Fortinet ORTIWIFI-60A /AM manual Transparent mode, Example NAT/Route multiple internet connection

Page 31


Configuring the FortiWiFi	Planning the FortiWiFi configuration

Figure 5: Example NAT/Route multiple internet connection

DMZ network

Web Server

DMZ

Mail Server

Router

WAN1

Internet

WAN2 FortiWiFi-60A

MODEM / DSL / Cable

Internal

Internal network

Transparent mode

In Transparent mode, the FortiWiFi unit is invisible to the network. Similar to a network bridge, all FortiWiFi interfaces must be on the same subnet. You only have to configure a management IP address so that you can make configuration changes. The management IP address is also used for antivirus and attack definition updates.

You typically use the FortiWiFi unit in Transparent mode on a private network behind an existing firewall or behind a router. The FortiWiFi unit performs firewall functions, IPSec VPN, virus scanning, IPS web content filtering, and Spam filtering.

You can connect up to four network segments to the FortiWiFi unit to control traffic between these network segments.

Table 8: Transparent mode network segments

FortiWiFi Unit	Internal Interface	External	Other
		Interface

FortiWiFi-60A	Internal (1, 2, 3, 4)	WAN1	WAN2
			DMZ
			WLAN
FortiWiFi-60AM	Internal (1, 2, 3, 4)	WAN1	WAN2
			DMZ
			WLAN

Note: In Transparent mode, the modem interface is not available FortiWiFi-60AM.

FortiWiFi-60A/AM FortiOS 3.0 MR4 Install Guide	31
01-30004-0283-20070215

Image 31

Contents Install G U I D E Regulatory compliance TrademarksContents Configuring the modem interface Configuring the FortiWiFiFortiWiFi Firmware Using a wireless networkIndex Page FortiWiFi-60A/AM About the FortiWiFi unitFortiClient Register your FortiWiFi unitFortiGuard Subscription Services Fortinet Family ProductsFortiBridge FortiMailFortiAnalyzer FortiReporterDocument conventions About this documentAddressipv4 Typographic conventionsFortinet documentation FortiGate Install GuideFortinet Knowledge Center Customer service and technical supportComments on Fortinet technical documentation Customer service and technical support Package Contents Installing the FortiWiFi unitMounting Powering on the FortiWiFi unitTo power on the FortiWiFi unit SpecificationsTo power off the FortiWiFi unit Connecting to the FortiWiFi unitPowering off the FortiWiFi unit Command line interfaceTo connect to the web-based manager Connecting to the web-based managerSystem Dashboard Connecting to the CLIBits per second 9600 Data bits Parity Quick installation using factory defaultsTo connect to the CLI WelcomeGo to System Network Options Quick installation using factory defaults Factory defaults Factory default NAT/Route mode network configuration Factory default Dhcp server configurationFactory default firewall configuration Factory default Transparent mode network configurationFactory default protection profiles To reset the default settings Go to System Status Restoring the default settingsRestoring the default settings using the web-based manager Restoring the default settings using the CLIRestoring the default settings NAT/Route mode Planning the FortiWiFi configurationExample NAT/Route mode network configuration NAT/Route mode with multiple external network connectionsExample NAT/Route multiple internet connection Transparent modePreparing to configure the FortiWiFi unit in NAT/Route mode NAT/Route mode installationPPPoE setting User name Password Dhcp or PPPoE configurationUsing the web-based manager NAT/Route mode settings Administrator Password InternalTo configure interfaces Go to System Network Interface Configuring basic settingsConfiguring the FortiWiFi unit to operate in NAT/Route mode Adding a default routeVerifying the web-based manager configuration Using the command line interfaceTo set the WAN1 interface to use DHCP, enter To add/change the administrator passwordTo configure interfaces ExampleGet system interface To configure DNS server settingsTo add a default route To set the WAN1 interface to use PPPoE, enterTo connect the FortiWiFi unit Connecting the FortiWiFi unit to the networksNAT/Route mode connections Configuring the networksDNS Settings Transparent mode installationPreparing to configure Transparent mode Transparent mode settings Administrator PasswordTo verify the DNS server settings To change to Transparent mode using the CLIConnecting the FortiWiFi unit to your network Reconnecting to the web-based managerTo connect the FortiWiFi unit running in Transparent mode Set the date and time Next stepsUpdating antivirus and IPS signatures Every Scheduling antivirus and IPS updatesTo update IPS signatures using the CLI Updating the IPS signatures from the CLIWeekly To enable schedule updates from the CLIAdding an override server DailyConfig system autoupdate override set address Set status End To add an override server using the CLINext steps Configuring the modem interface To configure the FortiWiFi-60A using the CLI Selecting a modem modeRedundant mode configuration Stand alone mode configurationEnter the following to configure the dialup account Configuring modem settings To disconnect the modem Connecting and disconnecting the modem in Stand alone modeTo configure modem settings Go to System Network Modem To connect to a dial-up account Go to System Network ModemKeywords and variables Description Default Configuring the modem using the CLIPeermodem1 Adding firewall policies for modem connections Adding a Ping ServerDead gateway detection FortiWiFi unit as an Access Point Setting up a wireless networkUsing multiple access points Positioning an Access PointRadio Frequency interface Wireless Equivalent Privacy WEP Wireless SecurityAdditional security measures Wi-Fi Protected Access WPAMAC address filtering To disable Ssid Go to System Wireless Settings FortiWiFi operation modesService Set Identifier Access Point modeClient mode Setting up the FortiWiFi unit as an Access PointChanging the operating mode To set the data security Go to System Wireless Settings Set the Dhcp settingsSet the security options Configure the firewall policies To upgrade the firmware using the web-based manager Upgrading the firmware using the web-based managerUpgrading to a new firmware version Execute restore image image.out Upgrading the firmware using the CLITo upgrade the firmware using the CLI Execute restore image Tftp namestr tftpipv4Reverting to a previous firmware version Execute update-nowTo revert to a previous firmware version using the CLI Reverting to a previous firmware version using the CLIExecute restore image Tftp image.out To install firmware from a system reboot Enter Local Address Press Any Key To Download Boot ImagePress any key to display configuration menu Enter Tftp Server AddressDo You Want To Save The Image? y/n Restoring the previous configurationSave as Default firmware/Run image without savingD/R FortiUSB keyTo backup configuration using the CLI Backup and Restore from the FortiUSB keyTo restore configuration using the CLI To configure the USB Auto-Install using the CLI Using the USB Auto-Install featureAdditional CLI Commands for the FortiUSB key Testing a new firmware image before installing itTo test a new firmware image Testing a new firmware image before installing it Type n FortiWiFi unit running v3.x Bios Testing a new firmware image before installing it Numerics Index01-30004-0283-20070215