Fortinet 60B manual Configuring NAT mode, Using the web-based manager, Configure the interfaces

Page 18

Configuring NAT mode

Configuring

Configuring NAT mode

Configuring NAT mode involves defining interface addresses and default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in NAT/Route mode.

Using the web-based manager

After connecting to the web-based manager, you can use the following procedures to complete the basic configuration of the FortiGate unit. Ensure you read the section “Connecting to the web-based manager” on page 16 before beginning.

Configure the interfaces

When shipped, the FortiGate unit has a default address of 192.168.1.99 and a netmask of 255.255.255.0. for either the Port 1 or Internal interface. You need to configure this and other ports for use on your network.

To configure interfaces

1Go to System > Network > Interface.

2Select the edit icon for an interface.

3Set the Addressing Mode for the interface.

For Manual addressing, enter the IP address and netmask for the interface.

For DHCP addressing, select DHCP and complete the following:

Distance

Enter the administrative distance, between 1 and 255 for the

 

default gateway retrieved from the DHCP server. The

 

administrative distance specifies the relative priority of a route

 

when there are multiple routes to the same destination. A

 

lower administrative distance indicates a more preferred route.

Retrieve default gateway from server

Override internal DNS

Enable to retrieve a default gateway IP address from the DHCP server. The default gateway is added to the static routing table.

Enable to use the DNS addresses retrieved from the DHCP server instead of the DNS server IP addresses on the DNS page on System > Network > Options. On FortiGate-100 units and lower, you should also enable Obtain DNS server address automatically in System > Network > Options.

For PPPoE addressing, select PPPoE, and complete the following:

Username

Enter the username for the PPPoE server. This may have

 

been provided by your ISP.

Password

Enter the password for the PPPoE server for the above user

 

name.

Unnumbered

Specify the IP address for the interface. If your ISP has

 

assigned you a block of IP addresses, use one of these IP

 

addresses. Alternatively, you can use, or borrow, the IP

 

address of a configured interface on the router. You may need

 

to do this to minimize the number of unique IP addresses

 

within your network.

 

If you are borrowing an IP address remember the interface

 

must be enabled, or up to function correctly.

Initial Disc Timeout

Initial discovery timeout in seconds. The time to wait before

 

starting to retry a PPPoE discovery. To disable the discovery

 

timeout, set the value to 0.

 

FortiGate-60B FortiOS 3.0 MR6 Install Guide

18

01-30006-0446-20080910

Page 17 Page 19
Image 18
Page 17 Page 19
Contents Install G U I D E Trademarks Regulatory complianceContents Configuring Transparent mode Advanced configurationConfiguring the modem interface Protection profilesFortiGate Firmware IndexPage Introduction Register your FortiGate unitAbout the FortiGate-60B About this documentDocument conventions Further Reading Typographic conventionsCustomer service and technical support Fortinet Knowledge CenterComments on Fortinet technical documentation Installing Environmental specificationsGrounding Rack mount instructionsTurning off the FortiGate unit Connecting to the networkPlugging in the FortiGate MountingTurning off the FortiGate unit NAT vs. Transparent mode NAT modeConnecting to the web-based manager Connecting to the FortiGate unitTransparent mode To connect to the web-based managerConnecting to the CLI To connect to the CLIConfigure the interfaces Configuring NAT modeUsing the web-based manager To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayTo modify the default gateway Go to Router Static Adding firewall policiesUsing the CLI To set an interface to use a static addressTo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingConfiguring Transparent mode To modify the default gatewayTo add an outgoing traffic firewall policy Switching to Transparent mode To switch to Transparent mode Go to System StatusTo switch to Transparent mode To configure DNS server settings Verify the configuration Backing up the configurationSet the Administrator password Restoring a configurationAdditional configuration Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Protection profilesFirewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging Selecting a modem mode Redundant modeConfiguring modem settings Stand alone modeTo configure modem settings Go to System Network Modem Dial on demandConfiguring the modem using the CLI SyntaxKeywords and variables Description Default Mode redudant Example Phone-numberAdding a Ping Server Dead gateway detectionTo configure the modem Go to System Network Modem Administrative access through the modem portConfiguring the Pcmcia modem card Adding firewall policies for modem connectionsAt+cpin=5555 FortiGate Firmware Downloading firmwareUsing the web-based manager Upgrading the firmwareReverting to a previous version Backup and Restore from a USB key Using the USB Auto-InstallTo revert to a previous firmware version Using the CLI To upgrade the firmware using the CLIExecute restore image namestr tftpip4 To revert to a previous firmware version using the CLIInstalling firmware from a system reboot using the CLI Execute restore image namestr tftpipv4To install firmware from a system reboot Press any key to display configuration menuRestoring the previous configuration To backup configuration using the CLIAdditional CLI Commands for a USB key To restore configuration using the CLITo configure the USB Auto-Install using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index System modem 43 system reboot, installing Page Page Page Page

60B specifications

The Fortinet FortiGate 60B is a compact, high-performance network security appliance designed for small to medium-sized businesses. As part of Fortinet's FortiGate series, the 60B integrates advanced security features and technologies, making it an ideal solution for organizations seeking to protect their networks from growing cyber threats.

One of the main features of the FortiGate 60B is its robust firewall capability. The device provides next-generation firewall (NGFW) functionalities, allowing businesses to monitor and control traffic at multiple layers. This includes application control, intrusion prevention, and web filtering, ensuring that only legitimate traffic is allowed access to critical resources. With a strong emphasis on threat detection, the 60B employs FortiGuard Labs' threat intelligence services to stay updated on the latest malware and attack vectors.

Another significant characteristic of the FortiGate 60B is its integrated virtual private network (VPN) capabilities. The device supports both site-to-site and remote access VPNs, enabling secure connections for remote employees and branch offices. This feature is essential for organizations that require secure communication over public networks, ensuring that sensitive data remains protected.

Performance is also a focal point of the FortiGate 60B. The appliance is equipped with dedicated hardware acceleration that optimizes throughput and minimizes latency. With impressive SSL inspection capabilities, it can handle encrypted traffic efficiently, making it well-suited for an increasingly secure internet landscape.

The FortiGate 60B also boasts extensive reporting and analytics features, enabling IT teams to gain valuable insights into network activity. This includes detailed logs and dashboards that help organizations identify potential security risks and respond to incidents in real time. In addition, the appliance is built with scalability in mind, allowing businesses to expand their security posture as they grow.

Furthermore, the FortiGate 60B is designed for ease of management. The unit can be configured and monitored through Fortinet's centralized management system, FortiManager, simplifying the administration of multiple devices across various locations.

In summary, the Fortinet FortiGate 60B is a powerful, versatile network security solution that combines advanced firewall capabilities, VPN support, and integrated threat intelligence. With its strong performance metrics and user-friendly management tools, it is an excellent choice for organizations aiming to bolster their cybersecurity defenses while maintaining operational efficiency.
Top Page Image Contents