Manuals / Brands / Computer Equipment / Network Router / Fortinet / Computer Equipment / Network Router

Fortinet 127, 500A, FORTIGATE, Network Router Planning the FortiGate configuration

1 54

Download 54 pages, 1.4 Mb

20 01-28005-0101-20041015 Fortinet Inc.

NAT/Route mode Getting started

Figure 4: Web protection profile settings

Planning the FortiGate configuration

Before you configure the FortiGate unit, you need to plan how to integrate the unit into

the network. Among other things, you must decide whether you want the unit to be

visible to the network, which firewall functions you want it to provide, and how you

want it to control the traffic flowing between its interfaces.

Your configuration plan depends on the operating mode that you select. The FortiGate

unit can be configured in one of two modes: NAT/Route mode (the default) or

Transparent mode.

NAT/Route mode

In NAT/Route mode, the FortiGate unit is visible to the network. Like a router, all its

interfaces are on different subnets. The following interfaces are available in

NAT/Route mode:

• Ports 1, 2, 3, 4, 5, and 6 can be connected to any networks. By default, the

FortiGate-300A interfaces have the following configuration

• LAN (L1, L2, L3, and L4) is a 4-port 10/100 Base-T switch that can connect to

up to four network devices or an internal network.

• Port 1 is the default interface to the 10/100 Base-T internal network (usually the

Internet).

• Port 2 is the default interface to the 10/100 Base-T external network.

• Port 3 can be connected to another 10/100 Base-T network such as a DMZ

network.

• Port 4 can be connected to another 10/100 Base-T network. Port 4 can also be

connected to other FortiGate-300 units if you are installing an HA cluster.

• Ports 5 and 6 can be connected to 10/100/1000 Base-T networks.

Contents

Main FortiGate 500A Installation Guide Versi on 2. 80 MR5 Page Table of Contents Page FortiGate-500A Installation Guide Version 2.80 MR5 Introduction Secure installation, configuration, and management Web-based manager Command line interface Setup wizard Document conventions 8 Fortinet documentation Comments on Fortinet technical documentation 10 Customer service and technical support Getting started 12 Package contents Mounting Dimensions Weight Power requirements Turning the FortiGate unit power on and off Connecting to the web-based manager Connecting to the command line interface (CLI) Factory default FortiGate configuration settings Factory default NAT/Route mode network configuration 18 Factory default Transparent mode network configuration Factory default firewall configuration Factory default protection profiles 20 Planning the FortiGate configuration NAT/Route mode NAT/Route mode with multiple external network connections 22 Transparent mode Configuration options Web-based manager and setup wizard CLI Page NAT/Route mode installation Preparing to configure the FortiGate unit in NAT/Route mode 26 DHCP or PPPoE configuration Using the web-based manager Configuring basic settings 28 Using the front control buttons and LCD Using the command line interface Configuring the FortiGate unit to operate in NAT/Route mode Page Page Using the setup wizard Starting the setup wizard Connecting the FortiGate unit to the network(s) FortiGate-500A Configuring the networks Page Transparent mode installation Preparing to configure Transparent mode Using the web-based manager Reconnecting to the web-based manager Using the front control buttons and LCD Using the command line interface Page 42 Using the setup wizard Reconnecting to the web-based manager Connecting the FortiGate unit to your network FortiGate-500A Page High availability installation Priorities of heartbeat device and monitor priorities Configuring FortiGate units for HA operation High availability configuration settings Page Configuring FortiGate units for HA using the web-based manager 48 Configuring FortiGate units for HA using the CLI Connecting the cluster to your networks Page Installing and configuring the cluster Page Index