Device

Manually adding a device

To enable the FortiAnalyzer unit to reply to FDP packets

1On the FortiAnalyzer unit, go to Device > All.

2Go to System > Network.

3Select Modify for the network interface that should reply to FDP packets.

4Enable Fortinet Discovery Protocol.

5Select OK.

The FortiAnalyzer unit is now configured to respond to FDP packets on that network interface, including those from FortiGate units’ Automatic Discovery feature. For more information about connecting the FortiGate unit using FDP, see “To connect a FortiGate unit to a FortiAnalyzer unit using FDP” on page 85.

To connect a FortiGate unit to a FortiAnalyzer unit using FDP

1On the FortiGate unit, go to Log&Report > Log Config > Log Setting.

2Select Remote Logging.

3Select FortiAnalyzer.

4From Minimum log level, select the severity threshold that log messages must meet or exceed to be remotely logged to the FortiAnalyzer unit.

5In the FortiAnalyzer IP area, select Automatic Discovery.

6If the FortiAnalyzer unit does not appear in the Connect To list, select Discover.

The FortiGate unit sends FDP packets to other hosts on the FortiGate unit’s subnet. If a FortiAnalyzer unit exists on the subnet and is configured to reply to FDP packets, it sends a reply, and its IP address appears in the Connect To list.

If your FortiGate unit is connecting to a FortiAnalyzer unit from another network, such as through the Internet or through other firewalls, this may fail to locate the FortiAnalyzer unit, and you may need to configure an IPSec VPN tunnel to facilitate the connection. For more information and examples, see the Fortinet Knowledge Center article Sending remote FortiGate logs to a FortiAnalyzer unit behind a local FortiGate unit.

7From the Connect To list, select a FortiAnalyzer unit.

8Select Apply.

9To verify connectivity with the FortiAnalyzer unit, select Test Connectivity.

Test Connectivity verifies connectivity by OFTP. OFTP is required by device registration, content archiving, quarantining, and remote viewing of logs and reports, and display connection permissions, but not to send log messages. If Test Connectivity fails, the FortiAnalyzer unit’s Unregistered Device Options may require that you manually register the FortiGate unit with the device list. For more information, see “Configuring unregistered device connection attempt handling” on page 79. For more information about manually registering the device, see “Manually adding a device” on page 80. If the FortiGate unit is registered but Test Connectivity still fails, verify configurations of any intermediate devices such as routers or firewalls.

FortiAnalyzer Version 3.0 MR7 Administration Guide

 

05-30007-0082-20080908

85

Page 87
Image 87
Fortinet 3.0 MR7 To enable the FortiAnalyzer unit to reply to FDP packets, On the FortiAnalyzer unit, go to Device All