Planning the FortiGate configuration |
|
| Getting started |
Figure 6: Example Transparent mode network configuration | |||
|
|
| |
Gateway to | in Transparent mode |
| |
public network |
| ||
|
| ||
204.23.1.5 | 10.10.10.2 |
| Internal network |
Internet |
| 8 |
|
|
|
| |
|
|
| 10.10.10.3 |
(firewall, router) External | 10.10.10.1 | Internal | |
Management IP
Transparent mode policies controlling traffic between internal and external networks
You can connect up to 8 network segments to the FortiGate unit to control traffic between these network segments.
•External can connect to the external firewall or router.
•Internal can connect to the internal network.
•HA can connect to another network or to other
•DMZ and interfaces 1 to 4 can connect to other network segments.
Configuration options
Once you have selected Transparent or NAT/Route mode operation, you can complete the configuration plan and begin to configure the FortiGate unit.
You can use the
Setup wizard
If you are configuring the FortiGate unit to operate in NAT/Route mode (the default), the setup wizard prompts you to add the administration password and the internal and external interface addresses. Using the wizard, you can also add DNS server IP addresses and a default route for the external interface.
In NAT/Route mode you can also configure the FortiGate to allow Internet access to your internal Web, FTP, or email servers.
If you are configuring the FortiGate unit to operate in Transparent mode, you can switch to Transparent mode from the
CLI
If you are configuring the FortiGate unit to operate in NAT/Route mode, you can add the administration password and all interface addresses. Using the CLI, you can also add DNS server IP addresses and a default route for the external interface.
If you are configuring the FortiGate unit to operate in Transparent mode, you can use the CLI to switch to Transparent mode, Then you can add the administration password, the management IP address and gateway, and the DNS server addresses.
38 | Fortinet Inc. |
