RIP configuration
Configuring RIP for FortiGate interfaces
You can create a unique RIP configuration for each FortiGate interface. This allows you to customize RIP for the network to which each interface is connected. For example:
•If you have a complex internal network containing devices that use the RIP2 protocol, you might want to configure RIP2 send and receive for the internal interface.
•If the external interface is connected to the Internet you may not want to enable RIP send for this interface so that the internal routes are not exposed to the Internet. However, you may want to configure RIP receive so that the FortiGate unit receives routes from your ISP.
•If the DMZ interface is connected to a small DMZ network you may not need to configure RIP for this interface.
To configure RIP for FortiGate interfaces
1Go to System > RIP > Interface.
On this page you can view a summary of the RIP settings for each FortiGate interface.
2Select Modify 
for the interface for which to configure RIP settings.
3Configure the following RIP settings:
RIP1 Send This interface can send RIP1 routing broadcasts to routers on its network. The routing broadcasts are UDP packets with a destination port of 520.
RIP1 Receive This interface can receive RIP1 routing broadcasts. The interface listens on port 520 for broadcast RIP1 messages.
RIP2 Send This interface can send RIP2 routing broadcasts to its network. The routing broadcasts are UDP packets with a destination port of 520.
RIP2 Receive This interface can receive RIP2 routing broadcasts. The interface listens on port 520 for broadcast RIP2 messages.
Authentication Enable authentication for RIP2 packets sent and received by this interface. Authentication is only supported by RIP2. Do not select authentication if you are configuring the interface for RIP1.
Password | Enter the password to be included in RIP2 requests. The password can be |
| up to 16 characters long. |
Mode | Defines how the FortiGate authenticates RIP2 packets. Select None, Clear, |
| or MD5. |
| None means do not send the password. |
| Clear means send the password is plain text. |
| MD5 means use MD5 authentication. |
Metric | Changes the metric for routes sent by this interface. All routes sent from this |
| interface will have this metric added to their current metric value. You can |
| change interface metrics to give higher priorities to some interfaces. For |
| example, if you have two interfaces that can be used to route packets to the |
| same destination, if you set the metric of one interface higher than the other, |
| the routes to the interface with the lower metric will seem to have a lower |
| cost, so more traffic will use routes to the interface with the lower metric. The |
| metric can be from 1 to 16. |
124 | Fortinet Inc. |
