Fortinet 800 - Manuals

6 01-28006-0024-20041026 Fortinet Inc. Web-based manager Introduction The CLI or the web-based manager can then be used to complete configuration and to perform maintenance and administration. Web-based manager Using HTTP or a secure HTTPS connection from any computer running Internet Explorer, you ...

Introduction Setup wizard FortiGate-800/800F Installation Guide 01-28006-0024-20041026 7 Setup wizard The FortiGate setup wizard provides an easy way to configure the basic initial settings for the FortiGate unit. The wizard walks through the configuration of a new administrator password, FortiGate ...

8 01-28006-0024-20041026 Fortinet Inc. Setup wizard Introduction set allowaccess {ping https ssh snmp http telnet} You can enter any of the following: set allowaccess ping set allowaccess ping https ssh set allowaccess https ping ssh set allowaccess snmp In most cases to make changes to lists that c...

Introduction FortiManager documentation FortiGate-800/800F Installation Guide 01-28006-0024-20041026 9 Related documentation Additional information about Fortinet products is available from the following related documentation. FortiManager documentation • FortiManager QuickStart Guide Explains how t...

10 01-28006-0024-20041026 Fortinet Inc. FortiLog documentation Introduction FortiLog documentation • FortiLog Administration Guide Describes how to install and configure a FortiLog unit to collect FortiGate and FortiMail log files. It also describes how to view FortiGate and FortiMail log files, gen...

Introduction Comments on Fortinet technical documentation FortiGate-800/800F Installation Guide 01-28006-0024-20041026 11 Customer service and technical support For antivirus and attack definition updates, firmware updates, updated product documentation, technical support information, and other reso...

FortiGate-800/800F Installation Guide Version 2.80 MR6 FortiGate-800/800F Installation Guide 01-28006-0024-20041026 13 Getting started This section describes unpacking, setting up, and powering on a FortiGate Antivirus Firewall unit. This section includes: • Package contents • Mounting • Turning the...

14 01-28006-0024-20041026 Fortinet Inc. Getting started Package contents The FortiGate-800 and FortiGate-800F package contains the following items: • FortiGate-800 or FortiGate-800F Antivirus Firewall• one orange crossover ethernet cable (Fortinet part number CC300248)• one grey regular ethernet cab...

Getting started FortiGate-800/800F Installation Guide 01-28006-0024-20041026 15 Mounting The FortiGate-800/800F unit can be mounted in a standard 19-inch rack. It requires 1 U of vertical space in the rack. The FortiGate-800/800F unit can also be installed as a free-standing appliance on any stable ...

16 01-28006-0024-20041026 Fortinet Inc. Getting started Turning the FortiGate unit power on and off Table 2: FortiGate-800F LED indicators To power off the FortiGate unit Always shut down the FortiGate operating system properly before turning off the power switch. 1 From the web-based manager, go to...

Getting started FortiGate-800/800F Installation Guide 01-28006-0024-20041026 17 To connect to the web-based manager, you need: • a computer with an ethernet connection,• Internet Explorer version 6.0 or higher,• a crossover cable or an ethernet hub and two ethernet cables. To connect to the web-base...

18 01-28006-0024-20041026 Fortinet Inc. Getting started To connect to the CLI 1 Connect the serial cable to the communications port of your computer and to the FortiGate Console port.Use the RJ-45 to DB-9 convertor if your PC communications port requires a DB-9 connector. 2 Make sure that the FortiG...

Getting started Factory default NAT/Route mode network configuration FortiGate-800/800F Installation Guide 01-28006-0024-20041026 19 Factory default FortiGate configuration settings The FortiGate unit is shipped with a factory default configuration. The default configuration allows you to connect to...

20 01-28006-0024-20041026 Fortinet Inc. Factory default Transparent mode network configuration Getting started Factory default Transparent mode network configuration In Transparent mode, the FortiGate unit has the default network configuration listed in Table 4 . HA interface IP: 0.0.0.0 Netmask: 0....

Getting started Factory default firewall configuration FortiGate-800/800F Installation Guide 01-28006-0024-20041026 21 Factory default firewall configuration FortiGate firewall policies control how all traffic is processed by the FortiGate unit. Until firewall policies are added, no traffic can be a...

Getting started NAT/Route mode FortiGate-800/800F Installation Guide 01-28006-0024-20041026 23 Planning the FortiGate configuration Before you configure the FortiGate unit, you need to plan how to integrate the unit into the network. Among other things, you must decide whether you want the unit to b...

24 01-28006-0024-20041026 Fortinet Inc. NAT/Route mode with multiple external network connections Getting started NAT/Route mode with multiple external network connections In NAT/Route mode, you can configure the FortiGate unit with multiple redundant connections to the external network (usually the...

Getting started Configuration options FortiGate-800/800F Installation Guide 01-28006-0024-20041026 25 Figure 8: Example Transparent mode network configuration You can connect up to 8 network segments to the FortiGate unit to control traffic between these network segments. • External can connect to t...

26 01-28006-0024-20041026 Fortinet Inc. Configuration options Getting started If you are configuring the FortiGate unit to operate in Transparent mode, you can use the front keypad and LCD to switch to Transparent mode. Then you can add the management IP address and default gateway. If you are confi...

FortiGate-800/800F Installation Guide Version 2.80 MR6 FortiGate-800/800F Installation Guide 01-28006-0024-20041026 27 NAT/Route mode installation This chapter describes how to install the FortiGate unit in NAT/Route mode. For information about installing a FortiGate unit in Transparent mode, see “T...

28 01-28006-0024-20041026 Fortinet Inc. DHCP or PPPoE configuration NAT/Route mode installation DHCP or PPPoE configuration You can configure any FortiGate interface to acquire its IP address from a DHCP or PPPoE server. Your ISP may provide IP addresses using one of these protocols. To use the Fort...

NAT/Route mode installation Configuring basic settings FortiGate-800/800F Installation Guide 01-28006-0024-20041026 29 PPPoE requires you to supply a user name and password. In addition, PPPoE unnumbered configurations require you to supply an IP address. Use Table 7 to record the information you re...

30 01-28006-0024-20041026 Fortinet Inc. Configuring basic settings NAT/Route mode installation To configure DNS server settings 1 Go to System > Network > DNS . 2 Enter the IP address of the primary DNS server. 3 Enter the IP address of the secondary DNS server. 4 Select OK. To add a default r...

NAT/Route mode installation Configuring the FortiGate unit to operate in NAT/Route mode FortiGate-800/800F Installation Guide 01-28006-0024-20041026 31 2 Use the up and down arrows to highlight the name of the interface to change and press Enter. 3 Press Enter for IP address. 4 Use the up and down a...

32 01-28006-0024-20041026 Fortinet Inc. Configuring the FortiGate unit to operate in NAT/Route mode NAT/Route mode installation config system admin edit admin set password <psswrd> end To configure interfaces 1 Log in to the CLI. 2 Set the IP address and netmask of the internal interface to th...

NAT/Route mode installation Configuring the FortiGate unit to operate in NAT/Route mode FortiGate-800/800F Installation Guide 01-28006-0024-20041026 33 config system external edit external set mode staticset ip <address_ip> <netmask> end Example config system external edit external set m...

34 01-28006-0024-20041026 Fortinet Inc. Configuring the FortiGate unit to operate in NAT/Route mode NAT/Route mode installation To add a default route Add a default route to configure where the FortiGate unit sends traffic that should be sent to an external network (usually the Internet). Adding the...

NAT/Route mode installation Starting the setup wizard FortiGate-800/800F Installation Guide 01-28006-0024-20041026 35 Starting the setup wizard 1 In the web-based manager, select Easy Setup Wizard. Figure 9: Select the Easy Setup Wizard 2 Follow the instructions on the wizard pages and use the infor...

36 01-28006-0024-20041026 Fortinet Inc. Starting the setup wizard NAT/Route mode installation You are now finished the initial configuration of the FortiGate unit. Connecting the FortiGate unit to the network(s) After you complete the initial configuration, you can connect the FortiGate unit between...

NAT/Route mode installation Starting the setup wizard FortiGate-800/800F Installation Guide 01-28006-0024-20041026 37 To connect the FortiGate unit running in NAT/Route mode 1 Connect the Internal interface to the hub or switch connected to the internal network. 2 Connect the External interface to y...

38 01-28006-0024-20041026 Fortinet Inc. Starting the setup wizard NAT/Route mode installation 2 Repeat for all user-defined interfaces that you have configured. The example in Figure 11 shows an internal network connected to user-defined interface 1 and an external network connected to user-defined ...

NAT/Route mode installation Starting the setup wizard FortiGate-800/800F Installation Guide 01-28006-0024-20041026 39 In standalone mode, the modem interface is the connection from the FortiGate unit to the Internet. When connecting to the ISP, in either configuration, the FortiGate unit modem can a...

40 01-28006-0024-20041026 Fortinet Inc. Starting the setup wizard NAT/Route mode installation To register, enter your contact information and the serial numbers of the FortiGate units that you or your organization have purchased. You can register multiple FortiGate units in a single session without ...

FortiGate-800/800F Installation Guide Version 2.80 MR6 FortiGate-800/800F Installation Guide 01-28006-0024-20041026 41 Transparent mode installation This chapter describes how to install a FortiGate unit in Transparent mode. If you want to install the FortiGate unit in NAT/Route mode, see “NAT/Route...

42 01-28006-0024-20041026 Fortinet Inc. Transparent mode installation Using the web-based manager You can use the web-based manager to complete the initial configuration of the FortiGate unit. You can continue to use the web-based manager for all FortiGate unit settings. For information about connec...

Transparent mode installation Reconnecting to the web-based manager FortiGate-800/800F Installation Guide 01-28006-0024-20041026 43 2 Enter the IP address of the primary DNS server. 3 Enter the IP address of the secondary DNS server. 4 Select OK. To configure the default gateway 1 Go to System > ...

44 01-28006-0024-20041026 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation To add a default gateway 1 Press Enter to display the option list. 2 Use the down arrow to highlight Default Gateway. 3 Press Enter and set the default gateway. 4 After you set the last digit ...

46 01-28006-0024-20041026 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation The first time you connect to the FortiGate unit, it is configured to run in NAT/Route mode. To switch to Transparent mode using the web-based manager 1 Go to System > Status . 2 Select Cha...

48 01-28006-0024-20041026 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation Figure 12: FortiGate-800/800F Transparent mode connections Next steps You can use the following information to configure FortiGate system time, to register the FortiGate unit, and to configure...

Transparent mode installation Reconnecting to the web-based manager FortiGate-800/800F Installation Guide 01-28006-0024-20041026 49 5 Select Set Time and set the FortiGate system date and time. 6 Set the hour, minute, second, month, day, and year as required. 7 Select Apply. To use NTP to set the Fo...

FortiGate-800/800F Installation Guide Version 2.80 MR6 FortiGate-800/800F Installation Guide 01-28006-0024-20041026 51 High availability installation This chapter describes how to install two or more FortiGate units in an HA cluster. HA installation involves three basic steps: • Configuring FortiGat...

High availability installation Configuring FortiGate units for HA using the web-based manager FortiGate-800/800F Installation Guide 01-28006-0024-20041026 53 Configuring FortiGate units for HA using the web-based manager Use the following procedure to configure each FortiGate unit for HA operation. ...

54 01-28006-0024-20041026 Fortinet Inc. Configuring FortiGate units for HA using the CLI High availability installation To configure a FortiGate unit for HA operation 1 Go to System > Config > HA . 2 Select High Availability. 3 Select the mode. 4 Select a Group ID for the HA cluster. 5 If requ...

High availability installation Configuring FortiGate units for HA using the CLI FortiGate-800/800F Installation Guide 01-28006-0024-20041026 55 To configure the FortiGate unit for HA operation 1 Configure HA settings.Use the following command to:• Set the HA mode• Set the Group ID• Change the unit p...

56 01-28006-0024-20041026 Fortinet Inc. Configuring FortiGate units for HA using the CLI High availability installation Inserting an HA cluster into your network temporarily interrupts communications on the network because new physical connections are being made to route traffic through the cluster....

High availability installation Configuring FortiGate units for HA using the CLI FortiGate-800/800F Installation Guide 01-28006-0024-20041026 57 Figure 13: HA network configuration 2 Power on all the FortiGate units in the cluster.As the units start, they negotiate to choose the primary cluster unit ...

FortiGate-800/800F Installation Guide 01-28006-0024-20041026 59 FortiGate-800/800F Installation Guide Version 2.80 MR6 Index C CLI 6 configuring IP addresses 44 configuring NAT/Route mode 31 connecting to 17 cluster connecting 55, 57 command line interface 6connect cluster 55, 57 connecting to netwo...