Fortinet 50A User manual

  • Hello! I am an AI chatbot trained to assist you with the Fortinet 50A User manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
FortiGate 50A
Installation and
Configuration Guide
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
FortiGate User Manual Volume 1
Version 2.50
29 February 2004
© Copyright 2004 Fortinet Inc. All rights reserved.
No part of this publication including text, examples, diagrams or illustrations may be reproduced,
transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or
otherwise, for any purpose, without prior written permission of Fortinet Inc.
FortiGate-50A Installation and Configuration Guide
Version 2.50
29 February 2004
Trademarks
Products mentioned in this document are trademarks or registered trademarks of their respective
holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS
CAUTION: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE.
DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS.
For technical support, please visit http://www.fortinet.com.
Send information about errors or omissions in this document or any Fortinet technical documentation to
techdoc@fortinet.com.
Contents
FortiGate-50A Installation and Configuration Guide 3
Table of Contents
Introduction .......................................................................................................... 13
NAT/Route mode and Transparent mode......................................................................... 13
NAT/Route mode .......................................................................................................... 13
Transparent mode......................................................................................................... 13
Document conventions ..................................................................................................... 14
Fortinet documentation ..................................................................................................... 15
Comments on Fortinet technical documentation........................................................... 15
Customer service and technical support........................................................................... 16
Getting started ..................................................................................................... 17
Package contents ............................................................................................................. 18
Mounting ........................................................................................................................... 18
Powering on...................................................................................................................... 19
Connecting to the web-based manager............................................................................ 19
Connecting to the command line interface (CLI)............................................................... 20
Factory default FortiGate configuration settings ............................................................... 22
Factory default DHCP configuration ............................................................................. 22
Factory default NAT/Route mode network configuration .............................................. 23
Factory default Transparent mode network configuration............................................. 23
Factory default firewall configuration ............................................................................ 23
Factory default content profiles..................................................................................... 25
Planning the FortiGate configuration ................................................................................ 27
NAT/Route mode .......................................................................................................... 27
Transparent mode......................................................................................................... 28
Configuration options .................................................................................................... 28
FortiGate model maximum values matrix ......................................................................... 30
Next steps......................................................................................................................... 31
NAT/Route mode installation.............................................................................. 33
Installing the FortiGate unit using the default configuration.............................................. 33
Changing the default configuration ............................................................................... 34
Preparing to configure NAT/Route mode.......................................................................... 34
Advanced NAT/Route mode settings............................................................................ 35
Using the setup wizard...................................................................................................... 35
Starting the setup wizard .............................................................................................. 35
Reconnecting to the web-based manager .................................................................... 35
Using the command line interface..................................................................................... 36
Configuring the FortiGate unit to operate in NAT/Route mode ..................................... 36
Connecting the FortiGate unit to your networks................................................................ 37
Configuring your networks ................................................................................................ 38
Contents
4 Fortinet Inc.
Completing the configuration ............................................................................................ 38
Setting the date and time .............................................................................................. 38
Changing antivirus protection ....................................................................................... 38
Registering your FortiGate unit ..................................................................................... 39
Configuring virus and attack definition updates ............................................................ 39
Transparent mode installation............................................................................ 41
Preparing to configure Transparent mode ........................................................................ 41
Using the setup wizard...................................................................................................... 42
Changing to Transparent mode .................................................................................... 42
Starting the setup wizard .............................................................................................. 42
Reconnecting to the web-based manager .................................................................... 42
Using the command line interface..................................................................................... 42
Changing to Transparent mode .................................................................................... 43
Configuring the Transparent mode management IP address ....................................... 43
Configure the Transparent mode default gateway........................................................ 43
Connecting the FortiGate unit to your networks................................................................ 43
Completing the configuration ............................................................................................ 45
Setting the date and time .............................................................................................. 45
Enabling antivirus protection......................................................................................... 45
Registering your FortiGate............................................................................................ 45
Configuring virus and attack definition updates ............................................................ 45
Transparent mode configuration examples....................................................................... 46
Default routes and static routes .................................................................................... 46
Example default route to an external network............................................................... 47
Example static route to an external destination ............................................................ 48
Example static route to an internal destination ............................................................. 51
System status....................................................................................................... 53
Changing the FortiGate host name................................................................................... 54
Changing the FortiGate firmware...................................................................................... 54
Upgrading to a new firmware version ........................................................................... 55
Reverting to a previous firmware version...................................................................... 56
Installing firmware images from a system reboot using the CLI ................................... 59
Testing a new firmware image before installing it ......................................................... 61
Manual virus definition updates ........................................................................................ 63
Manual attack definition updates ...................................................................................... 63
Displaying the FortiGate serial number............................................................................. 64
Displaying the FortiGate up time....................................................................................... 64
Backing up system settings .............................................................................................. 64
Restoring system settings................................................................................................. 64
Restoring system settings to factory defaults ................................................................... 65
Changing to Transparent mode ........................................................................................ 65
Changing to NAT/Route mode.......................................................................................... 66
Restarting the FortiGate unit............................................................................................. 66
Contents
FortiGate-50A Installation and Configuration Guide 5
Shutting down the FortiGate unit ...................................................................................... 66
System status ................................................................................................................... 67
Viewing CPU and memory status ................................................................................. 67
Viewing sessions and network status ........................................................................... 68
Viewing virus and intrusions status............................................................................... 69
Session list........................................................................................................................ 70
Virus and attack definitions updates and registration ..................................... 73
Updating antivirus and attack definitions .......................................................................... 73
Connecting to the FortiResponse Distribution Network ................................................ 74
Manually initiating antivirus and attack definitions updates .......................................... 75
Configuring update logging ........................................................................................... 76
Scheduling updates .......................................................................................................... 76
Enabling scheduled updates......................................................................................... 76
Adding an override server............................................................................................. 77
Enabling scheduled updates through a proxy server.................................................... 78
Enabling push updates ..................................................................................................... 78
Enabling push updates ................................................................................................. 79
Push updates when FortiGate IP addresses change.................................................... 79
Enabling push updates through a NAT device.............................................................. 79
Registering FortiGate units ............................................................................................... 83
FortiCare Service Contracts.......................................................................................... 84
Registering the FortiGate unit ....................................................................................... 85
Updating registration information ...................................................................................... 86
Recovering a lost Fortinet support password................................................................ 86
Viewing the list of registered FortiGate units ................................................................ 87
Registering a new FortiGate unit .................................................................................. 88
Adding or changing a FortiCare Support Contract number........................................... 88
Changing your Fortinet support password .................................................................... 89
Changing your contact information or security question ............................................... 89
Downloading virus and attack definitions updates ........................................................ 90
Registering a FortiGate unit after an RMA........................................................................ 91
Contents
6 Fortinet Inc.
Network configuration......................................................................................... 93
Configuring interfaces ....................................................................................................... 93
Viewing the interface list ............................................................................................... 94
Changing the administrative status of an interface ....................................................... 94
Configuring an interface with a manual IP address ...................................................... 94
Configuring an interface for DHCP ............................................................................... 95
Configuring an interface for PPPoE .............................................................................. 96
Adding a secondary IP address to an interface ............................................................ 96
Adding a ping server to an interface ............................................................................. 97
Controlling administrative access to an interface.......................................................... 97
Changing the MTU size to improve network performance............................................ 98
Configuring traffic logging for connections to an interface ............................................ 98
Configuring the management interface in Transparent mode....................................... 99
Adding DNS server IP addresses ................................................................................... 100
Configuring routing.......................................................................................................... 100
Adding a default route................................................................................................. 100
Adding destination-based routes to the routing table.................................................. 101
Adding routes in Transparent mode............................................................................ 102
Configuring the routing table....................................................................................... 102
Policy routing .............................................................................................................. 103
Configuring DHCP services ............................................................................................ 104
Configuring a DHCP relay agent................................................................................. 104
Configuring a DHCP server ........................................................................................ 105
Configuring the modem interface.................................................................................... 107
Connecting a modem to the FortiGate unit ................................................................. 108
Configuring modem settings ....................................................................................... 108
Connecting to a dialup account................................................................................... 109
Disconnecting the modem .......................................................................................... 109
Viewing modem status................................................................................................ 110
Backup mode configuration ........................................................................................ 110
Standalone mode configuration .................................................................................. 110
Adding firewall policies for modem connections ......................................................... 111
RIP configuration ............................................................................................... 113
RIP settings..................................................................................................................... 113
Configuring RIP for FortiGate interfaces......................................................................... 115
Adding RIP filters ............................................................................................................ 117
Adding a RIP filter list.................................................................................................. 117
Assigning a RIP filter list to the neighbors filter........................................................... 118
Assigning a RIP filter list to the incoming filter ............................................................ 118
Assigning a RIP filter list to the outgoing filter............................................................. 119
System configuration ........................................................................................ 121
Setting system date and time.......................................................................................... 121
Contents
FortiGate-50A Installation and Configuration Guide 7
Changing system options................................................................................................ 122
Adding and editing administrator accounts..................................................................... 123
Adding new administrator accounts ............................................................................ 124
Editing administrator accounts.................................................................................... 124
Configuring SNMP .......................................................................................................... 125
Configuring the FortiGate unit for SNMP monitoring .................................................. 126
Configuring FortiGate SNMP support ......................................................................... 126
FortiGate MIBs............................................................................................................ 128
FortiGate traps ............................................................................................................ 129
Fortinet MIB fields ....................................................................................................... 130
Replacement messages ................................................................................................. 133
Customizing replacement messages .......................................................................... 133
Customizing alert emails............................................................................................. 134
Firewall configuration........................................................................................ 137
Default firewall configuration........................................................................................... 138
Addresses ................................................................................................................... 138
Services ...................................................................................................................... 139
Schedules ................................................................................................................... 139
Content profiles........................................................................................................... 139
Adding firewall policies.................................................................................................... 140
Firewall policy options................................................................................................. 140
Configuring policy lists .................................................................................................... 144
Policy matching in detail ............................................................................................. 145
Changing the order of policies in a policy list.............................................................. 145
Enabling and disabling policies................................................................................... 146
Addresses ....................................................................................................................... 146
Adding addresses ....................................................................................................... 147
Editing addresses ....................................................................................................... 148
Deleting addresses ..................................................................................................... 148
Organizing addresses into address groups ................................................................ 148
Services .......................................................................................................................... 149
Predefined services .................................................................................................... 149
Adding custom TCP and UDP services ...................................................................... 152
Adding custom ICMP services .................................................................................... 153
Adding custom IP services.......................................................................................... 153
Grouping services ....................................................................................................... 153
Schedules ....................................................................................................................... 154
Creating one-time schedules ...................................................................................... 155
Creating recurring schedules ...................................................................................... 155
Adding schedules to policies....................................................................................... 156
Contents
8 Fortinet Inc.
Virtual IPs........................................................................................................................ 157
Adding static NAT virtual IPs ...................................................................................... 158
Adding port forwarding virtual IPs ............................................................................... 159
Adding policies with virtual IPs.................................................................................... 161
IP pools........................................................................................................................... 161
Adding an IP pool........................................................................................................ 162
IP Pools for firewall policies that use fixed ports......................................................... 162
IP pools and dynamic NAT ......................................................................................... 162
IP/MAC binding ............................................................................................................... 163
Configuring IP/MAC binding for packets going through the firewall............................ 163
Configuring IP/MAC binding for packets going to the firewall ..................................... 164
Adding IP/MAC addresses.......................................................................................... 165
Viewing the dynamic IP/MAC list ................................................................................ 165
Enabling IP/MAC binding ............................................................................................ 165
Content profiles............................................................................................................... 166
Default content profiles ............................................................................................... 167
Adding content profiles ............................................................................................... 167
Adding content profiles to policies .............................................................................. 169
Users and authentication .................................................................................. 171
Setting authentication timeout......................................................................................... 172
Adding user names and configuring authentication ........................................................ 172
Adding user names and configuring authentication .................................................... 172
Deleting user names from the internal database ........................................................ 173
Configuring RADIUS support .......................................................................................... 174
Adding RADIUS servers ............................................................................................. 174
Deleting RADIUS servers ........................................................................................... 174
Configuring LDAP support .............................................................................................. 175
Adding LDAP servers.................................................................................................. 175
Deleting LDAP servers................................................................................................ 176
Configuring user groups.................................................................................................. 177
Adding user groups..................................................................................................... 177
Deleting user groups................................................................................................... 178
IPSec VPN........................................................................................................... 179
Key management............................................................................................................ 180
Manual Keys ............................................................................................................... 180
Automatic Internet Key Exchange (AutoIKE) with pre-shared keys or certificates ..... 180
Manual key IPSec VPNs................................................................................................. 181
General configuration steps for a manual key VPN .................................................... 181
Adding a manual key VPN tunnel ............................................................................... 181
Contents
FortiGate-50A Installation and Configuration Guide 9
AutoIKE IPSec VPNs...................................................................................................... 182
General configuration steps for an AutoIKE VPN ....................................................... 183
Adding a phase 1 configuration for an AutoIKE VPN.................................................. 183
Adding a phase 2 configuration for an AutoIKE VPN.................................................. 188
Managing digital certificates............................................................................................ 190
Obtaining a signed local certificate ............................................................................. 190
Obtaining CA certificates ............................................................................................ 192
Configuring encrypt policies............................................................................................ 193
Adding a source address ............................................................................................ 194
Adding a destination address...................................................................................... 194
Adding an encrypt policy............................................................................................. 195
IPSec VPN concentrators ............................................................................................... 196
VPN concentrator (hub) general configuration steps .................................................. 197
Adding a VPN concentrator ........................................................................................ 198
VPN spoke general configuration steps...................................................................... 199
Monitoring and Troubleshooting VPNs ........................................................................... 201
Viewing VPN tunnel status.......................................................................................... 201
Viewing dialup VPN connection status ....................................................................... 201
Testing a VPN............................................................................................................. 202
PPTP and L2TP VPN .......................................................................................... 203
Configuring PPTP ........................................................................................................... 203
Configuring the FortiGate unit as a PPTP gateway .................................................... 203
Configuring a Windows 98 client for PPTP ................................................................. 206
Configuring a Windows 2000 client for PPTP ............................................................. 207
Configuring a Windows XP client for PPTP ................................................................ 207
Configuring L2TP............................................................................................................ 209
Configuring the FortiGate unit as an L2TP gateway ................................................... 209
Configuring a Windows 2000 client for L2TP.............................................................. 211
Configuring a Windows XP client for L2TP ................................................................. 213
Network Intrusion Detection System (NIDS) ................................................... 215
Detecting attacks ............................................................................................................ 215
Selecting the interfaces to monitor.............................................................................. 216
Disabling monitoring interfaces................................................................................... 216
Configuring checksum verification .............................................................................. 216
Viewing the signature list ............................................................................................ 217
Viewing attack descriptions......................................................................................... 217
Disabling NIDS attack signatures ............................................................................... 218
Adding user-defined signatures .................................................................................. 218
Preventing attacks .......................................................................................................... 220
Enabling NIDS attack prevention ................................................................................ 220
Enabling NIDS attack prevention signatures .............................................................. 220
Setting signature threshold values.............................................................................. 221
Contents
10 Fortinet Inc.
Logging attacks............................................................................................................... 222
Logging attack messages to the attack log................................................................. 222
Reducing the number of NIDS attack log and email messages.................................. 222
Antivirus protection........................................................................................... 225
General configuration steps............................................................................................ 225
Antivirus scanning........................................................................................................... 226
File blocking.................................................................................................................... 227
Blocking files in firewall traffic ..................................................................................... 227
Adding file patterns to block........................................................................................ 227
Blocking oversized files and emails ................................................................................ 228
Configuring limits for oversized files and email........................................................... 228
Exempting fragmented email from blocking.................................................................... 228
Viewing the virus list ....................................................................................................... 229
Web filtering ....................................................................................................... 231
General configuration steps............................................................................................ 231
Content blocking ............................................................................................................. 232
Adding words and phrases to the Banned Word list ................................................... 232
Clearing the Banned Word list .................................................................................... 233
Backing up the Banned Word list................................................................................ 233
Restoring the Banned Word list .................................................................................. 233
URL blocking................................................................................................................... 235
Configuring FortiGate Web URL blocking................................................................... 235
Configuring FortiGate Web pattern blocking............................................................... 237
Configuring Cerberian URL filtering ................................................................................ 238
Installing a Cerberian license key ............................................................................... 238
Adding a Cerberian user ............................................................................................. 238
Configuring Cerberian web filter ................................................................................. 239
Enabling Cerberian URL filtering ................................................................................ 239
Script filtering .................................................................................................................. 240
Enabling script filtering................................................................................................ 240
Selecting script filter options ....................................................................................... 240
Exempt URL list .............................................................................................................. 241
Adding URLs to the URL Exempt list .......................................................................... 241
Downloading the URL Exempt List ............................................................................. 242
Uploading a URL Exempt List..................................................................................... 242
Email filter........................................................................................................... 245
General configuration steps............................................................................................ 245
Email banned word list.................................................................................................... 246
Adding words and phrases to the email banned word list........................................... 246
Downloading the email banned word list .................................................................... 247
Uploading the email banned word list ......................................................................... 247
Contents
FortiGate-50A Installation and Configuration Guide 11
Email block list ................................................................................................................ 248
Adding address patterns to the email block list........................................................... 248
Downloading the email block list................................................................................. 248
Uploading an email block list ...................................................................................... 249
Email exempt list............................................................................................................. 249
Adding address patterns to the email exempt list ....................................................... 250
Adding a subject tag ....................................................................................................... 250
Logging and reporting....................................................................................... 251
Recording logs................................................................................................................ 251
Recording logs on a remote computer........................................................................ 251
Recording logs on a NetIQ WebTrends server ........................................................... 252
Log message levels .................................................................................................... 253
Filtering log messages .................................................................................................... 253
Configuring traffic logging ............................................................................................... 254
Enabling traffic logging................................................................................................ 255
Configuring traffic filter settings................................................................................... 255
Adding traffic filter entries ........................................................................................... 256
Configuring alert email .................................................................................................... 257
Adding alert email addresses...................................................................................... 257
Testing alert email....................................................................................................... 258
Enabling alert email .................................................................................................... 258
Glossary ............................................................................................................. 259
Index .................................................................................................................... 263
Contents
12 Fortinet Inc.
FortiGate-50A Installation and Configuration Guide Version 2.50
FortiGate-50A Installation and Configuration Guide 13
Introduction
The FortiGate-50A Antivirus Firewall is
an easy-to-deploy and easy-to-
administer solution that delivers
exceptional value and performance for
small office and home office (SOHO)
applications.
Your FortiGate-50A is a dedicated easily managed security device that delivers a full
suite of capabilities that include:
application-level services such as virus protection and content filtering,
network-level services such as firewall, intrusion detection, VPN, and traffic
shaping.
NAT/Route mode and Transparent mode
The FortiGate can operate in NAT/Route mode or Transparent mode.
NAT/Route mode
In NAT/Route mode, the FortiGate-50A is installed as a privacy barrier between the
internal network and the Internet. The firewall provides network address translation
(NAT) to protect the internal private network. You can control whether firewall policies
run in NAT mode or route mode. NAT mode policies route allowed connections
between firewall interfaces, performing network address translation to hide addresses
on the protected internal networks. Route mode policies route allowed connections
between firewall interfaces without performing network address translation.
Transparent mode
Transparent Mode provides firewall protection to a pre-existing network with public
addresses. The internal and external network interfaces of the FortiGate unit must be
in the same subnet and the FortiGate unit can be inserted into your network at any
point without the need to make any changes to your network.
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
14 Fortinet Inc.
Document conventions Introduction
Document conventions
This guide uses the following conventions to describe CLI command syntax.
angle brackets < > to indicate variable keywords
For example:
execute restore config <filename_str>
You enter restore config myfile.bak
<xxx_str> indicates an ASCII string variable keyword.
<xxx_integer> indicates an integer variable keyword.
<xxx_ip> indicates an IP address variable keyword.
vertical bar and curly brackets {|} to separate alternative, mutually exclusive
required keywords
For example:
set system opmode {nat | transparent}
You can enter set system opmode nat or set system opmode
transparent
square brackets [ ] to indicate that a keyword is optional
For example:
get firewall ipmacbinding [dhcpipmac]
You can enter get firewall ipmacbinding or
get firewall ipmacbinding dhcpipmac
Introduction Fortinet documentation
FortiGate-50A Installation and Configuration Guide 15
Fortinet documentation
Information about FortiGate products is available from the following FortiGate User
Manual volumes:
Volume 1: FortiGate Installation and Configuration Guide
Describes installation and basic configuration for the FortiGate unit. Also describes
how to use FortiGate firewall policies to control traffic flow through the FortiGate
unit and how to use firewall policies to apply antivirus protection, web content
filtering, and email filtering to HTTP, FTP and email content passing through the
FortiGate unit.
Volume 2: FortiGate VPN Guide
Contains in-depth information about FortiGate IPSec VPN using certificates, pre-
shared keys and manual keys for encryption. Also contains basic configuration
information for the Fortinet Remote VPN Client, detailed configuration information
for FortiGate PPTP and L2TP VPN, and VPN configuration examples.
Volume 3: FortiGate Content Protection Guide
Describes how to configure antivirus protection, web content filtering, and email
filtering to protect content as it passes through the FortiGate unit.
Volume 4: FortiGate NIDS Guide
Describes how to configure the FortiGate NIDS to detect and protect the FortiGate
unit from network-based attacks.
Volume 5: FortiGate Logging and Message Reference Guide
Describes how to configure FortiGate logging and alert email. Also contains the
FortiGate log message reference.
Volume 6: FortiGate CLI Reference Guide
Describes the FortiGate CLI and contains a reference to all FortiGate CLI
commands.
The FortiGate online help also contains procedures for using the FortiGate web-based
manager to configure and manage your FortiGate unit.
Comments on Fortinet technical documentation
You can send information about errors or omissions in this document or any Fortinet
technical documentation to [email protected]om.
16 Fortinet Inc.
Customer service and technical support Introduction
Customer service and technical support
For antivirus and attack definition updates, firmware updates, updated product
documentation, technical support information, and other resources, please visit the
Fortinet technical support web site at http://support.fortinet.com.
You can also register FortiGate Antivirus Firewalls from http://support.fortinet.com and
modify your registration information at any time.
Fortinet email support is available from the following addresses:
For information on Fortinet telephone support, see http://support.fortinet.com.
When requesting technical support, please provide the following information:
Your name
Company name
•Location
Email address
Telephone number
FortiGate unit serial number
FortiGate model
FortiGate FortiOS firmware version
Detailed description of the problem
amer_support@fortinet.com For customers in the United States, Canada, Mexico, Latin
America and South America.
apac_support@fortinet.com For customers in Japan, Korea, China, Hong Kong, Singapore,
Malaysia, all other Asian countries, and Australia.
eu_support@fortinet.com For customers in the United Kingdom, Scandinavia, Mainland
Europe, Africa, and the Middle East.
FortiGate-50A Installation and Configuration Guide Version 2.50
FortiGate-50A Installation and Configuration Guide 17
Getting started
This chapter describes unpacking, setting up, and powering on a FortiGate Antivirus
Firewall unit. When you have completed the procedures in this chapter, you can
proceed to one of the following:
If you are going to operate the FortiGate unit in NAT/Route mode, go to
“NAT/Route mode installation” on page 33.
If you are going to operate the FortiGate unit in Transparent mode, go to
“Transparent mode installation” on page 41.
This chapter describes:
Package contents
Mounting
Powering on
Connecting to the web-based manager
Connecting to the command line interface (CLI)
Factory default FortiGate configuration settings
Planning the FortiGate configuration
FortiGate model maximum values matrix
Next steps
18 Fortinet Inc.
Package contents Getting started
Package contents
The FortiGate-50A package contains the following items:
the FortiGate-50A Antivirus Firewall
one orange cross-over ethernet cable
one gray regular ethernet cable
one null-modem cable
FortiGate-50A QuickStart Guide
A CD containing the FortiGate user documentation
one AC adapter
Figure 1: FortiGate-50A package contents
Mounting
The FortiGate-50A unit can be installed on any stable surface. Make sure that the
appliance has at least 1.5 in. (3.75 cm) of clearance on each side to allow for
adequate air flow and cooling.
Dimensions
8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm)
Weight
1.5 lb. (0.68 kg)
Power requirements
DC input voltage: 5 V
DC input current: 3 A
PWR STATUS
INTERNAL EXTERNAL
LINK 100 LINK 100
PWR
STATUS
A
Power
LED
Status
LED
External
Interface
Internal
Interface
Null-Modem Cable
(RS-232)
Documentation
Ethernet Cables:
Orange - Crossover
Grey - Straight-through
USER MANUAL
FortiGate-50A
QuickStart Guide
Copyright 2004 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.
Power Cable Power Supply
Internal
External
ConsoleDC+12V
USB
Back
Power
RS-232 Serial
Connection
USB
Internal
Front
InternalExternal
LINK 100 LINK 100
PWR STATUS
External
Getting started Powering on
FortiGate-50A Installation and Configuration Guide 19
Environmental specifications
Operating temperature: 32 to 104°F (0 to 40°C)
Storage temperature: -13 to 158°F (-25 to 70°C)
Humidity: 5 to 95% non-condensing
Powering on
To power on the FortiGate-50A unit
1 Connect the AC adapter to the power connection at the back of the FortiGate-50 unit.
2 Connect the AC adapter to a power outlet.
The FortiGate-50A starts up. The Power and Status lights light. The Status light
flashes while the unit is starting up and turns off when the system is up and running.
Connecting to the web-based manager
Use the following procedure to connect to the web-based manager for the first time.
Configuration changes made with the web-based manager are effective immediately
without resetting the firewall or interrupting service.
To connect to the web-based manager, you need:
a computer with an ethernet connection,
Internet Explorer version 4.0 or higher,
a crossover cable or an ethernet hub and two ethernet cables.
Table 1: FortiGate-50A LED indicators
Power Green The FortiGate unit is powered on.
Off The FortiGate unit is powered off.
Status Green The FortiGate unit is starting.
Off The FortiGate unit is operating normally.
Link
(Internal External)
Green The correct cable is in use and the connected
equipment has power.
Flashing Green Network activity at this interface.
Off No link established.
100
(Internal External)
Green The interface is connected at 100 Mbps.
Note: You can use the web-based manager with recent versions of most popular web browsers.
The web-based manager is fully supported for Internet Explorer version 4.0 or higher.
20 Fortinet Inc.
Connecting to the command line interface (CLI) Getting started
To connect to the web-based manager
1 Set the IP address of the computer with an ethernet connection to the static IP
address 192.168.1.2 and a netmask of 255.255.255.0.
You can also configure the management computer to obtain an IP address
automatically using DHCP. The FortiGate DHCP server assigns the management
computer an IP address in the range 192.168.1.1 to 192.168.1.254.
2 Using the crossover cable or the ethernet hub and cables, connect the internal
interface of the FortiGate unit to the computer ethernet connection.
3 Start Internet Explorer and browse to the address https://192.168.1.99.
The FortiGate login is displayed.
4 Type admin in the Name field and select Login.
The Register Now window is displayed. Use the information in this window to register
your FortiGate unit so that Fortinet can contact you for firmware updates. You must
also register to receive updates to the FortiGate virus and attack definitions.
Figure 2: FortiGate login
Connecting to the command line interface (CLI)
As an alternative to the web-based manager, you can install and configure the
FortiGate unit using the CLI. Configuration changes made with the CLI are effective
immediately without resetting the firewall or interrupting service.
To connect to the FortiGate CLI, you need:
a computer with an available communications port,
the null modem cable included in your FortiGate package,
terminal emulation software such as HyperTerminal for Windows.
/