Fortinet 50A User manual

FortiGate 50A

Installation and

Configuration Guide

INTERNAL EXTERNAL

LINK 100 LINK 100

PWR

STATUS

A

FortiGate User Manual Volume 1

Version 2.50

29 February 2004

No part of this publication including text, examples, diagrams or illustrations may be reproduced,

transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or

otherwise, for any purpose, without prior written permission of Fortinet Inc.

FortiGate-50A Installation and Configuration Guide

Version 2.50

29 February 2004

Trademarks

Products mentioned in this document are trademarks or registered trademarks of their respective

holders.

Regulatory Compliance

FCC Class A Part 15 CSA/CUS

CAUTION: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE.

DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS.

For technical support, please visit http://www.fortinet.com.

Send information about errors or omissions in this document or any Fortinet technical documentation to

techdoc@fortinet.com.

Contents

FortiGate-50A Installation and Configuration Guide 3

Table of Contents

Introduction .......................................................................................................... 13

NAT/Route mode and Transparent mode......................................................................... 13

NAT/Route mode .......................................................................................................... 13

Transparent mode......................................................................................................... 13

Document conventions ..................................................................................................... 14

Fortinet documentation ..................................................................................................... 15

Comments on Fortinet technical documentation........................................................... 15

Customer service and technical support........................................................................... 16

Getting started ..................................................................................................... 17

Package contents ............................................................................................................. 18

Mounting ........................................................................................................................... 18

Powering on...................................................................................................................... 19

Connecting to the web-based manager............................................................................ 19

Connecting to the command line interface (CLI)............................................................... 20

Factory default FortiGate configuration settings ............................................................... 22

Factory default DHCP configuration ............................................................................. 22

Factory default NAT/Route mode network configuration .............................................. 23

Factory default Transparent mode network configuration............................................. 23

Factory default firewall configuration ............................................................................ 23

Factory default content profiles..................................................................................... 25

Planning the FortiGate configuration ................................................................................ 27

NAT/Route mode .......................................................................................................... 27

Transparent mode......................................................................................................... 28

Configuration options .................................................................................................... 28

FortiGate model maximum values matrix ......................................................................... 30

Next steps......................................................................................................................... 31

NAT/Route mode installation.............................................................................. 33

Installing the FortiGate unit using the default configuration.............................................. 33

Changing the default configuration ............................................................................... 34

Preparing to configure NAT/Route mode.......................................................................... 34

Advanced NAT/Route mode settings............................................................................ 35

Using the setup wizard...................................................................................................... 35

Starting the setup wizard .............................................................................................. 35

Reconnecting to the web-based manager .................................................................... 35

Using the command line interface..................................................................................... 36

Configuring the FortiGate unit to operate in NAT/Route mode ..................................... 36

Connecting the FortiGate unit to your networks................................................................ 37

Configuring your networks ................................................................................................ 38

Contents

4 Fortinet Inc.

Completing the configuration ............................................................................................ 38

Setting the date and time .............................................................................................. 38

Changing antivirus protection ....................................................................................... 38

Registering your FortiGate unit ..................................................................................... 39

Configuring virus and attack definition updates ............................................................ 39

Transparent mode installation............................................................................ 41

Preparing to configure Transparent mode ........................................................................ 41

Using the setup wizard...................................................................................................... 42

Changing to Transparent mode .................................................................................... 42

Starting the setup wizard .............................................................................................. 42

Reconnecting to the web-based manager .................................................................... 42

Using the command line interface..................................................................................... 42

Changing to Transparent mode .................................................................................... 43

Configuring the Transparent mode management IP address ....................................... 43

Configure the Transparent mode default gateway........................................................ 43

Connecting the FortiGate unit to your networks................................................................ 43

Completing the configuration ............................................................................................ 45

Setting the date and time .............................................................................................. 45

Enabling antivirus protection......................................................................................... 45

Registering your FortiGate............................................................................................ 45

Configuring virus and attack definition updates ............................................................ 45

Transparent mode configuration examples....................................................................... 46

Default routes and static routes .................................................................................... 46

Example default route to an external network............................................................... 47

Example static route to an external destination ............................................................ 48

Example static route to an internal destination ............................................................. 51

System status....................................................................................................... 53

Changing the FortiGate host name................................................................................... 54

Changing the FortiGate firmware...................................................................................... 54

Upgrading to a new firmware version ........................................................................... 55

Reverting to a previous firmware version...................................................................... 56

Installing firmware images from a system reboot using the CLI ................................... 59

Testing a new firmware image before installing it ......................................................... 61

Manual virus definition updates ........................................................................................ 63

Manual attack definition updates ...................................................................................... 63

Displaying the FortiGate serial number............................................................................. 64

Displaying the FortiGate up time....................................................................................... 64

Backing up system settings .............................................................................................. 64

Restoring system settings................................................................................................. 64

Restoring system settings to factory defaults ................................................................... 65

Changing to Transparent mode ........................................................................................ 65

Changing to NAT/Route mode.......................................................................................... 66

Restarting the FortiGate unit............................................................................................. 66

Contents

FortiGate-50A Installation and Configuration Guide 5

Shutting down the FortiGate unit ...................................................................................... 66

System status ................................................................................................................... 67

Viewing CPU and memory status ................................................................................. 67

Viewing sessions and network status ........................................................................... 68

Viewing virus and intrusions status............................................................................... 69

Session list........................................................................................................................ 70

Virus and attack definitions updates and registration ..................................... 73

Updating antivirus and attack definitions .......................................................................... 73

Connecting to the FortiResponse Distribution Network ................................................ 74

Manually initiating antivirus and attack definitions updates .......................................... 75

Configuring update logging ........................................................................................... 76

Scheduling updates .......................................................................................................... 76

Enabling scheduled updates......................................................................................... 76

Adding an override server............................................................................................. 77

Enabling scheduled updates through a proxy server.................................................... 78

Enabling push updates ..................................................................................................... 78

Enabling push updates ................................................................................................. 79

Push updates when FortiGate IP addresses change.................................................... 79

Enabling push updates through a NAT device.............................................................. 79

Registering FortiGate units ............................................................................................... 83

FortiCare Service Contracts.......................................................................................... 84

Registering the FortiGate unit ....................................................................................... 85

Updating registration information ...................................................................................... 86

Recovering a lost Fortinet support password................................................................ 86

Viewing the list of registered FortiGate units ................................................................ 87

Registering a new FortiGate unit .................................................................................. 88

Adding or changing a FortiCare Support Contract number........................................... 88

Changing your Fortinet support password .................................................................... 89

Changing your contact information or security question ............................................... 89

Downloading virus and attack definitions updates ........................................................ 90

Registering a FortiGate unit after an RMA........................................................................ 91

Contents

6 Fortinet Inc.

Network configuration......................................................................................... 93

Configuring interfaces ....................................................................................................... 93

Viewing the interface list ............................................................................................... 94

Changing the administrative status of an interface ....................................................... 94

Configuring an interface with a manual IP address ...................................................... 94

Configuring an interface for DHCP ............................................................................... 95

Configuring an interface for PPPoE .............................................................................. 96

Adding a secondary IP address to an interface ............................................................ 96

Adding a ping server to an interface ............................................................................. 97

Controlling administrative access to an interface.......................................................... 97

Changing the MTU size to improve network performance............................................ 98

Configuring traffic logging for connections to an interface ............................................ 98

Configuring the management interface in Transparent mode....................................... 99

Adding DNS server IP addresses ................................................................................... 100

Configuring routing.......................................................................................................... 100

Adding a default route................................................................................................. 100

Adding destination-based routes to the routing table.................................................. 101

Adding routes in Transparent mode............................................................................ 102

Configuring the routing table....................................................................................... 102

Policy routing .............................................................................................................. 103

Configuring DHCP services ............................................................................................ 104

Configuring a DHCP relay agent................................................................................. 104

Configuring a DHCP server ........................................................................................ 105

Configuring the modem interface.................................................................................... 107

Connecting a modem to the FortiGate unit ................................................................. 108

Configuring modem settings ....................................................................................... 108

Connecting to a dialup account................................................................................... 109

Disconnecting the modem .......................................................................................... 109

Viewing modem status................................................................................................ 110

Backup mode configuration ........................................................................................ 110

Standalone mode configuration .................................................................................. 110

Adding firewall policies for modem connections ......................................................... 111

RIP configuration ............................................................................................... 113

RIP settings..................................................................................................................... 113

Configuring RIP for FortiGate interfaces......................................................................... 115

Adding RIP filters ............................................................................................................ 117

Adding a RIP filter list.................................................................................................. 117

Assigning a RIP filter list to the neighbors filter........................................................... 118

Assigning a RIP filter list to the incoming filter ............................................................ 118

Assigning a RIP filter list to the outgoing filter............................................................. 119

System configuration ........................................................................................ 121

Setting system date and time.......................................................................................... 121

Contents

FortiGate-50A Installation and Configuration Guide 7

Changing system options................................................................................................ 122

Adding and editing administrator accounts..................................................................... 123

Adding new administrator accounts ............................................................................ 124

Editing administrator accounts.................................................................................... 124

Configuring SNMP .......................................................................................................... 125

Configuring the FortiGate unit for SNMP monitoring .................................................. 126

Configuring FortiGate SNMP support ......................................................................... 126

FortiGate MIBs............................................................................................................ 128

FortiGate traps ............................................................................................................ 129

Fortinet MIB fields ....................................................................................................... 130

Replacement messages ................................................................................................. 133

Customizing replacement messages .......................................................................... 133

Customizing alert emails............................................................................................. 134

Firewall configuration........................................................................................ 137

Default firewall configuration........................................................................................... 138

Addresses ................................................................................................................... 138

Services ...................................................................................................................... 139

Schedules ................................................................................................................... 139

Content profiles........................................................................................................... 139

Adding firewall policies.................................................................................................... 140

Firewall policy options................................................................................................. 140

Configuring policy lists .................................................................................................... 144

Policy matching in detail ............................................................................................. 145

Changing the order of policies in a policy list.............................................................. 145

Enabling and disabling policies................................................................................... 146

Addresses ....................................................................................................................... 146

Adding addresses ....................................................................................................... 147

Editing addresses ....................................................................................................... 148

Deleting addresses ..................................................................................................... 148

Organizing addresses into address groups ................................................................ 148

Services .......................................................................................................................... 149

Predefined services .................................................................................................... 149

Adding custom TCP and UDP services ...................................................................... 152

Adding custom ICMP services .................................................................................... 153

Adding custom IP services.......................................................................................... 153

Grouping services ....................................................................................................... 153

Schedules ....................................................................................................................... 154

Creating one-time schedules ...................................................................................... 155

Creating recurring schedules ...................................................................................... 155

Adding schedules to policies....................................................................................... 156

Contents

8 Fortinet Inc.

Virtual IPs........................................................................................................................ 157

Adding static NAT virtual IPs ...................................................................................... 158

Adding port forwarding virtual IPs ............................................................................... 159

Adding policies with virtual IPs.................................................................................... 161

IP pools........................................................................................................................... 161

Adding an IP pool........................................................................................................ 162

IP Pools for firewall policies that use fixed ports......................................................... 162

IP pools and dynamic NAT ......................................................................................... 162

IP/MAC binding ............................................................................................................... 163

Configuring IP/MAC binding for packets going through the firewall............................ 163

Configuring IP/MAC binding for packets going to the firewall ..................................... 164

Adding IP/MAC addresses.......................................................................................... 165

Viewing the dynamic IP/MAC list ................................................................................ 165

Enabling IP/MAC binding ............................................................................................ 165

Content profiles............................................................................................................... 166

Default content profiles ............................................................................................... 167

Adding content profiles ............................................................................................... 167

Adding content profiles to policies .............................................................................. 169

Users and authentication .................................................................................. 171

Setting authentication timeout......................................................................................... 172

Adding user names and configuring authentication ........................................................ 172

Adding user names and configuring authentication .................................................... 172

Deleting user names from the internal database ........................................................ 173

Configuring RADIUS support .......................................................................................... 174

Adding RADIUS servers ............................................................................................. 174

Deleting RADIUS servers ........................................................................................... 174

Configuring LDAP support .............................................................................................. 175

Adding LDAP servers.................................................................................................. 175

Deleting LDAP servers................................................................................................ 176

Configuring user groups.................................................................................................. 177

Adding user groups..................................................................................................... 177

Deleting user groups................................................................................................... 178

IPSec VPN........................................................................................................... 179

Key management............................................................................................................ 180

Manual Keys ............................................................................................................... 180

Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates ..... 180

Manual key IPSec VPNs................................................................................................. 181

General configuration steps for a manual key VPN .................................................... 181

Adding a manual key VPN tunnel ............................................................................... 181

Contents

FortiGate-50A Installation and Configuration Guide 9

AutoIKE IPSec VPNs...................................................................................................... 182

General configuration steps for an AutoIKE VPN ....................................................... 183

Adding a phase 1 configuration for an AutoIKE VPN.................................................. 183

Adding a phase 2 configuration for an AutoIKE VPN.................................................. 188

Managing digital certificates............................................................................................ 190

Obtaining a signed local certificate ............................................................................. 190

Obtaining CA certificates ............................................................................................ 192

Configuring encrypt policies............................................................................................ 193

Adding a source address ............................................................................................ 194

Adding a destination address...................................................................................... 194

Adding an encrypt policy............................................................................................. 195

IPSec VPN concentrators ............................................................................................... 196

VPN concentrator (hub) general configuration steps .................................................. 197

Adding a VPN concentrator ........................................................................................ 198

VPN spoke general configuration steps...................................................................... 199

Monitoring and Troubleshooting VPNs ........................................................................... 201

Viewing VPN tunnel status.......................................................................................... 201

Viewing dialup VPN connection status ....................................................................... 201

Testing a VPN............................................................................................................. 202

PPTP and L2TP VPN .......................................................................................... 203

Configuring PPTP ........................................................................................................... 203

Configuring the FortiGate unit as a PPTP gateway .................................................... 203

Configuring a Windows 98 client for PPTP ................................................................. 206

Configuring a Windows 2000 client for PPTP ............................................................. 207

Configuring a Windows XP client for PPTP ................................................................ 207

Configuring L2TP............................................................................................................ 209

Configuring the FortiGate unit as an L2TP gateway ................................................... 209

Configuring a Windows 2000 client for L2TP.............................................................. 211

Configuring a Windows XP client for L2TP ................................................................. 213

Network Intrusion Detection System (NIDS) ................................................... 215

Detecting attacks ............................................................................................................ 215

Selecting the interfaces to monitor.............................................................................. 216

Disabling monitoring interfaces................................................................................... 216

Configuring checksum verification .............................................................................. 216

Viewing the signature list ............................................................................................ 217

Viewing attack descriptions......................................................................................... 217

Disabling NIDS attack signatures ............................................................................... 218

Adding user-defined signatures .................................................................................. 218

Preventing attacks .......................................................................................................... 220

Enabling NIDS attack prevention ................................................................................ 220

Enabling NIDS attack prevention signatures .............................................................. 220

Setting signature threshold values.............................................................................. 221

Contents

10 Fortinet Inc.

Logging attacks............................................................................................................... 222

Logging attack messages to the attack log................................................................. 222

Reducing the number of NIDS attack log and email messages.................................. 222

Antivirus protection........................................................................................... 225

General configuration steps............................................................................................ 225

Antivirus scanning........................................................................................................... 226

File blocking.................................................................................................................... 227

Blocking files in firewall traffic ..................................................................................... 227

Adding file patterns to block........................................................................................ 227

Blocking oversized files and emails ................................................................................ 228

Configuring limits for oversized files and email........................................................... 228

Exempting fragmented email from blocking.................................................................... 228

Viewing the virus list ....................................................................................................... 229

Web filtering ....................................................................................................... 231

General configuration steps............................................................................................ 231

Content blocking ............................................................................................................. 232

Adding words and phrases to the Banned Word list ................................................... 232

Clearing the Banned Word list .................................................................................... 233

Backing up the Banned Word list................................................................................ 233

Restoring the Banned Word list .................................................................................. 233

URL blocking................................................................................................................... 235

Configuring FortiGate Web URL blocking................................................................... 235

Configuring FortiGate Web pattern blocking............................................................... 237

Configuring Cerberian URL filtering ................................................................................ 238

Installing a Cerberian license key ............................................................................... 238

Adding a Cerberian user ............................................................................................. 238

Configuring Cerberian web filter ................................................................................. 239

Enabling Cerberian URL filtering ................................................................................ 239

Script filtering .................................................................................................................. 240

Enabling script filtering................................................................................................ 240

Selecting script filter options ....................................................................................... 240

Exempt URL list .............................................................................................................. 241

Adding URLs to the URL Exempt list .......................................................................... 241

Downloading the URL Exempt List ............................................................................. 242

Uploading a URL Exempt List..................................................................................... 242

Email filter........................................................................................................... 245

General configuration steps............................................................................................ 245

Email banned word list.................................................................................................... 246

Adding words and phrases to the email banned word list........................................... 246

Downloading the email banned word list .................................................................... 247

Uploading the email banned word list ......................................................................... 247

Contents

FortiGate-50A Installation and Configuration Guide 11

Email block list ................................................................................................................ 248

Adding address patterns to the email block list........................................................... 248

Downloading the email block list................................................................................. 248

Uploading an email block list ...................................................................................... 249

Email exempt list............................................................................................................. 249

Adding address patterns to the email exempt list ....................................................... 250

Adding a subject tag ....................................................................................................... 250

Logging and reporting....................................................................................... 251

Recording logs................................................................................................................ 251

Recording logs on a remote computer........................................................................ 251

Recording logs on a NetIQ WebTrends server ........................................................... 252

Log message levels .................................................................................................... 253

Filtering log messages .................................................................................................... 253

Configuring traffic logging ............................................................................................... 254

Enabling traffic logging................................................................................................ 255

Configuring traffic filter settings................................................................................... 255

Adding traffic filter entries ........................................................................................... 256

Configuring alert email .................................................................................................... 257

Adding alert email addresses...................................................................................... 257

Testing alert email....................................................................................................... 258

Enabling alert email .................................................................................................... 258

Glossary ............................................................................................................. 259

Index .................................................................................................................... 263

Contents

12 Fortinet Inc.

FortiGate-50A Installation and Configuration Guide Version 2.50

FortiGate-50A Installation and Configuration Guide 13

Introduction

The FortiGate-50A Antivirus Firewall is

an easy-to-deploy and easy-to-

administer solution that delivers

exceptional value and performance for

small office and home office (SOHO)

applications.

Your FortiGate-50A is a dedicated easily managed security device that delivers a full

suite of capabilities that include:

• application-level services such as virus protection and content filtering,

• network-level services such as firewall, intrusion detection, VPN, and traffic

shaping.

NAT/Route mode and Transparent mode

The FortiGate can operate in NAT/Route mode or Transparent mode.

NAT/Route mode

In NAT/Route mode, the FortiGate-50A is installed as a privacy barrier between the

internal network and the Internet. The firewall provides network address translation

(NAT) to protect the internal private network. You can control whether firewall policies

run in NAT mode or route mode. NAT mode policies route allowed connections

between firewall interfaces, performing network address translation to hide addresses

on the protected internal networks. Route mode policies route allowed connections

between firewall interfaces without performing network address translation.

Transparent mode

Transparent Mode provides firewall protection to a pre-existing network with public

addresses. The internal and external network interfaces of the FortiGate unit must be

in the same subnet and the FortiGate unit can be inserted into your network at any

point without the need to make any changes to your network.

INTERNAL EXTERNAL

LINK 100 LINK 100

PWR

STATUS

A

14 Fortinet Inc.

Document conventions Introduction

Document conventions

This guide uses the following conventions to describe CLI command syntax.

• angle brackets < > to indicate variable keywords

For example:

execute restore config <filename_str>

You enter restore config myfile.bak

<xxx_str> indicates an ASCII string variable keyword.

<xxx_integer> indicates an integer variable keyword.

<xxx_ip> indicates an IP address variable keyword.

• vertical bar and curly brackets {|} to separate alternative, mutually exclusive

required keywords

For example:

set system opmode {nat | transparent}

You can enter set system opmode nat or set system opmode

transparent

• square brackets [ ] to indicate that a keyword is optional

For example:

get firewall ipmacbinding [dhcpipmac]

You can enter get firewall ipmacbinding or

get firewall ipmacbinding dhcpipmac

Introduction Fortinet documentation

FortiGate-50A Installation and Configuration Guide 15

Fortinet documentation

Information about FortiGate products is available from the following FortiGate User

Manual volumes:

• Volume 1: FortiGate Installation and Configuration Guide

Describes installation and basic configuration for the FortiGate unit. Also describes

how to use FortiGate firewall policies to control traffic flow through the FortiGate

unit and how to use firewall policies to apply antivirus protection, web content

filtering, and email filtering to HTTP, FTP and email content passing through the

FortiGate unit.

• Volume 2: FortiGate VPN Guide

Contains in-depth information about FortiGate IPSec VPN using certificates, pre-

shared keys and manual keys for encryption. Also contains basic configuration

information for the Fortinet Remote VPN Client, detailed configuration information

for FortiGate PPTP and L2TP VPN, and VPN configuration examples.

• Volume 3: FortiGate Content Protection Guide

Describes how to configure antivirus protection, web content filtering, and email

filtering to protect content as it passes through the FortiGate unit.

• Volume 4: FortiGate NIDS Guide

Describes how to configure the FortiGate NIDS to detect and protect the FortiGate

unit from network-based attacks.

• Volume 5: FortiGate Logging and Message Reference Guide

Describes how to configure FortiGate logging and alert email. Also contains the

FortiGate log message reference.

• Volume 6: FortiGate CLI Reference Guide

Describes the FortiGate CLI and contains a reference to all FortiGate CLI

commands.

The FortiGate online help also contains procedures for using the FortiGate web-based

manager to configure and manage your FortiGate unit.

Comments on Fortinet technical documentation

You can send information about errors or omissions in this document or any Fortinet

technical documentation to [email protected]om.

16 Fortinet Inc.

Customer service and technical support Introduction

Customer service and technical support

For antivirus and attack definition updates, firmware updates, updated product

documentation, technical support information, and other resources, please visit the

Fortinet technical support web site at http://support.fortinet.com.

You can also register FortiGate Antivirus Firewalls from http://support.fortinet.com and

modify your registration information at any time.

Fortinet email support is available from the following addresses:

For information on Fortinet telephone support, see http://support.fortinet.com.

When requesting technical support, please provide the following information:

• Your name

• Company name

•Location

• Email address

• Telephone number

• FortiGate unit serial number

• FortiGate model

• FortiGate FortiOS firmware version

• Detailed description of the problem

amer_support@fortinet.com For customers in the United States, Canada, Mexico, Latin

America and South America.

apac_support@fortinet.com For customers in Japan, Korea, China, Hong Kong, Singapore,

Malaysia, all other Asian countries, and Australia.

eu_support@fortinet.com For customers in the United Kingdom, Scandinavia, Mainland

Europe, Africa, and the Middle East.

FortiGate-50A Installation and Configuration Guide Version 2.50

FortiGate-50A Installation and Configuration Guide 17

Getting started

This chapter describes unpacking, setting up, and powering on a FortiGate Antivirus

Firewall unit. When you have completed the procedures in this chapter, you can

proceed to one of the following:

• If you are going to operate the FortiGate unit in NAT/Route mode, go to

“NAT/Route mode installation” on page 33.

• If you are going to operate the FortiGate unit in Transparent mode, go to

“Transparent mode installation” on page 41.

This chapter describes:

• Package contents

• Mounting

• Powering on

• Connecting to the web-based manager

• Connecting to the command line interface (CLI)

• Factory default FortiGate configuration settings

• Planning the FortiGate configuration

• FortiGate model maximum values matrix

• Next steps

18 Fortinet Inc.

Package contents Getting started

Package contents

The FortiGate-50A package contains the following items:

• the FortiGate-50A Antivirus Firewall

• one orange cross-over ethernet cable

• one gray regular ethernet cable

• one null-modem cable

• FortiGate-50A QuickStart Guide

• A CD containing the FortiGate user documentation

• one AC adapter

Figure 1: FortiGate-50A package contents

Mounting

The FortiGate-50A unit can be installed on any stable surface. Make sure that the

appliance has at least 1.5 in. (3.75 cm) of clearance on each side to allow for

adequate air flow and cooling.

Dimensions

• 8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm)

Weight

• 1.5 lb. (0.68 kg)

Power requirements

• DC input voltage: 5 V

• DC input current: 3 A

PWR STATUS

INTERNAL EXTERNAL

LINK 100 LINK 100

PWR

STATUS

A

Power

LED

Status

LED

External

Interface

Internal

Interface

Null-Modem Cable

(RS-232)

Documentation

Ethernet Cables:

Orange - Crossover

Grey - Straight-through

USER MANUAL

FortiGate-50A

QuickStart Guide

Trademarks

Products mentioned in this document are trademarks.

Power Cable Power Supply

Internal

External

ConsoleDC+12V

USB

Back

Power

RS-232 Serial

Connection

USB

Internal

Front

InternalExternal

LINK 100 LINK 100

PWR STATUS

External

Getting started Powering on

FortiGate-50A Installation and Configuration Guide 19

Environmental specifications

• Operating temperature: 32 to 104°F (0 to 40°C)

• Storage temperature: -13 to 158°F (-25 to 70°C)

• Humidity: 5 to 95% non-condensing

Powering on

To power on the FortiGate-50A unit

1 Connect the AC adapter to the power connection at the back of the FortiGate-50 unit.

2 Connect the AC adapter to a power outlet.

The FortiGate-50A starts up. The Power and Status lights light. The Status light

flashes while the unit is starting up and turns off when the system is up and running.

Connecting to the web-based manager

Use the following procedure to connect to the web-based manager for the first time.

Configuration changes made with the web-based manager are effective immediately

without resetting the firewall or interrupting service.

To connect to the web-based manager, you need:

• a computer with an ethernet connection,

• Internet Explorer version 4.0 or higher,

• a crossover cable or an ethernet hub and two ethernet cables.

Table 1: FortiGate-50A LED indicators

Power Green The FortiGate unit is powered on.

Off The FortiGate unit is powered off.

Status Green The FortiGate unit is starting.

Off The FortiGate unit is operating normally.

Link

(Internal External)

Green The correct cable is in use and the connected

equipment has power.

Flashing Green Network activity at this interface.

Off No link established.

100

(Internal External)

Green The interface is connected at 100 Mbps.

Note: You can use the web-based manager with recent versions of most popular web browsers.

The web-based manager is fully supported for Internet Explorer version 4.0 or higher.

20 Fortinet Inc.

Connecting to the command line interface (CLI) Getting started

To connect to the web-based manager

1 Set the IP address of the computer with an ethernet connection to the static IP

address 192.168.1.2 and a netmask of 255.255.255.0.

You can also configure the management computer to obtain an IP address

automatically using DHCP. The FortiGate DHCP server assigns the management

computer an IP address in the range 192.168.1.1 to 192.168.1.254.

2 Using the crossover cable or the ethernet hub and cables, connect the internal

interface of the FortiGate unit to the computer ethernet connection.

3 Start Internet Explorer and browse to the address https://192.168.1.99.

The FortiGate login is displayed.

4 Type admin in the Name field and select Login.

The Register Now window is displayed. Use the information in this window to register

your FortiGate unit so that Fortinet can contact you for firmware updates. You must

also register to receive updates to the FortiGate virus and attack definitions.

Figure 2: FortiGate login

Connecting to the command line interface (CLI)

As an alternative to the web-based manager, you can install and configure the

FortiGate unit using the CLI. Configuration changes made with the CLI are effective

immediately without resetting the firewall or interrupting service.

To connect to the FortiGate CLI, you need:

• a computer with an available communications port,

• the null modem cable included in your FortiGate package,

• terminal emulation software such as HyperTerminal for Windows.

Page is loading ...

Fortinet 50A User manual

Fortinet 50A User manual

Related papers

Other documents