Fortinet Version 3.0 manual Example configuration with other FortiGate interfaces

Page 17


FortiBridge operating principles	Example configuration with other FortiGate interfaces

3Connect the internal network to the FortiBridge-1000 INT 1 interface.

4Connect the FortiBridge-1000 EXT 1 interface to the router.

You must add port 5 ->port 6 firewall policies to the FortiGate-500A unit configuration.

FortiBridge Version 3.0 Administration Guide	17
09-30000-0163-20061109

Image 17

Contents M i n i s t r a t i o n G u i d e Regulatory compliance TrademarksContents Config CLI commands Configuration and operating proceduresUsing the CLI Index Execute CLI commandsPage About this document About FortiBridgeFortinet documentation Customer service and technical supportFortinet tools and documentation CD Fortinet Knowledge CenterExample FortiBridge application FortiBridge operating principlesConnecting the FortiBridge-1000 copper gigabit ethernet Connecting the FortiBridge unitHow the FortiBridge unit monitors the FortiGate unit Normal mode operationConnecting the FortiBridge-1000F fiber gigabit ethernet Probes and FortiGate firewall policies Normal mode operationProbe interval and probe threshold Enabling probes to detect FortiGate hardware failureEnabling probes to detect FortiGate software failure FortiBridge power failure Bypass mode operationExample FortiGate HA cluster FortiBridge application Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces FortiBridge unit basic information FortiBridge-1000 Package contentsMounting instructions FortiBridge-1000F Package contentsLED indicators Technical specificationsFactory default configuration ConnectorsConnecting and turning on the FortiBridge-1000 unit Connecting and turning on the FortiBridge unitTo connect and turn on the FortiBridge-1000F unit Connecting and turning on the FortiBridge-1000F unitTo connect and turn on the FortiBridge-1000 unit Connecting to the FortiBridge console Connecting to the command line interface CLIFortiBridge-1000 login To connect to the FortiBridge console for the first timeConnecting to the FortiBridge CLI using Telnet Completing the basic FortiBridge configurationTo connect to the CLI using Telnet Welcome FortiBridge-1000 #To add an administrator password Adding an administrator passwordChanging the management IP address To change the management IP addressAdding static routes Changing DNS server IP addressesTo change DNS server IP addresses To add static routesChanging the system time and date Allowing management access to the EXT 1 interfaceAdding administrator accounts To reset to factory defaults from the FortiBridge CLI Resetting to the factory default configurationInstalling FortiBridge unit firmware Execute restore image namestr tftpip To upgrade to a new firmware versionExecute restore image FBG1000-v10-build010-FORTINET.out Upgrading to a new firmware versionTo revert to a previous firmware version Reverting to a previous firmware versionTo install firmware from a system reboot Installing firmware from a system rebootHit any key to stop autoboot Enter Tftp server addressGet system status Enter firmware image file image.outExample network settings Configuration and operating proceduresConfiguring FortiBridge probes Configuring FortiBridge probesTo configure probe settings Probe settingsEnabling probes To enable and configure FortiBridge probesConfig probe probelist ping set status enable End Verifying that probes are functioning Config probe probelist Imap set status enable EndTo verify that probes are functioning Go to System Status SessionTuning the failure threshold and probe interval Configuring FortiBridge alertsConfig alertemail setting set server mail.myorg.com End To configure alert emailFortiBridge alert email FortiBridge syslogFortiBridge Snmp To configure FortiBridge syslogConfig log syslogd setting set server End To add and enable an Snmp community Recovering from a FortiGate failureConfig system snmp community edit Set name snmp1 End To resume normal operation from bypass modeBacking up and restoring the FortiBridge configuration Manually switching between FortiBridge operating modesExecute switch-mode To back up the FortiBridge configurationBacking up and restoring the FortiBridge configuration Backing up and restoring the FortiBridge configuration Setting administrative access for SSH or Telnet Connecting to the FortiBridge CLI using SSH or TelnetTo use the CLI to configure SSH or Telnet access CLI basicsConnecting to the FortiBridge CLI using SSH Other access methodsSet allowaccess ping telnet ssh Get system interface namestrTo connect to the CLI using SSH Connecting to the FortiBridge CLI using SSH or Telnet Config CLI commands Examples Alertemail settingCommand syntax pattern Related Commands Example Log syslogd settingGet probe probelist Probe probelist ping http ftp pop3 smtp imapGet probe probelist http Show probe probelistSyslog Probe settingRw w System accprofileShow system accprofile Get system accprofileGet system accprofile policyprofile Password passwordstr System adminShow system admin Get system adminGet system admin newadmin System console Config system console set EndGet system console Show system consoleShow system dns System dnsGet system dns Get system status Failbypass System failcloseSystem failclose Minutesinteger System globalShow system global Get system globalShow system interface internal System interface internal externalGet system interface internal System manageip Config system manageip Set ip 192.168.2.80 255.255.255.0 endDistanceinteger System routeSystem snmp community Config hostsShow system snmp community Get system snmp communityExecute CLI commands Command syntax BackupExecute backup config filenamestr tftp-serveripv4 Execute backup config fbdg.cfgExecute date 09/17/2004 DateExecute date datestr datestr has the form mm/dd/yyyy, where Execute factoryreset FactoryresetExecute ping addressipv4 host-namestr PingExecute reboot RebootExecute restore config backupconfig RestoreSwitch-mode Execute time timestr TimeTime Index 09-30000-0163-20061109 Snmp SSH