22 Fortinet Inc.
Factory default FortiGate configuration settings Getting started
Factory default FortiGate configuration settingsThe FortiGate unit is shipped with a factory default configuration. The default
configuration allows you to connect to and use the FortiGate web-based manager to
configure the FortiGate unit onto the network. To configure the FortiGate unit onto the
network you add an administrator password, change network interface IP addresses,
add DNS server IP addresses, and configure routing, if required.
If you plan to operate the FortiGate unit in Transparent mode, you can switch to
Transparent mode from the factory default configuration and then configure the
FortiGate unit onto the network in Transparent mode.
Once the network configuration is complete, you can perform additional configuration
tasks such as setting system time, configuring virus and attack definition updates, and
registering the FortiGate unit.
The factory default firewall configuration includes a single network address translation
(NAT) policy that allows users on your internal network to connect to the external
network, and stops users on the external network from connecting to the internal
network. You can add more policies to provide more control of the network traffic
passing through the FortiGate unit.
The factory default content profiles can be used to apply different levels of antivirus
protection, web content filtering, and email filtering to the network traffic that is
controlled by firewall policies.
•Factory default DHCP configuration
•Factory default NAT/Route mode network configuration
•Factory default Transparent mode network configuration
•Factory default firewall configuration
•Factory default content profiles
Factory default DHCP configuration
When the FortiGate unit is first powered on, the external interface is configured to
receive its IP address by connecting to a DHCP server. If your ISP provides IP
addresses using DHCP, no other configuration is required for this interface.
The FortiGate unit can also function as a DHCP server for your internal network. You
can configure the TCP/IP settings of the computers on your internal network to obtain
an IP address automatically from the FortiGate unit DHCP server. For more
information about the FortiGate DHCP server, see “Configuring DHCP services” on
page 104.
Table 2: FortiGate DHCP Server default configuration
Enable DHCP ;
Starting IP 192.168.1.1
Ending IP 192.168.1.254
Netmask 255.255.255.0
Lease Duration 604800 seconds
Default Route 192.168.1.99
Exclusion Range 192.168.1.99 - 192.168.1.99