Manuals / Fortinet / Computer Equipment / Network Card

Fortinet 400 manual Controlling management access to an interface, 137

Models: 400

1 308
Download 308 pages 48.56 Kb
Page 137
Image 137

Network configuration

Configuring interfaces

 

 

Controlling management access to an interface

1Go to System > Network > Interface.

2Select Modify for the interface for which to configure management access.

3Select the management Access methods for the interface.

HTTPS To allow secure HTTPS connections to the web-based manager through this interface.

PING If you want this interface to respond to pings. Use this setting to verify your installation and for testing.

HTTP To allow HTTP connections to the web-based manager through this interface. HTTP connections are not secure and can be intercepted by a third party.

SSH To allow SSH connections to the CLI through this interface.

SNMP To allow a remote SNMP manager to request SNMP information by connecting to this interface. See “Configuring SNMP” on page 162.

TELNET To allow Telnet connections to the CLI through this interface. Telnet connections are not secure and can be intercepted by a third party.

Configuring management access for an interface connected to the Internet allows remote administration of the FortiGate unit from any location on the Internet. Allowing management access from the Internet could compromise the security of your FortiGate unit. You should avoid allowing management access for an interface connected to the Internet unless this is required for your configuration. To improve the security of a FortiGate unit that allows remote management from the Internet, add secure administrative user passwords, change these passwords regularly, and only enable secure management access using HTTPS or SSH.

4Select OK to save your changes.

Configuring traffic logging for connections to an interface

1Go to System > Network > Interface.

2Select Modify for the interface for which to configure logging.

3Select Log to record log messages whenever a firewall policy accepts a connection to this interface.

4Select OK to save your changes.

Changing the MTU size to improve network performance

You can change the maximum transmission unit (MTU) size for port1, port2, port3, and port4/ha (if it is not configured for HA). To improve the performance of your network connection, you can adjust the MTU of the packets that the FortiGate unit transmits from its interfaces. Ideally, this MTU should be the same as the smallest MTU of all the networks between the FortiGate unit and the destination of the packets. If the packets that the FortiGate sends are larger, they are broken up or fragmented, which slows down transmission speeds.

To change the MTU size:

1Go to System > Network > Interface.

2Choose an interface and select Modify .

3Select Fragment outgoing packets greater than MTU.

FortiGate-400 Installation and Configuration Guide

137

Page 136 Page 138
Page 137
Image 137
Fortinet 400 Controlling management access to an interface, Configuring traffic logging for connections to an interface
Page 136 Page 138