Fortinet 50A 8

Contents

8 Fortinet Inc.

Virtual IPs..................................................................................................... ................... 157

Adding static NAT virtual IPs ...................................................................................... 158

Adding port forwarding virtual IPs............... ................................................................ 159

Adding policies with virtual IPs................................................................................. ... 161

IP pools........................................... ................................................................................ 161

Adding an IP pool........................................................................................ ................ 162

IP Pools for firewall policies that use fixed ports......................... ................................ 162

IP pools and dynamic NAT ......................................................................................... 162

IP/MAC binding..................................... .......................................................................... 163

Configuring IP/MAC binding for packets going through the firewall............................ 163

Configuring IP/MAC binding for packets going to the firewall..... ................................ 164

Adding IP/MAC addresses............................................................. ............................. 165

Viewing the dynamic IP/MAC list ................................................................................ 165

Enabling IP/MAC binding..................... ....................................................................... 165

Content profiles..................................................................... .......................................... 166

Default content profiles ............................................................................................... 167

Adding content profiles ............................................................................................... 167

Adding content profiles to policies .............................................................................. 169

Users and authentication.................................................................................. 171

Setting authentication timeout......................................................................................... 172

Adding user names and configuring authentication..................................... ................... 172

Adding user names and configuring authentication.............. ...................................... 172

Deleting user names from the internal database ........................................................ 173

Configuring RADIUS support....................................... ................................................... 174

Adding RADIUS servers ............................................................................................. 174

Deleting RADIUS servers ........................................................................................... 174

Configuring LDAP support.... .......................................................................................... 175

Adding LDAP servers..................................................................................... ............. 175

Deleting LDAP servers................................................................................... ............. 176

Configuring user groups.................................................................................................. 177

Adding user groups........................................................ ............................................. 177

Deleting user groups......................................................... .......................................... 178

IPSec VPN........................................................................................................... 179

Key management............................................................................... ............................. 180

Manual Keys ............................................................................................................... 180

Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates ..... 180

Manual key IPSec VPNs.................................................................... ............................. 181

General configuration steps for a manual key VPN................................. ................... 181

Adding a manual key VPN tunnel.. ............................................................................. 181