Sign In
Upload
Manuals
Brands
Fortinet Manuals
Firewall
Fortigate-5000 series
Fortinet Fortigate-5000 series Manuals
Manuals and User Guides for Fortinet Fortigate-5000 series. We have
3
Fortinet Fortigate-5000 series manuals available for free PDF download: Administration Manual, Manual
Fortinet Fortigate-5000 series Administration Manual (764 pages)
Brand:
Fortinet
| Category:
Firewall
| Size: 13.81 MB
Table of Contents
Table of Contents
3
Introduction
23
Fortinet Products
23
About this Document
24
Registering Your Fortinet Product
26
Customer Service and Technical Support
26
Training
27
Documentation
27
Fortinet Tools and Documentation CD
27
Fortinet Knowledge Base
27
Comments on Fortinet Technical Documentation
27
Scope
27
Conventions
28
IP Addresses
28
Notes, Tips and Cautions
28
Typographical Conventions
29
Command Syntax Conventions
29
What's New in Fortios Version 4.0 MR1
33
New SIP ALG Configuration Options
34
Opening and Closing SIP Register and Non-Register Pinholes
34
Support for RFC 2543-Compliant Branch Commands
34
Easy Forticare and Fortiguard Services Registration and Renewal
35
Endpoint Control Enhancements
35
Per-VDOM Replacement Messages
35
Content Archiving Is Now DLP Archive
36
Topology Viewer Is Now a Custom Web-Based Manager Page
36
Usage Page Shows Application, Policy, and DLP Archive Usage
37
Alert Message Console Enhancements
37
WCCP Widget
37
SSL VPN Enhancements
38
Single Sign-On
38
IP Address Ranges Are Now Defined as Firewall Addresses
39
OS Check Changes
40
Client Check Changes
40
Virtual Desktop Enhancements
41
Virtual Desktop Application Control
42
Two-Factor Authentication
43
Force UTF-8 Login
44
Fortigate Wireless Controller
44
Interface Status Detection for Gateway Load Balancing
44
Enhanced ECMP Route Failover and Load Balancing
44
SCEP Extensions
44
Dynamic Routing for Ipv6 Traffic
47
Additions to Router Bgp Command
47
Router Access-List6
51
Router Ospf6
52
Router Prefix-List6
56
Router Ripng
58
Get Router Info6 {Bgp | Ospf | Protocols | Rip
62
Ipv6 DNS
63
Ipv6 Transparent Mode
63
Ipv6 Administrative Access
63
Network Interface Changes for Ipv6
64
Administrator Settings
65
UTM Features Support Ipv6 Traffic
66
HTTP Basic Authentication in Firewall Policies
66
VDOM Dashboard
66
Ipsec Protocol Improvements
67
Support for IKE V2
67
Support for DH-2048 (Group 14)
67
Support for SHA256
68
Auto-Configuration of Ipsec Vpns
69
Ipsec Phase 1 CLI Configuration for IKE Configuration Method
69
Ipsec Phase 2 Configuration for IKE Configuration Method
71
Integral Basic DNS Server
72
Creating Local DNS Entries
72
Enabling DNS on an Interface
73
Per-VDOM DNS Configuration
74
Password Policy
75
Use LDAP Groups in Firewall and SSL-VPN Authentication
76
Traffic Shaping Enhancements
77
Shared Traffic Shaping
77
Per-IP Traffic Shaping
77
Accounting and Quota Enforcement
78
Logging Enhancements
79
Support for Per-VDOM Fortianalyzer Units or Syslog Devices
79
SQL Log Format for Executive Summary Reports
81
Antivirus Changes
82
Reliable Syslog
83
Web Filtering Combined Block/Exempt List
83
Web Filtering by Content Header
85
Safe Search
86
Data Leak Prevention Supports International Character Sets
86
Snmpv3 Enhancements
87
Support for Snmpengineid
87
Authentication and Privacy
87
Schedule Groups
88
Web-Based Manager
89
Common Web-Based Manager Tasks
90
Connecting to the Web-Based Manager
90
Changing Your Fortigate Administrator Password
91
Changing the Web-Based Manager Language
91
Changing Administrative Access to Your Fortigate Unit
92
Changing the Web-Based Manager Idle Timeout
92
Connecting to the Fortigate CLI from the Web-Based Manager
93
Button Bar Features
93
Contacting Customer Support
93
Backing up Your Fortigate Configuration
94
Using Fortigate Online Help
94
Searching the Online Help
96
Logging out
97
Web-Based Manager Pages
97
Using the Web-Based Manager Menu
98
Using Web-Based Manager Lists
99
Adding Filters to Web-Based Manager Lists
99
Using Page Controls on Web-Based Manager Lists
102
Using Column Settings to Control the Columns Displayed
103
Using Filters with Column Settings
104
Web-Based Manager Icons
105
System Status
107
Viewing the System Dashboard
107
VDOM and Global Dashboards
108
Viewing the System Dashboard
108
System Information
109
License Information
110
Unit Operation
113
System Resources
114
Alert Message Console
115
Log and Archive Statistics
117
CLI Console
119
Top Sessions
120
Viewing the Current Sessions List
122
Top Viruses
124
Top Attacks
124
Traffic History
124
Changing System Information
125
Configuring System Time
125
Changing the Fortigate Unit Host Name
126
Changing the Fortigate Firmware
126
Upgrading to a New Firmware Version
127
Reverting to a Previous Firmware Version
128
Viewing Operational History
129
Manually Updating Fortiguard Definitions
129
Viewing Log and Archive Statistics
130
Viewing DLP Archive Information on the Statistics Widget
130
Viewing the Attack Log
132
Configuring AMC Modules
133
Auto-Bypass and Recovery for AMC Bridge Module
134
Enabling or Disabling Bypass Mode for AMC Bridge Modules
135
Viewing Application, Policy, and DLP Archive Usage Data
137
Top Application Usage
137
Top Policy Usage
139
DLP Archive Usage
141
Using the Topology Viewer
142
Adding a Subnet Object
145
Customizing the Topology Diagram
146
Managing Firmware Versions
147
Backing up Your Configuration
148
Backing up Your Configuration through the Web-Based Manager
148
Backing up Your Configuration through the CLI
148
Backing up Your Configuration to a USB Key
149
Testing Firmware before Upgrading
150
Upgrading Your Fortigate Unit
151
Upgrading to Fortios 4.0 through the Web-Based Manager
151
Upgrading to Fortios 4.0 through the CLI
152
Verifying the Upgrade
153
Reverting to a Previous Firmware Image
154
Downgrading to a Previous Firmware through the Web-Based Manager
154
Verifying the Downgrade
155
Downgrading to a Previous Firmware through the CLI
155
Restoring Your Configuration
157
Restoring Your Configuration Settings in the Web-Based Manager
157
Restoring Your Configuration Settings in the CLI
157
Using Virtual Domains
159
Virtual Domains
159
Benefits of Vdoms
159
VDOM Configuration Settings
160
Global Configuration Settings
163
Enabling Vdoms
164
Configuring Vdoms and Global Settings
165
VDOM Licenses
165
Creating a New VDOM
166
Working with Vdoms and Global Settings
167
Adding Interfaces to a VDOM
168
Inter-VDOM Links
169
Assigning an Interface to a VDOM
170
Assigning an Administrator to a VDOM
171
Changing the Management VDOM
172
Configuring VDOM Resource Limits
172
Setting VDOM Global Resource Limits
173
Configuring Resource Usage for Individual Vdoms
174
System Network
177
Configuring Interfaces
177
Switch Mode
180
Interface Settings
181
Creating a VLAN Subinterface
185
Creating a Loopback Interface
185
Creating an 802.3Ad Aggregate Interface
186
Creating a Redundant Interface
187
Configuring DHCP on an Interface
188
Configuring an Interface for Pppoe
190
Configuring Dynamic DNS on an Interface
191
Configuring a Virtual Ipsec Interface
191
Configuring Administrative Access to an Interface
192
Interface Status Detection for Gateway Load Balancing
193
Interface MTU Packet Size
195
Secondary IP Addresses
196
Adding a Software Switch Interface
197
Configuring Zones
198
Configuring the Modem Interface
199
Configuring Modem Settings
199
Redundant Mode Configuration
201
Standalone Mode Configuration
202
Adding Firewall Policies for Modem Connections
203
Connecting and Disconnecting the Modem
203
Checking Modem Status
204
Configuring Networking Options
204
DNS Servers
205
Configuring Fortigate DNS Services
205
About Split DNS
206
Configuring Fortigate DNS Services
206
Configuring the Fortigate DNS Database
208
Configuring the Explicit Web Proxy
210
Configuring WCCP
212
Routing Table (Transparent Mode)
213
Transparent Mode Route Settings
214
System Wireless
215
Fortiwifi Wireless Interfaces
215
Channel Assignments
216
IEEE 802.11A Channel Numbers
216
IEEE 802.11B Channel Numbers
216
IEEE 802.11G Channel Numbers
217
Wireless Settings
218
Adding a Wireless Interface
219
Wireless MAC Filter
221
Managing the MAC Filter List
222
Wireless Monitor
223
Rogue AP Detection
224
Viewing Wireless Access Points
224
System DHCP
227
Fortigate DHCP Servers and Relays
227
Configuring DHCP Services
228
Configuring an Interface as a DHCP Relay Agent
229
Configuring a DHCP Server
229
Viewing Address Leases
231
Reserving IP Addresses for Specific Clients
231
Ha
233
System Config
233
HA Options
233
Cluster Members List
236
Viewing HA Statistics
238
Changing Subordinate Unit Host Name and Device Priority
239
Disconnecting a Cluster Unit from a Cluster
240
Snmp
241
Configuring SNMP
242
Configuring an SNMP Community
242
Fortinet Mibs
244
Fortinet and Fortigate Traps
245
Fortinet and Fortigate MIB Fields
248
Replacement Messages
250
VDOM and Global Replacement Messages
251
Viewing the Replacement Messages List
251
Changing Replacement Messages
252
Mail Replacement Messages
254
HTTP Replacement Messages
254
FTP Replacement Messages
255
NNTP Replacement Messages
256
Alert Mail Replacement Messages
256
Spam Replacement Messages
257
Administration Replacement Message
257
Authentication Replacement Messages
258
Fortiguard Web Filtering Replacement Messages
259
IM and P2P Replacement Messages
260
Endpoint NAC Replacement Message
261
NAC Quarantine Replacement Messages
261
Traffic Quota Control Replacement Messages
262
SSL VPN Replacement Message
262
Replacement Message Tags
262
Operation Mode and VDOM Management Access
263
Changing Operation Mode
263
Management Access
264
System Admin
267
Administrators
267
Viewing the Administrators List
269
Configuring an Administrator Account
270
Changing an Administrator Account Password
272
Configuring Regular (Password) Authentication for Administrators
272
Configuring Remote Authentication for Administrators
272
Configuring PKI Certificate Authentication for Administrators
278
Admin Profiles
280
Viewing the Admin Profiles List
283
Configuring an Admin Profile
284
Central Management
285
Settings
286
Monitoring Administrators
289
Fortigate Ipv6 Support
289
Customizable Web-Based Manager
290
System Certificates
301
Local Certificates
302
Generating a Certificate Request
303
Downloading and Submitting a Certificate Request
304
Importing a Signed Server Certificate
305
Importing an Exported Server Certificate and Private Key
305
Importing Separate Server Certificate and Private Key Files
306
Remote Certificates
306
Importing Remote (OCSP) Certificates
307
CA Certificates
307
Importing CA Certificates
308
Crl
309
Importing a Certificate Revocation List
309
System Maintenance
311
About the Maintenance Menu
311
Backing up and Restoring
312
Basic Backup and Restore Options
313
Upgrading and Downgrading Firmware
316
Upgrading and Downgrading Firmware through Fortiguard
317
Configuring Advanced Options
318
Managing Configuration Revisions
319
Using Script Files
320
Creating Script Files
321
Uploading Script Files
321
Configuring Fortiguard Services
322
Fortiguard Distribution Network
322
Fortiguard Services
322
Configuring the Fortigate Unit for FDN and Fortiguard Subscription Services
323
Troubleshooting FDN Connectivity
328
Updating Antivirus and Attack Definitions
328
Enabling Push Updates
330
Enabling Push Updates When a Fortigate Unit IP Address Changes
330
Enabling Push Updates through a NAT Device
331
Adding VDOM Licenses
333
Router Static
335
Routing Concepts
335
How the Routing Table Is Built
336
How Routing Decisions Are Made
336
Multipath Routing and Determining the Best Route
336
Route Priority
337
Blackhole Route
337
Static Route
338
Working with Static Routes
338
Default Route and Default Gateway
340
Adding a Static Route to the Routing Table
343
ECMP Route Failover and Load Balancing
344
Configuring Spill-Over or Usage-Based ECMP
346
Configuring Weighted Static Route Load Balancing
348
Policy Route
351
Adding a Policy Route
352
Moving a Policy Route
354
Router Dynamic
357
Rip
357
Viewing and Editing Basic RIP Settings
358
Selecting Advanced RIP Options
360
Configuring a RIP-Enabled Interface
361
Ospf
362
Defining an OSPF AS-Overview
363
Configuring Basic OSPF Settings
364
Selecting Advanced OSPF Options
366
Defining OSPF Areas
367
Specifying OSPF Networks
368
Selecting Operating Parameters for an OSPF Interface
369
Bgp
370
Viewing and Editing BGP Settings
371
Multicast
372
Viewing and Editing Multicast Settings
373
Overriding the Multicast Settings on an Interface
374
Multicast Destination NAT
374
Bi-Directional Forwarding Detection (BFD)
375
Configuring BFD
375
Customizable Routing Widgets
377
Access List
377
Distribute List
378
Key Chain
378
Offset List
379
Prefix List
380
Route Map
380
Router Monitor
383
Viewing Routing Information
383
Searching the Fortigate Routing Table
385
Firewall Policy
387
How List Order Affects Policy Matching
387
Moving a Policy to a Different Position in the Policy List
388
Enabling and Disabling Policies
389
Multicast Policies
389
Viewing the Firewall Policy List
390
Configuring Firewall Policies
391
Adding Authentication to Firewall Policies
396
Identity-Based Firewall Policy Options (Non-SSL-VPN)
397
Ipsec Firewall Policy Options
399
Configuring SSL VPN Identity-Based Firewall Policies
400
Using Dos Policies to Detect and Prevent Attacks
404
Viewing the Dos Policy List
404
Configuring Dos Policies
406
Using One-Arm Sniffer Policies to Detect Network Attacks
406
Viewing the Sniffer Policy List
407
Configuring Sniffer Policies
409
How Fortios Selects Unused NAT Ports
410
Global Pool
411
Global Per-Protocol Pool
411
Per NAT IP Pool
411
Per NAT IP, Destination IP, Port, and Protocol Pool
412
Firewall Policy Examples
414
Scenario One: SOHO-Sized Business
414
Scenario Two: Enterprise-Sized Business
417
Firewall Address
421
About Firewall Addresses
421
Viewing the Firewall Address List
422
Configuring Addresses
423
Configuring Address Groups
424
Viewing the Address Group List
424
Firewall Service
427
Viewing the Predefined Service List
427
Viewing the Custom Service List
432
Configuring Custom Services
433
Viewing the Service Group List
435
Configuring Service Groups
435
Firewall Schedule
437
Viewing the Recurring Schedule List
437
Configuring Recurring Schedules
438
Viewing the One-Time Schedule List
438
Configuring One-Time Schedules
439
Configuring Schedule Groups
439
Traffic Shaping
441
Guaranteed Bandwidth and Maximum Bandwidth
441
Traffic Priority
442
Traffic Shaping Considerations
442
Configuring Shared Traffic Shapers
443
Configuring Per IP Traffic Shaping
444
Accounting and Quota Enforcement
445
Firewall Virtual IP
447
How Virtual Ips Map Connections through Fortigate Units
447
Inbound Connections
447
Outbound Connections
450
VIP Requirements
451
Viewing the Virtual IP List
451
Configuring Virtual Ips
452
Adding a Static NAT Virtual IP for a Single IP Address
454
Adding a Static NAT Virtual IP for an IP Address Range
455
Adding Static NAT Port Forwarding for a Single IP Address and a Single Port
457
Adding Static NAT Port Forwarding for an IP Address Range and a Port Range
459
Adding Dynamic Virtual Ips
460
Adding a Virtual IP with Port Translation Only
461
Virtual IP Groups
462
Viewing the VIP Group List
462
Configuring VIP Groups
462
IP Pools
463
IP Pools and Dynamic NAT
464
IP Pools for Firewall Policies that Use Fixed Ports
464
Source IP Address and IP Pool Address Matching
464
Viewing the IP Pool List
465
Configuring IP Pools
465
Double NAT: Combining IP Pool with Virtual IP
466
Adding NAT Firewall Policies in Transparent Mode
468
Firewall Load Balance
471
How Load Balancer Works
471
Configuring Virtual Servers
472
Configuring Real Servers
475
Configuring Health Check Monitors
476
Monitoring the Servers
478
Firewall Protection Profile
479
What Is a Protection Profile
479
Adding a Protection Profile to a Firewall Policy
480
Default Protection Profiles
480
Viewing the Protection Profile List
481
SSL Content Scanning and Inspection
481
Supported Fortigate Models
482
Setting up Certificates to Avoid Client Warnings
482
Configuring SSL Content Scanning and Inspection
484
Configuring a Protection Profile
486
Protocol Recognition Options
487
Anti-Virus Options
489
IPS Options
492
Web Filtering Options
493
Fortiguard Web Filtering Options
495
Email Filtering Options
498
Data Leak Prevention Sensor Options
501
Application Control Options
502
Logging Options
503
SIP Support
505
Voip and SIP
505
The Fortigate Unit and Voip Security
507
Sip Nat
507
How SIP Support Works
509
Configuring SIP
510
Enabling SIP Support and Setting Rate Limiting from the Web-Based Manager
510
Enabling SIP Support from the CLI
511
Enabling SIP Logging
512
Enabling Advanced SIP Features in an Application List
512
Antivirus
517
Order of Operations
517
Antivirus Tasks
518
Fortiguard Antivirus
519
Antivirus Settings and Controls
519
File Filter
521
Built-In Patterns and Supported File Types
521
Viewing the File Filter List Catalog
522
Creating a New File Filter List
522
Viewing the File Filter List
523
Configuring the File Filter List
523
Advertisement
Fortinet Fortigate-5000 series Administration Manual (458 pages)
Brand:
Fortinet
| Category:
Firewall
| Size: 9.62 MB
Table of Contents
Table of Contents
3
Introduction
17
Introducing the Fortigate Units
18
Fortigate-5000 Series Chassis
18
About the Fortigate-5000 Series Modules
19
Fortigate-3600A
19
Fortigate-3600
20
Fortigate-3000
20
Fortigate-1000A
20
Fortigate-1000AFA2
21
Fortigate-1000
21
Fortigate-800
21
Fortigate-800F
21
Fortigate-500A
22
Fortigate-500
22
Fortigate-400A
22
Fortigate-400
22
Fortigate-300A
22
Fortigate-300
23
Fortigate-200A
23
Fortigate-200
23
Fortigate-100A
23
Fortigate-100
23
Fortigate-60/60M/ADSL
24
Fortiwifi-60/60A/60AM
24
Fortigate-50B
24
Fortigate-50A
24
Fortinet Family of Products
25
Fortiguard Subscription Services
25
Fortianalyzer
25
Forticlient
25
Fortimanager
26
Fortibridge
26
Fortimail
26
Fortireporter
26
About this Document
27
Document Conventions
29
Fortigate Documentation
29
Fortinet Tools and Documentation CD
31
Fortinet Knowledge Center
31
Comments on Fortinet Technical Documentation
31
Customer Service and Technical Support
31
Web-Based Manager
33
Button Bar Features
34
Contact Customer Support
34
Using the Online Help
34
Logout
36
Web-Based Manager Pages
37
Web-Based Manager Menu
37
Lists
38
Icons
38
System Status
41
Status Page
41
Viewing System Status
41
System Information
43
License Information
44
Changing System Information
49
Configuring System Time
49
Changing the Fortigate Unit Host Name
50
Changing the Fortigate Firmware
51
Upgrading to a New Firmware Version
51
Reverting to a Previous Firmware Version
51
Viewing Operational History
52
Manually Updating Fortiguard Definitions
53
Viewing Statistics
54
Viewing the Session List
54
Viewing the Content Archive Information
55
Viewing the Attack Log
56
Topology Viewer
58
The Topology Viewer Window
58
Customizing the Topology Diagram
60
Using Virtual Domains
61
Virtual Domains
61
VDOM Configuration Settings
62
Global Configuration Settings
63
Enabling Vdoms
64
Configuring Vdoms and Global Settings
64
Working with Vdoms and Global Settings
65
Adding Interfaces to a VDOM
65
Assigning an Administrator to a VDOM
66
Changing the Management VDOM
67
System Network
69
Interface
69
Switch Mode
71
Interface Settings
72
Configuring an ADSL Interface
74
Creating an 802.3Ad Aggregate Interface
75
Creating a Redundant Interface
76
Creating a Wireless Interface
77
Configuring DHCP on an Interface
78
Configuring an Interface for Pppoe or Pppoa
80
Configuring Dynamic DNS Service for an Interface
81
Configuring a Virtual Ipsec Interface
82
Additional Configuration for Interfaces
83
Zone
87
Zone Settings
87
Network Options
88
DNS Servers
89
Dead Gateway Detection
89
Routing Table (Transparent Mode)
90
Transparent Mode Route Settings
90
Configuring the Modem Interface
91
Configuring Modem Settings
91
Redundant Mode Configuration
93
Standalone Mode Configuration
94
Adding Firewall Policies for Modem Connections
94
Connecting and Disconnecting the Modem
95
Checking Modem Status
95
VLAN Overview
96
Fortigate Units and Vlans
96
Vlans in Nat/Route Mode
97
Rules for VLAN Ids
97
Rules for VLAN IP Addresses
97
Adding VLAN Subinterfaces
98
Vlans in Transparent Mode
99
Rules for VLAN Ids
101
Transparent Mode Virtual Domains and Vlans
101
Troubleshooting ARP Issues
104
Fortigate Ipv6 Support
104
System Wireless
105
The Fortiwifi Wireless LAN Interface
105
Channel Assignments
106
System Wireless Settings (Fortiwifi-60)
107
System Wireless Settings (Fortiwifi-60A and 60AM)
109
Wireless MAC Filter
110
Wireless Monitor
111
System DHCP
113
Fortigate DHCP Servers and Relays
113
Configuring DHCP Services
114
Configuring an Interface as a DHCP Relay Agent
115
Configuring a DHCP Server
115
Viewing Address Leases
116
Reserving IP Addresses for Specific Clients
117
Ha
119
System Config
119
HA Options
119
Cluster Members List
122
Viewing HA Statistics
125
Changing Subordinate Unit Host Name and Device Priority
126
Disconnecting a Cluster Unit from a Cluster
126
Snmp
127
Configuring SNMP
127
Configuring an SNMP Community
128
Fortinet Mibs
130
Fortigate Traps
131
Fortinet MIB Fields
133
Replacement Messages
136
Replacement Messages List
137
Changing Replacement Messages
138
Changing the Authentication Login Page
139
Changing the Fortiguard Web Filtering Block Override Page
140
Changing the SSL-VPN Login Message
140
Changing the Authentication Disclaimer Page
140
Operation Mode and VDOM Management Access
141
Changing Operation Mode
141
Management Access
142
System Admin
143
Administrators
143
Configuring RADIUS Authentication for Administrators
144
Viewing the Administrators List
144
Configuring an Administrator Account
146
Access Profiles
148
Viewing the Access Profiles List
151
Configuring an Access Profile
152
Fortimanager
153
Settings
153
Monitoring Administrators
154
System Maintenance
157
Backup and Restore
157
Fortiguard Center
161
Fortiguard Distribution Network
161
Fortiguard Services
161
Configuring the Fortigate Unit for FDN and Fortiguard Services
162
Troubleshooting FDN Connectivity
166
Updating Antivirus and Attack Definitions
166
Enabling Push Updates
168
License
172
System Chassis (Fortigate-5000 Series)
173
SMC (Shelf Manager Card)
173
Blades (Fortigate-5000 Chassis Slots)
174
Chassis Monitoring Event Log Messages
176
Router Static
177
Routing Concepts
177
How the Routing Table Is Built
178
How Routing Decisions Are Made
178
Multipath Routing and Determining the Best Route
178
How Route Sequence Affects Route Priority
179
Equal Cost Multipath (ECMP) Routes
180
Static Route
180
Working with Static Routes
180
Default Route and Default Gateway
181
Adding a Static Route to the Routing Table
184
Policy Route
185
Adding a Route Policy
186
Moving a Route Policy
187
Router Dynamic
189
Rip
189
How RIP Works
190
Viewing and Editing Basic RIP Settings
190
Selecting Advanced RIP Options
192
Overriding the RIP Operating Parameters on an Interface
193
Ospf
194
OSPF Autonomous Systems
194
Defining an OSPF as
195
Viewing and Editing Basic OSPF Settings
196
Selecting Advanced OSPF Options
198
Defining OSPF Areas
199
Specifying OSPF Networks
200
Selecting Operating Parameters for an OSPF Interface
201
Bgp
202
How BGP Works
202
Viewing and Editing BGP Settings
203
Multicast
204
Viewing and Editing Multicast Settings
204
Overriding the Multicast Settings on an Interface
206
Router Monitor
209
Displaying Routing Information
209
Searching the Fortigate Routing Table
211
Firewall Policy
213
About Firewall Policies
213
How Policy Matching Works
214
Viewing the Firewall Policy List
214
Adding a Firewall Policy
215
Moving a Policy to a Different Position in the Policy List
216
Configuring Firewall Policies
216
Firewall Policy Options
219
Adding Authentication to Firewall Policies
222
Adding Traffic Shaping to Firewall Policies
223
Ipsec Firewall Policy Options
226
SSL-VPN Firewall Policy Options
226
Options to Check Forticlient on Hosts
227
Firewall Policy Examples
228
Scenario One: SOHO Sized Business
228
Scenario Two: Enterprise Sized Business
231
Firewall Address
235
About Firewall Addresses
235
Viewing the Firewall Address List
236
Configuring Addresses
237
Viewing the Address Group List
237
Configuring Address Groups
238
Firewall Service
239
Viewing the Predefined Service List
239
Viewing the Custom Service List
243
Configuring Custom Services
243
Viewing the Service Group List
245
Configuring Service Groups
245
Firewall Schedule
247
Viewing the One-Time Schedule List
247
Configuring One-Time Schedules
248
Viewing the Recurring Schedule List
248
Configuring Recurring Schedules
249
Firewall Virtual IP
251
Virtual Ips
251
How Virtual Ips Map Connections through the Fortigate Unit
251
Viewing the Virtual IP List
255
Configuring Virtual Ips
255
Adding a Static NAT Virtual IP for a Single IP Address
256
Adding a Static NAT Virtual IP for an IP Address Range
258
Adding Static NAT Port Forwarding for a Single IP Address and a Single Port
260
Adding Static NAT Port Forwarding for an IP Address Range and a Port Range
261
Adding a Load Balance Virtual IP for an IP Address Range or Real Servers
263
Adding a Load Balance Port Forwarding Virtual IP
265
Adding Dynamic Virtual Ips
266
Virtual IP Groups
267
Viewing the VIP Group List
267
Configuring VIP Groups
268
IP Pools
269
IP Pools and Dynamic NAT
269
IP Pools for Firewall Policies that Use Fixed Ports
269
Viewing the IP Pool List
270
Configuring IP Pools
270
Firewall Protection Profile
271
What Is a Protection Profile
271
Default Protection Profiles
272
Configuring a Protection Profile
272
Antivirus Options
273
Web Filtering Options
275
Fortiguard-Web Filtering Options
276
Spam Filtering Options
277
IPS Options
279
Content Archive Options
279
IM and P2P Options
280
Logging Options
281
Voip Options
282
Viewing the Protection Profile List
272
Adding a Protection Profile to a Policy
282
Protection Profile CLI Configuration
283
Vpn Ipsec
285
Overview of Ipsec Interface Mode
285
Auto Key
287
Creating a New Phase 1 Configuration
287
Defining Phase 1 Advanced Settings
290
Creating a New Phase 2 Configuration
292
Defining Phase 2 Advanced Settings
293
Internet Browsing Configuration
295
Manual Key
296
Creating a New Manual Key Configuration
297
Concentrator
299
Defining Concentrator Options
299
Monitor
300
Vpn Pptp
303
PPTP Range
303
Vpn Ssl
305
Config
305
Monitor
307
VPN Certificates
309
Local Certificates
309
Generating a Certificate Request
310
Downloading and Submitting a Certificate Request
312
Importing a Signed Server Certificate
313
Importing an Exported Server Certificate and Private Key
313
Importing Separate Server Certificate and Private Key Files
314
Remote Certificates
314
Importing Remote (OCSP) Certificates
315
CA Certificates
315
Importing CA Certificates
316
Crl
317
Importing a Certificate Revocation List
317
User
319
Configuring User Authentication
319
Setting Authentication Timeout
320
Setting User Authentication Protocol Support
320
Local User Accounts
321
Configuring a User Account
321
RADIUS Servers
322
Configuring a RADIUS Server
322
LDAP Servers
323
Configuring an LDAP Server
324
PKI Authentication
325
Configuring PKI Users
326
Windows AD Servers
326
Configuring a Windows AD Server
327
User Group
327
User Group Types
328
User Group List
329
Configuring a User Group
330
Configuring Fortiguard Override Options for a User Group
331
Configuring SSL VPN User Group Options
332
Configuring Peers and Peer Groups
334
Fortinet Fortigate-5000 series Manual (94 pages)
Compatible with FortiGate-5000 Series
Brand:
Fortinet
| Category:
Chassis
| Size: 5.49 MB
Table of Contents
Table of Contents
3
Change Log
6
Fortigate-5144C Chassis
7
Fortigate-5144C Front Panel
7
Fortigate-5144C Back Panel
8
Chassis Hardware Information
9
Shipping Components
10
Accessories
10
Supported Fortinet ATCA Boards
10
Power Requirements
12
Physical Description of the Fortigate-5144C Chassis
12
Fortigate-5144C Shelf Managers
13
Connecting to the Shelf Manager and Shelf Manager Ethernet Channels
14
Shelf Manager Ethernet Connections to Chassis Slots (and Boards)
15
Changing the Shelf Manager Switch Configuration to Prevent Ethernet Loops
15
Radial IPMB Bus Topology
17
Using the Shelf Manager CLI
18
Shelf Manager Fan and Power Control
18
Telco Alarms
18
Air Filter
19
Cooling Fans, Cooling Air Flow, and Minimum Clearance
20
Fortigate-5144C Hardware Procedures
22
Mounting the Fortigate-5144C Chassis
22
Air Flow
23
Inserting Fortigate-5000 Series Boards and RTM Modules
23
Installing Forticontroller or Fortiswitch Boards
24
Power Connection and Configuration
25
Fortigate-5144C Chassis Power Level Requirements
25
Connecting the Fortigate-5144C Chassis to DC Power and Ground
26
Crimping Guidelines
27
Connecting Fortigate-5144C Power Feeds to DC Power
28
Connecting the Fortigate-5144C Chassis to Ground
29
Fortigate-5053B Power Supply Shelf and PSU-5000B Power Supplies
30
Power Requirement Guidelines
32
Connecting a Fortigate-5144C Chassis to the Fortigate-5053B Power Supply Shelf
32
Connecting the Fortigate-5053B Power Supply Shelf to Ground
34
Turning on Fortigate-5144C Chassis Power
35
Shelf Manager CLI
36
Connecting to the Shelf Manager CLI Using the Shelf Manager Console Port
36
Connecting to the Shelf Manager CLI from an Ethernet Network
37
Changing the Shelf Manager Root Account Password
38
Resetting a Lost Shelf Manager Password
38
The Shelf Manager Command Line Interface Agent (CLIA)
39
Using CLIA Interactive Mode
39
IPMB Addresses, Logical and Physical Slot Numbers, and FRU Ids
39
Change IP Address of the Primary Shelf Manager
41
Display the Shelf Manager Firmware Version
41
List All Frus in the Chassis
42
List All Sensors on a FRU
42
List Only Sensors that Are Outside of Established Thresholds
42
Display Sensor Data for a FRU
42
Display the FRU Information for a FRU
42
Change the Speed for a Fan Tray
42
Display the Contents of the System Event Log (Sel)
42
Clear the System Event Log (Sel)
42
Changing the Shelf Manager IP Address and Default Gateway
43
Sensor Types
44
CLI Command Reference
44
Activate/Deactivate
44
Alarm
45
Board
46
Clia
47
Exit/Quit
47
Fans
47
Fru
48
Fruinfo
48
Getlanconfig
49
Getthreshold/Threshold
50
Help
53
Minfanlevel
56
Sel
56
Sensor
57
Sensordata
58
Setthreshold
58
Shmstatus
60
Showunhealthy
60
Switchover
61
Terminate
61
User
61
Version
63
Generating SNMP Traps for Shelf Manager System Events
64
Example SNMP Configuration
64
Testing the Configuration
68
SNMP Trap Details
68
Removing and Inserting a Fan Tray
70
Setting up SNMP Polling for the Shelf Manager
70
Using the Shelf Manager System Event Log (SEL)
71
Before You Begin
71
Chassis Design Background
71
Alarm Leds
72
Reading the SEL
72
Clearing SEL Logs
73
Example IPMC Log Output
74
Example FRU Log Output
75
Example Sensor Log Output
76
Sample Sections of SEL Output
88
Advertisement
Advertisement
Related Products
Fortinet FortiGate FortiGate-50B
Fortinet FortiGate FortiGate-500A
Fortinet FortiGate FortiGate-50
Fortinet FortiGate FortiGate-50R
Fortinet FortiGate-50A
Fortinet FortiGate FortiGate-500
Fortinet FortiGate FortiGate-5003
Fortinet FortiGate-5001FA2-LENC
Fortinet FortiGate-5050-R
Fortinet FortiGate-5001A-DW
Fortinet Categories
Firewall
Network Hardware
Wireless Access Point
Telephone
Switch
More Fortinet Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL