Probe settings, To configure probe settings | Fortinet Version 3.0


Configuration and operating procedures	Configuring FortiBridge probes

This section describes:

•Probe settings

•Enabling probes

•Verifying that probes are functioning

•Tuning the failure threshold and probe interval

Probe settings

Configure probe settings to control the response when a FortiBridge probe detects that the FortiGate unit has failed. Probe settings consist of:

Table 11: Probe settings

Probe Setting	Description		Default

Action on failure	Set the FortiBridge unit response when a probe detects that		fail open
	the FortiGate unit has failed. The FortiBridge unit can.
	•	Send alertmail
	•	Fail open
	• Send an SNMP trap
	• Send a message to a syslog server
	You can add up to four actions on failure. All of the
	configured actions on failure occur when the FortiBridge
	unit detects a failure.

Dynamic IP	Configure the INT 2 and EXT 2 interfaces with dynamic		(none)
pattern	probe IP addresses. The dynamic probe IP addresses
	should not conflict with IP addresses on the network that
	the FortiGate unit is connected to. These IP addresses are
	not visible from the outside network, but they should not
	conflict with IP addresses in packets passing through the
	FortiBridge unit. You cannot change the dynamic IP pattern
	if any probes are enabled.

FortiGate unit	The serial number of the FortiGate unit that the FortiBridge		(none)
serial number	unit is connected to. The serial number appears in
	FortiBridge alert mail, and syslog messages to identify the
	FortiGate unit.

To configure probe settings

This procedure shows how to configure the following probe settings:

•The FortiBridge unit responds to a FortiGate unit failure by failing open and by sending an alert email, a syslog message, and an SNMP trap

•The dynamic IP pattern is 2.2.2.*

•The FortiGate unit serial number is FGT8002803923050

Note: The FortiBridge unit does not have to fail open if the FortiGate unit fails. The

FortiBridge unit can be configured just to send alerts if the FortiGate unit fails.

1Log in to the FortiBridge CLI.

FortiBridge Version 3.0 Administration Guide	37
09-30000-0163-20061109

Image 37

Fortinet Version 3.0 manual Probe settings, To configure probe settings

Contents

M i n i s t r a t i o n G u i d e Regulatory compliance Trademarks Contents Using the CLI Configuration and operating proceduresConfig CLI commands Index Execute CLI commandsPage About this document About FortiBridge Fortinet documentation Customer service and technical supportFortinet tools and documentation CD Fortinet Knowledge Center Example FortiBridge application FortiBridge operating principles Connecting the FortiBridge-1000 copper gigabit ethernet Connecting the FortiBridge unit Connecting the FortiBridge-1000F fiber gigabit ethernet Normal mode operationHow the FortiBridge unit monitors the FortiGate unit Probes and FortiGate firewall policies Normal mode operation Enabling probes to detect FortiGate software failure Enabling probes to detect FortiGate hardware failureProbe interval and probe threshold FortiBridge power failure Bypass mode operation Example FortiGate HA cluster FortiBridge application Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces Example configuration with other FortiGate interfaces FortiBridge unit basic information FortiBridge-1000 Package contents Mounting instructions FortiBridge-1000F Package contents LED indicators Technical specifications Factory default configuration Connectors Connecting and turning on the FortiBridge-1000 unit Connecting and turning on the FortiBridge unit To connect and turn on the FortiBridge-1000 unit Connecting and turning on the FortiBridge-1000F unitTo connect and turn on the FortiBridge-1000F unit Connecting to the FortiBridge console Connecting to the command line interface CLIFortiBridge-1000 login To connect to the FortiBridge console for the first time Connecting to the FortiBridge CLI using Telnet Completing the basic FortiBridge configurationTo connect to the CLI using Telnet Welcome FortiBridge-1000 # To add an administrator password Adding an administrator passwordChanging the management IP address To change the management IP address Adding static routes Changing DNS server IP addressesTo change DNS server IP addresses To add static routes Adding administrator accounts Allowing management access to the EXT 1 interfaceChanging the system time and date Installing FortiBridge unit firmware Resetting to the factory default configurationTo reset to factory defaults from the FortiBridge CLI Execute restore image namestr tftpip To upgrade to a new firmware versionExecute restore image FBG1000-v10-build010-FORTINET.out Upgrading to a new firmware version To revert to a previous firmware version Reverting to a previous firmware version To install firmware from a system reboot Installing firmware from a system rebootHit any key to stop autoboot Enter Tftp server address Get system status Enter firmware image file image.out Example network settings Configuration and operating procedures Configuring FortiBridge probes Configuring FortiBridge probes To configure probe settings Probe settings Config probe probelist ping set status enable End To enable and configure FortiBridge probesEnabling probes Verifying that probes are functioning Config probe probelist Imap set status enable EndTo verify that probes are functioning Go to System Status Session Tuning the failure threshold and probe interval Configuring FortiBridge alerts Config alertemail setting set server mail.myorg.com End To configure alert emailFortiBridge alert email FortiBridge syslog Config log syslogd setting set server End To configure FortiBridge syslogFortiBridge Snmp To add and enable an Snmp community Recovering from a FortiGate failureConfig system snmp community edit Set name snmp1 End To resume normal operation from bypass mode Backing up and restoring the FortiBridge configuration Manually switching between FortiBridge operating modesExecute switch-mode To back up the FortiBridge configuration Backing up and restoring the FortiBridge configuration Backing up and restoring the FortiBridge configuration Setting administrative access for SSH or Telnet Connecting to the FortiBridge CLI using SSH or TelnetTo use the CLI to configure SSH or Telnet access CLI basics Connecting to the FortiBridge CLI using SSH Other access methodsSet allowaccess ping telnet ssh Get system interface namestr To connect to the CLI using SSH Connecting to the FortiBridge CLI using SSH or Telnet Config CLI commands Command syntax pattern Alertemail settingExamples Related Commands Example Log syslogd setting Get probe probelist Probe probelist ping http ftp pop3 smtp imapGet probe probelist http Show probe probelist Syslog Probe setting Rw w System accprofile Get system accprofile policyprofile Get system accprofileShow system accprofile Password passwordstr System admin Get system admin newadmin Get system adminShow system admin System console Config system console set EndGet system console Show system console Get system dns System dnsShow system dns Get system status Failbypass System failclose System failclose Minutesinteger System global Show system global Get system global Get system interface internal System interface internal externalShow system interface internal System manageip Config system manageip Set ip 192.168.2.80 255.255.255.0 end Distanceinteger System route System snmp community Config hosts Show system snmp community Get system snmp community Execute CLI commands Command syntax BackupExecute backup config filenamestr tftp-serveripv4 Execute backup config fbdg.cfg Execute date datestr datestr has the form mm/dd/yyyy, where DateExecute date 09/17/2004 Execute factoryreset Factoryreset Execute ping addressipv4 host-namestr Ping Execute reboot Reboot Execute restore config backupconfig Restore Switch-mode Execute time timestr Time Time Index 09-30000-0163-20061109 Snmp SSH