Fortinet 30B manual To configure DNS server settings

Page 28

Configuring Transparent mode

Configuring

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding firewall policies

Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall policies define the FortiGate unit process the packets in a communication session. You can configure the firewall policies to allow only specific traffic, users and specific times when traffic is allowed.

For the initial installation, a single firewall policy that enables all traffic through will enable you to verify your configuration is working. On lower-end units such a default firewall policy is already in place. For the higher end FortiGate units, you will need to add a firewall policy.

The following steps add two policies that allows all traffic through the FortiGate unit, to enable you to continue testing the configuration on the network.

To add an outgoing traffic firewall policy

config firewall profile

edit <seq_num>

set srcintf <source_interface> set srcaddr <source_IP>

set dstintf <destination_interface> set dstaddr <destination_IP>

set schedule always set service ANY set action accept

end

To create an incoming traffic firewall policy, use the same commands with the addresses reversed.

Note that these policies allow all traffic through. No protection profiles have been applied. Ensure you create additional firewall policies to accommodate your network requirements.

 

FortiGate-30B FortiOS 3.0 MR6 Install Guide

28

01-30006-0459-20080505

Image 28
Contents Install G U I D E Trademarks Regulatory complianceConfiguring InstallingConents Introduction Advanced configuration FortiGate FirmwareTesting new firmware before installing Installing firmware from a system reboot using the CLIIndex Page Introduction Register your FortiGate unitAbout the FortiGate-30B About this documentDocument conventions Further ReadingTypographic conventions Fortinet Knowledge Center Comments on Fortinet technical documentationCustomer service and technical support Customer service and technical support Installing Environmental specificationsRack mount instructions GroundingMounting Connecting to the network To power on the FortiGate unitTo power off the FortiGate unit Plugging in the FortiGateTurning off the FortiGate unit NAT vs. Transparent mode NAT modeConnecting to the FortiGate unit Transparent modeConnecting to the web-based manager To connect to the web-based managerConnecting to the CLI To connect to the CLIConfiguring NAT mode Using the web-based managerConfigure the interfaces To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayTo modify the default gateway Go to Router Static Adding firewall policiesTo set an interface to use a static address Using the CLITo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingTo modify the default gateway Configuring Transparent modeTo add an outgoing traffic firewall policy Switching to Transparent mode To switch to Transparent mode Go to System StatusTo switch to Transparent mode To configure DNS server settings Verify the configuration Backing up the configurationRestoring a configuration Additional configurationSet the Administrator password Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Protection profilesFirewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging FortiGate Firmware Downloading firmwareUpgrading the firmware Using the web-based managerReverting to a previous version Using the USB Auto-Install Backup and Restore from a USB keyTo revert to a previous firmware version Using the CLI To upgrade the firmware using the CLIExecute restore image namestr tftpip4 To revert to a previous firmware version using the CLIInstalling firmware from a system reboot using the CLI Execute restore image namestr tftpipv4To install firmware from a system reboot Press any key to display configuration menuRestoring the previous configuration To backup configuration using the CLITo restore configuration using the CLI Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI Testing new firmware before installing To test the new firmware imageTesting new firmware before installing Testing new firmware before installing Index Web filtering 37 web-based manager Page Page

30B specifications

Fortinet's FortiGate 30B is a compact yet powerful security appliance designed for small to medium-sized businesses and branch offices. This next-generation firewall (NGFW) integrates various security functions, helping organizations safeguard their networks without compromising on performance or ease of use.

One of the standout features of the FortiGate 30B is its robust security capabilities. It offers firewall protection, intrusion prevention systems (IPS), antivirus, web filtering, and application control, all in one device. This consolidated approach simplifies security management, enabling companies to deploy a range of protections without the need for multiple products.

The FortiGate 30B utilizes Fortinet's proprietary FortiOS operating system, which allows for centralized management and visibility into network traffic. With features like FortiView, administrators can gain insights into application usage, user activities, and security events, helping them make informed decisions to enhance their security posture.

Performance is another critical aspect of the FortiGate 30B. Equipped with Fortinet's purpose-built security processing units (SPUs), the device is designed to handle high throughput while maintaining low latency. This ensures that businesses can operate smoothly without facing interruptions caused by security measures.

Additionally, the FortiGate 30B supports advanced technologies such as VPN (Virtual Private Network) for secure remote access and SD-WAN (Software-Defined Wide Area Network) capabilities. This combination enables organizations to optimize their network performance and enhance connectivity between branch offices or remote workers, making it an ideal solution for today's flexible work environments.

A highlight of the FortiGate 30B is its ease of deployment. With a user-friendly interface and guided setup wizards, even those with limited IT experience can configure the device quickly. The included FortiCloud service allows for easy management and monitoring, further simplifying the administrative overhead.

Scalability is yet another critical characteristic of the FortiGate 30B. As businesses grow, they can easily expand their security infrastructure by integrating additional Fortinet solutions into their network, maintaining a cohesive security strategy without disrupting operations.

In summary, the FortiGate 30B offers a comprehensive, high-performance security solution for small and medium-sized organizations. With its integrated features, advanced technologies, and user-friendly management capabilities, it empowers businesses to protect their networks effectively while ensuring optimal performance and scalability for future growth.