Fortinet 800/800F To set an interface to use PPPoE addressing, To configure DNS server settings

Page 22

Configuring NAT mode

Configuring

To set an interface to use PPPoE addressing

config system interface edit external

set mode pppoe

set username <name_str> set password <psswrd>

set ipunnumbered <ip_address>

set disc-retry-timeout <integer_seconds> set padt-retry-timeout <integer_seconds> set distance <integer>

set defaultgw {enable disable}

set dns-server-override {enable disable}

end

The CLI lists the IP address, netmask, and other settings for each of the FortiGate interfaces.

Note: If you change the IP address of the interface you are connecting to, you must connect through a web browser again using the new address. Browse to https:// followed by the new IP address of the interface. If the new IP address of the interface is on a different subnet, you may have to change the IP address of your computer to the same subnet.

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding a default route and gateway

A route provides the FortiGate unit with the information it needs to forward a packet to a particular destination. A static route causes packets to be forwarded to a destination other than the default gateway. You define static routes manually. Static routes control traffic exiting the FortiGate unit-you can specify through which interface the packet will leave and to which device the packet should be routed.

 

FortiGate-800 and FortiGate-800F FortiOS 3.0 MR6 Install Guide

22

01-30006-0455-20080910

Image 22
Contents Install G U I D E Trademarks Regulatory complianceContents Advanced configuration FortiGate FirmwareTesting new firmware before installing Installing firmware from a system reboot using the CLIIndex Page Introduction Register your FortiGate unitAbout this document About the FortiGate-800/800FDocument conventions Further Reading Typographic conventionsFortinet Knowledge Center Customer service and technical supportComments on Fortinet technical documentation Installing Environmental specificationsGrounding Rack mount instructionsTo install the FortiGate unit into a rack MountingTo power off the FortiGate unit Connecting to the networkTo power on the FortiGate unit Plugging in the FortiGateNAT vs. Transparent mode NAT modeConnecting to the web-based manager Connecting to the FortiGate unitTransparent mode To connect to the web-based managerConnecting to the CLI To connect to the CLIConfigure the interfaces Configuring NAT modeUsing the web-based manager To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayTo modify the default gateway Go to Router Static Adding firewall policiesTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingTo modify the default gateway To add an outgoing traffic firewall policySwitching to Transparent mode Configuring Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Verify the configuration Backing up the configurationSet the Administrator password Restoring a configurationAdditional configuration Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Protection profilesFirewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging FortiGate Firmware Downloading firmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version Using the CLI To upgrade the firmware using the CLIExecute restore image namestr tftpip4 To revert to a previous firmware version using the CLIInstalling firmware from a system reboot using the CLI Execute restore image namestr tftpipv4To install firmware from a system reboot Press any key to display configuration menuRestoring the previous configuration To backup configuration using the CLITo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index Web filtering 35 web-based manager Page Page

800/800F specifications

Fortinet has established itself as a leader in cybersecurity solutions, and the FortiGate 800/800F series is a testament to this reputation. These next-generation firewalls are designed to deliver high-performance security for enterprise-level networks, providing a robust defense against a multitude of cyber threats.

One of the standout features of the FortiGate 800/800F is its advanced security processing unit (SPU) architecture, which ensures unparalleled threat detection and prevention capabilities. The inclusion of purpose-built chips allows for deep packet inspection at high speeds without hindering network performance. This architecture enables organizations to maintain high throughput while applying comprehensive security policies.

The FortiGate 800/800F series supports a wide array of security features, including intrusion prevention system (IPS), web filtering, and antivirus capabilities. These functionalities work together to monitor and protect against a range of cyber threats, from malware to sophisticated DDoS attacks. Additionally, the firewalls are equipped with FortiSandbox integration, providing automated malware analysis and ensuring that zero-day threats are effectively identified and neutralized in real-time.

In terms of networking capabilities, the FortiGate firewalls support advanced routing protocols, enabling seamless integration into existing network infrastructures. The series also includes support for VPN functionalities, which are crucial for secure remote access. With features like SSL inspection and secure SD-WAN, businesses can leverage flexible connectivity options while ensuring that sensitive data remains protected.

The FortiOS operating system enhances the FortiGate 800/800F series with centralized management capabilities, allowing administrators to configure and monitor security policies with ease. The intuitive user interface simplifies complex tasks, aiding in the rapid deployment and scalability of security measures across large networks.

High availability and redundancy features are also integral to the FortiGate 800/800F design. The series supports active-active and active-passive configurations, ensuring continuous protection and minimizing downtime during maintenance or unexpected failures.

In summary, the FortiGate 800/800F series stands out for its powerful performance, advanced security features, and robust networking capabilities. Organizations seeking to bolster their cybersecurity posture will find these firewalls to be invaluable tools in safeguarding their digital environments and ensuring business continuity in an increasingly complex threat landscape.