Fortigate firewall how to
Upcoming SlideShare
Loading in...5
×
 

Fortigate firewall how to

on

  • 1,581 views

How to perform the initial configuration of a FortiGate Firewall

How to perform the initial configuration of a FortiGate Firewall

Statistics

Views

Total Views
1,581
Views on SlideShare
1,213
Embed Views
368

Actions

Likes
1
Downloads
32
Comments
0

4 Embeds 368

http://www.ipmax.it 353
http://www.slideee.com 10
http://ipmax 4
https://twitter.com 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Fortigate firewall how to Fortigate firewall how to Presentation Transcript

  • FORTIGATE FIREWALL HOW TO INITIAL CONFIGURATION www.ipmax.it
  • VIRTUAL LAB The FortiGate firewall is available not only as an appliance but also as a virtual machine, the Fortigate VM. The following virtual lab will be used in the following examples. This scenario is very simple, so it could be used to easily learn how to configure the FortiGate firewall. External network – to the Internet Firewall Port 2 – bridged to the physical machine network port FortiGate VM Firewall port 1 – configured on VMware LAN segment 1 LAN segment 1 Virtual machine with Ethernet port on Vmware LAN segment 1
  • FORTIGATE VM INITIAL CONFIGURATION We will assume that the reader has already installed the virtual machine on its PC and he/she has generated a valid license. When the machine has already been started up, we can only configure it through the console: a login is required. Enter username admin and no password. In order to have the web interface available, some basic commands are required. These commands will permit to configure an IP address to the machine and activate the license on the Internet. The license file should be downloaded to the machine using TFTP, so a TFTP server should be configured. The IP addresses used in the following are chosen as an example; you are free to change them. Let’s start with the initial configuration!
  • FORTIGATE VM INITIAL CONFIGURATION CONTINUED # On the CLI, configure port 1 (only port 1 is already configured for device management). Port 1 will be connected to the PC used to configure the device and then to the internal network. All ports are already in administrative status up. config system interface edit port1 set ip 192.168.255.1 255.255.255.0 end # Now we can leave the console and start to use an SSH terminal. Connect port 1 to your PC Ethernet port and configure it with a static IP address on the same subnet you configured on port 1 of the firewall. # Now we will configure port 2 to connect it to Internet. In this case we will use a DHCP configuration as an example. config system interface edit port2 set mode dhcp set defaultgw enable #We use the default gateway received by DHCP end
  • FORTIGATE VM INITIAL CONFIGURATION CONTINUED # In case we chose to use a static IP address, the configuration will be config system interface edit port2 set ip 172.16.255.2 255.255.255.0 end # In this case we should configure a static default route. config router static edit 1 end set device port2 set gateway 172.16.255.1 #So, verify the connectivity and the DNS configuration. execute ping fortinet.com #We download the license file from our TFTP server (with IP address 192.168.255.2, for example). execute restore vmlicense tftp FGVMXXXXXXXXXXXX.lic 192.168.255.2
  • FORTIGATE VM INITIAL CONFIGURATION CONTINUED Now we can connect to the firewall using the web interface (user admin and no password). The activation process is not immediate, so the following page will be shown. If we want to speed up the process, the following CLI command could be used: execute update-now When the activation procedure is completed, we will be able to connect to the device’s web interface.
  • MORE NEEDS? See hints on www.ipmax.it Or email us your questions to info_ipmax@ipmax.it
  • IPMAX IPMAX is a Fortinet Partner in Italy. IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation. IPMAX srl Via Ponchielli, 4 20063 Cernusco sul Naviglio (MI) – Italy +39 02 9290 9171