Fortinet 50A/50B, 100 manual Configuring the FortiGate unit, Planning the FortiGate configuration

Configuring the FortiGate unit

This section provides an overview of the operating modes of the FortiGate unit. Before beginning to configure the FortiGate unit, you need to plan how to integrate the unit into your network. Your configuration plan depends on the operating mode you select: NAT/Route mode or Transparent mode.

This section includes the following topics:

•Planning the FortiGate configuration

•Preventing the public interface from responding to ping requests

•NAT/Route mode installation

•Transparent mode installation

•Next steps

Planning the FortiGate configuration

Before you configure the FortiGate unit, you need to plan how to integrate the unit into the network. Among other things, you must decide whether you want the unit to be visible to the network, which firewall functions you want it to provide, and how you want it to control the traffic flowing between its interfaces.

Your configuration plan depends on the operating mode you select. You can also configure the FortiGate unit and the network it protects using the default settings.

NAT/Route mode

In NAT/Route mode, the FortiGate unit is visible to the network. Like a router, all its interfaces are on different subnets. The following interfaces are available in NAT/Route mode:

Table 11: NAT/Route mode network segments

Modem is the interface for connecting an external modem to the FortiGate-50A. See “Configuring the modem for the FortiGate-50A” on page 53.

You can add firewall policies to control whether communications through the FortiGate unit operating in NAT or Route mode. Firewall policies control the flow of traffic based on the source address, destination address, and service of each packet. In NAT mode, the FortiGate unit performs network address translation before it sends the packet to the destination network. In Route mode, there is no address translation.