Fortinet 310B manual To set an interface to use PPPoE addressing, To configure DNS server settings

Page 24

Configuring NAT mode

Configuring

To set an interface to use PPPoE addressing

config system interface edit external

set mode pppoe

set username <name_str> set password <psswrd>

set ipunnumbered <ip_address>

set disc-retry-timeout <integer_seconds> set padt-retry-timeout <integer_seconds> set distance <integer>

set defaultgw {enable disable}

set dns-server-override {enable disable}

end

The CLI lists the IP address, netmask, and other settings for each of the FortiGate interfaces.

Note: If you change the IP address of the interface you are connecting to, you must connect through a web browser again using the new address. Browse to https:// followed by the new IP address of the interface. If the new IP address of the interface is on a different subnet, you may have to change the IP address of your computer to the same subnet.

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding a default route and gateway

A route provides the FortiGate unit with the information it needs to forward a packet to a particular destination. A static route causes packets to be forwarded to a destination other than the default gateway. You define static routes manually. Static routes control traffic exiting the FortiGate unit-you can specify through which interface the packet will leave and to which device the packet should be routed.

 

FortiGate-310B FortiOS 3.0 MR6 Install Guide

24

01-30006-0472-20080815

Image 24
Contents Install G U I D E Trademarks Regulatory complianceContents Configuring Transparent mode Protection profiles Firewall policiesDownloading firmware Using the web-based manager Using the CLIInstalling firmware from a system reboot using the CLI Testing new firmware before installingPage Introduction Register your FortiGate unitLacp configuration About the FortiGate-310BAbout this document Further Reading Document conventionsTypographic conventions Addressipv4FortiGate Administration Guide Fortinet Knowledge CenterCustomer service and technical support Comments on Fortinet technical documentationCustomer service and technical support Installing Environmental specificationsGrounding Rack mount instructionsMounting To install the FortiGate unit into a rack Installed mounting bracketsConnecting to the network To power on the FortiGate unitTo power off the FortiGate unit Plugging in the FortiGateConfiguring NAT vs. Transparent modeNAT mode Connecting to the FortiGate unit Transparent modeConnecting to the web-based manager To connect to the web-based managerConnecting to the CLI To connect to the CLIBits per second 9600 Data bits Parity Stop bits Flow controlConfiguring NAT mode Using the web-based managerConfigure the interfaces To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayInitial Padt Timeout To modify the default gateway Go to Router Static Adding firewall policiesSource Interface Source Address AllUsing the CLI To set an interface to use a static addressTo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingTo modify the default gateway To add an outgoing traffic firewall policyConfiguring Transparent mode Switching to Transparent modeTo switch to Transparent mode Go to System Status Source Address All Destination Interface To switch to Transparent mode Verify the configuration Backing up the configurationRestoring a configuration Additional configurationSet the Administrator password Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Default protection profilesProtection profiles Firewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging Installing AMC filler units Installing modulesTo install the filler module AMC modulesUsing the AMC modules Removing modulesHard disk module To insert a module into a FortiGate chassisLog configuration using the web-based manager To format the ASM-S08 hard disk enter the following commandFormatting the hard disk Execute formatlogdiskLog configuration using the CLI Changing interfaces to operate in Sgmii or SerDes modeViewing logs ASM-FB4 and ADM-XB2 modulesConfigure the speed Config system interface edit AMC-SW1/1 Set speed auto EndUsing the AMC modules FortiGate Firmware Downloading firmwareUsing the web-based manager Upgrading the firmwareReverting to a previous version Backup and Restore from a USB key Using the USB Auto-InstallTo revert to a previous firmware version Using the CLI To upgrade the firmware using the CLIExecute ping Execute restore image namestr tftpip4 Execute restore image image.outExecute update-now To revert to a previous firmware version using the CLIInstalling firmware from a system reboot using the CLI Execute restore image namestr tftpipv4Execute restore image image28.out Execute restore config namestr tftpip4To install firmware from a system reboot Execute rebootPress any key to display configuration menu Enter Tftp server addressRestoring the previous configuration To backup configuration using the CLIEnter Local Address Enter File Name image.outAdditional CLI Commands for a USB key To restore configuration using the CLITo configure the USB Auto-Install using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

310B specifications

The Fortinet 310B is a powerful next-generation firewall (NGFW) designed to meet the evolving needs of modern enterprises. As part of Fortinet's Security Fabric, the 310B offers robust security features combined with high performance, enhancing network security while maintaining ease of use.

One of the standout features of the Fortinet 310B is its high throughput capability. With up to 10 Gbps of firewall throughput and an impressive IPS throughput of 3.5 Gbps, the device is optimized for handling heavy network traffic with minimal latency. This makes it suitable for both medium and large-scale environments, where performance and speed are critical.

The Fortinet 310B integrates a comprehensive suite of security technologies. At its core is FortiOS, the operating system that powers Fortinet’s security appliances. FortiOS includes advanced threat protection capabilities such as intrusion prevention system (IPS), deep packet inspection, and antivirus scanning. These features help protect against a wide range of threats, including malware, ransomware, and zero-day attacks, ensuring that networks are resilient against various cyber threats.

Another key characteristic of the Fortinet 310B is its multi-layered security architecture. The device supports a range of technologies such as SSL inspection, web filtering, and application control. By leveraging these functionalities, organizations can enforce granular security policies across different applications and users, improving overall visibility and control over the network environment.

The Fortinet 310B also incorporates FortiGate's unique Security Fabric technology, which enables seamless integration with other Fortinet products and third-party solutions. This interoperability allows for centralized management, simplified security operations, and enhanced threat intelligence sharing, creating a holistic security approach.

In addition to its security capabilities, the Fortinet 310B offers a variety of connectivity options, including multiple Ethernet ports and support for FortiLink, which allows for easy integration with FortiAP access points and FortiSwitches. This flexibility facilitates the deployment of secure network segments and wireless solutions.

The device also supports advanced features such as VPN capabilities for secure remote access, SD-WAN for optimizing network performance, and extensive reporting and logging for compliance and accountability. All these attributes make the Fortinet 310B a formidable choice for organizations looking to bolster their network security posture while maximizing operational efficiency. Overall, the Fortinet 310B stands out as a reliable and versatile solution in the realm of network security appliances.