Fortinet 50A/50B, 100 Connecting the FortiGate unit to the networks, Configuring the networks

Page 42

NAT/Route mode installation

Configuring the FortiGate unit

Connecting the FortiGate unit to the network(s)

50A

100

1

2

3

When you have completed the initial configuration, you can connect the FortiGate unit between your internal network and the Internet.

The following network connections are available on the FortiGate unit:

Internal for connecting to your internal network

External or WAN1 for connecting to the Internet

Modem is the interface for connecting an external modem to the FortiGate-50A. You can configure the modem interface as a redundant interface or stand alone interface to the Internet. For details on configuring the modem interface, see “Configuring the modem for the FortiGate-50A” on page 53.

DMZ for connecting to a DMZ network. You can also connect both the external and DMZ interfaces to different Internet connections to provide a redundant connection to the Internet.

To connect the FortiGate unit

Connect the Internal interface to the hub or switch connected to your internal network.

Connect the External or WAN1 interface to the Internet.

Connect to the public switch or router provided by your ISP. If you are a DSL or cable subscriber, connect the External interface to the internal or LAN connection of your DSL or cable modem.

Optionally connect the DMZ interface to your DMZ network.

You can use a DMZ network to provide access from the Internet to a web server or other server without installing the servers on your internal network.

Configuring the networks

If you are running the FortiGate unit in NAT/Route mode, your networks must be configured to route all Internet traffic to the IP address of the interface where the networks are connected.

For the internal network, change the default gateway address of all computers and routers connected directly to your internal network to the IP address of the FortiGate internal interface.

For the DMZ network, change the default gateway address of all computers and routers connected directly to your DMZ network to the IP address of the FortiGate DMZ interface.

For the external network, route all packets to the FortiGate external interface.

If you are using the FortiGate unit as the DHCP server for your internal network, configure the computers on your internal network for DHCP.

Make sure the connected FortiGate unit is functioning properly by connecting to the Internet from a computer on the internal network. You should be able to connect to any Internet address.

42

FortiGate-50A/50B, FortiWiFi-50B and FortiGate-100 FortiOS 3.0 MR4 Install Guide

01-30004-0265-20070831

Page 41 Page 43
Image 42
Page 41 Page 43
Contents Install G U I D E Trademarks Regulatory complianceContents Factory defaults Configuring the FortiGate unitConfiguring the modem interface Using a wireless networkFortiGate Firmware Index Reverting to a previous firmware versionFortiUSB key Introduction About the FortiGate unitFortiGate-50A FortiGate-100 FortiWiFi-50BFortiGate-50B Register your FortiGate unitFortiClient FortiGuard Subscription ServicesFortinet Family Products FortiMailFortiReporter About this documentFortiAnalyzer FortiBridgeDocument conventions Typographic conventionsFortinet documentation Fortinet Knowledge Center Customer service and technical supportFortinet Tools and Documentation CD Comments on Fortinet technical documentationCustomer service and technical support Installing the FortiGate unit Package ContentsPower Requirements Technical Specifications DimensionsWeight SpecificationsFortiWiFi-50B package contents FortiGate-100 package contents Front BackPowering on the FortiGate unit To power on the FortiGate unitMounting Power over Ethernet Command line interface Powering off the FortiGate unitConnecting to the FortiGate unit Connecting to the web-based managerFortiGate login To connect to the web-based managerBits per second 9600 Data bits Parity Connecting to the CLITo connect to the CLI Stop bits Flow controlQuick installation using factory defaults Quick configuration using default settingsGo to System Network Options Quick installation using factory defaults Factory defaults Factory default Dhcp server configuration Factory default NAT/Route mode network configurationAdministrative access Factory default Transparent mode network configurationFactory default firewall configuration Management IPFactory default protection profiles Restoring the default settings using the CLI Restoring the default settingsRestoring the default settings using the web-based manager To reset the default settings Go to System StatusRestoring the default settings Configuring the FortiGate unit Planning the FortiGate configurationNAT/Route mode NAT/Route mode with multiple external network connections Internet RouterTransparent mode NAT/Route mode settings NAT/Route mode installationPreparing to configure the FortiGate unit in NAT/Route mode Go to System Network InterfaceDhcp or PPPoE configuration Using the web-based managerConfiguring basic settings Adding a default route To configure interfaces Go to System Network InterfaceTo add a default route Go to Router Static Configuring the FortiGate unit to operate in NAT/Route mode Verifying the web-based manager configurationUsing the command line interface Verify the connectionTo set the external interface to use DHCP, enter To configure DNS server settingsExample To set the external interface to use PPPoE, enterTo add a default route Connecting the FortiGate unit to the networks Configuring the networksTo connect the FortiGate unit Transparent mode settings Administrator Password Transparent mode installationPreparing to configure Transparent mode DNS SettingsTo change to Transparent mode using the CLI To verify the DNS server settingsReconnecting to the web-based manager Connecting the FortiGate unit to your networkTo connect the FortiGate unit running in Transparent mode Next steps Set the date and timeUpdating antivirus and IPS signatures To enable schedule updates from the CLI Scheduling antivirus and IPS updatesTo update IPS signatures using the CLI Updating the IPS signatures from the CLITo add an override server using the CLI Adding an override serverNext steps Configuring the modem interface Connecting a modem to the FortiGate-50ASelecting a modem mode Redundant mode configurationStand alone mode configuration Configuring the modem for the FortiGate-50A Mode must be standalone Interface nameCLI commands for the FortiGate-50A Phone-numberAdding a Ping Server Dead gateway detectionAdding firewall policies for modem connections Using a wireless network Setting up a wireless networkPositioning an Access Point Radio Frequency interfaceUsing multiple access points Using multiple APs to provide a constant strong signalWireless Security Wireless Equivalent Privacy WEPWi-Fi Protected Access WPA Access Point mode FortiWiFi-50B operation modesService Set Identifier Additional security measuresClient mode FortiWiFi in Access Point modeSetting up the FortiWiFi-50B as an Access Point Changing the operating modeSet the Dhcp settings Configure the firewall policies To set the data security Go to System Wireless SettingsSet the security options FortiGate Firmware Upgrading the firmware using the web-based managerTo upgrade the firmware using the web-based manager Upgrading to a new firmware versionUpgrading the firmware using the CLI To upgrade the firmware using the CLIFor information, see the FortiGate Administration Guide Reverting to a previous firmware versionReverting to a previous firmware version using the CLI To revert to a previous firmware version using the CLIExecute ping To install firmware from a system reboot Press Any Key To Download Boot Image Restoring the previous configuration Backup and Restore from the FortiUSB key To backup configuration using the CLIFortiUSB key Using the USB Auto-Install feature To restore configuration using the CLITo configure the USB Auto-Install using the CLI Testing a new firmware image before installing it Additional CLI commands for the FortiUSB keyTo test a new firmware image Testing a new firmware image before installing it Installing and using a backup firmware image Installing a backup firmware imageTo install a backup firmware image Press any key to enter configuration menuEnter File Name image.out Installing and using a backup firmware image Index CLIWall mounting Web-based manager, connecting
Related manuals
Manual 272 pages 22.37 Kb
Top Page Image Contents