Display interface information. Link status, settings are shown here.
get hardware nic <interface>
On FortiGates using SPF/SPF+ transceivers you can see their status
get system interface transceiver
Sometimes FortiGate only displays the interface index and not the name. To find the matching interface
diag netlink interface list
Display the ARP cache
get system arp diag ip arp list
Delete an entry in the ARP cache
diag ip arp delete <interface> <ip-address>
Display the MAC addresses of a FortiGate in transparent mode
diag netlink brtcl
exec ping-options [option] exec ping <ip-address> exec ping6-options [option] exec ping6 <ipv6-address>
Important: Using VPN tunnels without IP address configuration, ping uses the IP address or the interface where the tunnel is attached. Pinging an IP address on the other side of the tunnel without using ping-options does not work.
exec traceroute-options [option] exec traceroute <ip-address> exec tracert6 <ipv6-address>
It is possible to establish a connection to a remote system using telnet or ssh.
exec telnet <ip-address> exec ssh <user@ip-address>
IP addresses used on the FortiGate
Show me the IP addresses used on the FortiGate
diag ip address list diag ipv6 address list
Show me the IP addresses of my VIPs
diag firewall iplist list