Fortinet 3016B To set an interface to use PPPoE addressing, To configure DNS server settings

Page 24

Configuring NAT mode

Configuring

To set an interface to use PPPoE addressing

config system interface edit external

set mode pppoe

set username <name_str> set password <psswrd>

set ipunnumbered <ip_address>

set disc-retry-timeout <integer_seconds> set padt-retry-timeout <integer_seconds> set distance <integer>

set defaultgw {enable disable}

set dns-server-override {enable disable}

end

The CLI lists the IP address, netmask, and other settings for each of the FortiGate interfaces.

Note: If you change the IP address of the interface you are connecting to, you must connect through a web browser again using the new address. Browse to https:// followed by the new IP address of the interface. If the new IP address of the interface is on a different subnet, you may have to change the IP address of your computer to the same subnet.

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A domain name server (DNS server) implements the protocol. In simple terms, it acts as a phone book for the Internet. A DNS server matches domain names with the computer IP address. This enables you to use readable locations, such as fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable disable} set primary <address_ip>

set secondary <address_ip> end

Note if you set the autosvr to enable, you do not have to configure the primary or secondary DNS server IP addresses.

Adding a default route and gateway

A route provides the FortiGate unit with the information it needs to forward a packet to a particular destination. A static route causes packets to be forwarded to a destination other than the default gateway. You define static routes manually. Static routes control traffic exiting the FortiGate unit-you can specify through which interface the packet will leave and to which device the packet should be routed.

In the factory default configuration, entry number 1 in the Static Route list is associated with a destination address of 0.0.0.0/0.0.0.0, which means any/all destinations. This route is called the "static default route". If no other routes are present in the routing table and a packet needs to be forwarded beyond the FortiGate unit, the factory configured static default route causes the FortiGate unit to forward the packet to the default gateway.

 

FortiGate-3016B FortiOS 3.0 MR6 Install Guide

24

01-30006-0458-20080318

Page 23 Page 25
Image 24
Page 23 Page 25
Contents Install G U I D E Trademarks Regulatory complianceContents Advanced configuration AMC modulesUsing the web-based manager Installing firmware from a system reboot using the CLITesting new firmware before installing FortiGate FirmwarePage Introduction Register your FortiGate unitAbout the FortiGate-3016B About this documentDocument conventions Further Reading Typographic conventionsCustomer service and technical support Fortinet Knowledge CenterComments on Fortinet technical documentation Installing Environmental specificationsGrounding Rack mount instructionsMounting To install the FortiGate unit into a rack Installed mounting bracketsTo power on the FortiGate unit Plugging in the FortiGateConnecting to the network To power off the FortiGate unitTurning off the FortiGate unit Turning off the FortiGate unit Configuring NAT vs. Transparent modeNAT mode Connecting to the FortiGate unit Transparent modeConnecting to the web-based manager To connect to the web-based managerConnecting to the CLI To connect to the CLIConfiguring NAT mode Using the web-based managerConfigure the interfaces To configure interfaces Go to System Network InterfaceConfigure a DNS server Adding a default route and gatewayTo modify the default gateway Go to Router Static Adding firewall policiesUsing the CLI To set an interface to use a static addressTo set an interface to use Dhcp addressing To configure DNS server settings To set an interface to use PPPoE addressingConfiguring Transparent mode To modify the default gatewayTo add an outgoing traffic firewall policy Switching to Transparent mode To switch to Transparent mode Go to System StatusTo switch to Transparent mode To configure DNS server settings Verify the configuration Backing up the configurationRestoring a configuration Additional configurationSet the Administrator password Set the time and dateConfigure FortiGuard Updating antivirus and IPS signaturesAdditional configuration Advanced configuration Protection profilesFirewall policies Firewall policiesConfiguring firewall policies Antivirus optionsAntiSpam options Web filtering Logging Installing AMC filler units Installing modulesTo install the filler module AMC modulesUsing the AMC modules Removing modulesHard disk module To insert a module into a FortiGate chassisLog configuration using the web-based manager To format the ASM-S08 hard disk enter the following commandFormatting the hard disk Log configuration using the CLI Changing interfaces to operate in Sgmii or SerDes modeViewing logs ASM-FB4 and ADM-XB2 modulesAMC modules Configure the speed Config system interface edit AMC-SW1/1 Set speed auto EndUsing the web-based manager FortiGate FirmwareDownloading firmware Upgrading the firmwareTo upgrade the firmware Reverting to a previous versionTo revert to a previous firmware version Backup and Restore from a USB key Using the USB Auto-InstallUsing the CLI To upgrade the firmware using the CLITo revert to a previous firmware version using the CLI Execute restore image namestr tftpipv4Installing firmware from a system reboot using the CLI To install firmware from a system rebootEnter Tftp server address Restoring the previous configuration To backup configuration using the CLITo restore configuration using the CLI Testing new firmware before installing Additional CLI Commands for a USB keyTo configure the USB Auto-Install using the CLI To test the new firmware image FortiGate Firmware Testing new firmware before installing Index Web filtering 37 web-based manager Page Page
Related manuals
Manual 2 pages 28.98 Kb

3016B specifications

The Fortinet 3016B is a robust firewall solution designed to meet the dynamic security needs of modern enterprises. As part of the FortiGate product line, the 3016B combines advanced security features with high performance, catering to organizations that require reliability and efficiency in managing their network security.

One of the primary features of the Fortinet 3016B is its high throughput capabilities. It supports up to 40 Gbps of firewall throughput and an impressive 7.5 Gbps of intrusion prevention system (IPS) throughput. This ensures that even at peak network loads, the firewall can maintain strong performance without compromising security. This feature is particularly important for businesses that handle large volumes of data and require seamless connectivity for their operational efficiency.

The 3016B leverages Fortinet's proprietary FortiOS operating system, which is known for its user-friendly interface and comprehensive security functionalities. FortiOS includes a variety of tools such as a next-generation firewall (NGFW), antivirus protection, web filtering, and application control, all incorporated into a single platform. This consolidation helps in simplifying management while providing extensive security coverage against a wide array of cyber threats.

Moreover, the Fortinet 3016B incorporates advanced threat intelligence capabilities powered by FortiGuard Labs. This allows the firewall to stay updated with real-time threat feeds, enabling the organization to respond proactively to emerging threats and vulnerabilities. The integration of AI-driven analytics enhances anomaly detection and helps in identifying potential breaches before they can escalate.

Another notable characteristic of the 3016B is its scalability. Designed for medium to large enterprises, it can easily integrate into existing infrastructure and scale as business needs grow. With support for multiple virtual domains (VDOMs), organizations can create isolated environments for different departments or functions, maintaining policy separations while optimizing resource utilization.

In terms of connectivity, the Fortinet 3016B offers various interfaces, including multiple 1G and 10G Ethernet ports, ensuring flexible deployment options. The device also supports high availability (HA) configurations, which provide redundancy and minimize downtime.

Overall, the Fortinet 3016B is an exceptional solution that combines superior security features with high performance and scalability, making it a prime choice for organizations looking to strengthen their network security posture without sacrificing efficiency. With its comprehensive capabilities, it empowers businesses to tackle today’s cybersecurity challenges effectively.
Top Page Image Contents