Fortinet Version 3.0 Administration Manual
  1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Network Hardware
  5. FortiOS 3.0
  6. Administration manual

Fortinet Version 3.0 Administration Manual

Fortinet bridge administration guide
Hide thumbs Also See for Version 3.0:
Table of Contents

Advertisement

Quick Links

Download this manual
A d m i n i s t r a t i o n G u i d e
FortiBridge
Version 3.0
www.fortinet.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Version 3.0 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Fortinet Version 3.0

Summary of Contents for Fortinet Version 3.0

  • Page 1 A d m i n i s t r a t i o n G u i d e FortiBridge Version 3.0 www.fortinet.com...
  • Page 2 9 November 2006 09-30000-0163-20061109 © Copyright 2006 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc.

  • Page 3: Table Of Contents

    About this document... 7 Fortinet documentation... 8 Fortinet tools and documentation CD... 8 Fortinet Knowledge Center ... 8 Comments on Fortinet technical documentation ... 8 Customer service and technical support ... 8 FortiBridge operating principles ... 9 Example FortiBridge application... 9 Connecting the FortiBridge unit...
  • Page 4 ... 52 log syslogd setting... 54 probe probe_list {ping | http | ftp | pop3 | smtp | imap} ... 55 probe setting... 56 system accprofile ... 57 system admin... 59 Contents FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...
  • Page 5 71 config hosts ... 71 execute CLI commands ... 73 backup ... 74 date ... 75 factoryreset ... 76 ping ... 77 reboot... 78 restore... 79 switch-mode... 80 time ... 81 Index... 83 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...
  • Page 6 Contents FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 7: Introduction

    FortiBridge operating principles FortiBridge units work. • Setting up FortiBridge units installation procedures for FortiBridge units. • Configuration and operating procedures and configuring FortiBridge units. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 INT 1 EXT 1 BYPASS MODE MODE NORMAL Enter...

  • Page 8: Fortinet Documentation

    Describes how to install, configure, and manage a FortiBridge unit. All Fortinet documentation is available from the Fortinet Tools and Documentation CD shipped with your Fortinet product. The documents on this CD are current for your product at shipping time. For the latest versions of all Fortinet documentation see the Fortinet Technical Documentation web site at http://docs.forticare.com.

  • Page 9: Fortibridge Operating Principles

    Internal -> External firewall policies to the FortiGate unit. Add protection profiles to the firewall policies to apply security services such as virus scanning, web filtering, spam filtering and IPS to the traffic that passes through the FortiGate unit. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Internal network...

  • Page 10: Connecting The Fortibridge Unit

    FortiBridge-1000 unit to the FortiGate unit and to your networks. However, for some connections you may need a crossover ethernet cable (for example, for compatibility with network devices that do not support Auto MDI/MDIX). FortiBridge operating principles EXT 1 Internet Router EXT 2 External Figure FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 11: Connecting The Fortibridge-1000F (Fiber Gigabit Ethernet)

    EXT 2 interface. If the EXT 2 interface receives the probe packets, the FortiGate unit is operating normally. If the EXT 2 interface does not receive probe packets the FortiBridge unit assumes that the FortiGate unit has failed. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 (Normal mode)

  • Page 12: Probes And Fortigate Firewall Policies

    FortiBridge operating principles EXT 1 Internet Router EXT 2 External Probe packets FortiGate Firewall policy Direction Service Internal -> External ICMP or ANY Internal -> External HTTP or ANY Internal -> External FTP or ANY FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 13: Enabling Probes To Detect Fortigate Hardware Failure

    The probe threshold defines how many consecutive failed probes can occur before the FortiBridge considers the connection to have failed. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 at the INT 2 interface to a POP3 server at the EXT 2 interface.

  • Page 14: Bypass Mode Operation

    When power is restored, the battery requires approximately three hours to recharge if completely drained. The FortiBridge-1000 unit does not use a battery and can maintain a fail open condition indefinitely. FortiBridge operating principles EXT 1 Internet Router EXT 2 External FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 15: Example Fortigate Ha Cluster Fortibridge Application

    FortiBridge-1000 unit to the FortiGate unit and to your networks. However, for some connections you may need a crossover ethernet cable (for example, for compatibility with network devices that do not support Auto MDI/MDIX). FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Example FortiGate HA cluster FortiBridge application...

  • Page 16: Connecting The Fortibridge-1000F (Fiber Gigabit Ethernet)

    Connect the FortiBridge-1000 INT 2 interface to the FortiGate-500A port 5 interface. Connect the FortiGate-500A port 6 interface to the FortiBridge-1000 EXT 2 interface. FortiBridge operating principles Figure EXT 1 Internet Router EXT 2 Port 6 -500A Figure FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...
  • Page 17 Connect the internal network to the FortiBridge-1000 INT 1 interface. Connect the FortiBridge-1000 EXT 1 interface to the router. You must add port 5 -> port 6 firewall policies to the FortiGate-500A unit configuration. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Example configuration with other FortiGate interfaces...
  • Page 18 Example configuration with other FortiGate interfaces FortiBridge operating principles FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 19: Setting Up Fortibridge Units

    The FortiBridge-1000 package contains the following items: • the FortiBridge-1000 unit • two orange crossover Ethernet cables (Fortinet part number CC300248) • one RJ-45 to DB-9 serial cable (Fortinet part number CC300302) • FortiBridge-1000 QuickStart Guide • CD containing the Fortinet user documentation •...

  • Page 20: Fortibridge-1000F Package Contents

    FortiGate unit connections The FortiBridge-1000F package contains the following items: • the FortiBridge-1000F unit • one RJ-45 to DB-9 serial cable (Fortinet part number CC300302) • four 1000Base-SX SFP Transceivers • FortiBridge QuickStart Guide • CD containing the Fortinet user documentation •...

  • Page 21: Technical Specifications

    Table 4: FortiBridge-1000F LED indicators INT 1, INT 2, EXT 1, and EXT 2 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm) 1.5 lb. (0.68 kg) DC input voltage: 5 V DC input current: 5 A Operating temperature: 32 to 104°F (0 to 40°C)

  • Page 22: Connectors

    INT 1, INT 2, EXT 1, and EXT 2 sockets on the back panel. The management connection is optional. RS-232 Console connection to the serial command line interface (CLI). FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 23: Connecting And Turning On The Fortibridge Unit

    FortiBridge-1000 unit to the FortiGate unit and to your networks. However, for some connections you may need a crossover ethernet cable (for example, for compatibility with network devices that do not support Auto MDI/MDIX). FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 to change this IP address.

  • Page 24: Connecting And Turning On The Fortibridge-1000F Unit

    INT 1 EXT 1 MANAGEMENT for out of band management Gigabit Fiber connection to External network Gigabit Fiber connection to Internal network EXT 1 Internet Gigabit Switch Router Fiber EXT 2 Gigabit Fiber External FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 25: Connecting To The Command Line Interface (Cli)

    A prompt similar to the following appears (shown for the FortiBridge-1000): FortiBridge-1000 login: Type a valid administrator name and press Enter. The default administrator account is admin. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Connecting to the command line interface (CLI) “Connecting to the FortiBridge CLI using for more information about connecting to the FortiBridge CLI.

  • Page 26: Connecting To The Fortibridge Cli Using Telnet

    FortiBridge CLI, use the following procedures to complete the basic configuration of the FortiBridge unit. Setting up FortiBridge units to add a password. “Changing the to change the management IP address. to add a password. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 27: Adding An Administrator Password

    To change the management IP address Log in to the CLI. Change management IP address. Enter: config system manageip For example: config system manageip FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 edit admin set password <psswrd> edit admin set password passWORD set ip <address_ipv4mask>...

  • Page 28: Changing Dns Server Ip Addresses

    If required for your network configuration, add a static route. Enter: config system route edit <sequence_integer> set gateway <gateway-address_ipv4> set dst <destination-address_ipv4mask> For example: config system route edit 2 set gateway 192.168.20.3 set dst 192.168.22.0 255.255.255.0 Setting up FortiBridge units FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 29: Allowing Management Access To The Ext 1 Interface

    The factory default FortiBridge configuration includes the admin administrator account. Use this procedure to add more administrator accounts. To add administrator accounts Log in to the CLI. Add an administrator. Enter: FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 set allowaccess telnet ping set timezone <timezone_integer> set timezone 8 Completing the basic FortiBridge configuration “system global”...

  • Page 30: Resetting To The Factory Default Configuration

    FortiBridge firmware image file that you are going to install on the FortiBridge unit. During these procedures you are required to enter the name of the firmware image file. Setting up FortiBridge units “system admin” on FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 31: Upgrading To A New Firmware Version

    Where <name_str> is the name of the firmware image file on the TFTP server and <tftp_ip> is the IP address of the TFTP server. For example, if the firmware image file name is FBG_1000-v10-build010-FORTINET.out and the IP address of the TFTP server is 192.168.1.23, enter: execute restore image FBG_1000-v10-build010-FORTINET.out...

  • Page 32: Reverting To A Previous Firmware Version

    Where <name_str> is the name of the firmware image file on the TFTP server and <tftp_ip> is the IP address of the TFTP server. For example, if the firmware image file name is FBG_1000-v10-build010-FORTINET.out and the IP address of the TFTP server is 192.168.1.23, enter: execute restore image FBG_1000-v10-build010-FORTINET.out...

  • Page 33: Installing Firmware From A System Reboot

    Type the address of the TFTP server and press Enter. The following message appears: Enter local address [192.168.1.188]: Type an IP address that the FortiBridge unit can use to connect to the TFTP server press Enter. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Installing FortiBridge unit firmware...
  • Page 34 FortiBridge unit installs the new firmware image, resets the configuration to factory defaults, and restarts. This process takes a few minutes. Reconnect to the CLI. To confirm that the firmware image has been loaded, enter: get system status Setting up FortiBridge units FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 35: Configuration And Operating Procedures

    Virus scanning of HTTP, FTP, POP3, SMTP, and IMAP traffic, • Web filtering of HTTP traffic, • Spam filtering of POP3, SMTP, and IMAP traffic. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Figure 13. The FortiGate unit can provide the Example network settings...

  • Page 36: Configuring Fortibridge Probes

    POP3, SMTP, and IMAP traffic. Until you configure probes, the FortiBridge unit cannot detect if the FortiGate unit has failed. Configuration and operating procedures EXT 1 Internet Router EXT 2 External Mail server 172.20.120.10/24 172.20.120.0/24 172.20.120.1/24 172.20.120.1 172.20.120.2 172.20.120.3 172.20.120.11 172.20.120.12 mail.myorg.com FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 37: Probe Settings

    Note: The FortiBridge unit does not have to fail open if the FortiGate unit fails. The FortiBridge unit can be configured just to send alerts if the FortiGate unit fails. Log in to the FortiBridge CLI. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Set the FortiBridge unit response when a probe detects that the FortiGate unit has failed.

  • Page 38: Enabling Probes

    “probe probe_list {ping | http | ftp | pop3 | smtp | imap}” on page Log into the FortiBridge CLI. Enable the ping probe using the default ping probe parameters. Enter: config probe probe_list ping set status enable Configuration and operating procedures Figure 14 to the FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 39: Verifying That Probes Are Functioning

    FortiGate unit. To verify that probes are functioning Log into the FortiGate unit web-based manager. Go to System > Status > Session. View the sessions on the Session list. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 name : ping failure_threshold...

  • Page 40: Tuning The Failure Threshold And Probe Interval

    FortiGate unit has failed. Until you configure alert email, syslog, and SNMP alerts, the FortiBridge cannot notify system administrators of a FortiGate failure. You can configure the following FortiBridge alerts: • FortiBridge alert email • FortiBridge syslog • FortiBridge SNMP Configuration and operating procedures FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 41: Fortibridge Alert Email

    01 time=15:28:22 device_id= log_id=0100020001 type=event subtype=system pri=alert msg="FortiBridge detect FortiGate failure: [failed time: Tue Feb protocol: http] [failed FortiGate serial number: FGT8002803923050]" FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 1 19:58:46 2005 set server mail.myorg.com set username user@company.com set password PassWORD set mailto1 user@company.com...

  • Page 42: Fortibridge Snmp

    SNMP traps. You can add the IP addresses of up to 8 SNMP managers to each community. Configuration and operating procedures 1 15:26:59 2005][failed 1 15:22:49 2005][failed 1 15:19:15 2005][failed “log syslogd setting” on FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 43: Recovering From A Fortigate Failure

    Review FortiBridge alerts and check the status of your FortiGate unit and network components to determine the source of the failure. A network component or the FortiGate unit could have experienced a general hardware failure or a specific software failure. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 edit 1 set name snmp_1 for more information.

  • Page 44: Manually Switching Between Fortibridge Operating Modes

    The config file is copied to the TFTP server and saved with the specified file name. To restore the FortiBridge configuration Make sure that the TFTP server is running. Log into the FortiBridge CLI. Configuration and operating procedures “Tuning the failure FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...
  • Page 45 FortiBridge unit reboots loading the new configuration. While the FortiBridge unit is rebooting, all network traffic passes directly from INT 1 and EXT 1 bypassing the FortiGate unit. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Backing up and restoring the FortiBridge configuration...
  • Page 46 Backing up and restoring the FortiBridge configuration Configuration and operating procedures FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 47: Using The Cli

    Where <name_str> is the name of the FortiBridge interface to be configured to accept SSH connections. Internal means the FortiBridge INT 1 interface. External means the FortiBridge EXT 1 interface. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Guide. edit <name_str>...

  • Page 48: Other Access Methods

    SSH client on your management computer and use this client to connect to the FortiBridge CLI. Note: A maximum of 5 SSH connections can be open at the same time. Using the CLI FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...
  • Page 49 Type the password for this administrator and press Enter. The FortiBridge model name followed by a # is displayed. You have connected to the FortiBridge CLI, and you can enter CLI commands. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Connecting to the FortiBridge CLI using SSH or Telnet...
  • Page 50 Connecting to the FortiBridge CLI using SSH or Telnet Using the CLI FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 51: Config Cli Commands

    CLI commands alertemail setting log syslogd setting probe probe_list {ping | http | ftp | pop3 | smtp | imap} probe setting system accprofile FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 system admin system global system console system interface {internal | external}...

  • Page 52: Alertemail Setting

    The SMTP server can be located on any network connected to the FortiBridge unit. Enter a valid email address in the format user@domain.com. This address appears in the From header of the alert email. FortiBridge Version 3.0 Administration Guide config CLI commands Default disable default.

  • Page 53: Related Commands

    CLI commands Related Commands • probe setting FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 alertemail setting...

  • Page 54: Log Syslogd Setting

    FortiBridge units. Enter the port number for communication with the syslog server. 514 Enter the IP address of the syslog server that stores the logs. FortiBridge Version 3.0 Administration Guide config CLI commands Default...

  • Page 55: Probe Probe_List {Ping | Http | Ftp | Pop3 | Smtp | Imap

    This example shows how to display the configuration for the probe probe_list command. show probe probe_list Related Commands • probe setting FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 probe probe_list {ping | http | ftp | pop3 | smtp | imap} Description The number of probe packets that are lost before the FortiBridge unit determines that the FortiGate unit has failed.

  • Page 56: Probe Setting

    IP pattern if any probes are enabled. The serial number of the FortiGate unit that the FortiBridge unit is connected to. This number is used in FortiBridge alert messages to identify the FortiGate unit. FortiBridge Version 3.0 Administration Guide config CLI commands Default failopen...

  • Page 57: System Accprofile

    {none | r | rw | w} Control administrator access to FortiBridge administrator loggrp {none | r | rw | w} sysgrp {none | r | rw | w} sysshutdowngrp {none | r | rw | w} FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description accounts and access profiles. none deny access.
  • Page 58 This example shows how to display the configuration for the system accprofile command. show system accprofile This example shows how to display the configuration for the policy_profile access profile. get system accprofile policy_profile Related Commands • system admin config CLI commands FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 59: System Admin

    <address_ipv4mask> trusthost2 <address_ipv4mask> trusthost3 <address_ipv4mask> FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Enter the name of the access profile to assign to this administrator account. Access profiles control administrator access to FortiBridge features. security, the password should be at least 6 characters long.
  • Page 60 This example shows how to display the settings for the new_admin administrator account. get system admin new_admin This example shows how to display the configuration for the system admin command. show system admin Related Commands • system accprofile config CLI commands FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 61: System Console

    This example shows how to display the settings for the console command. get system console This example shows how to display the configuration for the console command. show system console FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Set the console mode to line or batch. Used for auto testing only. line Set console output to standard (no pause) or more (pause after each screen, resume on keypress).

  • Page 62: System Dns

    This example shows how to display the settings for the system dns command. get system dns This example shows how to display the configuration for the system dns command. show system dns Description Enter the primary DNS server IP address. FortiBridge Version 3.0 Administration Guide config CLI commands Default 65.39.139.53 65.39.139.63 09-30000-0163-20061109...

  • Page 63: Get System Status

    FortiBridge unit firmware version and build number • FortiBridge unit host name • FortiBridge unit operation mode (normal or bypass) • FortiBridge unit serial number Command syntax pattern get system status FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 get system status...

  • Page 64: System Fail_Close

    Except when fail_bypass is set, the FortiBridge will wait the specified time before deactivating the fail close feature when the problem is corrected. FortiBridge Version 3.0 Administration Guide config CLI commands Default disable...
  • Page 65 This example shows how to enable the FortiBridge fail_close feature, and set the threshold time to five seconds. config system fail_close set status fail_close set threshold 5 This example shows how to display the configuration for the system fail_close command. show system fail_close FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 system fail_close...

  • Page 66: System Global

    Network Time Protocol (NTP) server. For more information about NTP and to find the IP address of an NTP server that you can use, see http://www.ntp.org. FortiBridge Version 3.0 Administration Guide config CLI commands Default disable...
  • Page 67 This example shows how to display the settings for the system global command. get system global This example shows how to display the configuration for the system global command. show system global FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Enter how often, in minutes, the FortiGate unit should synchronize its time with the Network Time Protocol (NTP) server.

  • Page 68: System Interface {Internal | External

    If you want to remove an option from the list or add an option to the list, you must retype the list with the option removed or added. FortiBridge Version 3.0 Administration Guide config CLI commands Default...

  • Page 69: System Manageip

    This example shows how to display the configuration for the manageip command. show system manageip Related Commands • system interface {internal | external} FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Set the IP address and netmask of the FortiBridge management interface.

  • Page 70: System Route

    Enter 0.0.0.0 0.0.0.0 for the destination IP address and netmask to add a default route. The IP address of the first next hop router to which this route directs traffic. FortiBridge Version 3.0 Administration Guide config CLI commands Default 0.0.0.0 0.0.0.0...

  • Page 71: System Snmp Community

    | enable} config hosts Access the hosts subcommand using the snmp community command. Use this command to add SNMP manager IP addresses to an SNMP community. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description The name of the SNMP community. SNMP v1 local port number used for sending traps to the SNMP managers added to this SNMP community.
  • Page 72 This example shows how to display the configuration for the SNMP community with ID 1. show system snmp community 1 Description The IP address of the SNMP manager. edit 1 set ip 192.168.10.34 config CLI commands Default 0.0.0.0 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 73: Execute Cli Commands

    CLI commands execute CLI commands backup date factoryreset ping FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 reboot restore switch-mode time...

  • Page 74: Backup

    TFTP server is 192.168.1.23. execute backup config fbdg.cfg 192.168.1.23 Description Back up the FortiBridge configuration. The name to give the file that is copied to the TFTP server. The TFTP server IP address. FortiBridge Version 3.0 Administration Guide execute CLI commands 09-30000-0163-20061109...

  • Page 75: Date

    2001 to 2100 If you do not specify a date, the command returns the current system date. Example This example sets the date to 17 September 2004: execute date 09/17/2004 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 date...

  • Page 76: Factoryreset

    Reset the FortiBridge configuration to factory default settings. Command syntax execute factoryreset Caution: This procedure deletes all changes that you have made to the FortiBridge configuration and reverts the system to its original configuration, including resetting the management IP address. FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 77: Ping

    Send five ICMP echo requests (pings) to test the network connection between the FortiBridge unit and another network device. Command syntax execute ping {<address_ipv4> | <host-name_str>} Example This example shows how to ping a host with the IP address 192.168.1.23. execute ping 192.168.1.23 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 ping...

  • Page 78: Reboot

    CLI commands reboot Restart the FortiBridge unit. Command syntax execute reboot FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 79: Restore

    FortiBridge unit with this configuration. The name of the configuration file on the TFTP server is backupconfig. The IP address of the TFTP server is 192.168.1.23. execute restore config backupconfig 192.168.1.23 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Description Restore a system configuration.

  • Page 80: Switch-Mode

    CLI commands switch-mode Use this command to switch between bypass and normal mode. Command syntax execute switch-mode FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 81: Time

    00 to 59 If you do not specify a time, the command returns the current system time. Example This example sets the system time to 15:31:03: execute time 15:31:03 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 where time...
  • Page 82 CLI commands FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109...

  • Page 83: Index

    14 connecting to the console 25 connecting using SSH or Telnet 47 connecting using Telnet 26 resetting to factory defaults 30 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 using 47 cluster FortiBridge application 15 command line interface...
  • Page 84 52 mailto2 52 mailto3 52 management access to the EXT 1 interface 29 management IP FortiBridge 10 management IP address changing 27 mode switching between modes 14 mode {batch | line} 61 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Index...
  • Page 85 38 enabling probes 38 fail open 37 FortiGate hardware failure 13 FortiGate session list 40 FortiGate software failure 13 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 FortiGate unit serial number 37 FTP 12 HTTP 12 IMAP 13, 39...
  • Page 86 {disable | enable} 71 trap_v2c_lport 71 trap_v2c_rport 71 trap_v2c_status {disable | enable} 71 trusthost1 59 trusthost2 59 trusthost3 59 turning on FortiBridge unit 23 upgrading FortiBridge firmware 31 username 52 verifying probes 39 FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061109 Index...
  • Page 87 www.fortinet.com...
  • Page 88 www.fortinet.com...

This manual is also suitable for:

Fortibridge 3.0

Table of Contents

Save PDF