RIP 配置

添加 RIP 邻居

 

 

添加 RIP 邻居

添加 RIP 邻居可以定义用于交换路由信息的邻近的路由器。将邻居添加到非广播网 络中。

当您添加邻居的时候,FortiGate 设备与邻居直接交换信息,而不是赖于广播路 由。这种 FortiGate 和添加到邻居列表的路由器之间的点对点的路由信息交换更加安 全,并且可以减少网络通讯。在非广播网络中须添加邻居以交换路由。

当使用组合的 RIP 过滤器时,FortiGate 设备可以配置为与路由器的子网交换路由 和访问一个局域网中的服务器。

添加 RIP 邻居

1 进入 系统 >RIP> 邻居。

2 单击新建以添加 RIP 邻居。

3 添加您希望 FortiGate 与之交换路由信息的邻居路由器的 IP 地址。

4 单击发送 RIP1 以将 RIP1 消息发送到邻居。

5 单击启用发送 RIP2 以将 RIP2 消息发送到邻居。

6 单击确定以将 RIP 邻居添加到列表。

添加 RIP 过滤器

使用 RIP 过滤器可以控制 FortiGate 设备接收的路由信息和 FortiGate 设备发送的 路由信息。您可以创建两种过滤器:

邻居过滤器 用于过滤从邻路由器接的路由。当 FortiGate 设备从一个邻的路由器 接路由时,邻居过滤器定义了些从邻居接的路由可以保存到 FortiGate 路由列表,些路由将被丢

路由过滤器 用于在路由表被发送到邻路由器之前对路由进行过滤。在 FortiGate 设备 将路由发送到邻的路由器之前,路由过滤器决定了些路由可以发送、些路由不能被发送。

RIP 过滤器包括路由的 IP 地址和网络码、对这个路由执行的操作 (接受或拒 绝)、以及这个过滤器应用到的接口。在 RIP 过滤器中找不到匹配的路由将被允许接 受。

单一 RIP 过滤器包含对单一路由的接受或拒绝的指令。您可以在同一个 RIP 过滤器 名下添加多个 RIP 路由入口,以创建一个 RIP 过滤器列表。您可以使用一个 RIP 过滤 列表过滤多个路由。

创建完 RIP 过滤器和过滤器列表之后,您可以通过为每种类型的过滤器选择一个过 滤器或者过滤列表来配置邻居过滤器或路由过滤器。如果您没有为邻居或路由选择 RIP 过滤器,则不会对它们应用过滤。您最多可以添加 4 个 RIP 过滤器或过滤列表,是 您只能设置一个活动的邻居过滤器和一个活动的路由过滤器。

FortiGate-500 安装和配置指南

129

Page 141
Image 141
Fortinet 500 manual 添加 Rip 过滤器, 129, 添加 Rip 邻居 进入 系统 Rip 邻居。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.