Fortinet Version 3.0 manual Connecting and turning on the FortiBridge-1000F unit

Page 24

Connecting and turning on the FortiBridge unit

Setting up FortiBridge units

To connect and turn on the FortiBridge-1000 unit

1Connect the FortiBridge-1000 INT 2 interface to the FortiGate unit internal interface.

2Connect the FortiBridge-1000 EXT 2 interface to the FortiGate unit external interface.

3Connect the FortiBridge-1000 INT 1 interface to the internal network.

4Connect the FortiBridge-1000 EXT 1 interface to the external network.

5Turn on the FortiGate unit and any network equipment that was turned off.

6Connect the AC adapter to the power connection at the back of the FortiBridge-1000 unit and to a power outlet.

The FortiBridge-1000 unit starts. The PWR and Bypass Mode LEDs turn on. After a short time, the FortiBridge unit switches to Normal mode. The Bypass LED goes out and the Normal LED turns on.

If the FortiGate unit and connected network components are turned on the FortiBridge-1000 INT 1, INT 2, EXT 1, and EXT 2 LEDs are also on.

Connecting and turning on the FortiBridge-1000F unit

Note: This procedure describes how to connect a FortiBridge-1000F unit to provide fail open protection for network traffic passing between FortiGate unit internal and external interfaces. If the FortiBridge-1000F unit provides fail open protection for traffic between different FortiGate interfaces, you can use the same procedure but substitute FortiGate interface names as required.

The FortiBridge-1000F unit contains 4 multimode fiber optic gigabit interfaces that connect to the internal and external networks and to the FortiGate interfaces that were connected to these networks. Use the following steps to connect a FortiBridge-1000F unit to the network as shown in Figure 12.

Figure 12: Connecting the FortiBridge-1000F unit

Power cable connects to power supply

 

 

 

Optional RJ-45 serial cable connects to management computer

DC+5V

 

TO FORTIGATE

 

 

 

 

 

 

 

 

 

 

PWR

CONSOLE MODEM

INT 2 EXT 2

INT 1

EXT 1

MANAGEMENT

Optional Gigabit Fiber connection

for out of band management

 

 

 

 

 

 

Gigabit Fiber connection to FortiGate Internal interface

Gigabit Fiber connection to External network

Gigabit Fiber connection to FortiGate External interface

Gigabit Fiber connection to Internal network

Internal network

 

INT 1

EXT 1

 

 

 

 

 

Internet

 

Gigabit

 

Gigabit

 

 

 

Switch

Router

Switch

Fiber

INT 2

EXT 2 Fiber

 

 

Gigabit

Gigabit

 

 

 

 

Fiber

Fiber

 

 

Internal

External

(Transparent mode)

To connect and turn on the FortiBridge-1000F unit

1Connect the FortiBridge-1000F INT 2 interface to the FortiGate internal interface.

2Connect the FortiGate external interface to the FortiBridge-1000F EXT 2 interface.

24

FortiBridge Version 3.0 Administration Guide

09-30000-0163-20061109

Page 23 Page 25
Image 24
Page 23 Page 25
Contents M i n i s t r a t i o n G u i d e Trademarks Regulatory complianceContents Configuration and operating procedures Using the CLIConfig CLI commands Execute CLI commands IndexPage About FortiBridge About this documentCustomer service and technical support Fortinet documentationFortinet tools and documentation CD Fortinet Knowledge CenterFortiBridge operating principles Example FortiBridge applicationConnecting the FortiBridge unit Connecting the FortiBridge-1000 copper gigabit ethernetNormal mode operation Connecting the FortiBridge-1000F fiber gigabit ethernetHow the FortiBridge unit monitors the FortiGate unit Normal mode operation Probes and FortiGate firewall policiesEnabling probes to detect FortiGate hardware failure Enabling probes to detect FortiGate software failureProbe interval and probe threshold Bypass mode operation FortiBridge power failureExample FortiGate HA cluster FortiBridge application Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces FortiBridge-1000 Package contents FortiBridge unit basic informationFortiBridge-1000F Package contents Mounting instructions Technical specifications LED indicatorsConnectors Factory default configurationConnecting and turning on the FortiBridge unit Connecting and turning on the FortiBridge-1000 unitConnecting and turning on the FortiBridge-1000F unit To connect and turn on the FortiBridge-1000 unitTo connect and turn on the FortiBridge-1000F unit Connecting to the command line interface CLI Connecting to the FortiBridge consoleFortiBridge-1000 login To connect to the FortiBridge console for the first timeCompleting the basic FortiBridge configuration Connecting to the FortiBridge CLI using TelnetTo connect to the CLI using Telnet Welcome FortiBridge-1000 #Adding an administrator password To add an administrator passwordChanging the management IP address To change the management IP addressChanging DNS server IP addresses Adding static routesTo change DNS server IP addresses To add static routesAllowing management access to the EXT 1 interface Adding administrator accountsChanging the system time and date Resetting to the factory default configuration Installing FortiBridge unit firmwareTo reset to factory defaults from the FortiBridge CLI To upgrade to a new firmware version Execute restore image namestr tftpipExecute restore image FBG1000-v10-build010-FORTINET.out Upgrading to a new firmware versionReverting to a previous firmware version To revert to a previous firmware versionInstalling firmware from a system reboot To install firmware from a system rebootHit any key to stop autoboot Enter Tftp server addressEnter firmware image file image.out Get system statusConfiguration and operating procedures Example network settingsConfiguring FortiBridge probes Configuring FortiBridge probesProbe settings To configure probe settingsTo enable and configure FortiBridge probes Config probe probelist ping set status enable EndEnabling probes Config probe probelist Imap set status enable End Verifying that probes are functioningTo verify that probes are functioning Go to System Status SessionConfiguring FortiBridge alerts Tuning the failure threshold and probe intervalTo configure alert email Config alertemail setting set server mail.myorg.com EndFortiBridge alert email FortiBridge syslogTo configure FortiBridge syslog Config log syslogd setting set server EndFortiBridge Snmp Recovering from a FortiGate failure To add and enable an Snmp communityConfig system snmp community edit Set name snmp1 End To resume normal operation from bypass modeManually switching between FortiBridge operating modes Backing up and restoring the FortiBridge configurationExecute switch-mode To back up the FortiBridge configurationBacking up and restoring the FortiBridge configuration Backing up and restoring the FortiBridge configuration Connecting to the FortiBridge CLI using SSH or Telnet Setting administrative access for SSH or TelnetTo use the CLI to configure SSH or Telnet access CLI basicsOther access methods Connecting to the FortiBridge CLI using SSHSet allowaccess ping telnet ssh Get system interface namestrTo connect to the CLI using SSH Connecting to the FortiBridge CLI using SSH or Telnet Config CLI commands Alertemail setting Command syntax patternExamples Related Commands Log syslogd setting ExampleProbe probelist ping http ftp pop3 smtp imap Get probe probelistGet probe probelist http Show probe probelistProbe setting SyslogSystem accprofile Rw wGet system accprofile Get system accprofile policyprofileShow system accprofile System admin Password passwordstrGet system admin Get system admin newadminShow system admin Config system console set End System consoleGet system console Show system consoleSystem dns Get system dnsShow system dns Get system status System failclose FailbypassSystem failclose System global MinutesintegerGet system global Show system globalSystem interface internal external Get system interface internalShow system interface internal Config system manageip Set ip 192.168.2.80 255.255.255.0 end System manageipSystem route DistanceintegerConfig hosts System snmp communityGet system snmp community Show system snmp communityExecute CLI commands Backup Command syntaxExecute backup config filenamestr tftp-serveripv4 Execute backup config fbdg.cfgDate Execute date datestr datestr has the form mm/dd/yyyy, whereExecute date 09/17/2004 Factoryreset Execute factoryresetPing Execute ping addressipv4 host-namestrReboot Execute rebootRestore Execute restore config backupconfigSwitch-mode Time Execute time timestrTime Index 09-30000-0163-20061109 Snmp SSH
Top Page Image Contents