Fortinet FortiGate-60 series Administration Manual
  1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Firewall
  5. FortiGate-60 series
  6. Administration manual

Fortinet FortiGate-60 series Administration Manual

Hide thumbs Also See for FortiGate-60 series:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
Table of Contents

Advertisement

Quick Links

ADMINISTRAT ION GUIDE
FortiGate™
Version 3.0 MR4
www.fortinet.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FortiGate-60 series and is the answer not in the manual?

Questions and answers

Related Manuals for Fortinet FortiGate-60 series

Summarization of Contents

Web-based manager
Button bar features
Explains the features accessible from the web-based manager button bar, including customer support and online help.
Web-based manager pages
Describes the web-based manager interface, including the menu structure, tabs, and page navigation.
System Status
Status page
Describes the System Status page, providing a snapshot of the FortiGate unit's operating status, license, and resource usage.
Changing system information
Details how to change the system time, host name, and operation mode for the FortiGate unit.
Changing the FortiGate firmware
Explains procedures for upgrading to a newer firmware version or reverting to a previous firmware version.
Viewing Statistics
Provides information on sessions, content archiving, and network protection activity, with details available per item.
Topology viewer
Explains how to diagram and document the networks connected to your FortiGate unit using the Topology viewer.
Using virtual domains
Virtual domains
Explains how virtual domains (VDOMs) enable a FortiGate unit to function as multiple independent units.
Enabling VDOMs
Guides on enabling multiple VDOM operation on the FortiGate unit using the default admin account.
Configuring VDOMs and global settings
Details configuration settings exclusive to virtual domains and global settings affecting all VDOMs.
System Network
Interface
Describes configuring FortiGate interfaces and DNS settings, including VLANs and zones.
Configuring the modem interface
Explains how to configure modem settings for backup or standalone Internet connection in NAT/Route mode.
VLAN overview
Explains what VLANs are and how they segregate devices logically.
VLANs in NAT/Route mode
Describes how FortiGate units control traffic flow between VLANs in NAT/Route mode.
VLANs in Transparent mode
Explains applying firewall policies to traffic on an IEEE 802.1 VLAN trunk in Transparent mode.
FortiGate IPv6 support
Details assigning IPv4 and IPv6 addresses to interfaces and configuring IPv6 traffic.
System Wireless
The FortiWiFi wireless LAN interface
Describes configuring the FortiWiFi Wireless interface for access point or client mode.
System wireless settings (FortiWiFi-60)
Details configuring wireless LAN settings for FortiWiFi-60 units.
System wireless settings (FortiWiFi-60A and 60AM)
Explains configuring wireless LAN settings for FortiWiFi-60A and 60AM units.
Wireless MAC Filter
Describes allowing or denying wireless access to users based on their MAC address.
Wireless Monitor
Explains how to view connected users on the wireless LAN and monitor their activity.
System DHCP
FortiGate DHCP servers and relays
Describes DHCP services provided by FortiGate interfaces and VLAN subinterfaces.
Configuring DHCP services
Details configuring DHCP services, including relays and servers, and viewing address leases.
Viewing address leases
Explains how to view IP addresses assigned by DHCP servers and corresponding client MAC addresses.
System Config
HA
Describes FortiGate high availability (HA) for enhanced reliability and performance.
SNMP
Explains configuring the SNMP agent for hardware monitoring and trap reporting.
Replacement messages
Details changing replacement messages for alerts and customized content streams.
Operation mode and VDOM management access
Explains changing VDOM operation modes and managing administrative access.
System Admin
Administrators
Describes configuring administrator accounts with varying levels of access.
Access profiles
Explains how access profiles control access to features based on categories.
FortiManager
Describes configuring the FortiGate unit to be managed through a FortiManager server.
Settings
Details setting administrative ports, idle timeout, language, and LCD PIN protection.
System Maintenance
Backup and restore
Describes backing up and restoring system configuration and managing firmware.
FortiGuard Center
Explains configuring the FortiGate unit for FortiGuard Distribution Network (FDN) and services.
License
Details purchasing license keys to increase the maximum number of VDOMs.
System Chassis (FortiGate-5000 series)
SMC (shelf manager card)
Describes viewing the status of shelf manager cards (SMCs) in FortiGate-5000 series chassis.
Blades (FortiGate-5000 chassis slots)
Displays a list of slots in FortiGate-5000 chassis and information about installed modules.
Chassis monitoring event log messages
Explains log messages related to chassis monitoring for temperature, voltage, and fan speeds.
Router Static
Routing concepts
Explains general routing concepts and how the FortiGate unit performs routing functions.
Static Route
Describes defining static routes and creating route policies.
Policy Route
Explains how to define route policies based on packet properties.
Router Dynamic
RIP
Explains the RIP distance-vector routing protocol and its implementation.
OSPF
Describes the OSPF link-state routing protocol used in large heterogeneous networks.
BGP
Explains the BGP Internet routing protocol for exchanging routing information.
Multicast
Details how FortiGate units operate as Protocol Independent Multicast (PIM) routers.
Router Monitor
Displaying routing information
Explains how to interpret the Routing Monitor list and display routes from the routing table.
Searching the FortiGate routing table
Guides on applying filters to search the routing table and display specific routes.
Firewall Policy
About firewall policies
Explains that firewall policies control traffic and are instructions for connection decisions.
Viewing the firewall policy list
Describes how to view, add, delete, and re-order policies in the policy list.
Configuring firewall policies
Details how to define firewall policies to apply to communication sessions.
Firewall policy examples
Provides practical applications of firewall policies in SOHO and enterprise environments.
Firewall Address
About firewall addresses
Defines what a firewall address can be and how to enter IP addresses and netmasks.
Configuring addresses
Details creating and editing firewall addresses, IP ranges, or FQDNs.
Configuring address groups
Explains creating address groups to organize related addresses for easier policy configuration.
Firewall Service
Viewing the predefined service list
Explains how to view predefined services available globally on the FortiGate unit.
Configuring custom services
Details creating custom services for policies when services are not in the predefined list.
Configuring service groups
Details creating groups of services to simplify policy creation.
Firewall Schedule
Configuring one-time schedules
Details creating one-time schedules to activate or deactivate policies for a specified period.
Configuring recurring schedules
Details creating recurring schedules to activate or deactivate policies at specified times or days.
Firewall Virtual IP
Virtual IPs
Describes FortiGate Virtual IPs and how they are used in firewall policies for connections.
Configuring virtual IPs
Details adding and editing virtual IPs, including static NAT and load balancing.
IP pools
Describes using IP pools to add NAT policies that translate source addresses.
Configuring IP Pools
Details adding IP pools to interfaces and selecting them for firewall policies.
Firewall Protection Profile
What is a protection profile
Defines a protection profile as a group of settings to adjust for specific traffic protection.
Configuring a protection profile
Details configuring antivirus, web filtering, spam filtering, and IPS options.
Adding a protection profile to a policy
Explains enabling protection profiles for firewall policies with specific actions and services.
VPN IPSEC
Overview of IPSec interface mode
Provides information about route-based IPSec VPN options available through the web-based manager.
Auto Key
Explains configuring IPSec phase 1 and phase 2 exchanges to generate unique IKE keys automatically.
Manual Key
Details manually defining cryptographic keys for establishing IPSec VPN tunnels.
Concentrator
Explains defining a concentrator to include spokes in a hub-and-spoke configuration.
Monitor
Describes viewing activity on IPSec VPN tunnels and starting or stopping them.
VPN PPTP
PPTP Range
Explains specifying a range of IP addresses for PPTP clients.
VPN SSL
Config
Covers basic SSL VPN settings, including timeout values and encryption preferences.
Monitor
Describes displaying a list of all active SSL VPN sessions.
VPN Certificates
Local Certificates
Explains managing X.509 security certificates, including generating requests and installing signed certificates.
Remote Certificates
Details importing remote (OCSP) certificates.
CA Certificates
Explains obtaining and installing root certificates and CRLs.
CRL
Describes Certificate Revocation Lists (CRLs) and their use in ensuring certificate validity.
User
Configuring user authentication
Explains setting up user accounts, groups, and external authentication servers for network access control.
Local user accounts
Guides on adding local user accounts and configuring authentication methods.
RADIUS servers
Details configuring RADIUS support for user authentication.
LDAP servers
Explains configuring LDAP support for user authentication.
PKI authentication
Describes utilizing Public Key Infrastructure (PKI) for certificate-based authentication.
Windows AD servers
Details configuring Windows Active Directory servers for transparent user authentication.
User group
Explains what a user group is and its role in managing user identities.
Configuring peers and peer groups
Describes defining peers and peer groups for VPN configurations and PKI authentication.
AntiVirus
Order of operations
Explains the sequence of antivirus processing modules and engines.
Antivirus elements
Describes how antivirus elements work together for efficient scanning of incoming files.
Antivirus settings and controls
Compares antivirus options in protection profiles and the antivirus menu.
File pattern
Explains configuring file patterns to block potential threats and prevent virus attacks.
Quarantine
Describes how FortiGate units quarantine blocked and infected files.
Config
Displays a list of current viruses blocked and configures file/email size limits, and grayware blocking.
Antivirus CLI configuration
Details CLI commands that extend antivirus features available through the web-based manager.
Intrusion Protection
About intrusion protection
Explains how the FortiGate unit records suspicious traffic and matches it against attack signatures.
Predefined signatures
Describes enabling/disabling and configuring settings for individual predefined signatures.
Custom signatures
Explains creating custom signatures to customize FortiGate IPS for diverse network environments.
Protocol Decoders
Details how FortiGate IPS uses anomaly detection to identify network traffic exploiting known exploits.
Anomalies
Explains how FortiGate IPS uses anomaly detection to identify traffic that doesn't fit known patterns.
IPS CLI configuration
Describes CLI commands that extend IPS features available through the web-based manager.
Web Filter
Order of web filtering
Explains the specific order in which web filters are applied to traffic.
How web filtering works
Shows how web filters interact with each other and how to use them to your advantage.
Web filter controls
Describes how to configure web filtering settings and enable filters in a protection profile.
Content block
Explains controlling web content by blocking specific words or patterns.
URL filter
Details allowing or blocking access to specific URLs by adding them to the URL filter list.
FortiGuard - Web Filter
Describes FortiGuard-Web filtering, its categories, and how users can block or monitor web pages.
Antispam
Antispam
Explains configuring spam filtering options associated with firewall protection profiles.
Banned word
Details controlling spam by blocking email messages containing specific words or patterns.
Black/White List
Explains using IP address lists and email address lists to filter incoming email.
Advanced antispam configuration
Covers command-line interface (CLI) commands for advanced antispam configuration.
Using Perl regular expressions
Explains using wildcards or Perl regular expressions in email lists.
IM, P2P & VoIP
Overview
Describes controlling and monitoring usage of IM/P2P applications and VoIP protocols.
Configuring IM/P2P protocols
Guides on enabling/disabling IM/P2P options and configuring them within protection profiles.
Statistics
Explains viewing IM, P2P, and VoIP statistics to gain insight into protocol usage.
User
Describes viewing the Current Users list and analyzing it to allow or block users.
Log&Report
FortiGate Logging
Explains how a FortiGate unit can log network activities and traffic.
Storing Logs
Describes configuring where the FortiGate unit stores logs.
Log types
Describes various log types and how to enable logging for each.
Log Access
Explains viewing logs stored in memory, hard disk, or on FortiAnalyzer/FortiGuard servers.
Alert Email
Describes configuring alert email notifications for specific activities or events.
Content Archive
Enables viewing archived logs stored on the FortiAnalyzer unit.
Reports
Explains configuring and viewing reports integrated with FortiAnalyzer.
Viewing FortiAnalyzer reports from a FortiGate unit
Guides on viewing reports generated by the FortiAnalyzer unit on the Report Access page.

Table of Contents