit "default"
set external disable
set extended-log disable
config signature
config main-class 100000000
set status disable
set action block
set log enable
set severity high
end
config main-class 20000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 30000000
set status enable
set action block
set log enable
set severity high
end
config main-class 40000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 50000000
set status enable
set action block
set log enable
set severity high
end
config main-class 60000000
set status disable
set action allow
set log enable
set severity medium
end
config main-class 70000000
set status enable
set action block
set log enable
set severity high
end
config main-class 80000000
set status enable
set action allow
set log enable
set severity low
end
config main-class 110000000
set status enable
set action allow
set log enable
set severity high
end
config main-class 90000000
set status enable
set action block
set log enable
set severity high
end
set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
set credit-card-detection-threshold 3
end
config constraint
config header-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config content-length
set status enable
set length 67108864
set action allow
set log enable
set severity low
end
config param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config line-length
set status enable
set length 1024
set action allow
set log enable
set severity low
end
config url-param-length
set status enable
set length 8192
set action allow
set log enable
set severity low
end
config version
set status disable
set action allow
set log enable
set severity medium
end
config method
set status disable
set action block
set log enable
set severity medium
end
config hostname
set status disable
set action block
set log enable
set severity medium
end
config malformed
set status disable
set action allow
set log enable
set severity medium
end
config max-cookie
set status enable
set max-cookie 16
set action allow
set log enable
set severity low
end
config max-header-line
set status enable
set max-header-line 32
set action allow
set log enable
set severity low
end
config max-url-param
set status enable
set max-url-param 16
set action allow
set log enable
set severity low
end
config max-range-segment
set status enable
set max-range-segment 5
set action allow
set log enable
set severity high
end
end
config method
set status disable
set log disable
set severity medium
unset default-allowed-methods
end
config address-list
set status disable
set blocked-log disable
set severity medium
end
set comment ''
next
end
config firewall profile-group
end
config firewall ssl-server
end
config firewall identity-based-route
end
config firewall auth-portal
set portal-addr ''
set portal-addr6 ''
set identity-based-route ''
end
config firewall policy
edit 89
set status disable
set name "Country Allow In->Out"
set uuid 05771906-3813-51ef-9ae4-5b1b9f3b263b
set srcintf "inside"
set dstintf "outside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "Country Allow"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 90
set status disable
set name "Country Allow Out->In"
set uuid 1e43f706-3813-51ef-b6bc-56506e6e3955
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Country Allow"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of NVIDEA_LICENSING) (Reverse of NVIDEA_LICENSING)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 109
set status enable
set name "Block Countries Out -> In"
set uuid 1e46053c-3813-51ef-a099-ee00ad8666fc
set srcintf "outside"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "Country Block"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block specific countries"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 110
set status enable
set name "Block Countries In -> Out"
set uuid 1e4783d0-3813-51ef-c29f-57c919281f23
set srcintf "inside"
set dstintf "outside"
set action deny
set ztna-status disable
set srcaddr "all"
set dstaddr "Country Block"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block specific countries"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 10020
set status enable
set name "Deny_List_In"
set uuid 1e493afe-3813-51ef-31cc-c7c59e4d9320
set srcintf "outside"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "Block_List_Group"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block Known Attachers"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 10022
set status enable
set name "Deny_List_Out"
set uuid 1e4d29ca-3813-51ef-9c3a-2b6c867c6ef9
set srcintf "inside"
set dstintf "outside"
set action deny
set ztna-status disable
set srcaddr "all"
set dstaddr "Block_List_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set logtraffic all
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip enable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Block Known Attachers"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 112
set status enable
set name "SSL_VPN_FULL"
set uuid 1e5363e4-3813-51ef-ed9e-10d784be3c77
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "IPv4-Private-All-RFC1918"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "SSL_VPN_Full_Access" "FortiGateAccess"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Full Access"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 59
set status enable
set name "VPN_Security_VLAN_70"
set uuid 1e559150-3813-51ef-fb50-64b54c81411a
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Security_VLAN_70_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Security_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Security VLAN 70"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 78
set status enable
set name "VPN_Access_Control_VLAN_72"
set uuid 1e589026-3813-51ef-e0b9-2cd69f4e1347
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Access_Control_VLAN_72_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Access_Control_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Access Control VLAN 72"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 63
set status enable
set name "VPN_Hyperion_Servers"
set uuid 1e5af000-3813-51ef-0521-99dbeebf21a6
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Hyperion_Server_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389" "HTTP" "HTTPS" "TCP-19000"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Hyperion_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Hyperion Servers"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 57
set status enable
set name "VPN_Website_Server"
set uuid 1e5d760e-3813-51ef-992d-b1002a280d18
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Webosphere_Inside"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389" "FTP" "FTP_GET" "FTP_PUT" "TFTP" "Webosphere_Data" "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Web_Servers_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - SCSD Website"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 58
set status enable
set name "VPN_DayAutomation_Servers"
set uuid 1e5fd476-3813-51ef-9dc2-dcf2d76f7fc9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Day_Server_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389" "HTTPS" "TCP-6502-6510"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_DayAuto_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Day Automation Servers"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 80
set status enable
set name "VPN_Auditors"
set uuid 1e622596-3813-51ef-dafa-742edb3c77c9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "psprdfin" "psprdhcm"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS" "UDP-3389"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Auditor_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Auditors"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 66
set status enable
set name "VPN_WebCRD_Server"
set uuid 1e66bbec-3813-51ef-6224-b4486eb2d0fd
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "WebCRD"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_WebCRD_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - webCRD"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 69
set status enable
set name "VPN_DocHolliday"
set uuid 1e68d99a-3813-51ef-f506-85c179825d09
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "DocHolliday"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389" "SMB" "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_DocHolliday_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - DocHolliday for Katapult User"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 68
set status enable
set name "VPN_Access411_Servers"
set uuid 1e6b1a0c-3813-51ef-fc38-aa2d138e683f
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "411_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389" "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Access411_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Access411 RDP"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 91
set status enable
set name "VPN_Peoplesoft_Audit"
set uuid 1e6d5baa-3813-51ef-d2bf-10a73778218f
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_Audit_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS" "TCP_UDP-8100"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft Auditors"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 64
set status enable
set name "VPN_Peoplesoft_RDP"
set uuid 1e6fbbfc-3813-51ef-6daf-b4c34aa0e0d9
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_RDP_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "RDP" "UDP-3389"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft RDP"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 65
set status enable
set name "VPN_Peoplesoft_SSH"
set uuid 1e725740-3813-51ef-6fff-a75b3554ba2b
set srcintf "ssl.scsd"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SSL_VPN_Range"
set dstaddr "Peoplesoft_SSH_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set ntlm disable
set groups "VPN_Peoplesoft_Group"
set auth-path disable
set disclaimer disable
set email-collect disable
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Remote Access VPN - Peoplesoft SSH"
set auth-cert ''
set auth-redirect-addr ''
set identity-based-route ''
set block-notification disable
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
set redirect-url ''
next
edit 10009
set status enable
set name "Nimble_Sup_Out"
set uuid 1e77a52e-3813-51ef-8c30-560acbd80bf3
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Nimble_Inside_Grp"
set dstaddr "Nimble_Support"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Nimble Support"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10010
set status enable
set name "Nimble_Sup_In"
set uuid 1e79f5e0-3813-51ef-d2db-d7b36bd66919
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Nimble_Support"
set dstaddr "Nimble_Inside_Grp"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Nimble Support"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 107
set status disable
set name "Content_Keeper_In -> Out"
set uuid 1e81c1bc-3813-51ef-c277-fdaaec357c2a
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "CK_Inside_Group"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "ContentKeeper"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10026
set status enable
set name "Barracuda In->Out"
set uuid 1e85b04c-3813-51ef-6bf7-3a31d600c61d
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Barracuda_Internal"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "MailOut_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Barracuda Internal Email"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 67
set status enable
set name "Nighttime In->Out"
set uuid 1e9170d0-3813-51ef-9616-0feaa296fbcf
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Nighttime_Inside"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "FTP" "SSH" "TFTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "Nighttime_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Forces nighttime to use specific external IP"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10070
set status enable
set name "Reverse_Proxy"
set uuid 1ea33266-3813-51ef-99ab-bce3f219ac75
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "ReverseProxy"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Need to examine - Reverse Proxy"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 94
set status enable
set name "SBC_NOC_In->Out"
set uuid 1eaae63c-3813-51ef-331a-6873c1713df5
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "SBC-NOC"
set dstaddr "MS_Teams_External_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "SBC-NOC-Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 100
set status enable
set name "SBC_DAN_In->Out"
set uuid 1ead08cc-3813-51ef-54d4-e5349e6869af
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "SBC-DAN"
set dstaddr "MS_Teams_External_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "SBC-DAN-Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10046
set status enable
set name "SRIC_BOCES_Allow"
set uuid 1eaf29ae-3813-51ef-6f21-ac90af29aaa7
set srcintf "SRIC_BOCES"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SRICBOCES-OUTSIDE"
set dstaddr "vip-ntss"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL_ICMP" "HTTP" "HTTPS" "TCP-1521" "TCP-9000-9100"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SRIC BOCES NTSS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10174
set status enable
set name "NTSS In->Out"
set uuid 1eb15832-3813-51ef-d5ba-d3f89d1ebe57
set srcintf "inside"
set dstintf "SRIC_BOCES"
set action accept
set ztna-status disable
set srcaddr "ntss-inside"
set dstaddr "SRICBOCES-OUTSIDE"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "NTSS_Outside"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SRIC BOCES NTSS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 72
set status enable
set name "SCHC_In->Out"
set uuid 1eb3b500-3813-51ef-8d25-e84757b6e80f
set srcintf "inside"
set dstintf "SCHC"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SCHC_Local_Subnets_Group"
set dstaddr "SCHC_Remote_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SCHC"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 73
set status enable
set name "SCHC_Out->In"
set uuid 1eb5e37a-3813-51ef-0d54-a0f86f9c413d
set srcintf "SCHC"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SCHC_Remote_Subnets_Group"
set dstaddr "SCHC_Local_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "g-default"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - SCHC"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 102
set status enable
set name "eScholar In->Out"
set uuid ee1a30d4-615e-51ef-2b32-6e61482f80f4
set srcintf "inside"
set dstintf "vpn-0403e61"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS eScholar"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 108
set status disable
set name "eScholar Out->In"
set uuid 3f39ba48-8d5b-51ef-a5d4-56bbe4a36ed5
set srcintf "vpn-0403e61"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS eScholar"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 101
set status enable
set name "testing highstreet"
set uuid f827dd26-da5b-51ef-87ba-f81639e668c9
set srcintf "inside"
set dstintf "Highstreet"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - Highstreet (Copy of Highstreet_Tunnel_In->Out)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 111
set status enable
set name "Highstreet_Tunnel_In->Out"
set uuid 7814df68-9202-51ef-0bbd-c924fa190f40
set srcintf "inside"
set dstintf "Highstreet"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Server_40" "Server_48"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - Highstreet"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 113
set status enable
set name "Highstreet_2_Tunnel_In->Out"
set uuid 02c82414-9553-51ef-5d42-ebdfea1cb3e0
set srcintf "inside"
set dstintf "Highstreet_2"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Server_40" "Server_48"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "VPN - Highstreet 2"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 61
set status enable
set name "AWS_VPN_In->Out"
set uuid 1eb80808-3813-51ef-57e9-eba2d42f35c6
set srcintf "inside"
set dstintf "vpn-042e9903"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Site to Site VPN - AWS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 96
set status enable
set name "SchoolTool_AWS_In->Out"
set uuid 1eba0392-3813-51ef-da4b-c7f8b6d4754f
set srcintf "inside"
set dstintf "vpn-0fc50345"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SchoolTool Tunnel In -> Out"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 97
set status enable
set name "SchoolTool_AWS_Out->In"
set uuid 1ebc057a-3813-51ef-5e4e-7fbfad04b371
set srcintf "vpn-0fc50345"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Reverse of SchoolTool_AWS_In->Out"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 62
set status disable
set name "Test Cert Decrypt"
set uuid 1ebdf772-3813-51ef-d34b-3956a214ee8c
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "Tim PC"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "SCSD custom-deep-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Internet Access (Copy of Internet Access)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set decrypted-traffic-mirror ''
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 98
set status enable
set name "AW_Scanner_Allow"
set uuid 5385d71e-c142-51ef-d666-e78958f9556b
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "AW_Scanner_MerryChristmas" "AW_Scanner _HappyHalloween" "AW_Scanner_DiaDeLosMuertos" "AW_Scanner_HappyNewYear" "AW_Scanner_LaborDay"
set dstaddr "AW_device-activation.us-global-prod.arcticwolf.net" "AW_drs.us-global-prod.arcticwolf.net" "AW_inbound.us002-prod.arcticwolf.net"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 116
set status enable
set name "POS Test"
set uuid a1e4afc0-1eb7-51f0-4ebd-d1105cd4ed77
set srcintf "inside"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "POS_Machines"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Test Point of Sale"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 106
set status enable
set name "Internet Access"
set uuid a07c4df0-7eb0-51ec-6ebd-522652ce242b
set srcintf "inside" "RAP"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "IPv4-Private-All-RFC1918" "VPN-Range"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Outgoing_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.251" "ippool-198.36.23.253" "ippool-198.36.23.254" "ippool-198.36.23.252"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 1400
set tcp-mss-receiver 1400
set comments "Internet Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 71
set status enable
set name "County->Peoplesoft"
set uuid 1ec347ae-3813-51ef-1efd-957736793cf0
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "County_Network"
set dstaddr "psprdfin"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 82
set status enable
set name "Peoplesoft -> County"
set uuid 1ec4d6c8-3813-51ef-ac28-17b59421f677
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "psprdfin"
set dstaddr "County_Network"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of County->Peoplesoft) (Reverse of County->Peoplesoft)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 81
set status enable
set name "County -> DNS"
set uuid 1ec69580-3813-51ef-70aa-d0c556abef94
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "County_Network"
set dstaddr "Domain_Controller_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of County->Peoplesoft)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 76
set status enable
set name "City_CGRs_Out->In"
set uuid 1ec85960-3813-51ef-bbd7-2a8905689144
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_CGR_01" "City_Side_CGR_02"
set dstaddr "City_CGRs_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ESP" "IKE" "PING" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Lights - CGR - Allow Ping and SSH from City-Side Subnets"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 77
set status enable
set name "City_CGRs_In->Out"
set uuid 1eca734e-3813-51ef-87b1-5ee84780d2e3
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_CGRs_Group"
set dstaddr "City_Side_CGR_01" "City_Side_CGR_02"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ESP" "IKE" "PING" "SSH"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Allow City Lights CGR to City Side Subnets"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 85
set status enable
set name "City_VoIP_Out->In"
set uuid 1ecc7ec8-3813-51ef-b6b3-ce34580ba6e8
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_VoIP_Group"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 86
set status enable
set name "City_VoIP_In->Out"
set uuid 1ece4596-3813-51ef-e6fc-e121d064849b
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_VoIP_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_VoIP_Out->In) (Reverse of City_VoIP_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 84
set status enable
set name "City_Water_DPW_Recorder_Out->In"
set uuid 1ed02d2a-3813-51ef-b5b5-5d483ed50082
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_VoIP_Water_DPW_Recorder"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_Parks_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 88
set status enable
set name "City_Water_DPW_Recorder_In->Out"
set uuid 1ed1fa06-3813-51ef-b94f-4fc985cecc67
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_VoIP_Water_DPW_Recorder"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In) (Copy of City_Parks_Phones_Out->In) (Copy of City_Water_DPW_Recorder_Out->In) (Reverse of City_Water_DPW_Recorder_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 60
set status enable
set name "City_Parks_Phones_Out->In"
set uuid 1ed3ebc2-3813-51ef-1e7f-278d09aa39e5
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Side_Parks_Phone_Subnet" "City_Side_VoIP_Water_DPW_Recorder"
set dstaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload disable
set np-acceleration disable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us (Copy of City_Phones_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 79
set status enable
set name "City_Parks_Phones_In->Out"
set uuid 1ed5bfc4-3813-51ef-1ec9-12e8ee90dbee
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CUCM_BRIGHTON" "CUCM_ITC_NOC"
set dstaddr "City_Side_Parks_Phone_Subnet" "City_Side_VoIP_Water_DPW_Recorder"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode proxy
set http-policy-redirect disable
set ssh-policy-redirect disable
set webproxy-profile ''
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set wanopt disable
set webcache disable
set webproxy-forward-server ''
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From Us to Them (Copy of City_Phones_In->Out)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 70
set status disable
set name "Block SPD DNS ACCESS"
set uuid 1ed761e4-3813-51ef-854c-443e75bbd182
set srcintf "city_phones"
set dstintf "inside"
set action deny
set ztna-status disable
set srcaddr "SPD_Network"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set logtraffic disable
set logtraffic-start disable
set np-acceleration enable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set natip 0.0.0.0 0.0.0.0
set match-vip disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Deny SPD DNS"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set send-deny-packet disable
next
edit 55
set status enable
set name "SPD_Out->In"
set uuid 1ed88ccc-3813-51ef-ce40-66f91cac1e76
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Network"
set dstaddr "SPD_Firewalls_Our_Side"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ESP" "IKE" "SNMP" "SSH" "ALL_ICMP" "HTTPS" "HTTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 87
set status enable
set name "SPD_In->Out"
set uuid 1eda7712-3813-51ef-3c63-e2ec1558101f
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Firewalls_Our_Side"
set dstaddr "SPD_Network"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ESP" "IKE" "SNMP" "SSH" "ALL_ICMP" "HTTPS" "HTTP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access (Copy of SPD_Out->In) (Reverse of SPD_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 83
set status enable
set name "SPD_ Genetec_Out->In"
set uuid 1edc7242-3813-51ef-7f2c-b3136231a789
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "SPD_Side_Genetec"
set dstaddr "Genetec_Inside_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "Genetec Federation"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access for Genetec Federation"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 92
set status enable
set name "SPD_ Genetec_In->Out"
set uuid 1edea1ac-3813-51ef-57bb-512cdbf9dd3f
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Genetec_Inside_Group"
set dstaddr "SPD_Side_Genetec"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "Genetec Federation"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SPD Access for Genetec Federation"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 54
set status enable
set name "City_Phones_Out->In"
set uuid 1ee0c5ae-3813-51ef-cd42-b18ff9cc744e
set srcintf "city_phones"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Subnets_Group"
set dstaddr "City_Permited_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From them to Us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 75
set status enable
set name "City_Phones_In->Out"
set uuid 1ee253a6-3813-51ef-2f01-6a3bba8948c4
set srcintf "inside"
set dstintf "city_phones"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "City_Permited_Subnets_Group"
set dstaddr "City_Subnets_Group"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "City Allowed Networks From Us to Them"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10012
set status disable
set name "CK_Mgmt_Filters"
set uuid 819e6e52-3814-51ef-780f-37760ad6613a
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-grp-ck-mgmt-filters"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS" "TCP-8080"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "ContentKeeper"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10014
set status disable
set name "CK_Support"
set uuid 81a058a2-3814-51ef-3b8c-44d6b9b67fcc
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "CONTENTKEEPER-REMOTE-SUPPORT"
set dstaddr "vip-grp-ck-all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "CK_Support_Services_Group"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "ContentKeeper"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10018
set status disable
set name "CKMobile"
set uuid 81a264e4-3814-51ef-4df9-7b8d1df3a9d6
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-grp-ckm-mgmt"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "CK_Mobile_Services_Group"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "ContentKeeper"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10024
set status enable
set name "Email_Hybrid_Allow"
set uuid 81a5da3e-3814-51ef-1983-581a79abcbe4
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-hybrid-email"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS" "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Hybrid Email - Robert Johnson"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10027
set status enable
set name "Barracuda_Archivers"
set uuid 81a9ac68-3814-51ef-197d-0a3afe0e87fd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set dstaddr "vip-grp-barracuda_Archivers"
set internet-service disable
set internet-service-src enable
set internet-service-src-group "Microsoft_ISDB_Both"
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS" "SMTP" "SMTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Barracuda Archivers from Microsoft"
set block-notification disable
set replacemsg-override-group ''
set dstaddr-negate disable
set service-negate disable
set internet-service-src-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 115
set status enable
set name "Nutanix_Remote_Support"
set uuid 1900c2ca-108e-51f0-95ec-850dcb4dec46
set srcintf "inside"
set dstintf "outside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Nutanix_CVM"
set dstaddr "Nutanix_Remote_Support"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10076
set status disable
set name "Apple_Cache"
set uuid 81ab9d98-3814-51ef-b8cb-8f477b83a491
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-applecaching"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL_TCP"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Apple Caching Server Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10094
set status enable
set name "DNS_ns1"
set uuid 81ad75dc-3814-51ef-f09d-c2b8f787df67
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-ns1"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "DNS - External"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10092
set status enable
set name "DNS_ns2"
set uuid 81af4632-3814-51ef-448f-03cf7baa0fcd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-ns2"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "DNS"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "DNS - External"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10108
set status enable
set name "LDAP_Access"
set uuid 81b1158e-3814-51ef-e736-4ff0961ed5e0
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Safeschools_Group"
set dstaddr "vip-DC01"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "LDAP" "LDAP_UDP" "TCP-636"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "LDAP"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10130
set status enable
set name "Airwatch"
set uuid 81b4f8d4-3814-51ef-470c-24615314b6bd
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-Airwatchapp"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "Airwatch_Services_Group"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Airwatch Access"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10054
set status enable
set name "SCSD_Website"
set uuid 81b6d604-3814-51ef-6668-0efb18da8bc4
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-Webosphere"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Website - scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10138
set status enable
set name "WebHelpDesk"
set uuid 81b8bcbc-3814-51ef-3a27-c1f21f5d717f
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-webhelpdesk"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Webpage - helpdesk.scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 117
set status enable
set name "RAP>Inside>DCs"
set uuid fd182646-56ad-51f0-29cf-aeb9b387ba3b
set srcintf "RAP"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "RAP-Users"
set dstaddr "Server_40" "Server_48"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10150
set status enable
set name "Tableau"
set uuid 81ba96fe-3814-51ef-6921-9f35497b8f80
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-tableau"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Webpage - tableau.scsd.us"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 99
set status enable
set name "PrintOC"
set uuid 81c226ee-3814-51ef-987c-d26a0604f4f0
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-PrintOC"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Oracle Web Printer"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10184
set status enable
set name "ESS"
set uuid 81c5a1b6-3814-51ef-5bd9-deeadac2e8b2
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-scsdess"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTP" "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Employee Self Service"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 10182
set status enable
set name "Address_Lookup"
set uuid 81c77f5e-3814-51ef-24cf-937273f467c6
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "United_States"
set dstaddr "vip-Neutrons"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "HTTPS"
set tos-mask 0x00
set anti-replay enable
set geoip-anycast disable
set geoip-match physical-location
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "Address Lookup for parents"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 93
set status enable
set name "SBC_Ribbon_Out->In"
set uuid 81c9586a-3814-51ef-76b4-4b2f00d4ef7b
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "MS_Teams_External_Group"
set dstaddr "vip-sbc-noc" "vip-sbc-dan"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 114
set status enable
set name "EMS_Out->In"
set uuid 57ea5a20-bcb3-51ef-3a9b-8209a3aa0052
set srcintf "outside"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "vip-EMS"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile ''
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list ''
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments "SBC Ribbon (Copy of SBC_Ribbon_Out->In)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 118
set status enable
set name "Servers->RAP"
set uuid a7519eb8-5b67-51f0-81ee-bcd251f393c6
set srcintf "inside"
set dstintf "RAP"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "Server_40" "Server_48" "21JumpSt" "Sys-Net-Admins"
set dstaddr "RAP-Users" "RAP-MGMT"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status enable
set inspection-mode flow
set profile-type single
set profile-protocol-options "default"
set ssl-ssh-profile "certificate-inspection"
set av-profile "g-default"
set webfilter-profile ''
set dnsfilter-profile ''
set emailfilter-profile ''
set dlp-sensor ''
set file-filter-profile ''
set ips-sensor "Incoming_IPS"
set application-list "App_Ctrl_1"
set voip-profile ''
set sctp-filter-profile ''
set logtraffic all
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments " (Copy of RAP>Inside>DCs) (Reverse of RAP>Inside>DCs)"
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 95
set status enable
set name "SCSD -> DPS"
set uuid a19c7908-a391-51f0-832c-2db07d1b76ba
set srcintf "inside"
set dstintf "DPS"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "all"
set dstaddr "DPS_10.46.0.0/16" "DPS_Internal" "DPS_192.168.146.0/24"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 103
set status enable
set name "DPS-> SCSD"
set uuid 86078cfe-a392-51f0-c08c-e8a016eaf556
set srcintf "DPS"
set dstintf "inside"
set action accept
set nat64 disable
set nat46 disable
set ztna-status disable
set srcaddr "DPS_10.46.0.0/16" "DPS_192.168.146.0/24" "DPS_Internal"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat disable
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
edit 104
set status enable
set name "DPS-> Outside"
set uuid 0545722a-a397-51f0-e7c5-fe7e645b19b6
set srcintf "DPS"
set dstintf "outside"
set action accept
set ztna-status disable
set srcaddr "DPS_10.46.0.0/16"
set dstaddr "all"
set internet-service disable
set internet-service-src disable
unset reputation-minimum
set rtp-nat disable
set schedule "always"
set schedule-timeout disable
set service "ALL"
set tos-mask 0x00
set anti-replay enable
set dynamic-shaping disable
set passive-wan-health-measurement disable
set utm-status disable
set inspection-mode flow
set profile-protocol-options "default"
set ssl-ssh-profile "no-inspection"
set logtraffic utm
set logtraffic-start disable
set capture-packet disable
set auto-asic-offload enable
set np-acceleration enable
set nat enable
set permit-any-host disable
set permit-stun-host disable
set fixedport disable
set ippool enable
set poolname "ippool-198.36.23.253"
set session-ttl 0
set vlan-cos-fwd 255
set vlan-cos-rev 255
set fec disable
set wccp disable
set disclaimer disable
set email-collect disable
set natip 0.0.0.0 0.0.0.0
set diffserv-forward disable
set diffserv-reverse disable
set tcp-mss-sender 0
set tcp-mss-receiver 0
set comments ''
set block-notification disable
set replacemsg-override-group ''
set srcaddr-negate disable
set dstaddr-negate disable
set service-negate disable
set timeout-send-rst disable
set captive-portal-exempt disable
set dsri disable
set radius-mac-auth-bypass disable
set delay-tcp-npu-session disable
unset vlan-filter
set traffic-shaper ''
set traffic-shaper-reverse ''
set per-ip-shaper ''
next
end
config firewall traffic-class
end
config firewall shaping-policy
end
config firewall shaping-profile
end
config firewall local-in-policy
end
config firewall local-in-policy6
end
config firewall ttl-policy
end
config firewall proxy-policy
end
config firewall dnstranslation
end
config firewall multicast-policy
end
config firewall multicast-policy6
end
config firewall interface-policy
end
config firewall interface-policy6
end
config firewall DoS-policy
edit 1
set status enable
set name "Country_Block_DOS"
set comments "Thresholds set to 1 to block all traffic from specific countries."
set interface "outside"
set srcaddr "Country Block"
set dstaddr "all"
set service "ALL"
config anomaly
edit "tcp_syn_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_port_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "tcp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "udp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_sweep"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "icmp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "ip_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "ip_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_flood"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_scan"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_src_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
edit "sctp_dst_session"
set status enable
set log disable
set action block
set quarantine none
set threshold 1
next
end
next
edit 3
set status enable
set name "Zoom-bypass"
set comments ''
set interface "outside"
set srcaddr "all"
set dstaddr "all"
set service "Zoom UDP Ports"
config anomaly
edit "tcp_syn_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "tcp_port_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "tcp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "tcp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_flood"
set status enable
set log enable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "udp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "udp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "icmp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 250
next
edit "icmp_sweep"
set status disable
set log disable
set action pass
set quarantine none
set threshold 100
next
edit "icmp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 300
next
edit "icmp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "ip_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "ip_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_flood"
set status disable
set log disable
set action pass
set quarantine none
set threshold 2000
next
edit "sctp_scan"
set status disable
set log disable
set action pass
set quarantine none
set threshold 1000
next
edit "sctp_src_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
edit "sctp_dst_session"
set status disable
set log disable
set action pass
set quarantine none
set threshold 5000
next
end
next
edit 2
set status enable
set name "DoS_Default"
set comments ''
set interface "outside"
set srcaddr "all"
set dstaddr "all"
set service "ALL"
config anomaly
edit "tcp_syn_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "tcp_port_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "tcp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "tcp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "udp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 20000
next
edit "udp_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "udp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "udp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "icmp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 250
next
edit "icmp_sweep"
set status enable
set log enable
set action block
set quarantine none
set threshold 100
next
edit "icmp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 300
next
edit "icmp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "ip_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "ip_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "sctp_flood"
set status enable
set log enable
set action block
set quarantine none
set threshold 2000
next
edit "sctp_scan"
set status enable
set log enable
set action block
set quarantine none
set threshold 1000
next
edit "sctp_src_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
edit "sctp_dst_session"
set status enable
set log enable
set action block
set quarantine none
set threshold 5000
next
end
next
end
config firewall DoS-policy6
end
config firewall sniffer
edit 8
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "vpn-0fc50345"
set host "172.30.45.35"
set port "3389"
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 100
next
edit 4
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host "10.250.229.0/24"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 2000
next
edit 6
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host "10.1.150.20"
set port "8445"
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 50
next
edit 5
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "vpn-0403e61"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 7
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "outside lag"
set host "3.20.191.182"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 9
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "Highstreet"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 10
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "inside lag"
set host "192.168.79.2"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 11
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "inside lag"
set host "10.46.1.1"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 12
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "DPS"
set host "10.46.1.1"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 13
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "port17"
set host "192.168.146.5"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 14
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "port19"
set host "192.168.146.5"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
edit 15
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "RAP"
set host "192.168.79.2"
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 10000
next
edit 16
set status enable
set logtraffic utm
set ipv6 disable
set non-ip disable
set interface "city_phones lag"
set host ''
set port ''
set protocol ''
set vlan ''
set dsri disable
set max-packet-count 4000
next
end
config firewall acl
end
config firewall acl6
end
config firewall central-snat-map
end
config firewall ip-translation
end
config authentication scheme
end
config authentication rule
end
config authentication setting
set active-auth-scheme ''
set sso-auth-scheme ''
set captive-portal-type fqdn
set captive-portal ''
set captive-portal6 ''
set cert-auth disable
set captive-portal-port 7830
set auth-https enable
set captive-portal-ssl-port 7831
end
config system speed-test-schedule
end
config switch-controller switch-interface-tag
end
config switch-controller 802-1X-settings
set link-down-auth set-unauth
set reauth-period 60
set max-reauth-attempt 3
set tx-period 30
end
config switch-controller security-policy 802-1X
edit "802-1X-policy-default"
set security-mode 802.1X
set user-group "SSO_Guest_Users"
set mac-auth-bypass disable
set open-auth disable
set eap-passthru enable
set eap-auto-untagged-vlans enable
set guest-vlan disable
set guest-auth-delay 30
set auth-fail-vlan disable
set framevid-apply enable
set radius-timeout-overwrite disable
set policy-type 802.1X
set authserver-timeout-vlan disable
next
end
config switch-controller security-policy local-access
edit "default"
set mgmt-allowaccess https ping ssh
set internal-allowaccess https ping ssh
next
end
config switch-controller location
end
config switch-controller lldp-settings
set tx-hold 4
set tx-interval 30
set fast-start-interval 2
set management-interface internal
set device-detection enable
end
config switch-controller lldp-profile
edit "default"
set med-tlvs inventory-management network-policy location-identification
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl disable
config med-network-policy
edit "voice"
set status disable
next
edit "voice-signaling"
set status disable
next
edit "guest-voice"
set status disable
next
edit "guest-voice-signaling"
set status disable
next
edit "softphone-voice"
set status disable
next
edit "video-conferencing"
set status disable
next
edit "streaming-video"
set status disable
next
edit "video-signaling"
set status disable
next
end
config med-location-service
edit "coordinates"
set status disable
next
edit "address-civic"
set status disable
next
edit "elin-number"
set status disable
next
end
next
edit "default-auto-isl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl disable
next
edit "default-auto-mclag-icl"
unset med-tlvs
unset 802.1-tlvs
unset 802.3-tlvs
set auto-isl enable
set auto-isl-hello-timer 3
set auto-isl-receive-timeout 60
set auto-isl-port-group 0
set auto-mclag-icl enable
next
end
config switch-controller qos dot1p-map
edit "voice-dot1p"
set description ''
set egress-pri-tagging disable
set priority-0 queue-4
set priority-1 queue-4
set priority-2 queue-3
set priority-3 queue-2
set priority-4 queue-3
set priority-5 queue-1
set priority-6 queue-2
set priority-7 queue-2
next
end
config switch-controller qos ip-dscp-map
edit "voice-dscp"
set description ''
config map
edit "1"
set cos-queue 1
set value 46
next
edit "2"
set cos-queue 2
set value 24,26,48,56
next
edit "5"
set cos-queue 3
set value 34
next
end
next
end
config switch-controller qos queue-policy
edit "default"
set schedule round-robin
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
edit "voice-egress"
set schedule weighted
set rate-by kbps
config cos-queue
edit "queue-0"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-1"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 0
next
edit "queue-2"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 6
next
edit "queue-3"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 37
next
edit "queue-4"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 12
next
edit "queue-5"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-6"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
edit "queue-7"
set description ''
set min-rate 0
set max-rate 0
set drop-policy taildrop
set weight 1
next
end
next
end
config switch-controller qos qos-policy
edit "default"
set default-cos 0
set trust-dot1p-map ''
set trust-ip-dscp-map ''
set queue-policy "default"
next
edit "voice-qos"
set default-cos 0
set trust-dot1p-map "voice-dot1p"
set trust-ip-dscp-map "voice-dscp"
set queue-policy "voice-egress"
next
end
config switch-controller storm-control-policy
edit "default"
set description "default storm control on all port"
set storm-control-mode global
next
edit "auto-config"
set description "storm control policy for fortilink-isl-icl port"
set storm-control-mode disabled
next
end
config switch-controller auto-config policy
edit "default"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status enable
set igmp-flood-report disable
set igmp-flood-traffic disable
next
edit "default-icl"
set qos-policy "default"
set storm-control-policy "auto-config"
set poe-status disable
set igmp-flood-report enable
set igmp-flood-traffic enable
next
end
config switch-controller auto-config default
set fgt-policy "default"
set isl-policy "default"
set icl-policy "default-icl"
end
config switch-controller auto-config custom
end
config switch-controller initial-config template
edit "_default"
set vlanid 1
unset allowaccess
set dhcp-server disable
next
edit "quarantine"
set vlanid 4093
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "rspan"
set vlanid 4092
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
edit "voice"
set vlanid 4091
unset allowaccess
set dhcp-server disable
next
edit "video"
set vlanid 4090
unset allowaccess
set dhcp-server disable
next
edit "onboarding"
set vlanid 4089
unset allowaccess
set dhcp-server disable
next
edit "nac_segment"
set vlanid 4088
unset allowaccess
set auto-ip enable
set dhcp-server enable
next
end
config switch-controller initial-config vlans
set default-vlan "_default"
set quarantine "quarantine"
set rspan "rspan"
set voice "voice"
set video "video"
set nac "onboarding"
set nac-segment "nac_segment"
end
config switch-controller switch-profile
edit "default"
set login-passwd-override disable
next
end
config switch-controller custom-command
end
config switch-controller virtual-port-pool
end
config switch-controller ptp settings
set mode disable
end
config switch-controller ptp policy
edit "default"
set status enable
next
end
config switch-controller vlan-policy
end
config switch-controller dynamic-port-policy
end
config switch-controller managed-switch
end
config switch-controller switch-group
end
config switch-controller stp-settings
set name ''
set revision 0
set hello-time 2
set forward-time 15
set max-age 20
set max-hops 20
end
config switch-controller stp-instance
end
config switch-controller storm-control
set rate 500
set unknown-unicast disable
set unknown-multicast disable
set broadcast disable
end
config switch-controller global
set mac-aging-interval 300
set https-image-push enable
set vlan-optimization enable
set mac-retention-period 24
set default-virtual-switch-vlan ''
set dhcp-server-access-list disable
set log-mac-limit-violations disable
set sn-dns-resolution enable
set mac-event-logging disable
set bounce-quarantined-link disable
set quarantine-mode by-vlan
set update-user-device mac-cache lldp dhcp-snooping l2-db l3-db
set fips-enforce enable
set firmware-provision-on-authorization disable
end
config switch-controller switch-log
set status enable
set severity notification
end
config switch-controller igmp-snooping
set aging-time 300
set flood-unknown-multicast disable
set query-interval 125
end
config switch-controller sflow
set collector-ip 0.0.0.0
set collector-port 6343
end
config switch-controller network-monitor-settings
set network-monitoring disable
end
config switch-controller flow-tracking
set sample-mode perimeter
set sample-rate 512
set format netflow9
set collector-ip 0.0.0.0
set collector-port 0
set transport udp
set level ip
set max-export-pkt-size 512
set timeout-general 3600
set timeout-icmp 300
set timeout-max 604800
set timeout-tcp 3600
set timeout-tcp-fin 300
set timeout-tcp-rst 120
set timeout-udp 300
end
config switch-controller snmp-sysinfo
set status disable
set engine-id ''
set description ''
set contact-info ''
set location ''
end
config switch-controller snmp-trap-threshold
set trap-high-cpu-threshold 80
set trap-low-memory-threshold 80
set trap-log-full-threshold 90
end
config switch-controller snmp-community
end
config switch-controller snmp-user
end
config switch-controller traffic-sniffer
set mode erspan-auto
set erspan-ip 0.0.0.0
end
config switch-controller remote-log
edit "syslogd"
set status disable
next
edit "syslogd2"
set status disable
next
end
config switch-controller mac-policy
end
config wireless-controller setting
set account-id ''
set country US
set duplicate-ssid disable
set fapc-compatibility disable
set wfa-compatibility disable
set phishing-ssid-detect enable
set fake-ssid-action log
set device-weight 1
set device-holdoff 5
set device-idle 1440
set firmware-provision-on-authorization disable
set darrp-optimize 86400
set darrp-optimize-schedules "default-darrp-optimize"
end
config wireless-controller log
set status enable
set addrgrp-log notification
set ble-log notification
set clb-log notification
set dhcp-starv-log notification
set led-sched-log notification
set radio-event-log notification
set rogue-event-log notification
set sta-event-log notification
set sta-locate-log notification
set wids-log notification
set wtp-event-log notification
end
config wireless-controller apcfg-profile
end
config wireless-controller bonjour-profile
end
config wireless-controller arrp-profile
edit "arrp-default"
set comment ''
set selection-period 3600
set monitor-period 300
set weight-managed-ap 50
set weight-rogue-ap 10
set weight-noise-floor 40
set weight-channel-load 20
set weight-spectral-rssi 40
set weight-weather-channel 1000
set weight-dfs-channel 500
set threshold-ap 250
set threshold-noise-floor "-85"
set threshold-channel-load 60
set threshold-spectral-rssi "-65"
set threshold-tx-retries 300
set threshold-rx-errors 50
set include-weather-channel disable
set include-dfs-channel disable
set override-darrp-optimize disable
next
end
config wireless-controller region
end
config wireless-controller vap-group
end
config wireless-controller wids-profile
edit "default"
set comment "Default WIDS profile."
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge enable
set deauth-broadcast enable
set null-ssid-probe-resp enable
set long-duration-attack enable
set long-duration-thresh 8200
set invalid-mac-oui enable
set weak-wep-iv enable
set auth-frame-flood enable
set auth-flood-time 10
set auth-flood-thresh 30
set assoc-frame-flood enable
set assoc-flood-time 10
set assoc-flood-thresh 30
set spoofed-deauth enable
set asleap-attack enable
set eapol-start-flood enable
set eapol-start-thresh 10
set eapol-start-intv 1
set eapol-logoff-flood enable
set eapol-logoff-thresh 10
set eapol-logoff-intv 1
set eapol-succ-flood enable
set eapol-succ-thresh 10
set eapol-succ-intv 1
set eapol-fail-flood enable
set eapol-fail-thresh 10
set eapol-fail-intv 1
set eapol-pre-succ-flood enable
set eapol-pre-succ-thresh 10
set eapol-pre-succ-intv 1
set eapol-pre-fail-flood enable
set eapol-pre-fail-thresh 10
set eapol-pre-fail-intv 1
set deauth-unknown-src-thresh 10
next
edit "default-wids-apscan-enabled"
set comment ''
set sensor-mode disable
set ap-scan enable
set ap-bgscan-period 600
set ap-bgscan-intv 1
set ap-bgscan-duration 20
set ap-bgscan-idle 0
set ap-bgscan-report-intv 30
set ap-fgscan-report-intv 15
set ap-scan-passive disable
set ap-scan-threshold "-90"
set wireless-bridge disable
set deauth-broadcast disable
set null-ssid-probe-resp disable
set long-duration-attack disable
set long-duration-thresh 8200
set invalid-mac-oui disable
set weak-wep-iv disable
set auth-frame-flood disable
set assoc-frame-flood disable
set spoofed-deauth disable
set asleap-attack disable
set eapol-start-flood disable
set eapol-logoff-flood disable
set eapol-succ-flood disable
set eapol-fail-flood disable
set eapol-pre-succ-flood disable
set eapol-pre-fail-flood disable
set deauth-unknown-src-thresh 10
next
end
config wireless-controller ble-profile
edit "fortiap-discovery"
set comment ''
set advertising ibeacon eddystone-uid eddystone-url
set ibeacon-uuid "wtp-uuid"
set major-id 1000
set minor-id 2000
set eddystone-namespace "0102030405"
set eddystone-instance "abcdef"
set eddystone-url "http://www.fortinet.com"
set txpower 0
set beacon-interval 100
set ble-scanning disable
next
end
config wireless-controller syslog-profile
end
config wireless-controller wtp-profile
end
config wireless-controller wtp
end
config wireless-controller wtp-group
end
config wireless-controller qos-profile
end
config wireless-controller wag-profile
end
config wireless-controller address
end
config wireless-controller addrgrp
end
config wireless-controller snmp
set engine-id ''
set contact-info ''
set trap-high-cpu-threshold 80
set trap-high-mem-threshold 80
end
config wireless-controller mpsk-profile
end
config wireless-controller nac-profile
end
config wireless-controller ssid-policy
end
config wireless-controller access-control-list
end
config wireless-controller ap-status
end
config user nac-policy
end
config extender-controller dataplan
end
config extender-controller extender-profile
end
config extender-controller extender
end
config system ips
set signature-hold-time 0h
end
config ips custom
end
config ips settings
set packet-log-history 1
set packet-log-post-attack 0
set ips-packet-quota 0
end
config alertemail setting
set username ''
set mailto1 ''
set mailto2 ''
set mailto3 ''
set filter-mode category
set email-interval 5
set IPS-logs disable
set firewall-authentication-failure-logs disable
set IPsec-errors-logs disable
set PPP-errors-logs disable
set sslvpn-authentication-errors-logs disable
set antivirus-logs disable
set webfilter-logs disable
set configuration-changes-logs disable
set violation-traffic-logs disable
set admin-login-logs disable
set log-disk-usage-warning disable
set FSSO-disconnect-logs disable
set ssh-logs disable
set local-disk-usage 75
end
config router access-list
end
config router access-list6
end
config router aspath-list
end
config router prefix-list
end
config router prefix-list6
end
config router key-chain
end
config router community-list
end
config router route-map
end
config router rip
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
set version 2
end
config router ripng
set default-information-originate disable
set default-metric 1
set max-out-metric 0
config redistribute "connected"
set status disable
set metric 0
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
end
set update-timer 30
set timeout-timer 180
set garbage-timer 120
end
config router static
edit 1
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 198.36.24.1
set distance 1
set weight 0
set priority 1
set device "outside lag"
set comment "Outgoing traffic"
set blackhole disable
set dynamic-gateway disable
set dstaddr ''
unset internet-service
set internet-service-custom ''
set link-monitor-exempt disable
set bfd disable
next
edit 2
set status enable
set dst 10.0.0.0 255.0.0.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Internal traffic"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 3
set status enable
set dst 10.250.201.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 1"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 4
set status enable
set dst 10.250.202.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 2"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 5
set status enable
set dst 10.250.203.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 3"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 6
set status enable
set dst 10.250.204.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 4"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 7
set status enable
set dst 10.250.205.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 5"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 8
set status enable
set dst 10.250.206.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 6"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 9
set status enable
set dst 10.250.207.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 7"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 10
set status enable
set dst 10.250.208.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Ring 8"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 11
set status enable
set dst 172.17.0.0 255.255.0.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 01 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 12
set status enable
set dst 172.18.0.0 255.255.0.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 02 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 13
set status enable
set dst 172.19.0.0 255.255.0.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "CK Mobile 03 IP Range Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 14
set status enable
set dst 192.168.0.0 255.255.0.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Management Internal"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 15
set status enable
set dst 10.212.134.0 255.255.255.0
set gateway 10.251.1.1
set distance 1
set weight 0
set priority 1
set device "inside lag"
set comment "Fortinet VPN"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 16
set status enable
set dst 170.161.52.27 255.255.255.255
set distance 1
set weight 0
set priority 1
set device "SRIC_BOCES"
set comment "SRIC BOCES Site-to-Site VPN Route"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 17
set status enable
set dst 10.222.0.0 255.255.0.0
set distance 10
set weight 0
set priority 1
set device "vpn-042e9903"
set comment "eScholar AWS Site-to-Site VPN"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 18
set status enable
set dst 10.250.0.0 255.255.0.0
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "Route to City Phones"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 19
set status enable
set dst 10.107.49.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 20
set status enable
set dst 10.107.100.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 21
set status enable
set dst 10.107.50.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "SCHC"
set comment "Syracuse Community Health Center Routes"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 22
set status enable
set dst 10.253.17.0 255.255.255.0
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City CGRs"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 23
set status enable
set dst 10.253.18.0 255.255.255.0
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City CGRs"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 24
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City Side Park Place VoIP Route"
set blackhole disable
set dynamic-gateway disable
set dstaddr "City_Side_VoIP_Park_Place_Group"
set link-monitor-exempt disable
set bfd disable
next
edit 25
set status enable
set dst 10.249.0.46 255.255.255.255
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "City Water/DPW Recording"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 26
set status enable
set dst 0.0.0.0 0.0.0.0
set gateway 10.250.100.92
set distance 10
set weight 0
set priority 1
set device "city_phones lag"
set comment "SPD Genetec"
set blackhole disable
set dynamic-gateway disable
set dstaddr "SPD_Side_Genetec"
set link-monitor-exempt disable
set bfd disable
next
edit 34
set status enable
set dst 172.30.44.0 255.255.254.0
set distance 10
set weight 0
set priority 1
set device "vpn-0fc50345"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 28
set status disable
set dst 172.30.45.35 255.255.255.255
set distance 10
set weight 0
set priority 1
set device "vpn-0fc50345"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 29
set status enable
set dst 172.30.44.0 255.255.254.0
set distance 253
set weight 0
set priority 1
set comment ''
set blackhole enable
set link-monitor-exempt disable
set vrf 0
next
edit 30
set status enable
set dst 10.11.0.0 255.255.240.0
set distance 10
set weight 0
set priority 1
set device "vpn-0403e61"
set comment "eScholar AWS 2024"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 31
set status enable
set dst 10.46.0.0 255.255.0.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 32
set status enable
set dst 192.168.46.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 33
set status enable
set dst 10.51.62.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "Highstreet"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 37
set status enable
set dst 192.168.146.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "DPS"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 35
set status enable
set dst 192.168.79.0 255.255.255.0
set distance 10
set weight 0
set priority 1
set device "RAP"
set comment ''
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
edit 36
set status enable
set dst 10.79.0.0 255.255.0.0
set distance 10
set weight 0
set priority 1
set device "RAP"
set comment "RAP Users"
set blackhole disable
set dynamic-gateway disable
set link-monitor-exempt disable
set bfd disable
next
end
config router policy
end
config router policy6
end
config router static6
end
config router ospf
set abr-type standard
set auto-cost-ref-bandwidth 1000
set distance-external 110
set distance-inter-area 110
set distance-intra-area 110
set database-overflow disable
set database-overflow-max-lsas 10000
set database-overflow-time-to-recover 300
set default-information-originate disable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set distance 110
set rfc1583-compatible disable
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
set log-neighbour-changes enable
set distribute-list-in ''
set distribute-route-map-in ''
set restart-mode none
set restart-period 120
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
set tag 0
end
end
config router ospf6
set abr-type standard
set auto-cost-ref-bandwidth 1000
set default-information-originate disable
set log-neighbour-changes enable
set default-information-metric 10
set default-information-metric-type 2
set default-information-route-map ''
set default-metric 10
set router-id 0.0.0.0
set spf-timers 5 10
set bfd disable
config redistribute "connected"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "static"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "rip"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "bgp"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
config redistribute "isis"
set status disable
set metric 0
set routemap ''
set metric-type 2
end
end
config router bgp
set as 0
set keepalive-timer 60
set holdtime-timer 180
set always-compare-med disable
set bestpath-as-path-ignore disable
set bestpath-cmp-confed-aspath disable
set bestpath-cmp-routerid disable
set bestpath-med-confed disable
set bestpath-med-missing-as-worst disable
set client-to-client-reflection enable
set dampening disable
set deterministic-med disable
set ebgp-multipath disable
set ibgp-multipath disable
set enforce-first-as enable
set fast-external-failover enable
set log-neighbour-changes enable
set network-import-check enable
set ignore-optional-capability enable
set multipath-recursive-distance disable
set recursive-next-hop disable
set tag-resolve-mode disable
set cluster-id 0.0.0.0
set confederation-identifier 0
set default-local-preference 100
set scan-time 60
set distance-external 20
set distance-internal 200
set distance-local 200
set synchronization disable
set graceful-restart disable
config redistribute "connected"
set status disable
set route-map ''
end
config redistribute "rip"
set status disable
set route-map ''
end
config redistribute "ospf"
set status disable
set route-map ''
end
config redistribute "static"
set status disable
set route-map ''
end
config redistribute "isis"
set status disable
set route-map ''
end
config redistribute6 "connected"
set status disable
set route-map ''
end
config redistribute6 "rip"
set status disable
set route-map ''
end
config redistribute6 "ospf"
set status disable
set route-map ''
end
config redistribute6 "static"
set status disable
set route-map ''
end
config redistribute6 "isis"
set status disable
set route-map ''
end
end
config router isis
set is-type level-1-2
set adv-passive-only disable
set adv-passive-only6 disable
set auth-mode-l1 password
set auth-mode-l2 password
set auth-password-l1 ENC qlwj+Ot2IXdudgyU7UP2ZXvShJH8eJCN2R/DAsXlVPFyRcpJp3XcY0zb0Rsv0f9DteAX0zLHBEUKf0AKR2ztALUEIHXtYeCwnlDegjojGM6FCRrSluRxJYDSYTLvClVvXWc6abkSllJ9+VOKgpCIIgiF0AlT4rfvWmLmWb3kX85KOv9L29EEu61lf8Oi/pU9YTPmdg==
set auth-password-l2 ENC qctW91VkenjEEf96iaejuJ2fhCKWLtCCtcAztxmoUMIzgOoSttYUzZzaMXecFALwZzg7Ve6mSoYl7byFd0fZ3NFQvq85Equ/g8hNAH93dbYFnpuDYz1zS1WOeNIJ5j1a/eaFtsmDfXrcqP/PelqFB967SrWlLM8BzvseeiQsiwL9Pp7QU3vKhi3jgU9YcpeFQJx7oA==
set auth-sendonly-l1 disable
set auth-sendonly-l2 disable
set ignore-lsp-errors disable
set lsp-gen-interval-l1 30
set lsp-gen-interval-l2 30
set lsp-refresh-interval 900
set max-lsp-lifetime 1200
set spf-interval-exp-l1 500 50000
set spf-interval-exp-l2 500 50000
set dynamic-hostname disable
set adjacency-check disable
set adjacency-check6 disable
set overload-bit disable
unset overload-bit-suppress
set overload-bit-on-startup 0
set default-originate disable
set default-originate6 disable
set metric-style narrow
set redistribute-l1 disable
set redistribute-l2 disable
set redistribute6-l1 disable
set redistribute6-l2 disable
config redistribute "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "connected"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "rip"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "ospf"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "bgp"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
config redistribute6 "static"
set status disable
set metric 0
set metric-type internal
set level level-2
set routemap ''
end
end
config router multicast-flow
end
config router multicast
set route-limit 2147483647
set multicast-routing disable
config pim-sm-global
set message-interval 60
set join-prune-holdtime 210
set accept-register-list ''
set accept-source-list ''
set bsr-candidate disable
set bsr-allow-quick-refresh disable
set cisco-register-checksum disable
set cisco-crp-prefix disable
set cisco-ignore-rp-set-priority disable
set register-rp-reachability enable
set register-source disable
set register-supression 60
set null-register-retries 1
set rp-register-keepalive 185
set spt-threshold enable
set ssm disable
set register-rate-limit 0
set spt-threshold-group ''
end
end
config router multicast6
set multicast-routing disable
config pim-sm-global
end
end
config router auth-path
end
config router setting
set show-filter ''
set hostname ''
end
config router bfd
end
config router bfd6
end
config system proxy-arp
end
config system link-monitor
edit "1"
set addr-mode ipv4
set srcintf "vpn-0fc50345"
set server-config default
set server "169.254.54.77"
set protocol ping
set gateway-ip 0.0.0.0
set source-ip 0.0.0.0
set interval 20
set probe-timeout 500
set failtime 5
set recoverytime 5
set probe-count 30
set ha-priority 1
set update-cascade-interface enable
set update-static-route enable
set update-policy-route enable
set status disable
set diffservcode 000000
unset class-id
set service-detection disable
next
end
config system wccp
end
config system dns64
set status disable
set dns64-prefix 64:ff9b::/96
set always-synthesize-aaaa-record enable
end
config system nd-proxy
set status disable
end
config system vne-tunnel
set status disable
end
end
![\"Fortinet](\"https://filestore.fortinet.com/fortiguard/logo_v3_fguard_app.png\"){kind=logo}