Sign In
Upload
Manuals
Brands
Fortinet Manuals
Gateway
FortiGate 400
Fortinet FortiGate 400 Manuals
Manuals and User Guides for Fortinet FortiGate 400. We have
1
Fortinet FortiGate 400 manual available for free PDF download: Installation & Configuration Manual
Fortinet FortiGate 400 Installation & Configuration Manual (308 pages)
Fortinet Network Device Installation and Configuration Guide
Brand:
Fortinet
| Category:
Gateway
| Size: 5 MB
Table of Contents
Configuration Guide
1
Table of Contents
3
Introduction
15
Antivirus Protection
15
Web Content Filtering
16
Email Filtering
16
Firewall
17
Nat/Route Mode
17
Transparent Mode
18
Vlan
18
Network Intrusion Detection
18
Vpn
19
High Availability
19
Secure Installation, Configuration, and Management
20
Web-Based Manager
20
Command Line Interface
21
Logging and Reporting
21
What's New in Version 2.50
22
System Administration
22
Routing Information Protocol (RIP)
22
Replacement Messages
23
Firewall
23
Users and Authentication
23
Vpn
23
Nids
24
Antivirus
24
Web Filter
24
Email Filter
24
Logging and Reporting
24
About this Document
25
Document Conventions
26
Fortinet Documentation
27
Comments on Fortinet Technical Documentation
27
Customer Service and Technical Support
28
Getting Started
29
Package Contents
30
Mounting
30
Power Requirements
31
Environmental Specifications
31
Powering on
31
Connecting to the Web-Based Manager
32
Connecting to the Command Line Interface (CLI)
33
Factory Default Fortigate Configuration Settings
33
Factory Default Nat/Route Mode Network Configuration
34
Factory Default Transparent Mode Network Configuration
35
Factory Default Firewall Configuration
35
Factory Default Content Profiles
36
Planning Your Fortigate Configuration
39
Nat/Route Mode
39
Nat/Route Mode with Multiple External Network Connections
40
Transparent Mode
41
Configuration Options
41
Setup Wizard
41
Fortigate Model Maximum Values Matrix
42
Next Steps
43
Nat/Route Mode Installation
45
Preparing to Configure Nat/Route Mode
45
Using the Setup Wizard
46
Starting the Setup Wizard
46
Reconnecting to the Web-Based Manager
46
Using the Front Control Buttons and LCD
47
Using the Command Line Interface
47
Configuring the Fortigate Unit to Operate in Nat/Route Mode
47
Connecting the Fortigate Unit to Your Networks
49
Configuring Your Network
50
Completing the Configuration
50
Configuring Interface 3
50
Configuring Interface 4/HA
51
Setting the Date and Time
51
Enabling Antivirus Protection
51
Registering Your Fortigate Unit
51
Configuring Virus and Attack Definition Updates
52
Configuration Example: Multiple Connections to the Internet
52
Configuring Ping Servers
53
Destination Based Routing Examples
54
Load Sharing
55
Policy Routing Examples
57
Firewall Policy Example
58
Transparent Mode Installation
61
Preparing to Configure Transparent Mode
61
Using the Setup Wizard
62
Changing to Transparent Mode
62
Starting the Setup Wizard
62
Reconnecting to the Web-Based Manager
62
Using the Front Control Buttons and LCD
63
Using the Command Line Interface
63
Changing to Transparent Mode
63
Configuring the Transparent Mode Management IP Address
64
Configure the Transparent Mode Default Gateway
64
Completing the Configuration
64
Setting the Date and Time
64
Enabling Antivirus Protection
64
Registering Your Fortigate
65
Configuring Virus and Attack Definition Updates
65
Connecting the Fortigate Unit to Your Networks
65
Transparent Mode Configuration Examples
66
Default Routes and Static Routes
67
Example Default Route to an External Network
67
General Configuration Steps
68
Example Static Route to an External Destination
69
Example Static Route to an Internal Destination
72
High Availability
75
Active-Passive HA
75
Active-Active HA
76
HA in Nat/Route Mode
77
Installing and Configuring the Fortigate Units
77
Configuring the HA Interfaces
77
Configuring the HA Cluster
78
Connecting the HA Cluster to Your Network
80
Starting the HA Cluster
82
HA in Transparent Mode
82
Installing and Configuring the Fortigate Units
82
Configuring the HA Interface and HA IP Address
82
Configuring the HA Cluster
83
Connecting the HA Cluster to Your Network
85
Starting the HA Cluster
86
Managing the HA Cluster
86
Viewing the Status of Cluster Members
86
Monitoring Cluster Members
87
Monitoring Cluster Sessions
88
Viewing and Managing Cluster Log Messages
88
Managing Individual Cluster Units
89
Synchronizing the Cluster Configuration
89
Returning to Standalone Configuration
90
Replacing a Fortigate Unit after Fail-Over
90
Advanced HA Options
91
Selecting a Fortigate Unit to a Permanent Primary Unit
91
Configuring Weighted-Round-Robin Weights
92
System Status
93
Changing the Fortigate Host Name
94
Changing the Fortigate Firmware
94
Upgrade to a New Firmware Version
95
Upgrading the Firmware Using the CLI
95
Revert to a Previous Firmware Version
96
Install a Firmware Image from a System Reboot Using the CLI
99
Test a New Firmware Image before Installing It
101
Installing and Using a Backup Firmware Image
103
Manual Virus Definition Updates
106
Manual Attack Definition Updates
107
Displaying the Fortigate Serial Number
107
Displaying the Fortigate up Time
107
Displaying Log Hard Disk Status
107
Backing up System Settings
108
Restoring System Settings
108
Restoring System Settings to Factory Defaults
108
Changing to Transparent Mode
109
Changing to Nat/Route Mode
109
Restarting the Fortigate Unit
109
Shutting down the Fortigate Unit
110
System Status
110
Viewing CPU and Memory Status
110
Viewing Sessions and Network Status
111
Viewing Virus and Intrusions Status
112
Session List
113
Virus and Attack Definitions Updates and Registration
115
Updating Antivirus and Attack Definitions
115
Connecting to the Fortiresponse Distribution Network
116
Configuring Scheduled Updates
117
Configuring Update Logging
118
Adding an Override Server
119
Manually Updating Antivirus and Attack Definitions
119
Configuring Push Updates
119
Push Updates through a NAT Device
120
Scheduled Updates through a Proxy Server
124
Registering Fortigate Units
125
Forticare Service Contracts
125
Registering the Fortigate Unit
126
Updating Registration Information
128
Recovering a Lost Fortinet Support Password
128
Viewing the List of Registered Fortigate Units
128
Registering a New Fortigate Unit
129
Adding or Changing a Forticare Support Contract Number
129
Changing Your Fortinet Support Password
130
Changing Your Contact Information or Security Question
130
Downloading Virus and Attack Definitions Updates
130
Registering a Fortigate Unit after an RMA
131
Network Configuration
133
Configuring Zones
133
Adding Zones
133
Adding Interfaces to a Zone
134
Adding VLAN Subinterfaces to a Zone
134
Renaming Zones
134
Deleting Zones
135
Configuring Interfaces
135
Viewing the Interface List
135
Bringing up an Interface
135
Changing an Interface Static IP Address
136
Adding a Secondary IP Address to an Interface
136
Adding a Ping Server to an Interface
136
Controlling Management Access to an Interface
137
Configuring Traffic Logging for Connections to an Interface
137
Changing the MTU Size to Improve Network Performance
137
Configuring Port4/Ha
138
Configuring the Management Interface (Transparent Mode)
138
Configuring Vlans
139
VLAN Network Configuration
139
Adding VLAN Subinterfaces
141
Rules for VLAN Ids
141
Rules for VLAN IP Addresses
141
Configuring Routing
143
Adding a Default Route
143
Adding Destination-Based Routes to the Routing Table
143
Adding Routes in Transparent Mode
145
Configuring the Routing Table
145
Policy Routing
146
Providing DHCP Services to Your Internal Network
147
RIP Configuration
149
RIP Settings
150
Configuring RIP for Fortigate Interfaces
152
Adding RIP Neighbors
153
Adding RIP Filters
154
Adding a Single RIP Filter
154
Adding a RIP Filter List
155
Adding a Neighbors Filter
156
Adding a Routes Filter
156
System Configuration
157
Setting System Date and Time
157
Changing Web-Based Manager Options
158
Adding and Editing Administrator Accounts
160
Adding New Administrator Accounts
160
Editing Administrator Accounts
161
Configuring SNMP
162
Configuring the Fortigate Unit for SNMP Monitoring
162
Configuring Fortigate SNMP Support
162
Fortigate Mibs
163
Fortigate Traps
164
Customizing Replacement Messages
164
Customizing Replacement Messages
165
Customizing Alert Emails
166
Firewall Configuration
169
Default Firewall Configuration
170
Interfaces
170
VLAN Subinterfaces
170
Zones
171
Addresses
171
Services
172
Schedules
172
Content Profiles
172
Adding Firewall Policies
172
Firewall Policy Options
173
Traffic Shaping
175
Configuring Policy Lists
177
Policy Matching in Detail
177
Changing the Order of Policies in a Policy List
178
Enabling and Disabling Policies
178
Addresses
179
Adding Addresses
179
Editing Addresses
180
Deleting Addresses
180
Organizing Addresses into Address Groups
181
Services
182
Predefined Services
182
Providing Access to Custom Services
184
Grouping Services
185
Schedules
186
Creating One-Time Schedules
186
Creating Recurring Schedules
187
Adding a Schedule to a Policy
188
Virtual Ips
188
Adding Static NAT Virtual Ips
189
Adding Port Forwarding Virtual Ips
190
Adding Policies with Virtual Ips
191
IP Pools
192
Adding an IP Pool
192
IP Pools for Firewall Policies that Use Fixed Ports
193
IP Pools and Dynamic NAT
193
IP/MAC Binding
193
Configuring IP/MAC Binding for Packets Going through the Firewall
194
Configuring IP/MAC Binding for Packets Going to the Firewall
195
Adding IP/MAC Addresses
195
Viewing the Dynamic IP/MAC List
196
Enabling IP/MAC Binding
196
Content Profiles
197
Default Content Profiles
197
Adding a Content Profile
197
Adding a Content Profile to a Policy
199
Users and Authentication
201
Setting Authentication Timeout
202
Adding User Names and Configuring Authentication
202
Deleting User Names from the Internal Database
203
Configuring RADIUS Support
204
Adding RADIUS Servers
204
Deleting RADIUS Servers
204
Configuring LDAP Support
205
Adding LDAP Servers
205
Deleting LDAP Servers
206
Configuring User Groups
207
Adding User Groups
207
Deleting User Groups
208
Ipsec VPN
209
Key Management
210
Manual Keys
210
Automatic Internet Key Exchange (Autoike) with Pre-Shared Keys or Certificates
210
Manual Key Ipsec Vpns
211
General Configuration Steps for a Manual Key VPN
211
Adding a Manual Key VPN Tunnel
211
Autoike Ipsec Vpns
213
General Configuration Steps for an Autoike VPN
213
Adding a Phase 1 Configuration for an Autoike VPN
213
Adding a Phase 2 Configuration for an Autoike VPN
217
Managing Digital Certificates
219
Obtaining a Signed Local Certificate
219
Obtaining a CA Certificate
223
Importing a CA Certificate
223
Configuring Encrypt Policies
224
Adding a Source Address
225
Adding a Destination Address
225
Adding an Encrypt Policy
225
Ipsec VPN Concentrators
227
VPN Concentrator (Hub) General Configuration Steps
227
Adding a VPN Concentrator
229
VPN Spoke General Configuration Steps
230
Redundant Ipsec Vpns
231
Configuring Redundant Ipsec VPN
231
Monitoring and Troubleshooting Vpns
233
Viewing VPN Tunnel Status
233
Viewing Dialup VPN Connection Status
233
Testing a VPN
234
PPTP and L2TP VPN
235
Configuring PPTP
235
Configuring the Fortigate Unit as a PPTP Gateway
236
Adding Users and User Groups
236
Adding a Destination Address
238
Configuring a Windows 98 Client for PPTP
238
Configuring a Windows 2000 Client for PPTP
239
Configuring a Windows XP Client for PPTP
240
Configuring L2TP
241
Configuring the Fortigate Unit as a L2TP Gateway
242
Configuring a Windows 2000 Client for L2TP
245
Configuring a Windows XP Client for L2TP
246
Network Intrusion Detection System (NIDS)
249
Detecting Attacks
249
Selecting the Interfaces to Monitor
250
Disabling the NIDS
250
Configuring Checksum Verification
250
Viewing the Signature List
251
Viewing Attack Descriptions
251
Enabling and Disabling NIDS Attack Signatures
252
Adding User-Defined Signatures
252
Preventing Attacks
253
Enabling NIDS Attack Prevention
253
Enabling NIDS Attack Prevention Signatures
254
Setting Signature Threshold Values
254
Configuring Synflood Signature Values
256
Logging Attacks
256
Logging Attack Messages to the Attack Log
256
Reducing the Number of NIDS Attack Log and Email Messages
257
Antivirus Protection
259
General Configuration Steps
259
Antivirus Scanning
260
File Blocking
261
Blocking Files in Firewall Traffic
262
Adding File Patterns to Block
262
Quarantine
263
Quarantining Infected Files
263
Quarantining Blocked Files
263
Viewing the Quarantine List
264
Sorting the Quarantine List
264
Filtering the Quarantine List
265
Deleting Files from Quarantine
265
Downloading Quarantined Files
265
Configuring Quarantine Options
265
Blocking Oversized Files and Emails
266
Configuring Limits for Oversized Files and Email
266
Exempting Fragmented Email from Blocking
266
Viewing the Virus List
266
Web Filtering
267
General Configuration Steps
267
Content Blocking
268
Adding Words and Phrases to the Banned Word List
268
URL Blocking
269
Using the Fortigate Web Filter
269
Clearing the Url Block List
270
Downloading the Url Block List
271
Uploading a Url Block List
271
Using the Cerberian Web Filter
272
Configuring Cerberian Web Filter
273
Enabling Cerberian Url Filtering
273
Script Filtering
274
Enabling the Script Filter
274
Selecting Script Filter Options
274
Exempt URL List
275
Adding Urls to the Exempt URL List
275
Email Filter
277
General Configuration Steps
277
Email Banned Word List
278
Adding Words and Phrases to the Banned Word List
278
Email Block List
279
Adding Address Patterns to the Email Block List
279
Email Exempt List
279
Adding Address Patterns to the Email Exempt List
280
Adding a Subject Tag
280
Logging and Reporting
281
Recording Logs
281
Recording Logs on a Remote Computer
282
Recording Logs on a Netiq Webtrends Server
282
Recording Logs on the Fortigate Hard Disk
283
Recording Logs in System Memory
284
Filtering Log Messages
284
Configuring Traffic Logging
286
Enabling Traffic Logging
286
Configuring Traffic Filter Settings
287
Adding Traffic Filter Entries
288
Viewing Logs Saved to Memory
289
Viewing Logs
289
Searching Logs
289
Viewing and Managing Logs Saved to the Hard Disk
290
Viewing Logs
290
Searching Logs
290
Downloading a Log File to the Management Computer
291
Deleting All Messages in an Active Log
291
Deleting a Saved Log File
292
Configuring Alert Email
292
Adding Alert Email Addresses
292
Testing Alert Email
293
Enabling Alert Email
293
Glossary
295
Index
299
Advertisement
Advertisement
Related Products
Fortinet FortiGate 4000
Fortinet FortiGate 110C
Fortinet FortiGate 100
Fortinet FortiGate 60B
Fortinet FortiGate 620B
Fortinet FortiGate v3.0 MR7
Fortinet FortiGate 30B
Fortinet FortiGate FortiGate-30B
Fortinet FortiGate FortiGate-310B
Fortinet FortiGate FortiGate-60B
Fortinet Categories
Firewall
Network Hardware
Wireless Access Point
Switch
Telephone
More Fortinet Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL