Manuals / Fortinet / Computer Equipment / Network Card

Fortinet FortiGate-800 Enabling push updates, Push updates when FortiGate IP addresses change

Models: FortiGate-800

1 336
Download 336 pages 18.65 Kb
Page 123
Image 123

Virus and attack definitions updates and registration

Enabling push updates

 

 

When the network configuration permits, configuring push updates is recommended in addition to configuring scheduled updates. On average the FortiGate unit receives new updates sooner through push updates than if the FortiGate unit receives only scheduled updates. However, scheduled updates make sure that the FortiGate unit receives the latest updates.

Enabling push updates is not recommended as the only method for obtaining updates. The FortiGate unit might not receive the push notification. Also, when the FortiGate unit receives a push notification it makes only one attempt to connect to the FDN and download updates.

This section describes:

Enabling push updates

Push updates when FortiGate IP addresses change

Enabling push updates through a NAT device

Enabling push updates

To enable push updates

1Go to System > Update.

2Select Allow Push Update.

3Select Apply.

Push updates when FortiGate IP addresses change

The SETUP message that the FortiGate unit sends when you enable push updates includes the IP address of the FortiGate interface that the FDN connects to. If your FortiGate unit is running in NAT/Route mode, the SETUP message includes the FortiGate external IP address. If your FortiGate unit is running in Transparent mode, the SETUP message includes the FortiGate management IP address. The FDN must be able to connect to this IP address for your FortiGate unit to be able to receive push update messages. If your FortiGate unit is behind a NAT device, see “Enabling push updates through a NAT device” on page 124.

Whenever the external IP address of the FortiGate unit changes, the FortiGate unit sends a new SETUP message to notify the FDN of the address change. As long as the FortiGate unit sends this SETUP message and the FDN receives it, the FDN can maintain the most up-to-date external IP address for the FortiGate unit.

The FortiGate unit sends the SETUP message if you change the external IP address manually or if you have set the external interface addressing mode to DHCP or PPPoE and your DHCP or PPPoE server changes the IP address.

If you have redundant connections to the Internet, the FortiGate unit also sends the SETUP message when one Internet connection goes down and the FortiGate unit fails over to the other Internet connection.

In Transparent mode if you change the management IP address, the FortiGate unit also sends the SETUP message to notify the FDN of the address change.

FortiGate-800 Installation and Configuration Guide

123

Page 122 Page 124
Page 123
Image 123
Fortinet FortiGate-800 manual Enabling push updates, Push updates when FortiGate IP addresses change, 123
Page 122 Page 124