Configuring NAT mode

Configuring

Configuring NAT mode

Configuring NAT mode involves defining interface addresses and default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in NAT/Route mode.

Using the web-based manager

After connecting to the web-based manager, you can use the following procedures to complete the basic configuration of the FortiGate unit. Ensure you read the section “Connecting to the web-based manager” on page 16 before beginning.

Configure the interfaces

When shipped, the FortiGate unit has a default address of 192.168.1.99 and a netmask of 255.255.255.0. for either the Port 1 or Internal interface. You need to configure this and other ports for use on your network.

To configure interfaces

1Go to System > Network > Interface.

2Select the edit icon for an interface.

3Set the Addressing Mode for the interface.

For Manual addressing, enter the IP address and netmask for the interface.

For DHCP addressing, select DHCP and complete the following:

Distance

Enter the administrative distance, between 1 and 255 for the

 

default gateway retrieved from the DHCP server. The

 

administrative distance specifies the relative priority of a route

 

when there are multiple routes to the same destination. A

 

lower administrative distance indicates a more preferred route.

Retrieve default gateway from server

Override internal DNS

Enable to retrieve a default gateway IP address from the DHCP server. The default gateway is added to the static routing table.

Enable to use the DNS addresses retrieved from the DHCP server instead of the DNS server IP addresses on the DNS page on System > Network > Options. On FortiGate-100 units and lower, you should also enable Obtain DNS server address automatically in System > Network > Options.

For PPPoE addressing, select PPPoE, and complete the following:

Username

Enter the username for the PPPoE server. This may have

 

been provided by your ISP.

Password

Enter the password for the PPPoE server for the above user

 

name.

Unnumbered

Specify the IP address for the interface. If your ISP has

 

assigned you a block of IP addresses, use one of these IP

 

addresses. Alternatively, you can use, or borrow, the IP

 

address of a configured interface on the router. You may need

 

to do this to minimize the number of unique IP addresses

 

within your network.

 

If you are borrowing an IP address remember the interface

 

must be enabled, or up to function correctly.

Initial Disc Timeout

Initial discovery timeout in seconds. The time to wait before

 

starting to retry a PPPoE discovery. To disable the discovery

 

timeout, set the value to 0.

 

FortiGate-60B FortiOS 3.0 MR6 Install Guide

18

01-30006-0446-20080910

Page 17 Page 19
Page 18
Image 18
Fortinet 60B manual Configuring NAT mode, Using the web-based manager, Configure the interfaces
Page 17 Page 19

60B specifications

The Fortinet FortiGate 60B is a compact, high-performance network security appliance designed for small to medium-sized businesses. As part of Fortinet's FortiGate series, the 60B integrates advanced security features and technologies, making it an ideal solution for organizations seeking to protect their networks from growing cyber threats.

One of the main features of the FortiGate 60B is its robust firewall capability. The device provides next-generation firewall (NGFW) functionalities, allowing businesses to monitor and control traffic at multiple layers. This includes application control, intrusion prevention, and web filtering, ensuring that only legitimate traffic is allowed access to critical resources. With a strong emphasis on threat detection, the 60B employs FortiGuard Labs' threat intelligence services to stay updated on the latest malware and attack vectors.

Another significant characteristic of the FortiGate 60B is its integrated virtual private network (VPN) capabilities. The device supports both site-to-site and remote access VPNs, enabling secure connections for remote employees and branch offices. This feature is essential for organizations that require secure communication over public networks, ensuring that sensitive data remains protected.

Performance is also a focal point of the FortiGate 60B. The appliance is equipped with dedicated hardware acceleration that optimizes throughput and minimizes latency. With impressive SSL inspection capabilities, it can handle encrypted traffic efficiently, making it well-suited for an increasingly secure internet landscape.

The FortiGate 60B also boasts extensive reporting and analytics features, enabling IT teams to gain valuable insights into network activity. This includes detailed logs and dashboards that help organizations identify potential security risks and respond to incidents in real time. In addition, the appliance is built with scalability in mind, allowing businesses to expand their security posture as they grow.

Furthermore, the FortiGate 60B is designed for ease of management. The unit can be configured and monitored through Fortinet's centralized management system, FortiManager, simplifying the administration of multiple devices across various locations.

In summary, the Fortinet FortiGate 60B is a powerful, versatile network security solution that combines advanced firewall capabilities, VPN support, and integrated threat intelligence. With its strong performance metrics and user-friendly management tools, it is an excellent choice for organizations aiming to bolster their cybersecurity defenses while maintaining operational efficiency.
Top Page Image Contents