Skip to main content

Need one NQE Queries for Public IPs only from where outside traffic is coming to my internal network. Also want to get the output of below command on Fortinet Firewall through NQE Queries. 

“ local route prefix list ”


I used one NQE Query that already on Forward Library - “Interfaces Using Public IPv4 Addresses” but this is not fulfilling my requirement. Tried Forward AI Assist also but not useful in this scenario.
Can you please help me on this ?

 

Hi Varun - 

Can I ask about the FortiOS command?   In FortiOS 7.4 in my lab there doesn’t seem to be a command like you describe.   Instead you can do this to get a list of prefix-list names:

pop1-mfw01 # get router prefix-list
== b PL-1 ]
name: PL-1
pop1-mfw01 #

And then you can do this to retrieve the contents of the prefix list in the config.  Of course specifying the name PL-1 is optional - if you want to get all prefix lists just leave that off.

pop1-mfw01 # show router prefix-list PL-1
config router prefix-list
edit "PL-1"
set comments "Test prefix list"
config rule
edit 1
set prefix 172.16.0.0 255.240.0.0
unset ge
unset le
next
end
next
end

We don’t collect this by default, so you can add this as a custom command against Fortinet devices.

 

On the question about internet IP addresses being able to access your network,  does a path search not do what you need?   Like this:
 


If I have misunderstood your requirement please let me know

Best regards,

Andy​​​​​​


Reply