Collecting Information

NAT/Route Mode

Port

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

Port

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

Port

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

Port

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

Port

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

The internal interface IP address and netmask must be valid for the internal network.

Transparent mode

Management IP:

IP:

____.____.____.____

 

 

 

 

Netmask:

____.____.____.____

 

 

 

The management IP address and netmask must be valid for the network from which you will manage the FortiGate unit.

General settings

Administrator password:

 

 

 

 

 

Network Settings:

Default Gateway:

____.____.____.____

 

 

 

 

Primary DNS Server:

____.____.____.____

 

 

 

 

Secondary DNS Server:

____.____.____.____

 

 

 

A default gateway is required for the FortiGate unit to route connections to the Internet.

Factory default settings

NAT/Route mode

 

Transparent mode

 

 

 

 

 

Port 1 interface

192.168.1.99

Management IP

0.0.0.0

 

 

 

 

Port 2 interface

192.168.100.99

Administrative account settings

 

 

 

 

Port 3 to 10 interface

0.0.0.0

User name

admin

 

 

 

 

DHCP server on Internal

192.168.1.110

Password

(none)

interface

– 192.168.1.210

 

 

 

 

 

 

To reset the FortiGate unit to the factory defaults, in the CLI type the command execute factory reset

Configuring

NAT/Route mode

You would typically use NAT/Route mode when the FortiGate unit is deployed as a gateway between private and public networks. In its default NAT/Route mode configuration, the unit functions as a firewall. Firewall policies control communications through the FortiGate unit.

Transparent mode

You would typically use the FortiGate unit in Transparent mode on a private network behind an existing firewall or behind a router. In its default Transparent mode configuration, the unit functions as a firewall.

Upgrading to High Encryption

This FortiGate unit has a factory installed low encryption feature set. You can purchase a high encryption upgrade within 90 days of shipment from Fortinet. Fortinet Technical Support can provide a high encryption license key once you have provided suitable documentation that the necessary export licenses have been granted for your region, and our legal department has authorized the use of high encryption.

When you receive the high encryption license key, in the CLI, enter the command exec crypto-license<high-enc-key>.

Fortinet does not guarantee that the customer will receive a export license upon purchase of the product or license key.

Web-based Manager

1.Connect the FortiGate internal interface to a management computer Ethernet interface. Use a cross-over Ethernet cable to connect the devices directly. Use straight-through Ethernet cables to connect the devices through a hub or switch.

2.Configure the management computer to be on the same subnet as the internal interface of the FortiGate unit. To do this, change the IP address of the management computer to 192.168.1.2 and the netmask to 255.255.255.0.

3.To access the FortiGate web-based manager, start Internet Explorer and browse to https://192.168.1.99 (remember to include the “s” in https://).

4.Type admin in the Name field and select Login.

NAT/Route mode

To change the administrator password

1.Go to System > Admin > Administrators.

2.Select Change Password for the admin administrator and enter a new password.

To configure interfaces

1.Go to System > Network > Interface.

2.Select the edit icon for each interface to configure.

3.Set the addressing mode for the interface. (See the online help for information.)

For manual addressing, enter the IP address and netmask for the interface.

For DHCP addressing, select DHCP and any required settings.

For PPPoE addressing, select PPPoE, and enter the username and password and any other required settings.

To configure the Primary and Secondary DNS server IP addresses

1.Go to System > Network > Options, enter the Primary and Secondary DNS IP ad- dresses that you recorded above and select Apply.

To configure a Default Gateway

1.Go to Router > Static and select Edit icon for the static route.

2.Set Gateway to the Default Gateway IP address you recorded above and select OK.

Transparent mode

To switch from NAT/route mode to transparent mode

1.Go to System > Config > Operation Mode and select Transparent.

2.Set the Management IP/Netmask to 192.168.1.99/24.

3.Set a default Gateway and select Apply.

To change the administrator password

1.Go to System > Admin > Administrators.

2.Select Change Password for the admin administrator and enter a new password.

To change the management interface

1.Go to System > Config > Operation Mode.

2.Enter the Management IP address and netmask that you recorded above and select Apply.

To configure the Primary and Secondary DNS server IP addresses

1.Go to System > Network > Options, enter the Primary and Secondary DNS IP ad- dresses that you recorded above and select Apply.

Command Line Interface

1.Use the RJ-45 to DB9 serial cable to connect the FortiGate Console port to the man- agement computer serial port.

2.Start a terminal emulation program (HyperTerminal) on the management computer. Use these settings:

3.Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.

4.At the Login: prompt, type admin and press Enter twice (no password required).

NAT/Route mode

1.Configure the FortiGate internal interface. config system interface

edit internal

set ip <intf_ip>/<netmask_ip>

end

2.Repeat to configure each interface, for example, to configure the Port 1 interface. config system interface

edit port1

...

3.Configure the primary and secondary DNS server IP addresses. config system dns

set primary <dns-server_ip> set secondary <dns-server_ip>

end

4.Configure the default gateway. config router static

edit 1

set gateway <gateway_ip>

end

Transparent Mode

1.Change from NAT/Route mode to Transparent mode and configure the Management IP address.

config system settings

set opmode transparent

set manageip <mng_ip>/<netmask> set gateway <gateway_ip>

end

2.Configure the DNS server IP address. config system dns

set primary <dns-server_ip> set secondary <dns-server_ip>

end

Refer to the Tools and Documentation CD for information on how to control traffic, and how to configure HA, antivirus protection, FortiGuard, Web content filtering, Spam filtering, intrusion prevention (IPS), and virtual private networking (VPN).

Page 1 Page 2
Page 2
Image 2
Fortinet 1000A-LENC quick start Collecting Information, Configuring
Page 1 Page 2

1000A-LENC specifications

The Fortinet 1000A-LENC is a high-performance next-generation firewall that offers organizations a robust security solution to safeguard their networks from an increasingly complex threat landscape. This device is part of Fortinet's FortiGate family and is specifically designed to deliver high throughput, advanced security features, and scalability to meet the demands of enterprise environments.

One of the main features of the Fortinet 1000A-LENC is its use of the FortiASIC technology. This purpose-built security processor enables the device to provide exceptional performance while simultaneously conducting deep packet inspection and threat analysis. The use of FortiASIC allows for high-speed traffic processing, ensuring that the security measures do not hinder network performance.

The 1000A-LENC also offers integrated threat intelligence through FortiGuard Labs. This real-time intelligence enhances the firewall's capabilities, allowing it to automatically update its defenses against the latest threats, including malware, ransomware, and phishing attacks. By leveraging the power of AI and machine learning, the device can detect and respond to emerging threats swiftly, reducing the window of vulnerability.

Additionally, the 1000A-LENC supports advanced features such as VPN capabilities, application control, and web filtering. Organizations can set up secure virtual private networks (VPNs) to facilitate safe remote access while maintaining control over critical applications and user activity. The application control feature allows administrators to monitor and regulate application usage, ensuring that bandwidth is optimized and potentially harmful applications are blocked.

The device also includes robust reporting and logging functionalities, enabling comprehensive visibility into network traffic and security incidents. This visibility is crucial for compliance requirements and for enhancing the overall security posture of the organization.

Scalability is another key characteristic of the Fortinet 1000A-LENC. It can be seamlessly integrated into existing network infrastructures and expanded as organizational needs grow. The firewall is designed to provide cost-effective security without compromising on performance, making it an ideal choice for medium to large enterprises.

In conclusion, the Fortinet 1000A-LENC stands out as a powerful next-generation firewall that combines high performance with advanced security features. Its integration of FortiASIC technology, real-time threat intelligence, and robust visibility tools make it a reliable solution for safeguarding enterprise networks in today's digital landscape.
Top Page Image Contents