FortiGate-3016B FortiOS 3.0 MR6 Install Guide
28 01-30006-0458-20080318
Configuring Transparent mode Configuring
Configure a DNS server
A DNS server is a service that converts symbolic node names to IP addresses. A
domain name server (DNS server) implements the protocol. In simple terms, it
acts as a phone book for the Internet. A DNS server matches domain names with
the computer IP address. This enables you to use readable locations, such as
fortinet.com when browsing the Internet.
DNS server IP addresses are typically provided by your internet service provider.
To configure DNS server settings
config system dns
set autosvr {enable | disable}
set primary <address_ip>
set secondary <address_ip>
end
Note if you set the autosvr to enable, you do not have to configure the primary
or secondary DNS server IP addresses.
Adding firewall policies
Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall
policies define the FortiGate unit process the packets in a communication session.
You can configure the firewall policies to allow only specific traffic, users and
specific times when traffic is allowed.
For the initial installation, a single firewall policy that enables all traffic through will
enable you to verify your configuration is working. On lower-end units such a
default firewall policy is already in place. For the higher end FortiGate units, you
will need to add a firewall policy.
The following steps add two policies that allows all traffic through the FortiGate
unit, to enable you to continue testing the configuration on the network.
To add an outgoing traffic firewall policy
config firewall profile
edit <seq_num>
set srcintf <source_interface>
set srcaddr <source_IP>
set dstintf <destination_interface>
set dstaddr <destination_IP>
set schedule always
set service ANY
set action accept
end
To create an incoming traffic firewall policy, use the same commands with the
addresses reversed.
Note that these policies allow all traffic through. No protection profiles have been
applied. Ensure you create additional firewall policies to accommodate your
network requirements.