Краткое содержание страницы № 1
INSTALL GUIDE
FortiGate-60B
FortiOS 3.0 MR6
www.fortinet.com�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Краткое содержание страницы № 2
FortiGate-60B Install Guide FortiOS 3.0 MR6 10 September 2008 01-30006-0446-20080910 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc. Trademarks Fortinet, FortiGate and FortiGuard are registered trademarks and Dyna
Краткое содержание страницы № 3
Contents Contents Contents.............................................................................................. 3 Introduction ........................................................................................ 7 Register your FortiGate unit............................................................................. 7 About the FortiGate-60B ................................................................................... 8 About this document...................................
Краткое содержание страницы № 4
Contents Configure a DNS server ....................................................................... 22 Adding a default route and gateway..................................................... 22 Adding firewall policies ......................................................................... 23 Configuring Transparent mode...................................................................... 23 Using the web-based manager ................................................................... 24
Краткое содержание страницы № 5
Contents Configuring the PCMCIA modem card .......................................................... 45 FortiGate Firmware .......................................................................... 47 Downloading firmware .................................................................................... 47 Using the web-based manager....................................................................... 48 Upgrading the firmware................................................................
Краткое содержание страницы № 6
Contents FortiGate-60B FortiOS 3.0 MR6 Install Guide 6 01-30006-0446-20080910���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Краткое содержание страницы № 7
Introduction Register your FortiGate unit Introduction Welcome and thank you for selecting Fortinet products for your real-time network protection. The FortiGate Unified Threat Management System improves network security, reduces network misuse and abuse, and helps you use communications resources more efficiently without compromising the performance of your network. The FortiGate Unified Threat Management System are ICSA-certified for firewall, IPSec, and antivirus services. The FortiGate
Краткое содержание страницы № 8
About the FortiGate-60B Introduction About the FortiGate-60B The FortiGate-60B multi-threat security solution offers Small and Medium Business and SOHO/ROBO users enterprise-class protection against blended threats targeting 3G broadband, wireless LAN and wired infrastructure. The FortiGate-60B supports a wide array of wireless broadband PC Cards. The FortiGate-60B offers enterprise-class security for the SOHO/ROBO users and the flexibility needed for quick Point of Sales deployment. FortiG
Краткое содержание страницы № 9
Introduction Further Reading Note: Highlights useful additional information. Caution: Warns you about commands or procedures that could have unexpected or ! undesirable results including loss of data or damage to equipment. Typographic conventions FortiGate documentation uses the following typographical conventions: Convention Example Keyboard input In the Gateway Name field, type a name for the remote VPN peer or client (for example, Central_Office_1). Code examples config sys global set ips
Краткое содержание страницы № 10
Customer service and technical support Introduction • FortiGate Log Message Reference Available exclusively from the Fortinet Knowledge Center, the FortiGate Log Message Reference describes the structure of FortiGate log messages and provides information about the log messages that are generated by FortiGate units. • FortiGate High Availability User Guide Contains in-depth information about the high availability feature and the clustering protocol. • FortiGate IPS User Guide Describes how to
Краткое содержание страницы № 11
Installing Environmental specifications Installing This chapter describes installing your FortiGate unit in your server room, environmental specifications and how to mount the FortiGate in a rack if applicable. This chapter contains the following topics: • Environmental specifications • Cautions and warnings • Plugging in the FortiGate • Plugging in the FortiGate • Turning off the FortiGate unit Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C) If you install the Fo
Краткое содержание страницы № 12
Cautions and warnings Installing • Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/TV technician for help. The equipment compliance with FCC radiation exposure limit set forth for uncontrolled Environment. Cautions and warnings Review the following cautions before installing your FortiGate unit. Caution: Risk of Explosion if battery is replaced by an incorrect type. Dispose of used ! batteri
Краткое содержание страницы № 13
Installing Plugging in the FortiGate Mounting If required to fit into a rack unit, remove the rubber feet from the bottom of the FortiGate unit. Adhere the rubber feet included in the package to the underside of the FortiGate unit, near the corners of the device. Place the FortiGate unit on any flat, stable surface. Ensure the unit has sufficient clearance on each side to ensure adequate airflow for cooling. Plugging in the FortiGate Use the following steps to connect the power supply to the
Краткое содержание страницы № 14
Turning off the FortiGate unit Installing FortiGate-60B FortiOS 3.0 MR6 Install Guide 14 01-30006-0446-20080910�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Краткое содержание страницы № 15
Configuring NAT vs. Transparent mode Configuring This section provides an overview of the operating modes of the FortiGate unit, NAT/Route and Transparent, and how to configure the FortiGate unit for each mode. There are two ways you can configure the FortiGate unit, using the web-based manager or the command line interface (CLI). This section will step through using both methods. Use whichever you are most comfortable with. This section includes the following topics: • NAT vs. Transparent
Краткое содержание страницы № 16
Connecting to the FortiGate unit Configuring Transparent mode In Transparent mode, the FortiGate unit is invisible to the network. Similar to a network bridge, all FortiGate interfaces must be on the same subnet. You only have to configure a management IP address to make configuration changes. The management IP address is also used for antivirus and attack definition updates. Figure 3: FortiGate unit in Transparent mode 10.10.10.1 Management IP Internal Network Gateway to public network 204.2
Краткое содержание страницы № 17
Configuring Connecting to the FortiGate unit To support a secure HTTPS authentication method, the FortiGate unit ships with a self-signed security certificate, which is offered to remote clients whenever they initiate a HTTPS connection to the FortiGate unit. When you connect, the FortiGate unit displays two security warnings in a browser. The first warning prompts you to accept and optionally install the FortiGate unit’s self-signed security certificate. If you do not accept the certificat
Краткое содержание страницы № 18
Configuring NAT mode Configuring Configuring NAT mode Configuring NAT mode involves defining interface addresses and default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in NAT/Route mode. Using the web-based manager After connecting to the web-based manager, you can use the following procedures to complete the basic configuration of the FortiGate unit. Ensure you read the section “Connecting to the web-based manager” on p
Краткое содержание страницы № 19
Configuring Configuring NAT mode Initial PADT Timeout Initial PPPoE Active Discovery Terminate (PADT) timeout in seconds. Use this timeout to shut down the PPPoE session if it is idle for this number of seconds. Your ISP must support PADT. To disable the PADT timeout, set the value to 0. Distance Enter the administrative distance, between 1 and 255 for the default gateway retrieved from the DHCP server. The administrative distance specifies the relative priority of a route when there are m
Краткое содержание страницы № 20
Configuring NAT mode Configuring For an initial configuration, you must edit the factory configured static default route to specify a different default gateway for the FortiGate unit. This will enable the flow of data through the FortiGate unit. For details on adding additional static routes, see the FortiGate Administration Guide. To modify the default gateway 1 Go to Router > Static. 2 Select Edit for the default route 3 In the Gateway field, type the IP address of the next-hop router where
