Fortinet 127 - Manuals

6 01-28005-0101-20041015 Fortinet Inc. Web-based manager Introduction Secure installation, configuration, and management The FortiGate unit default configuration includes default interface IP addresses and is only a few steps away from protecting your network. There are several ways to configure bas...

Introduction Command line interface FortiGate-500A Installation Guide 01-28005-0101-20041015 7 Command line interface You can access the FortiGate command line interface (CLI) by connecting a management computer serial port to the FortiGate RS-232 serial console connector. You can also use Telnet or...

Introduction Comments on Fortinet technical documentation FortiGate-500A Installation Guide 01-28005-0101-20041015 9 Fortinet documentation Information about FortiGate products is available from the following FortiGate Guides: • FortiGate QuickStart Guide Each QuickStart Guide provides the basic inf...

10 01-28005-0101-20041015 Fortinet Inc. Comments on Fortinet technical documentation Introduction Customer service and technical support For antivirus and attack definition updates, firmware updates, updated product documentation, technical support information, and other resources, please visit the ...

FortiGate-500A Installation Guide Version 2.80 MR5 FortiGate-500A Installation Guide 01-28005-0101-20041015 11 Getting started This section describes unpacking, setting up, and powering on a FortiGate Antivirus Firewall unit. This section includes: • Package contents • Mounting • Turning the FortiGa...

12 01-28005-0101-20041015 Fortinet Inc. Getting started Package contents The FortiGate-500A package contains the following items: • FortiGate-500A Antivirus Firewall• one orange crossover ethernet cable (Fortinet part number CC300248)• one gray regular ethernet cable (Fortinet part number CC300249)•...

Getting started FortiGate-500A Installation Guide 01-28005-0101-20041015 13 Power requirements • Power dissipation: 50 W (max)• AC input voltage: 100 to 240 VAC• AC input current: 1.6 A• Frequency: 50 to 60 H Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C)• Storage temp...

14 01-28005-0101-20041015 Fortinet Inc. Getting started To power off the FortiGate unit Always shut down the FortiGate operating system properly before turning off the power switch. 1 From the web-based manager, go to System > Maintenance > ShutDown , select Shut Down and select Apply, or from...

Getting started FortiGate-500A Installation Guide 01-28005-0101-20041015 15 3 Start Internet Explorer and browse to the address https://192.168.1.99. (remember to include the “s” in https://).The FortiGate login is displayed. Figure 3: FortiGate login 4 Type admin in the Name field and select Login....

16 01-28005-0101-20041015 Fortinet Inc. Getting started 5 Press Enter to connect to the FortiGate CLI.The following prompt is displayed: FortiGate-500A login: 6 Type admin and press Enter twice. The following prompt is displayed: Welcome ! Type ? to list available commands. For information about how...

18 01-28005-0101-20041015 Fortinet Inc. Factory default Transparent mode network configuration Getting started Factory default Transparent mode network configuration In Transparent mode, the FortiGate unit has the default network configuration listed in Table 3 . Factory default firewall configurati...

Getting started Factory default protection profiles FortiGate-500A Installation Guide 01-28005-0101-20041015 19 Factory default protection profiles Use protection profiles to apply different protection settings for traffic that is controlled by firewall policies. You can use protection profiles to: ...

20 01-28005-0101-20041015 Fortinet Inc. NAT/Route mode Getting started Figure 4: Web protection profile settings Planning the FortiGate configuration Before you configure the FortiGate unit, you need to plan how to integrate the unit into the network. Among other things, you must decide whether you ...

Getting started NAT/Route mode with multiple external network connections FortiGate-500A Installation Guide 01-28005-0101-20041015 21 You can add firewall policies to control whether communications through the FortiGate unit operate in NAT or Route mode. Firewall policies control the flow of traffic...

22 01-28005-0101-20041015 Fortinet Inc. Transparent mode Getting started Figure 6: Example NAT/Route multiple internet connection configuration Transparent mode In Transparent mode, the FortiGate unit is invisible to the network. Similar to a network bridge, all FortiGate interfaces must be on the s...

Getting started Configuration options FortiGate-500A Installation Guide 01-28005-0101-20041015 23 Web-based manager and setup wizard The FortiGate web-based manager is a full featured management tool. You can use the web-based manager to configure most FortiGate settings. The web-based manager Setup...

FortiGate-500A Installation Guide Version 2.80 MR5 FortiGate-500A Installation Guide 01-28005-0101-20041015 25 NAT/Route mode installation This chapter describes how to install the FortiGate unit in NAT/Route mode. For information about installing a FortiGate unit in Transparent mode, see “Transpare...

26 01-28005-0101-20041015 Fortinet Inc. DHCP or PPPoE configuration NAT/Route mode installation DHCP or PPPoE configuration You can configure any FortiGate interface to acquire its IP address from a DHCP or PPPoE server. Your ISP may provide IP addresses using one of these protocols. To use the Fort...

NAT/Route mode installation Configuring basic settings FortiGate-500A Installation Guide 01-28005-0101-20041015 27 Using the web-based manager You can use the web-based manager for the initial configuration of the FortiGate unit. You can also continue to use the web-based manager for all FortiGate u...

28 01-28005-0101-20041015 Fortinet Inc. Configuring basic settings NAT/Route mode installation To add a default route Add a default route to configure where the FortiGate unit sends traffic destined for an external network (usually the Internet). Adding the default route also defines which interface...

NAT/Route mode installation Configuring the FortiGate unit to operate in NAT/Route mode FortiGate-500A Installation Guide 01-28005-0101-20041015 29 To add a default gateway to an interface The default gateway is usually configured for the interface connected to the Internet. You can use the procedur...

30 01-28005-0101-20041015 Fortinet Inc. Configuring the FortiGate unit to operate in NAT/Route mode NAT/Route mode installation Example To set the IP address of the LAN interface to 192.168.2.99 and netmask to 255.255.255.0, enter: config system interface edit lan set ip 192.168.2.99 255.255.255.0 e...

32 01-28005-0101-20041015 Fortinet Inc. Configuring the FortiGate unit to operate in NAT/Route mode NAT/Route mode installation Using the setup wizard From the web-based manager, you can use the setup wizard to complete the initial configuration of the FortiGate unit. For information about connectin...

NAT/Route mode installation Starting the setup wizard FortiGate-500A Installation Guide 01-28005-0101-20041015 33 Starting the setup wizard 1 In the web-based manager, select Easy Setup Wizard. Figure 8: Select the Easy Setup Wizard 2 Follow the instructions on the wizard pages and use the informati...

34 01-28005-0101-20041015 Fortinet Inc. Starting the setup wizard NAT/Route mode installation Connecting the FortiGate unit to the network(s) After you complete the initial configuration, you can connect the FortiGate unit between the internal network and the Internet. There are 5 10/100 Base-T conn...

NAT/Route mode installation Starting the setup wizard FortiGate-500A Installation Guide 01-28005-0101-20041015 35 3 Optionally connect Ports 3, 4, 5, and 6 to other networks.For example, you could connect port 3 to a DMZ network to provide access from the Internet to a web server or other server wit...

36 01-28005-0101-20041015 Fortinet Inc. Starting the setup wizard NAT/Route mode installation To register the FortiGate unit After purchasing and installing a new FortiGate unit, you can register the unit by going to the System Update Support page, or using a web browser to connect to http://support...

FortiGate-500A Installation Guide Version 2.80 MR5 FortiGate-500A Installation Guide 01-28005-0101-20041015 37 Transparent mode installation This chapter describes how to install a FortiGate unit in Transparent mode. If you want to install the FortiGate unit in NAT/Route mode, see “NAT/Route mode in...

38 01-28005-0101-20041015 Fortinet Inc. Transparent mode installation Using the web-based manager You can use the web-based manager to complete the initial configuration of the FortiGate unit. You can continue to use the web-based manager for all FortiGate unit settings. For information about connec...

Transparent mode installation Reconnecting to the web-based manager FortiGate-500A Installation Guide 01-28005-0101-20041015 39 To configure the default gateway 1 Go to System > Network > Management . 2 Set Default Gateway to the default gateway IP address that you recorded in Table 8 on page ...

40 01-28005-0101-20041015 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation 4 After you set the last digit of the default gateway, press Enter. 5 Press Esc to return to the Main Menu. You have now completed the initial configuration of the FortiGate unit and you can p...

42 01-28005-0101-20041015 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation Using the setup wizard From the web-based manager, you can use the setup wizard to begin the initial configuration of the FortiGate unit. For information about connecting to the web-based mana...

Transparent mode installation Reconnecting to the web-based manager FortiGate-500A Installation Guide 01-28005-0101-20041015 43 For example, you can connect the FortiGate-500A using the following steps: 1 Connect port 1 to the hub or switch connected to your internal network. 2 Connect port 2 to the...

44 01-28005-0101-20041015 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation To set the date and time For effective scheduling and logging, the FortiGate system date and time must be accurate. You can either manually set the system date and time or configure the FortiG...

FortiGate-500A Installation Guide Version 2.80 MR5 FortiGate-500A Installation Guide 01-28005-0101-20041015 45 High availability installation This chapter describes how to install two or more FortiGate units in an HA cluster. HA installation involves three basic steps: • Configuring FortiGate units ...

High availability installation Configuring FortiGate units for HA using the web-based manager FortiGate-500A Installation Guide 01-28005-0101-20041015 47 Configuring FortiGate units for HA using the web-based manager Use the following procedure to configure each FortiGate unit for HA operation. To c...

48 01-28005-0101-20041015 Fortinet Inc. Configuring FortiGate units for HA using the CLI High availability installation To configure a FortiGate unit for HA operation 1 Go to System > Config > HA . 2 Select High Availability. 3 Select the mode. 4 Select a Group ID for the HA cluster. 5 If requ...

High availability installation Configuring FortiGate units for HA using the CLI FortiGate-500A Installation Guide 01-28005-0101-20041015 49 To configure the FortiGate unit for HA operation 1 Configure HA settings.Use the following command to:• Set the HA mode• Set the Group ID• Change the unit prior...

50 01-28005-0101-20041015 Fortinet Inc. Configuring FortiGate units for HA using the CLI High availability installation Inserting an HA cluster into your network temporarily interrupts communications on the network because new physical connections are being made to route traffic through the cluster....

High availability installation Configuring FortiGate units for HA using the CLI FortiGate-500A Installation Guide 01-28005-0101-20041015 51 2 Power on all the FortiGate units in the cluster.As the units start, they negotiate to choose the primary cluster unit and the subordinate units. This negotiat...

FortiGate-500A Installation Guide 01-28005-0101-20041015 53 FortiGate-500A Installation Guide Version 2.80 MR5 Index C CLI 7 configuring IP addresses 40 configuring NAT/Route mode 29 connecting to 15 cluster connecting 49, 51 command line interface 7connect cluster 49, 51 connecting to network 34, 4...