Fortinet 110C manual To configure DNS server settings

Page 28

Configuring Transparent mode

Configuring

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding firewall policies

Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall policies define the FortiGate unit process the packets in a communication session. You can configure the firewall policies to allow only specific traffic, users and specific times when traffic is allowed.

For the initial installation, a single firewall policy that enables all traffic through will enable you to verify your configuration is working. On lower-end units such a default firewall policy is already in place. For the higher end FortiGate units, you will need to add a firewall policy.

The following steps add two policies that allows all traffic through the FortiGate unit, to enable you to continue testing the configuration on the network.

To add an outgoing traffic firewall policy

config firewall profile

edit <seq_num>

set srcintf <source_interface> set srcaddr <source_IP>

set dstintf <destination_interface> set dstaddr <destination_IP>

set schedule always set service ANY set action accept

end

To create an incoming traffic firewall policy, use the same commands with the addresses reversed.

Note that these policies allow all traffic through. No protection profiles have been applied. Ensure you create additional firewall policies to accommodate your network requirements.

 

FortiGate-110C FortiOS 3.0 MR6 Install Guide

26

01-30006-0481-20080728

Page 27 Page 29
Image 28
Page 27 Page 29
Contents Install G U I D E Trademarks Regulatory complianceContents Advanced configuration FortiGate FirmwareTesting new firmware before installing Installing firmware from a system reboot using the CLIIndex Page Introduction Register your FortiGate unitAbout this document About the FortiGate-110CDocument conventions Further Reading Typographic conventionsFortinet Knowledge Center Customer service and technical supportComments on Fortinet technical documentation Installing Environmental specificationsRack mount instructions GroundingMounting To install the FortiGate unit into a rack Installed mounting bracketsTo power on the FortiGate unit Connecting to the networkPlugging in the FortiGate To power off the FortiGate unit Turning off the FortiGate unitTurning off the FortiGate unit NAT vs. Transparent mode ConfiguringNAT mode Connecting to the FortiGate unit Transparent modeConnecting to the web-based manager To connect to the web-based managerConnecting to the CLI To connect to the CLIConfiguring NAT mode Using the web-based managerConfigure the interfaces To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayTo modify the default gateway Go to Router Static Adding firewall policiesTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingTo modify the default gateway Configuring Transparent modeTo add an outgoing traffic firewall policy Switching to Transparent mode To switch to Transparent mode Go to System StatusTo switch to Transparent mode To configure DNS server settings Verify the configuration Backing up the configurationRestoring a configuration Additional configurationSet the Administrator password Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Protection profilesFirewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging FortiGate Firmware Downloading firmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version Using the CLI To upgrade the firmware using the CLIExecute restore image namestr tftpip4 To revert to a previous firmware version using the CLIInstalling firmware from a system reboot using the CLI Execute restore image namestr tftpipv4To install firmware from a system reboot Press any key to display configuration menuRestoring the previous configuration To backup configuration using the CLITo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index 01-30006-0481-20080728 Page Page

110C specifications

The Fortinet 110C is a robust security appliance designed to provide comprehensive protection for small to medium-sized enterprises. It offers advanced security features combined with high-performance networking capabilities, making it an ideal choice for businesses looking to safeguard their digital assets while maintaining efficient network operations.

One of the standout features of the Fortinet 110C is its FortiOS operating system, which provides a unified security platform that integrates various security functionalities. This operating system supports firewall, VPN, intrusion prevention system (IPS), antivirus, and web filtering features, all managed from a single interface. This integration simplifies security management while enhancing overall performance.

The Fortinet 110C is equipped with an impressive throughput capacity, capable of managing up to 5 Gbps of firewall traffic and 1.5 Gbps of VPN throughput. This high performance ensures that businesses experience minimal latency and interruption, even during peak usage periods. The device also supports up to 100,000 concurrent sessions, which is crucial for organizations experiencing increases in network traffic or user connections.

In terms of connectivity, the Fortinet 110C features multiple Ethernet ports, including both WAN and LAN options, allowing for flexible network setups. The appliance supports VLAN configurations, enabling businesses to segment their networks for better security and traffic management. Additionally, the Fortinet 110C offers advanced routing features such as static and dynamic routing, which further enhances its functionality.

Security is paramount, and the Fortinet 110C excels with its comprehensive threat detection and prevention capabilities. Its Intrusion Prevention System (IPS) is designed to detect and neutralize threats in real-time, ensuring that sensitive business data remains protected. Moreover, the integrated antivirus engine scans traffic for malicious content, effectively blocking threats before they reach the network.

For businesses concerned about compliance, the Fortinet 110C includes features that support various regulatory requirements, such as logging and reporting capabilities. This ensures that organizations can maintain records of their network activity and meet audit requirements.

The Fortinet 110C also supports FortiGuard services, providing continuous updates to the security landscape. This ensures that the appliance is equipped to handle emerging threats, reinforcing the organization's security posture.

In conclusion, the Fortinet 110C is a powerful network security appliance that combines advanced security features with high performance. Its integration capabilities, impressive throughput, and robust security measures make it an optimal choice for small to medium-sized businesses looking to enhance their network security while maintaining operational efficiency. With FortiOS at its core and support for a wide range of security functionalities, the 110C stands out as a reliable solution in the ever-evolving cybersecurity landscape.
Top Page Image Contents