Fortinet 1000 - page 68

54

美国飞塔有限公司

透明模式配置的例子透明模式安装

2进入系统 >网络 >管理。

·修改管理 IP 地址和网络掩码：

IP: 192.168.1.1

掩码: 255.255.255.0

·单击应用。

3进入系统 >网络 >路由。

·选择新建添加到FortiResponse服务器的静态路由。

IP: 24.102.233.5

掩码: 255.255.255.0

网关 : 192.168.1.2

·单击确定。

·选择新建添加到外部网络的默认路由。

IP: 0.0.0.0

掩码: 0.0.0.0

网关 : 192.168.1.2

·单击确定。

CLI 配置步骤

要使用 CLI 配置 FortiGate 基本设置和静态路由：

1将系统操作模式设置为透明模式。

set system opmode transparent

2添加管理 IP 地址和网络掩码。

set system management ip 192.168.1.1 255.255.255.0

3添加到主FortiResponse服务器的静态路由。

set system route number 1 dst 24.102.233.5 255.255.255.0 gw1

192.168.1.2

4添加到外部网络的默认路由。

set system route number 2 gw1 192.168.1.2

到内部目的地址的静态路由的例子

图12 展示了 FDN 位于一个外部子网而管理工作站位于一个远程的内部子网的

FortiGate 连接的例子。要达到FDN，您需要输入一个默认路由指向作为下一个跳跃 /

默认网关的上游路由器。要达到管理工作站，您需要输入一个静态路由定向到它。这

个路由指向内部路由器，并将其作为路由的下一个跳跃。（因为DNS 服务器和

FortiGate 位于相同的第三层子网中，所以不需要为它们设置路由）。

Contents

Main FortiGate-1000 iii ................................................................... 1 .................................................................. 15 iv NAT/ ..................................................... 31 .......................................................... 45 v .............................................................. 57 vi .............................................................. 73 vii .............................................. 93 ............................................................. 109 viii RIP ............................................................. 123 ............................................................. 131 ix ........................................................... 141 x ........................................................... 171 IPSec VPN ............................................................ 179 xi PPTP L2TP VPN ..................................................... 203 (NIDS) .............................................. 217 ........................................................... 227 xii ......................................................... 235 ......................................................... 245 ........................................................... 249 xiii Page Page Web 3 NAT/ VLAN NIDS VPN 5 Web 6 CLI FortiGate CLI 7 2.50 RIP SNMP 8 HA FortiGate VPN Firewall VPN 9 NIDS FortiGate NIDS FortiGate Page Fortinet FortiGate FortiGate VPN FortiGate FortiGate NIDS Page Page Page Page Page 17 Web (CLI) FortiGate CLI 20 FortiGate NAT/ FortiGate 21 NAT/ FortiGate 3 22 23 24 FortiGate HTTP HTTP 25 FortiGate NAT/ 26 NAT/ 27 CLI LCD FortiGate FortiGate Page Page NAT/ NAT/ 32 Web 33 LCD FortiGate NAT/ NAT/ IP FortiGate Page 36 123 4/HA 37 38 Ping 39 40 41 42 43 Page Page 46 Web LCD 47 IP 48 FortiGate Page 50 Page 52 Web Page Page Page 56 Web - HA - HA 59 NAT/ HA FortiGate HA 60 HA 61 HA Page 63 HA HA FortiGate HA IP 64 HA 65 HA 66 HA HA 67 HA 68 69 70 FortiGate 71 HA FortiGate Page Page 74 FortiGate FortiGate Web 75 CLI 76 Web CLI Page 78 CLI Page 80 FortiGate NIDS Page 82 83 84 Page FortiGate FortiGate ! NAT/ FortiGate FortiGate 89 CPU 90 Page Page Page 94 Forti 95 96 97 98 NAT NAT Page Page Page 102 FortiGate CLI FortiGate 103 FortiCare Page 105 Fortinet FortiGate 106 FortiGate FortiCare 107 Fortinet RMA FortiGate 109 110 VLAN 111 IP 112 IP ping 113 MTU 114 4/HA 4/ha HA 4/HA VLAN VLAN Page 117 VLAN ID VLAN IP VLAN 118 119 120 121 FortiGateCLI DHCP DHCP RIP RIP FortiGate RIP FortiGate RIP RIP 4RIP RIP RIP 128 RIP RIP 129 Page Page Web Page 134 135 SNMP SNMP FortiGate FortiGate SNMP 136 FortiGate MIB 137 FortiGate 138 139 Page 142 VLAN 143 144 Page 146 NAT VPN 147 Page 149 150 151 152 153 155 156 157 158 159 160 IP NAT IP 161 IP 162 IP 163 IP IP 164 IP IP NAT IP/MAC 165 IP/MAC IP/MAC 166 IP/MAC ! IP/MAC IP/MAC Page 168 169 Page Page 172 173 RADIUS RADIUS 174 RADIUS LDAP 175 LDAP LDAP 176 177 Page IPSec VPN FortiGate VPN 180 ( IKE) IKE IPSec VPN 181 VPN VPN 182 IKE IPSec VPN IKE VPN 183 IKE VPN Page IPSec VPN IKE IPSec VPN 4 NAT 5 VPN DPD VPN DPD 6 186 IKE VPN Page 188 Page Page 191 192 CA CA CA 193 194 FortiGate IPSec VPN 196 VPN ( ) 197 VPN 198 VPN 199 IPSec VPN IPSec VPN 200 VPN VPN 201 VPN VPN Page PPTP L2TP VPN PPTP Page 205 206 PPTP Windows98 PPTP 207 PPTP Windows2000 PPTP PPTP 208 WindowsXP PPTP PPTP VPN L2TP VPN Page 211 212 Windows2000 L2TP L2TP 213 IPSec L2TP VPN 214 WindowsXP L2TP L2TP VPN VPN 215 IPSec L2TP VPN Page 217 (NIDS) NIDS Page 219 220 NIDS 221 NIDS 222 NIDS NIDS 223 224 NIDS 225 NIDS Page Page Page 230 231 232 233 ! Page 236 237 URL FortiGate URL URL 238 URL 239 URL URL Cerberian 240 FortiGate Cerberian FortiGate Cerberian 241 Cerberian Cerberian URL 242 243 URL URL URL Page Page 246 247 Page Page 250 NetIQ WebTrends FortiGate 251 Page Page 254 VLAN 255 256 257 258 259 260 Page Page 263 A B C 264 D E F 265 G H I 266 J K L 267 M N P 268 Q R S 269 T U V W 270 X Y Z