LED | State | Description | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Power | Green | The FortiGate unit is on. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Off | The FortiGate unit is off. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Flashing Green | The FortiGate unit is starting up. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Status | Green | The FortiGate unit is running normally. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| Off | The FortiGate unit is powered off. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Link | Green | The correct cable is in use and the connected | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| equipment has power. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Internal, 1, 2, 3, 4, | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
WAN1 and WAN2, | Flashing Green | Network activity at this interface. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | INTERNAL | | | | |
DMZ1 and DMZ2 | Off | No link established. | | | | | | | PWR STATUS WAN 1 | WAN 2 | | DMZ 1 | DMZ 2 | 1 | | | 2 | | | 3 | | | 4 | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | LINK 100 | LINK 100 | LINK 100 | LINK 100 | LINK 100 | LINK 100 | LINK 100 | LINK 100 |
100 | Green | The interface is connected at 100Mbps. | | | | | | | A | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Internal, 1, 2, 3, 4, | | | | | | | | | | | | | | | | | | | | | | | | | | FortiGate-100A |
DMZ1 and DMZ2 | | | | | | | | | | | | | | | | | | | | | | | | | |
WAN1 and WAN2, | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
© Copyright 2007 Fortinet Incorporated. All rights reserved.
Products mentioned in this document are trademarks or registered trade- marks of their respective holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS01-30004-0066-20070117
17 January 2007
Checking the Package Contents
| | | | | | | | | | | | | | | | | | | Front | | | | | | | | | | | | | | | | |
Connector | Type | Speed | Protocol | Description | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Internal | RJ-45 | 10/100 Base-T | Ethernet | A 4-port switch connection for up to four network | | | | | | | | | | | | | | | | | | | | | | | | | | | | | INTERNAL | | | | |
| | | | devices or the internal network. | | | | | | | PWR | | STATUS | WAN 1 | | WAN 2 | DMZ 1 | DMZ 2 | | | 1 | | 2 | | 3 | | 4 | | | |
| | | | | | | | | | A | | | | | LINK 100 | | LINK 100 | LINK 100 | LINK 100 | LINK 100 | LINK 100 | | LINK 100 | LINK 100 |
WAN1 and | RJ-45 | 10/100 Base-T | Ethernet | Connection to the Internet. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
WAN2 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
DMZ1 and | RJ-45 | 10/100 Base-T | Ethernet | Optional connection to one or two DMZ networks, or | | | | | Power Status WAN | | DMZ | | Internal | Interface |
DMZ2 | | | | other FortiGate-100A units for high availability (HA). | | | | | | LED | | LED | | | | 1,2 | | 1,2 | | | | | (4-port switch) |
| | | | | | | | | | | | | | | | | Back | | | | | | | | | | | | | | | | |
| | | | For details, see the Documentation CD-ROM. | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Console | RJ-45 | 9600 Bps | RS-232 | Optional connection to the management computer. | DC+12V | | | | | | | 4 | 3 | 2 | 1 | | | | | | | | | | | | | | | | |
| | | | Provides access to the command line interface | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | USB | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | (CLI). | | | Console | | | | | | | | | | | Internal | | | | | | DMZ 2 | | | DMZ 1 | | WAN 2 | | WAN 1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | Power | | | | | | | | | | | | | | | | | | | | DMZ2 | | | WAN2 | |
| | | | | | | USB | | | | | | | | | | | | | | | | |
USB | USB | | USB | Optional connection for the FortiUSB key, modem or | Connection | | | | | | | | Internal | | Interface | | | | | | | WAN1 |
| | | | | | | | | | | | DMZ1 | |
| | | | | | | | | | | | | | |
| | | | backup operation | | RS-232 Serial (4-port switch connectors) | | | | | | | | | | | |
| | | | | | Connection | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
Ethernet Cables:
Orange - Crossover
Grey - Straight-through
RJ-45 to
DB-9 Serial Cable
Power Cable Power Supply
Q u i c k S t a r t G u i d e
FortiGate-100A
Copyright 2006 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.
Documentation
Connecting
Connect the FortiGate unit to a power outlet and to the internal and external networks.
•Place the unit on a stable surface. It requires 1.5 inches (3.75 cm) clearance above and on each side to allow for cooling.
•Plug in power cable to the unit before connecting power.
•The Status light flashes while the unit is starting up and turns off when the system is up and running.
Power cable connects to power supply
Optional RS-232 serial cable connects to serial port on management computer
| 4 | 3 | 2 | 1 | | | |
DC+12V | | | | | | | |
Console | USB | Internal | | DMZ 2 | DMZ 1 | WAN 2 | WAN 1 |
Straight-throughEthernet cables connect
to computers on internal network 
Planning the Configuration
Optional connection to | Straight-through Ethernet |
1 or 2 DMZ networks | cables connect to Internet |
| (public switch, router or modem) |
Before beginning to configure the FortiGate unit, you need to plan how to integrate the unit into your network. Your configuration plan depends on the operating mode you select: NAT/Route mode (the default) or Transparent mode.
NAT/Route mode | Transparent mode |
In NAT/Route mode, each FortiGate unit is visible to the network that it is connected to. All | In Transparent mode, the FortiGate unit is invisible to the network. All of its interfaces are on |
of its interfaces are on | the same subnet. You only have to configure a management IP address so that you can make |
| | | Internal | | different subnets. Each | | | | | configuration changes. |
| | | network | | | | | Internal |
| | | Internal network | | interface that is connected | | | | You would typically use the |
| | | | | | | network |
| | | 192.168.1.99 | | | | |
| | | | 192.168.1.3 | to a network must be | | | | | FortiGate unit in Transparent |
| | | | configured with an IP ad- | Gateway to public network | | | mode on a private network |
| | | | | | |
| WAN1 | Internal | | | 204.23.1.5 | 10.10.10.2 | WAN1 | Internal |
| | | | dress that is valid for that | Internet | | behind an existing firewall or |
Internet | 204.23.1.5 | | | Route mode policies | | | |
| | | | | | |
| Router | | | controlling traffic between | network. | Router | | | 10.10.10.3 | behind a router. In its default |
| | | internal networks | | |
| | DMZ | | | You would typically use | | | | | Transparent mode configuration, |
| | | | | | | | |
| | | DMZ | | NAT/Route mode when | | | | | the unit functions as a firewall. |
| | | network | | | | Transparent mode policies |
| | | | | the FortiGate unit is | | | controlling traffic between | No traffic can pass through the |
| | | | | | | internal and external networks |
| | | DMZ network | | deployed as a gateway | | | | | FortiGate unit until you add |
| NAT mode policies | | 10.10.10.2 | between private and public | | | | | firewall policies. |
| | 10.10.10.1 | | | | |
| controlling traffic between | | | | | | |
| internal and external networks | | | networks. In its default | You can connect up to four network segments to the FortiGate unit to control traffic between |
| | | | |
| | | | | NAT/Route mode configu- | these network segments. | | | |
ration, the unit functions as a firewall. Firewall policies control communications through the FortiGate unit. No
traffic can pass through the FortiGate unit until you add firewall policies. In NAT/Route mode, firewall policies can operate in NAT mode or in Route mode. In NAT mode, the FortiGate unit performs network address translation before IP packets are sent to the destination network.
In Route mode, no translation takes place.
Refer to the Documentation CD-ROM for information on how to control traffic, and how to configure HA, antivirus protection, FortiGuard, Web content filtering, Spam filtering, intrusion prevention (IPS), and virtual private networking (VPN).
Choosing a Configuration Tool
Web-based manager
The FortiGate web-based manager is an easy to use management tool. Use it to configure the administrator password, the interface and default gateway addresses, and the DNS server addresses.
Requirements:
•An Ethernet connection between the FortiGate unit and management computer.
•Internet Explorer 6.0 or higher on the management computer.
Command Line Interface (CLI)
The CLI is a full-featured management tool. Use it to configure the administrator password, the interface addresses, the default gateway address, and the DNS server addresses. To configure advanced settings, see the Documentation CD-ROM.
Requirements:
•The DB-9 serial connection between the FortiGate unit and management computer.
•A terminal emulation application (HyperTerminal for Windows) on the management computer.
