Manually adding a device

Device

To classify network interfaces and VLAN subinterfaces of a FortiGate unit

1Go to Device > All > Device.

2Configure the FortiGate device.

For more information, see “Manually adding a device” on page 80.

3Select the blue arrow to expand FortiGate Interface Specifications.

This area may be automatically pre-configured with default classifications. In this case, verify that the network interface classifications match your network topology. If no modification is necessary, select OK, and do not perform the following steps.

4For each network interface, in Available Interfaces, enter the name of the network interface as it appears in log messages, then select Add.

The name of each network interface appears in the Available Interfaces area.

5For each network interface name in the Available Interfaces area, select the name of the network interface, then either leave it in Available Interfaces (which results in a class of None), or move it to the LAN, DMZ, or WAN area using the right arrow for that class.

6From Default type for interfaces not listed here, select None, LAN, WAN, or DMZ to indicate the default class of any network interfaces that you have not manually classified.

7Select OK.

Manually adding a FortiGate unit using the Fortinet Discovery Protocol (FDP)

If you configure the FortiAnalyzer unit to respond to Fortinet Discovery Protocol (FDP) packets, FortiGate units running FortiOS version 3.0 or greater can use FDP to locate a FortiAnalyzer unit. To use FDP, both units must be on the same subnet, and they must be able to connect using UDP.

When a FortiGate administrator selects Automatic Discovery, the FortiGate unit sends FDP packets to locate FortiAnalyzer units on the same subnet. If FDP has been enabled for its interface to that subnet, the FortiAnalyzer unit will respond. Upon receiving an FDP response, the FortiGate unit knows the IP address of the FortiAnalyzer unit, and the administrator can configure the FortiGate unit to begin sending log, content archive, and/or quarantine data to that IP address. When the FortiGate unit attempts to send data to the FortiAnalyzer unit, the FortiAnalyzer unit detects the connection attempt.

Connection attempts from devices not registered with the FortiAnalyzer unit’s device list may not be automatically accepted. In this case, you may need to manually add the device to the device list. For more information, see “Configuring unregistered device connection attempt handling” on page 79.

For a diagram of traffic types, ports and protocols that FortiAnalyzer units use to communicate with other devices and services, see the Knowledge Center article Traffic Types and TCP/UDP Ports used by Fortinet Products.

Note: Due to the nature of connectivity for certain high availability (HA) modes, full content archiving and quarantining may not be available for FortiGate units in an HA cluster. For more information, see the FortiGate HA Overview.

Unregistered Device Options apply to all device types attempting to connect, not just FortiGate units.

 

FortiAnalyzer Version 3.0 MR7 Administration Guide

84

05-30007-0082-20080908

Page 86
Image 86
Fortinet 3.0 MR7 manual Configure the FortiGate device, For more information, see Manually adding a device on