General Settings; Using The Command Line Interface; Management Module; Completing The Configuration - Fortinet FortiGate FortiGate-4000 Quick Start Manual

5
Collecting information
NAT/Route mode
IP:
Internal Interface:
Netmask:
IP:
External
Interface:
Netmask:
Out of band
IP:
management
Netmask:
Interface
Transparent mode
IP:
Management IP:
Netmask:
6
Configuring the FortiGate-4000
1. Connect the FortiGate-4000 internal interface to the management computer Ethernet interface. Use a cross-over Ethernet cable to connect the
Using the
devices directly. Use straight-through Ethernet cables to connect the devices through a hub or switch.
Setup Wizard
2. Configure the management computer to be on the same subnet as FortiGate-4000 internal interface. To do this, change the IP address of the
management computer to 192.168.1.2 and the netmask to 255.255.255.0.
3. To access the FortiGate web-based manager, start Internet Explorer and browse to https://192.168.1.99 (remember to include the "s" in https://).
4. Type admin in the Name field and select Login.
NAT/Route mode
Using the Setup Wizard
To configure the FortiGate-4000 unit using the Setup Wizard, select
the Easy Setup Wizard button and follow the prompts.
Using the web-based manager
To change the administrator password
1. Go to System > Admin > Administrators.
2. Select Change Password for the admin administrator and enter a new password.
To configure interfaces
1. Go to System > Network > Interface.
2. Select the edit icon for each interface to configure.
3. Set the addressing mode for the interface. (see the online help for information.)
•For manual addressing, enter the IP address and netmask for the interface.
•For DHCP addressing, select DHCP and any required settings.
•For PPPoE addressing, select PPPoE, and enter the username and password and
any other required settings.
To configure the Primary and Secondary DNS server IP addresses
1. Go to System > Network > DNS, enter the Primary and Secondary DNS IP
addresses that you recorded above and select Apply.
To configure a Default Gateway
1. Go to Router > Static and select Edit icon for the static route.
2. Set Gateway to the Default Gateway IP address that you recorded above and select
OK.
Note: If you change the IP address of the internal interface (NAT/Route mode) or management IP address (Transparent mode), you must use this address to reconnect to the web-based manager and Setup
Wizard. You might also have to change the IP address of the management computer to be on the same subnet as the new IP address.
Using the
Command Line Interface
NAT/Route mode
1. Configure the internal interface.
config system interface
edit internal
set mode static
set ip <intf_ip> <netmask_ip>
end
2. Repeat to configure the external interface.
config system interface
edit external
set mode static
set ip <intf_ip> <netmask_ip>
end
3. Configure the primary and secondary DNS server IP addresses.
config system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end
4. Configure the default gateway.
config router static
edit 1
set gateway <gateway_ip>
end
Using the out of band

management module

To connect to the out of band management module
1. Set the IP address of the management computer to the static IP address
172.16.1.3 and a netmask of 255.255.255.0.
2. Start Internet Explorer and browse to the address https://172.16.1.2 (remember to
include the "s" in https://).
3. Type admin in the Name field and select Login.
7

Completing the configuration

Restarting the FortiGate-4000
Should you mistakenly change a network setting and cannot connect to the
unit, reboot the unit and try again or to set the unit back to factory defaults and
start over again.
Use these tables to record your FortiGate-4000 configuration. You can record NAT/Route or
Transparent mode settings and general settings that apply to both modes.
____.____.____.____
____.____.____.____
____.____.____.____
____.____.____.____
____.____.____.____
____.____.____.____
____.____.____.____
____.____.____.____
Select the
Easy Setup Wizard
1. Connect to the CLI of each FortiGate-4000 by connecting to the management interface module. Use the KVM switch to
select which FortiGate-4000 you are connecting to.
2. Start a terminal emulation program (HyperTerminal) on the management computer. Use these settings:
Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.
3. At the FortiGate Login: prompt, type admin and press Enter twice.
Connect the 10/100 out of band management module to your network. Power on the FortiGate-4000 unit that you want to
connect to. When first installed, all FortiGate-4000 units installed in the FortiGate-4000 chassis have the same out of band
management IP addresses. To connect to a specific FortiGate-4000 unit, you must turn on the power for this FortiGate-4000
unit. The power to all of the other FortiGate-4000 units must be turned off.
The management IP address and netmask must be valid for the network that the
FortiGate-4000 unit is connected to.

General settings

Administrator password:
Default Gateway:
Network Settings: Primary DNS Server:
Secondary DNS Server:
A default gateway is required for the FortiGate unit to route connections to the Internet.
Steps for using the configuration tool that you have chosen. For more information, see the
"Getting Started" chapter of the FortiGate-4000 Installation and Configuration Guide on the
Documentation CD-ROM.
Transparent mode
To switch from NAT/route mode to transparent mode
1. Go to System > Status, select Change beside Operation Mode, and select OK.
2. Change the IP address of the management computer to 10.10.10.2 and use
Internet Explorer to browse to https://10.10.10.1.
Using the Setup Wizard
To configure the FortiGate-4000 unit using the Setup Wizard, select the Easy Setup
Wizard button and follow the prompts.
Using the web-based manager
To change the administrator password using the web-based manager
1. Go to System > Admin > Administrators.
2. Select Change Password for the admin administrator and enter a new password.
To configure the management interface using the web-based manager
1. Go to System > Network > Management.
2. Enter the Management IP address and netmask that you recorded above.
3. Select administrative access options if required and select OK.
To configure the Primary and Secondary DNS server IP addresses
1. Go to System > Network > DNS, enter the Primary and Secondary DNS IP
addresses that you recorded above and select Apply.
To configure a Default Gateway
1. Go to System > Network > Management.
2. Set Default Gateway to the Default Gateway IP address that you recorded above
and select OK.
Transparent mode
1. Change from NAT/Route mode to Transparent mode.
config system global
set opmode transparent
end
2. Wait a moment and then log in again at the prompt.
3. Configure the Management IP address.
config system manageip
set ip <mng_ip> <netmask>
end
Configure the DNS server IP address.
config system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end
4. Configure the default route.
config router static
edit 1
set gateway <gateway_ip>
end
To change the out of band management IP address
1. After logging into the FortiGate-4000 unit, go to System > Network > OOB
Management.
2. Change the IP/Netmask addresses.
Congratulations!
You have finished configuring the basic settings. Your network is now protected from
Internet-based threats. To explore the full range of configuration options, see the online help
or the Documentation CD-ROM.
• To restart the unit, go to System > Maintenance >
ShutDown and select Reboot.
• To reset the unit, go to System > Maintenance >
Shutdown and select Reset to factory default.
____.____.____.____
____.____.____.____
____.____.____.____
CLI: execute reboot
CLI: execute factoryreset