Fortinet 310B Connecting to the CLI, To connect to the CLI, Bits per second 9600 Data bits Parity

Page 19

 

 

Configuring

Connecting to the FortiGate unit

To support a secure HTTPS authentication method, the FortiGate unit ships with a self-signed security certificate, which is offered to remote clients whenever they initiate a HTTPS connection to the FortiGate unit. When you connect, the FortiGate unit displays two security warnings in a browser.

The first warning prompts you to accept and optionally install the FortiGate unit’s self-signed security certificate. If you do not accept the certificate, the FortiGate unit refuses the connection. If you accept the certificate, the FortiGate login page appears. The credentials entered are encrypted before they are sent to the FortiGate unit. If you choose to accept the certificate permanently, the warning is not displayed again.

Just before the FortiGate login page is displayed, a second warning informs you that the FortiGate certificate distinguished name differs from the original request. This warning occurs because the FortiGate unit redirects the connection. This is an informational message. Select OK to continue logging in.

4Type admin in the Name field and select Login.

Connecting to the CLI

To connect to the FortiGate CLI you require:

a computer with an available communications port

a serial cable, either a RJ-45 to DB-9 or null modem cable, whichever was included in your FortiGate package

terminal emulation software such as HyperTerminal for Microsoft Windows

Note: The following procedure uses Microsoft Windows HypterTerminal software. You can apply these steps to any terminal emulation program.

To connect to the CLI

1Connect the serial cable to the communications port of your computer and to the FortiGate console port.

2Start HyperTerminal, enter a name for the connection and select OK.

3Configure HyperTerminal to connect directly to the communications port on your computer and select OK.

4Select the following port settings and select OK:

Bits per second

9600

Data bits

8

Parity

None

Stop bits

1

Flow control

None

5Press Enter to connect to the FortiGate CLI.

6When the login prompt appears, type admin and press Enter twice.

Type ? to list available commands. For information about how to use the CLI, see the FortiGate CLI Reference.

FortiGate-310B FortiOS 3.0 MR6 Install Guide

 

01-30006-0472-20080815

19

Image 19
Contents Install G U I D E Regulatory compliance TrademarksContents Protection profiles Firewall policies Configuring Transparent modeDownloading firmware Testing new firmware before installing Using the web-based managerUsing the CLI Installing firmware from a system reboot using the CLIPage Register your FortiGate unit IntroductionAbout the FortiGate-310B Lacp configurationAbout this document Addressipv4 Further ReadingDocument conventions Typographic conventionsFortinet Knowledge Center FortiGate Administration GuideComments on Fortinet technical documentation Customer service and technical supportCustomer service and technical support Environmental specifications InstallingRack mount instructions GroundingMounting Installed mounting brackets To install the FortiGate unit into a rackPlugging in the FortiGate Connecting to the networkTo power on the FortiGate unit To power off the FortiGate unitNAT vs. Transparent mode ConfiguringNAT mode To connect to the web-based manager Connecting to the FortiGate unitTransparent mode Connecting to the web-based managerStop bits Flow control Connecting to the CLITo connect to the CLI Bits per second 9600 Data bits ParityTo configure interfaces Go to System Network Interface Configuring NAT modeUsing the web-based manager Configure the interfacesAdding a default route and gateway Configure a DNS serverInitial Padt Timeout Source Address All To modify the default gateway Go to Router StaticAdding firewall policies Source InterfaceTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To set an interface to use PPPoE addressing To configure DNS server settingsTo add an outgoing traffic firewall policy To modify the default gatewaySwitching to Transparent mode Configuring Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Backing up the configuration Verify the configurationSet the time and date Restoring a configurationAdditional configuration Set the Administrator passwordUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Default protection profiles Advanced configurationProtection profiles Firewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging AMC modules Installing AMC filler unitsInstalling modules To install the filler moduleTo insert a module into a FortiGate chassis Using the AMC modulesRemoving modules Hard disk moduleExecute formatlogdisk Log configuration using the web-based managerTo format the ASM-S08 hard disk enter the following command Formatting the hard diskASM-FB4 and ADM-XB2 modules Log configuration using the CLIChanging interfaces to operate in Sgmii or SerDes mode Viewing logsConfig system interface edit AMC-SW1/1 Set speed auto End Configure the speedUsing the AMC modules Downloading firmware FortiGate FirmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version To upgrade the firmware using the CLI Using the CLIExecute ping To revert to a previous firmware version using the CLI Execute restore image namestr tftpip4Execute restore image image.out Execute update-nowExecute restore config namestr tftpip4 Installing firmware from a system reboot using the CLIExecute restore image namestr tftpipv4 Execute restore image image28.outEnter Tftp server address To install firmware from a system rebootExecute reboot Press any key to display configuration menuEnter File Name image.out Restoring the previous configurationTo backup configuration using the CLI Enter Local AddressTo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI To test the new firmware image Testing new firmware before installingTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

310B specifications

The Fortinet 310B is a powerful next-generation firewall (NGFW) designed to meet the evolving needs of modern enterprises. As part of Fortinet's Security Fabric, the 310B offers robust security features combined with high performance, enhancing network security while maintaining ease of use.

One of the standout features of the Fortinet 310B is its high throughput capability. With up to 10 Gbps of firewall throughput and an impressive IPS throughput of 3.5 Gbps, the device is optimized for handling heavy network traffic with minimal latency. This makes it suitable for both medium and large-scale environments, where performance and speed are critical.

The Fortinet 310B integrates a comprehensive suite of security technologies. At its core is FortiOS, the operating system that powers Fortinet’s security appliances. FortiOS includes advanced threat protection capabilities such as intrusion prevention system (IPS), deep packet inspection, and antivirus scanning. These features help protect against a wide range of threats, including malware, ransomware, and zero-day attacks, ensuring that networks are resilient against various cyber threats.

Another key characteristic of the Fortinet 310B is its multi-layered security architecture. The device supports a range of technologies such as SSL inspection, web filtering, and application control. By leveraging these functionalities, organizations can enforce granular security policies across different applications and users, improving overall visibility and control over the network environment.

The Fortinet 310B also incorporates FortiGate's unique Security Fabric technology, which enables seamless integration with other Fortinet products and third-party solutions. This interoperability allows for centralized management, simplified security operations, and enhanced threat intelligence sharing, creating a holistic security approach.

In addition to its security capabilities, the Fortinet 310B offers a variety of connectivity options, including multiple Ethernet ports and support for FortiLink, which allows for easy integration with FortiAP access points and FortiSwitches. This flexibility facilitates the deployment of secure network segments and wireless solutions.

The device also supports advanced features such as VPN capabilities for secure remote access, SD-WAN for optimizing network performance, and extensive reporting and logging for compliance and accountability. All these attributes make the Fortinet 310B a formidable choice for organizations looking to bolster their network security posture while maximizing operational efficiency. Overall, the Fortinet 310B stands out as a reliable and versatile solution in the realm of network security appliances.