Configuring

NAT vs. Transparent mode

Configuring

This section provides an overview of the operating modes of the FortiGate unit, NAT/Route and Transparent, and how to configure the FortiGate unit for each mode. There are two ways you can configure the FortiGate unit, using the web-based manager or the command line interface (CLI). This section will step through using both methods. Use whichever you are most comfortable with.

This section includes the following topics:

NAT vs. Transparent mode

Connecting to the FortiGate unit

Verify the configuration

Backing up the configuration

Additional configuration

NAT vs. Transparent mode

The FortiGate unit can run in two different modes, depending on your network infrastructure and requirements. You have a choice between NAT/Route mode and Transparent mode. Both include the same robust network security features such as antispam, antivirus, VPN and firewall policies.

NAT mode

In NAT/Route mode, the FortiGate unit is visible to the network. Like a router, all its interfaces are on different subnets.

In NAT mode, each port is on a different subnet, enabling you to have a single IP address available to the public Internet. The FortiGate unit performs network address translation before it sends and receives the packet to the destination network.

In Route mode, there is no address translation.

Figure 2: FortiGate unit in NAT mode

Internet

204.23.1.5

192.168.1.99

 

 

Router

NAT mode policies controlling traffic between internal and external networks.

Internal network

192.168.1.20

You typically use NAT/Route mode when the FortiGate unit is operating as a gateway between private and public networks. In this configuration, you would create NAT mode firewall policies to control traffic flowing between the internal, private network and the external, public network, usually the Internet.

FortiGate-60B FortiOS 3.0 MR6 Install Guide

 

01-30006-0446-20080910

15

Page 15
Image 15
Fortinet 60B manual NAT vs. Transparent mode, NAT mode

60B specifications

The Fortinet FortiGate 60B is a compact, high-performance network security appliance designed for small to medium-sized businesses. As part of Fortinet's FortiGate series, the 60B integrates advanced security features and technologies, making it an ideal solution for organizations seeking to protect their networks from growing cyber threats.

One of the main features of the FortiGate 60B is its robust firewall capability. The device provides next-generation firewall (NGFW) functionalities, allowing businesses to monitor and control traffic at multiple layers. This includes application control, intrusion prevention, and web filtering, ensuring that only legitimate traffic is allowed access to critical resources. With a strong emphasis on threat detection, the 60B employs FortiGuard Labs' threat intelligence services to stay updated on the latest malware and attack vectors.

Another significant characteristic of the FortiGate 60B is its integrated virtual private network (VPN) capabilities. The device supports both site-to-site and remote access VPNs, enabling secure connections for remote employees and branch offices. This feature is essential for organizations that require secure communication over public networks, ensuring that sensitive data remains protected.

Performance is also a focal point of the FortiGate 60B. The appliance is equipped with dedicated hardware acceleration that optimizes throughput and minimizes latency. With impressive SSL inspection capabilities, it can handle encrypted traffic efficiently, making it well-suited for an increasingly secure internet landscape.

The FortiGate 60B also boasts extensive reporting and analytics features, enabling IT teams to gain valuable insights into network activity. This includes detailed logs and dashboards that help organizations identify potential security risks and respond to incidents in real time. In addition, the appliance is built with scalability in mind, allowing businesses to expand their security posture as they grow.

Furthermore, the FortiGate 60B is designed for ease of management. The unit can be configured and monitored through Fortinet's centralized management system, FortiManager, simplifying the administration of multiple devices across various locations.

In summary, the Fortinet FortiGate 60B is a powerful, versatile network security solution that combines advanced firewall capabilities, VPN support, and integrated threat intelligence. With its strong performance metrics and user-friendly management tools, it is an excellent choice for organizations aiming to bolster their cybersecurity defenses while maintaining operational efficiency.