Fortinet 50A User manual

Category
Networking
Type
User manual
FortiGate 50A
Installation and
Configuration Guide
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
FortiGate User Manual Volume 1
Version 2.50
29 February 2004
© Copyright 2004 Fortinet Inc. All rights reserved.
No part of this publication including text, examples, diagrams or illustrations may be reproduced,
transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or
otherwise, for any purpose, without prior written permission of Fortinet Inc.
FortiGate-50A Installation and Configuration Guide
Version 2.50
29 February 2004
Trademarks
Products mentioned in this document are trademarks or registered trademarks of their respective
holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS
CAUTION: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE.
DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS.
For technical support, please visit http://www.fortinet.com.
Send information about errors or omissions in this document or any Fortinet technical documentation to
techdoc@fortinet.com.
Contents
FortiGate-50A Installation and Configuration Guide 3
Table of Contents
Introduction .......................................................................................................... 13
NAT/Route mode and Transparent mode......................................................................... 13
NAT/Route mode .......................................................................................................... 13
Transparent mode......................................................................................................... 13
Document conventions ..................................................................................................... 14
Fortinet documentation ..................................................................................................... 15
Comments on Fortinet technical documentation........................................................... 15
Customer service and technical support........................................................................... 16
Getting started ..................................................................................................... 17
Package contents ............................................................................................................. 18
Mounting ........................................................................................................................... 18
Powering on...................................................................................................................... 19
Connecting to the web-based manager............................................................................ 19
Connecting to the command line interface (CLI)............................................................... 20
Factory default FortiGate configuration settings ............................................................... 22
Factory default DHCP configuration ............................................................................. 22
Factory default NAT/Route mode network configuration .............................................. 23
Factory default Transparent mode network configuration............................................. 23
Factory default firewall configuration ............................................................................ 23
Factory default content profiles..................................................................................... 25
Planning the FortiGate configuration ................................................................................ 27
NAT/Route mode .......................................................................................................... 27
Transparent mode......................................................................................................... 28
Configuration options .................................................................................................... 28
FortiGate model maximum values matrix ......................................................................... 30
Next steps......................................................................................................................... 31
NAT/Route mode installation.............................................................................. 33
Installing the FortiGate unit using the default configuration.............................................. 33
Changing the default configuration ............................................................................... 34
Preparing to configure NAT/Route mode.......................................................................... 34
Advanced NAT/Route mode settings............................................................................ 35
Using the setup wizard...................................................................................................... 35
Starting the setup wizard .............................................................................................. 35
Reconnecting to the web-based manager .................................................................... 35
Using the command line interface..................................................................................... 36
Configuring the FortiGate unit to operate in NAT/Route mode ..................................... 36
Connecting the FortiGate unit to your networks................................................................ 37
Configuring your networks ................................................................................................ 38
Contents
4 Fortinet Inc.
Completing the configuration ............................................................................................ 38
Setting the date and time .............................................................................................. 38
Changing antivirus protection ....................................................................................... 38
Registering your FortiGate unit ..................................................................................... 39
Configuring virus and attack definition updates ............................................................ 39
Transparent mode installation............................................................................ 41
Preparing to configure Transparent mode ........................................................................ 41
Using the setup wizard...................................................................................................... 42
Changing to Transparent mode .................................................................................... 42
Starting the setup wizard .............................................................................................. 42
Reconnecting to the web-based manager .................................................................... 42
Using the command line interface..................................................................................... 42
Changing to Transparent mode .................................................................................... 43
Configuring the Transparent mode management IP address ....................................... 43
Configure the Transparent mode default gateway........................................................ 43
Connecting the FortiGate unit to your networks................................................................ 43
Completing the configuration ............................................................................................ 45
Setting the date and time .............................................................................................. 45
Enabling antivirus protection......................................................................................... 45
Registering your FortiGate............................................................................................ 45
Configuring virus and attack definition updates ............................................................ 45
Transparent mode configuration examples....................................................................... 46
Default routes and static routes .................................................................................... 46
Example default route to an external network............................................................... 47
Example static route to an external destination ............................................................ 48
Example static route to an internal destination ............................................................. 51
System status....................................................................................................... 53
Changing the FortiGate host name................................................................................... 54
Changing the FortiGate firmware...................................................................................... 54
Upgrading to a new firmware version ........................................................................... 55
Reverting to a previous firmware version...................................................................... 56
Installing firmware images from a system reboot using the CLI ................................... 59
Testing a new firmware image before installing it ......................................................... 61
Manual virus definition updates ........................................................................................ 63
Manual attack definition updates ...................................................................................... 63
Displaying the FortiGate serial number............................................................................. 64
Displaying the FortiGate up time....................................................................................... 64
Backing up system settings .............................................................................................. 64
Restoring system settings................................................................................................. 64
Restoring system settings to factory defaults ................................................................... 65
Changing to Transparent mode ........................................................................................ 65
Changing to NAT/Route mode.......................................................................................... 66
Restarting the FortiGate unit............................................................................................. 66
Contents
FortiGate-50A Installation and Configuration Guide 5
Shutting down the FortiGate unit ...................................................................................... 66
System status ................................................................................................................... 67
Viewing CPU and memory status ................................................................................. 67
Viewing sessions and network status ........................................................................... 68
Viewing virus and intrusions status............................................................................... 69
Session list........................................................................................................................ 70
Virus and attack definitions updates and registration ..................................... 73
Updating antivirus and attack definitions .......................................................................... 73
Connecting to the FortiResponse Distribution Network ................................................ 74
Manually initiating antivirus and attack definitions updates .......................................... 75
Configuring update logging ........................................................................................... 76
Scheduling updates .......................................................................................................... 76
Enabling scheduled updates......................................................................................... 76
Adding an override server............................................................................................. 77
Enabling scheduled updates through a proxy server.................................................... 78
Enabling push updates ..................................................................................................... 78
Enabling push updates ................................................................................................. 79
Push updates when FortiGate IP addresses change.................................................... 79
Enabling push updates through a NAT device.............................................................. 79
Registering FortiGate units ............................................................................................... 83
FortiCare Service Contracts.......................................................................................... 84
Registering the FortiGate unit ....................................................................................... 85
Updating registration information ...................................................................................... 86
Recovering a lost Fortinet support password................................................................ 86
Viewing the list of registered FortiGate units ................................................................ 87
Registering a new FortiGate unit .................................................................................. 88
Adding or changing a FortiCare Support Contract number........................................... 88
Changing your Fortinet support password .................................................................... 89
Changing your contact information or security question ............................................... 89
Downloading virus and attack definitions updates ........................................................ 90
Registering a FortiGate unit after an RMA........................................................................ 91
Contents
6 Fortinet Inc.
Network configuration......................................................................................... 93
Configuring interfaces ....................................................................................................... 93
Viewing the interface list ............................................................................................... 94
Changing the administrative status of an interface ....................................................... 94
Configuring an interface with a manual IP address ...................................................... 94
Configuring an interface for DHCP ............................................................................... 95
Configuring an interface for PPPoE .............................................................................. 96
Adding a secondary IP address to an interface ............................................................ 96
Adding a ping server to an interface ............................................................................. 97
Controlling administrative access to an interface.......................................................... 97
Changing the MTU size to improve network performance............................................ 98
Configuring traffic logging for connections to an interface ............................................ 98
Configuring the management interface in Transparent mode....................................... 99
Adding DNS server IP addresses ................................................................................... 100
Configuring routing.......................................................................................................... 100
Adding a default route................................................................................................. 100
Adding destination-based routes to the routing table.................................................. 101
Adding routes in Transparent mode............................................................................ 102
Configuring the routing table....................................................................................... 102
Policy routing .............................................................................................................. 103
Configuring DHCP services ............................................................................................ 104
Configuring a DHCP relay agent................................................................................. 104
Configuring a DHCP server ........................................................................................ 105
Configuring the modem interface.................................................................................... 107
Connecting a modem to the FortiGate unit ................................................................. 108
Configuring modem settings ....................................................................................... 108
Connecting to a dialup account................................................................................... 109
Disconnecting the modem .......................................................................................... 109
Viewing modem status................................................................................................ 110
Backup mode configuration ........................................................................................ 110
Standalone mode configuration .................................................................................. 110
Adding firewall policies for modem connections ......................................................... 111
RIP configuration ............................................................................................... 113
RIP settings..................................................................................................................... 113
Configuring RIP for FortiGate interfaces......................................................................... 115
Adding RIP filters ............................................................................................................ 117
Adding a RIP filter list.................................................................................................. 117
Assigning a RIP filter list to the neighbors filter........................................................... 118
Assigning a RIP filter list to the incoming filter ............................................................ 118
Assigning a RIP filter list to the outgoing filter............................................................. 119
System configuration ........................................................................................ 121
Setting system date and time.......................................................................................... 121
Contents
FortiGate-50A Installation and Configuration Guide 7
Changing system options................................................................................................ 122
Adding and editing administrator accounts..................................................................... 123
Adding new administrator accounts ............................................................................ 124
Editing administrator accounts.................................................................................... 124
Configuring SNMP .......................................................................................................... 125
Configuring the FortiGate unit for SNMP monitoring .................................................. 126
Configuring FortiGate SNMP support ......................................................................... 126
FortiGate MIBs............................................................................................................ 128
FortiGate traps ............................................................................................................ 129
Fortinet MIB fields ....................................................................................................... 130
Replacement messages ................................................................................................. 133
Customizing replacement messages .......................................................................... 133
Customizing alert emails............................................................................................. 134
Firewall configuration........................................................................................ 137
Default firewall configuration........................................................................................... 138
Addresses ................................................................................................................... 138
Services ...................................................................................................................... 139
Schedules ................................................................................................................... 139
Content profiles........................................................................................................... 139
Adding firewall policies.................................................................................................... 140
Firewall policy options................................................................................................. 140
Configuring policy lists .................................................................................................... 144
Policy matching in detail ............................................................................................. 145
Changing the order of policies in a policy list.............................................................. 145
Enabling and disabling policies................................................................................... 146
Addresses ....................................................................................................................... 146
Adding addresses ....................................................................................................... 147
Editing addresses ....................................................................................................... 148
Deleting addresses ..................................................................................................... 148
Organizing addresses into address groups ................................................................ 148
Services .......................................................................................................................... 149
Predefined services .................................................................................................... 149
Adding custom TCP and UDP services ...................................................................... 152
Adding custom ICMP services .................................................................................... 153
Adding custom IP services.......................................................................................... 153
Grouping services ....................................................................................................... 153
Schedules ....................................................................................................................... 154
Creating one-time schedules ...................................................................................... 155
Creating recurring schedules ...................................................................................... 155
Adding schedules to policies....................................................................................... 156
Contents
8 Fortinet Inc.
Virtual IPs........................................................................................................................ 157
Adding static NAT virtual IPs ...................................................................................... 158
Adding port forwarding virtual IPs ............................................................................... 159
Adding policies with virtual IPs.................................................................................... 161
IP pools........................................................................................................................... 161
Adding an IP pool........................................................................................................ 162
IP Pools for firewall policies that use fixed ports......................................................... 162
IP pools and dynamic NAT ......................................................................................... 162
IP/MAC binding ............................................................................................................... 163
Configuring IP/MAC binding for packets going through the firewall............................ 163
Configuring IP/MAC binding for packets going to the firewall ..................................... 164
Adding IP/MAC addresses.......................................................................................... 165
Viewing the dynamic IP/MAC list ................................................................................ 165
Enabling IP/MAC binding ............................................................................................ 165
Content profiles............................................................................................................... 166
Default content profiles ............................................................................................... 167
Adding content profiles ............................................................................................... 167
Adding content profiles to policies .............................................................................. 169
Users and authentication .................................................................................. 171
Setting authentication timeout......................................................................................... 172
Adding user names and configuring authentication ........................................................ 172
Adding user names and configuring authentication .................................................... 172
Deleting user names from the internal database ........................................................ 173
Configuring RADIUS support .......................................................................................... 174
Adding RADIUS servers ............................................................................................. 174
Deleting RADIUS servers ........................................................................................... 174
Configuring LDAP support .............................................................................................. 175
Adding LDAP servers.................................................................................................. 175
Deleting LDAP servers................................................................................................ 176
Configuring user groups.................................................................................................. 177
Adding user groups..................................................................................................... 177
Deleting user groups................................................................................................... 178
IPSec VPN........................................................................................................... 179
Key management............................................................................................................ 180
Manual Keys ............................................................................................................... 180
Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates ..... 180
Manual key IPSec VPNs................................................................................................. 181
General configuration steps for a manual key VPN .................................................... 181
Adding a manual key VPN tunnel ............................................................................... 181
Contents
FortiGate-50A Installation and Configuration Guide 9
AutoIKE IPSec VPNs...................................................................................................... 182
General configuration steps for an AutoIKE VPN ....................................................... 183
Adding a phase 1 configuration for an AutoIKE VPN.................................................. 183
Adding a phase 2 configuration for an AutoIKE VPN.................................................. 188
Managing digital certificates............................................................................................ 190
Obtaining a signed local certificate ............................................................................. 190
Obtaining CA certificates ............................................................................................ 192
Configuring encrypt policies............................................................................................ 193
Adding a source address ............................................................................................ 194
Adding a destination address...................................................................................... 194
Adding an encrypt policy............................................................................................. 195
IPSec VPN concentrators ............................................................................................... 196
VPN concentrator (hub) general configuration steps .................................................. 197
Adding a VPN concentrator ........................................................................................ 198
VPN spoke general configuration steps...................................................................... 199
Monitoring and Troubleshooting VPNs ........................................................................... 201
Viewing VPN tunnel status.......................................................................................... 201
Viewing dialup VPN connection status ....................................................................... 201
Testing a VPN............................................................................................................. 202
PPTP and L2TP VPN .......................................................................................... 203
Configuring PPTP ........................................................................................................... 203
Configuring the FortiGate unit as a PPTP gateway .................................................... 203
Configuring a Windows 98 client for PPTP ................................................................. 206
Configuring a Windows 2000 client for PPTP ............................................................. 207
Configuring a Windows XP client for PPTP ................................................................ 207
Configuring L2TP............................................................................................................ 209
Configuring the FortiGate unit as an L2TP gateway ................................................... 209
Configuring a Windows 2000 client for L2TP.............................................................. 211
Configuring a Windows XP client for L2TP ................................................................. 213
Network Intrusion Detection System (NIDS) ................................................... 215
Detecting attacks ............................................................................................................ 215
Selecting the interfaces to monitor.............................................................................. 216
Disabling monitoring interfaces................................................................................... 216
Configuring checksum verification .............................................................................. 216
Viewing the signature list ............................................................................................ 217
Viewing attack descriptions......................................................................................... 217
Disabling NIDS attack signatures ............................................................................... 218
Adding user-defined signatures .................................................................................. 218
Preventing attacks .......................................................................................................... 220
Enabling NIDS attack prevention ................................................................................ 220
Enabling NIDS attack prevention signatures .............................................................. 220
Setting signature threshold values.............................................................................. 221
Contents
10 Fortinet Inc.
Logging attacks............................................................................................................... 222
Logging attack messages to the attack log................................................................. 222
Reducing the number of NIDS attack log and email messages.................................. 222
Antivirus protection........................................................................................... 225
General configuration steps............................................................................................ 225
Antivirus scanning........................................................................................................... 226
File blocking.................................................................................................................... 227
Blocking files in firewall traffic ..................................................................................... 227
Adding file patterns to block........................................................................................ 227
Blocking oversized files and emails ................................................................................ 228
Configuring limits for oversized files and email........................................................... 228
Exempting fragmented email from blocking.................................................................... 228
Viewing the virus list ....................................................................................................... 229
Web filtering ....................................................................................................... 231
General configuration steps............................................................................................ 231
Content blocking ............................................................................................................. 232
Adding words and phrases to the Banned Word list ................................................... 232
Clearing the Banned Word list .................................................................................... 233
Backing up the Banned Word list................................................................................ 233
Restoring the Banned Word list .................................................................................. 233
URL blocking................................................................................................................... 235
Configuring FortiGate Web URL blocking................................................................... 235
Configuring FortiGate Web pattern blocking............................................................... 237
Configuring Cerberian URL filtering ................................................................................ 238
Installing a Cerberian license key ............................................................................... 238
Adding a Cerberian user ............................................................................................. 238
Configuring Cerberian web filter ................................................................................. 239
Enabling Cerberian URL filtering ................................................................................ 239
Script filtering .................................................................................................................. 240
Enabling script filtering................................................................................................ 240
Selecting script filter options ....................................................................................... 240
Exempt URL list .............................................................................................................. 241
Adding URLs to the URL Exempt list .......................................................................... 241
Downloading the URL Exempt List ............................................................................. 242
Uploading a URL Exempt List..................................................................................... 242
Email filter........................................................................................................... 245
General configuration steps............................................................................................ 245
Email banned word list.................................................................................................... 246
Adding words and phrases to the email banned word list........................................... 246
Downloading the email banned word list .................................................................... 247
Uploading the email banned word list ......................................................................... 247
Contents
FortiGate-50A Installation and Configuration Guide 11
Email block list ................................................................................................................ 248
Adding address patterns to the email block list........................................................... 248
Downloading the email block list................................................................................. 248
Uploading an email block list ...................................................................................... 249
Email exempt list............................................................................................................. 249
Adding address patterns to the email exempt list ....................................................... 250
Adding a subject tag ....................................................................................................... 250
Logging and reporting....................................................................................... 251
Recording logs................................................................................................................ 251
Recording logs on a remote computer........................................................................ 251
Recording logs on a NetIQ WebTrends server ........................................................... 252
Log message levels .................................................................................................... 253
Filtering log messages .................................................................................................... 253
Configuring traffic logging ............................................................................................... 254
Enabling traffic logging................................................................................................ 255
Configuring traffic filter settings................................................................................... 255
Adding traffic filter entries ........................................................................................... 256
Configuring alert email .................................................................................................... 257
Adding alert email addresses...................................................................................... 257
Testing alert email....................................................................................................... 258
Enabling alert email .................................................................................................... 258
Glossary ............................................................................................................. 259
Index .................................................................................................................... 263
Contents
12 Fortinet Inc.
FortiGate-50A Installation and Configuration Guide Version 2.50
FortiGate-50A Installation and Configuration Guide 13
Introduction
The FortiGate-50A Antivirus Firewall is
an easy-to-deploy and easy-to-
administer solution that delivers
exceptional value and performance for
small office and home office (SOHO)
applications.
Your FortiGate-50A is a dedicated easily managed security device that delivers a full
suite of capabilities that include:
application-level services such as virus protection and content filtering,
network-level services such as firewall, intrusion detection, VPN, and traffic
shaping.
NAT/Route mode and Transparent mode
The FortiGate can operate in NAT/Route mode or Transparent mode.
NAT/Route mode
In NAT/Route mode, the FortiGate-50A is installed as a privacy barrier between the
internal network and the Internet. The firewall provides network address translation
(NAT) to protect the internal private network. You can control whether firewall policies
run in NAT mode or route mode. NAT mode policies route allowed connections
between firewall interfaces, performing network address translation to hide addresses
on the protected internal networks. Route mode policies route allowed connections
between firewall interfaces without performing network address translation.
Transparent mode
Transparent Mode provides firewall protection to a pre-existing network with public
addresses. The internal and external network interfaces of the FortiGate unit must be
in the same subnet and the FortiGate unit can be inserted into your network at any
point without the need to make any changes to your network.
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
14 Fortinet Inc.
Document conventions Introduction
Document conventions
This guide uses the following conventions to describe CLI command syntax.
angle brackets < > to indicate variable keywords
For example:
execute restore config <filename_str>
You enter restore config myfile.bak
<xxx_str> indicates an ASCII string variable keyword.
<xxx_integer> indicates an integer variable keyword.
<xxx_ip> indicates an IP address variable keyword.
vertical bar and curly brackets {|} to separate alternative, mutually exclusive
required keywords
For example:
set system opmode {nat | transparent}
You can enter set system opmode nat or set system opmode
transparent
square brackets [ ] to indicate that a keyword is optional
For example:
get firewall ipmacbinding [dhcpipmac]
You can enter get firewall ipmacbinding or
get firewall ipmacbinding dhcpipmac
Introduction Fortinet documentation
FortiGate-50A Installation and Configuration Guide 15
Fortinet documentation
Information about FortiGate products is available from the following FortiGate User
Manual volumes:
Volume 1: FortiGate Installation and Configuration Guide
Describes installation and basic configuration for the FortiGate unit. Also describes
how to use FortiGate firewall policies to control traffic flow through the FortiGate
unit and how to use firewall policies to apply antivirus protection, web content
filtering, and email filtering to HTTP, FTP and email content passing through the
FortiGate unit.
Volume 2: FortiGate VPN Guide
Contains in-depth information about FortiGate IPSec VPN using certificates, pre-
shared keys and manual keys for encryption. Also contains basic configuration
information for the Fortinet Remote VPN Client, detailed configuration information
for FortiGate PPTP and L2TP VPN, and VPN configuration examples.
Volume 3: FortiGate Content Protection Guide
Describes how to configure antivirus protection, web content filtering, and email
filtering to protect content as it passes through the FortiGate unit.
Volume 4: FortiGate NIDS Guide
Describes how to configure the FortiGate NIDS to detect and protect the FortiGate
unit from network-based attacks.
Volume 5: FortiGate Logging and Message Reference Guide
Describes how to configure FortiGate logging and alert email. Also contains the
FortiGate log message reference.
Volume 6: FortiGate CLI Reference Guide
Describes the FortiGate CLI and contains a reference to all FortiGate CLI
commands.
The FortiGate online help also contains procedures for using the FortiGate web-based
manager to configure and manage your FortiGate unit.
Comments on Fortinet technical documentation
You can send information about errors or omissions in this document or any Fortinet
technical documentation to [email protected]om.
16 Fortinet Inc.
Customer service and technical support Introduction
Customer service and technical support
For antivirus and attack definition updates, firmware updates, updated product
documentation, technical support information, and other resources, please visit the
Fortinet technical support web site at http://support.fortinet.com.
You can also register FortiGate Antivirus Firewalls from http://support.fortinet.com and
modify your registration information at any time.
Fortinet email support is available from the following addresses:
For information on Fortinet telephone support, see http://support.fortinet.com.
When requesting technical support, please provide the following information:
Your name
Company name
•Location
Email address
Telephone number
FortiGate unit serial number
FortiGate model
FortiGate FortiOS firmware version
Detailed description of the problem
amer_support@fortinet.com For customers in the United States, Canada, Mexico, Latin
America and South America.
apac_support@fortinet.com For customers in Japan, Korea, China, Hong Kong, Singapore,
Malaysia, all other Asian countries, and Australia.
eu_support@fortinet.com For customers in the United Kingdom, Scandinavia, Mainland
Europe, Africa, and the Middle East.
FortiGate-50A Installation and Configuration Guide Version 2.50
FortiGate-50A Installation and Configuration Guide 17
Getting started
This chapter describes unpacking, setting up, and powering on a FortiGate Antivirus
Firewall unit. When you have completed the procedures in this chapter, you can
proceed to one of the following:
If you are going to operate the FortiGate unit in NAT/Route mode, go to
“NAT/Route mode installation” on page 33.
If you are going to operate the FortiGate unit in Transparent mode, go to
“Transparent mode installation” on page 41.
This chapter describes:
Package contents
Mounting
Powering on
Connecting to the web-based manager
Connecting to the command line interface (CLI)
Factory default FortiGate configuration settings
Planning the FortiGate configuration
FortiGate model maximum values matrix
Next steps
18 Fortinet Inc.
Package contents Getting started
Package contents
The FortiGate-50A package contains the following items:
the FortiGate-50A Antivirus Firewall
one orange cross-over ethernet cable
one gray regular ethernet cable
one null-modem cable
FortiGate-50A QuickStart Guide
A CD containing the FortiGate user documentation
one AC adapter
Figure 1: FortiGate-50A package contents
Mounting
The FortiGate-50A unit can be installed on any stable surface. Make sure that the
appliance has at least 1.5 in. (3.75 cm) of clearance on each side to allow for
adequate air flow and cooling.
Dimensions
8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm)
Weight
1.5 lb. (0.68 kg)
Power requirements
DC input voltage: 5 V
DC input current: 3 A
PWR STATUS
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
Power
LED
Status
LED
External
Interface
Internal
Interface
Null-Modem Cable
(RS-232)
Documentation
Ethernet Cables:
Orange - Crossover
Grey - Straight-through
USER MANUAL
FortiGate-50A
QuickStart Guide
Copyright 2004 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.
Power Cable Power Supply
Internal
External
ConsoleDC+12V
USB
Back
Power
RS-232 Serial
Connection
USB
Internal
Front
InternalExternal
LINK 100 LINK 100
PWR STATUS
External
Getting started Powering on
FortiGate-50A Installation and Configuration Guide 19
Environmental specifications
Operating temperature: 32 to 104°F (0 to 40°C)
Storage temperature: -13 to 158°F (-25 to 70°C)
Humidity: 5 to 95% non-condensing
Powering on
To power on the FortiGate-50A unit
1 Connect the AC adapter to the power connection at the back of the FortiGate-50 unit.
2 Connect the AC adapter to a power outlet.
The FortiGate-50A starts up. The Power and Status lights light. The Status light
flashes while the unit is starting up and turns off when the system is up and running.
Connecting to the web-based manager
Use the following procedure to connect to the web-based manager for the first time.
Configuration changes made with the web-based manager are effective immediately
without resetting the firewall or interrupting service.
To connect to the web-based manager, you need:
a computer with an ethernet connection,
Internet Explorer version 4.0 or higher,
a crossover cable or an ethernet hub and two ethernet cables.
Table 1: FortiGate-50A LED indicators
Power Green The FortiGate unit is powered on.
Off The FortiGate unit is powered off.
Status Green The FortiGate unit is starting.
Off The FortiGate unit is operating normally.
Link
(Internal External)
Green The correct cable is in use and the connected
equipment has power.
Flashing Green Network activity at this interface.
Off No link established.
100
(Internal External)
Green The interface is connected at 100 Mbps.
Note: You can use the web-based manager with recent versions of most popular web browsers.
The web-based manager is fully supported for Internet Explorer version 4.0 or higher.
20 Fortinet Inc.
Connecting to the command line interface (CLI) Getting started
To connect to the web-based manager
1 Set the IP address of the computer with an ethernet connection to the static IP
address 192.168.1.2 and a netmask of 255.255.255.0.
You can also configure the management computer to obtain an IP address
automatically using DHCP. The FortiGate DHCP server assigns the management
computer an IP address in the range 192.168.1.1 to 192.168.1.254.
2 Using the crossover cable or the ethernet hub and cables, connect the internal
interface of the FortiGate unit to the computer ethernet connection.
3 Start Internet Explorer and browse to the address https://192.168.1.99.
The FortiGate login is displayed.
4 Type admin in the Name field and select Login.
The Register Now window is displayed. Use the information in this window to register
your FortiGate unit so that Fortinet can contact you for firmware updates. You must
also register to receive updates to the FortiGate virus and attack definitions.
Figure 2: FortiGate login
Connecting to the command line interface (CLI)
As an alternative to the web-based manager, you can install and configure the
FortiGate unit using the CLI. Configuration changes made with the CLI are effective
immediately without resetting the firewall or interrupting service.
To connect to the FortiGate CLI, you need:
a computer with an available communications port,
the null modem cable included in your FortiGate package,
terminal emulation software such as HyperTerminal for Windows.
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82
  • Page 83 83
  • Page 84 84
  • Page 85 85
  • Page 86 86
  • Page 87 87
  • Page 88 88
  • Page 89 89
  • Page 90 90
  • Page 91 91
  • Page 92 92
  • Page 93 93
  • Page 94 94
  • Page 95 95
  • Page 96 96
  • Page 97 97
  • Page 98 98
  • Page 99 99
  • Page 100 100
  • Page 101 101
  • Page 102 102
  • Page 103 103
  • Page 104 104
  • Page 105 105
  • Page 106 106
  • Page 107 107
  • Page 108 108
  • Page 109 109
  • Page 110 110
  • Page 111 111
  • Page 112 112
  • Page 113 113
  • Page 114 114
  • Page 115 115
  • Page 116 116
  • Page 117 117
  • Page 118 118
  • Page 119 119
  • Page 120 120
  • Page 121 121
  • Page 122 122
  • Page 123 123
  • Page 124 124
  • Page 125 125
  • Page 126 126
  • Page 127 127
  • Page 128 128
  • Page 129 129
  • Page 130 130
  • Page 131 131
  • Page 132 132
  • Page 133 133
  • Page 134 134
  • Page 135 135
  • Page 136 136
  • Page 137 137
  • Page 138 138
  • Page 139 139
  • Page 140 140
  • Page 141 141
  • Page 142 142
  • Page 143 143
  • Page 144 144
  • Page 145 145
  • Page 146 146
  • Page 147 147
  • Page 148 148
  • Page 149 149
  • Page 150 150
  • Page 151 151
  • Page 152 152
  • Page 153 153
  • Page 154 154
  • Page 155 155
  • Page 156 156
  • Page 157 157
  • Page 158 158
  • Page 159 159
  • Page 160 160
  • Page 161 161
  • Page 162 162
  • Page 163 163
  • Page 164 164
  • Page 165 165
  • Page 166 166
  • Page 167 167
  • Page 168 168
  • Page 169 169
  • Page 170 170
  • Page 171 171
  • Page 172 172
  • Page 173 173
  • Page 174 174
  • Page 175 175
  • Page 176 176
  • Page 177 177
  • Page 178 178
  • Page 179 179
  • Page 180 180
  • Page 181 181
  • Page 182 182
  • Page 183 183
  • Page 184 184
  • Page 185 185
  • Page 186 186
  • Page 187 187
  • Page 188 188
  • Page 189 189
  • Page 190 190
  • Page 191 191
  • Page 192 192
  • Page 193 193
  • Page 194 194
  • Page 195 195
  • Page 196 196
  • Page 197 197
  • Page 198 198
  • Page 199 199
  • Page 200 200
  • Page 201 201
  • Page 202 202
  • Page 203 203
  • Page 204 204
  • Page 205 205
  • Page 206 206
  • Page 207 207
  • Page 208 208
  • Page 209 209
  • Page 210 210
  • Page 211 211
  • Page 212 212
  • Page 213 213
  • Page 214 214
  • Page 215 215
  • Page 216 216
  • Page 217 217
  • Page 218 218
  • Page 219 219
  • Page 220 220
  • Page 221 221
  • Page 222 222
  • Page 223 223
  • Page 224 224
  • Page 225 225
  • Page 226 226
  • Page 227 227
  • Page 228 228
  • Page 229 229
  • Page 230 230
  • Page 231 231
  • Page 232 232
  • Page 233 233
  • Page 234 234
  • Page 235 235
  • Page 236 236
  • Page 237 237
  • Page 238 238
  • Page 239 239
  • Page 240 240
  • Page 241 241
  • Page 242 242
  • Page 243 243
  • Page 244 244
  • Page 245 245
  • Page 246 246
  • Page 247 247
  • Page 248 248
  • Page 249 249
  • Page 250 250
  • Page 251 251
  • Page 252 252
  • Page 253 253
  • Page 254 254
  • Page 255 255
  • Page 256 256
  • Page 257 257
  • Page 258 258
  • Page 259 259
  • Page 260 260
  • Page 261 261
  • Page 262 262
  • Page 263 263
  • Page 264 264
  • Page 265 265
  • Page 266 266
  • Page 267 267
  • Page 268 268
  • Page 269 269
  • Page 270 270
  • Page 271 271
  • Page 272 272

Fortinet 50A User manual

Category
Networking
Type
User manual

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI