Transparent Mode Standalone Configuration - Fortinet FortiGate FortiGate-5001FA2 Installation Manual
Fortigate 5000 series
Hide thumbs
Also See for FortiGate FortiGate-5001FA2:
- Introductions manual (39 pages) ,
- Security system manual (34 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
12
Figure 1: Example NAT/Route mode standalone network configuration
Port 2
204.23.1.5
Internet
Transparent mode standalone configuration
In Transparent mode standalone configuration, each FortiGate-5000 antivirus firewall
module in the FortiGate chassis operates as a separate Transparent mode FortiGate
antivirus firewall. Each of these FortiGate-5000 modules is invisible to the network.
Similar to a network bridge, the FortiGate interfaces must be on the same subnet. You
only have to configure a management IP address so that you can make configuration
changes. The management IP address is also used for antivirus and attack definition
updates.
You typically use a FortiGate-5000 antivirus firewall module in Transparent mode on a
private network behind an existing firewall or behind a router. The FortiGate-5000
module performs most of the same firewall functions in Transparent mode as in
NAT/Route mode.
Figure 2: Example Transparent mode standalone network configuration
Gateway to
public network
204.23.1.5
192.168.1.1
Internet
(firewall, router)
HA configuration
You can group two or more FortiGate-5000 modules in a FortiGate chassis into an HA
cluster. The HA cluster can operate in active-active mode or active-passive mode.
Note: When clustering FortiGate units, you must cluster the same modules together, for
example, two or more FortiGate-5002FB2 modules. You cannot cluster one FortiGate-5001SX
module and one FortiGate-5002FB2 module together.
An active-active HA cluster can increase virus scanning throughput by using load
balancing to distribute virus scanning to all of the FortiGate units in the cluster.
Both HA modes provide supports link redundancy and device redundancy.
01-28011-0259-20060210
FortiGate-5001SX Module
in NAT/Route mode
USB
1
2
CONSOLE
PWR ACC
NAT mode policies controlling
traffic between internal and
external networks.
FortiGate-5001SX Module
in Transparent mode
USB
1
2
3
4
5
CONSOLE
PWR ACC
Port 1
192.168.1.2
Management IP
Transparent mode policies
controlling traffic between
internal and external networks
Configuring the FortiGate for the Network
Internal network
Port 1
192.168.1.99
3
4
5
6
7
8
STA IPM
Port 3
DMZ network
10.10.10.1
Internal network
6
7
8
STA IPM
Port 2
192.168.1.3
Route mode policies
controlling traffic between
internal networks.
10.10.10.2
192.168.1.3
Fortinet Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the FortiGate FortiGate-5001FA2 and is the answer not in the manual?
Questions and answers