fw01 # diagnose debug disable
fw01 # config user peer
fw01 (peer) # show
fw01 (peer) # edit testbla
new entry 'testbla' added
fw01 (testbla) # set
ca Peer certificate CA (CA name in local).
cn Peer certificate common name.
cn-type Peer certificate common name type.
ldap-mode Peer LDAP mode.
ldap-password Password for LDAP server bind.
ldap-server LDAP server for access rights check.
ldap-username Username for LDAP server bind.
mandatory-ca-verify Enable/disable mandatory CA verify.
ocsp-override-server OSCP server.
subject Peer certificate name constraints.
two-factor Enable/disable 2-factor authentication (certificate + password).
fw01 (testbla) # set mandatory-ca-verify enable
fw01 (testbla) # set ca
<string> please input string value
CA_Cert_1 ca
CA_Cert_2 ca
Fortinet_CA ca
Fortinet_CA2 ca
PositiveSSL_CA ca
fw01 (testbla) # set ca CA_Cert_1
fw01 (testbla) # set cn
<string> please input string value
fw01 (testbla) # set cn-type
FQDN Fully Qualified Domain Name.
email Email address.
ipv4 IPv4 address.
ipv6 IPv6 address.
string Normal string.
fw01 (testbla) # set cn-type string
fw01 (testbla) # set cn testbla
fw01 (testbla) # set
ca Peer certificate CA (CA name in local).
cn Peer certificate common name.
cn-type Peer certificate common name type.
ldap-mode Peer LDAP mode.
ldap-password Password for LDAP server bind.
ldap-server LDAP server for access rights check.
ldap-username Username for LDAP server bind.
mandatory-ca-verify Enable/disable mandatory CA verify.
ocsp-override-server OSCP server.
subject Peer certificate name constraints.
two-factor Enable/disable 2-factor authentication (certificate + password).
fw01 (testbla) # set two-factor enable
fw01 (testbla) # set
ca Peer certificate CA (CA name in local).
cn Peer certificate common name.
cn-type Peer certificate common name type.
ldap-mode Peer LDAP mode.
ldap-password Password for LDAP server bind.
ldap-server LDAP server for access rights check.
ldap-username Username for LDAP server bind.
mandatory-ca-verify Enable/disable mandatory CA verify.
ocsp-override-server OSCP server.
passwd User password.
subject Peer certificate name constraints.
two-factor Enable/disable 2-factor authentication (certificate + password).
fw01 (testbla) # set passwd
incomplete command in the end
Command fail. Return code -160
fw01 (testbla) # set passwd 1234567
fw01 (testbla) # end
fw01 # config user peer
fw01 (peer) # show
config user peer
edit "testbla"
set ca "CA_Cert_1"
set cn "testbla"
set mandatory-ca-verify enable
set two-factor enable
set passwd ENC NeMCO1Dha7ZqzsoTiwDNNu4hyjHmTly3B2wbyvf3i4v8unf4vH1iNl1BwyJkv3/1lqMcVPrSlS7NieSeDuInUc7YUyh/Jegw3sSsX6J2hn8xocsLt4xczedDenbJLWRgj0UVHrR+XrmTdr+4sZx5WqjSyPU8V53iDBv/9sLiA==
next
end
fw01 (peer) #
fw01 (peer) # exit
please use 'end' to return to root shell
fw01 (peer) # next
Unknown action 0
fw01 (peer) # end