Bedienungsanleitung Fortinet FortiGate 620B

Inhaltszusammenfassung zur Seite Nr. 1

INSTALL GUIDE
FortiGate-620B
FortiOS 3.0 MR6
www.fortinet.com

Inhaltszusammenfassung zur Seite Nr. 2

FortiGate-620B Install Guide FortiOS 3.0 MR6 15 October 2008 01-30006-83054-20081015 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc. Trademarks Fortinet, FortiGate and FortiGuard are registered trademarks and Dyna

Inhaltszusammenfassung zur Seite Nr. 3

Contents Contents Contents.............................................................................................. 3 Introduction ........................................................................................ 7 Register your FortiGate unit............................................................................. 7 About the FortiGate-620B ................................................................................. 8 LACP configuration ....................................

Inhaltszusammenfassung zur Seite Nr. 4

Contents Configure the interfaces ....................................................................... 23 Configure a DNS server ....................................................................... 24 Adding a default route and gateway..................................................... 24 Adding firewall policies ......................................................................... 25 Configuring Transparent mode...................................................................... 2

Inhaltszusammenfassung zur Seite Nr. 5

Contents Changing interfaces to operate in SGMII or SerDes mode .................. 42 Configure the speed ............................................................................. 43 FortiGate Firmware .......................................................................... 45 Downloading firmware .................................................................................... 45 Using the web-based manager....................................................................... 46 Upgr

Inhaltszusammenfassung zur Seite Nr. 6

Contents FortiGate-620B FortiOS 3.0 MR6 Install Guide 6 01-30006-83054-20081015

Inhaltszusammenfassung zur Seite Nr. 7

Introduction Register your FortiGate unit Introduction Welcome and thank you for selecting Fortinet products for your real-time network protection. The FortiGate Unified Threat Management System improves network security, reduces network misuse and abuse, and helps you use communications resources more efficiently without compromising the performance of your network. The FortiGate Unified Threat Management System are ICSA-certified for firewall, IPSec, and antivirus services. The FortiGate

Inhaltszusammenfassung zur Seite Nr. 8

About the FortiGate-620B Introduction About the FortiGate-620B The FortiGate-620B is designed to raise the expectations of mid-range security devices. Incorporating FortiASIC network processors for firewall/VPN acceleration and the FortiASIC Content Processor for content inspection acceleration, the FortiGate-620B yields unmatched multi-threat performance metrics. AMC module options offer both flexibility and the highest port density of any product in its class. The FortiGate-620B's acceler

Inhaltszusammenfassung zur Seite Nr. 9

Introduction Further Reading • AMC modules – Describes how to install and configure Advanced Mezzanine Cards for use in the FortiGate unit. • FortiGate Firmware – Describes how to install, update, restore and test firmware for the FortiGate device. Document conventions The following document conventions are used in this guide: • In the examples, private IP addresses are used for both private and public IP addresses. • Notes and Cautions are used to provide important information: Note: Highlig

Inhaltszusammenfassung zur Seite Nr. 10

Further Reading Introduction • FortiGate Administration Guide Provides basic information about how to configure a FortiGate unit, including how to define FortiGate protection profiles and firewall policies; how to apply intrusion prevention, antivirus protection, web content filtering, and spam filtering; and how to configure a VPN. • FortiGate online help Provides a context-sensitive and searchable version of the Administration Guide in HTML format. You can access online help from the web-

Inhaltszusammenfassung zur Seite Nr. 11

Introduction Customer service and technical support Comments on Fortinet technical documentation Please send information about any errors or omissions in this document, or any Fortinet technical documentation, to techdoc@fortinet.com. Customer service and technical support Fortinet Technical Support provides services designed to make sure that your Fortinet systems install quickly, configure easily, and operate reliably in your network. Please visit the Fortinet Technical Support web site a

Inhaltszusammenfassung zur Seite Nr. 12

Customer service and technical support Introduction FortiGate-620B FortiOS 3.0 MR6 Install Guide 12 01-30006-83054-20081015

Inhaltszusammenfassung zur Seite Nr. 13

Installing Environmental specifications Installing This chapter describes installing your FortiGate unit in your server room, environmental specifications and how to mount the FortiGate in a rack if applicable. This chapter contains the following topics: • Environmental specifications • Cautions and warnings • Plugging in the FortiGate • Plugging in the FortiGate • Turning off the FortiGate unit Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C) If you install the Fo

Inhaltszusammenfassung zur Seite Nr. 14

Cautions and warnings Installing • Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/TV technician for help. The equipment compliance with FCC radiation exposure limit set forth for uncontrolled Environment. Cautions and warnings Review the following cautions before installing your FortiGate unit. Caution: Risk of Explosion if battery is replaced by an incorrect type. Dispose of used ! batteri

Inhaltszusammenfassung zur Seite Nr. 15

Installing Cautions and warnings Mounting If required to fit into a rack unit, remove the rubber feet from the bottom of the FortiGate unit. The FortiGate unit can be placed on any flat surface, or mounted in a standard 19- inch rack unit. When placing the FortiGate unit on any flat, stable surface, ensure the unit has at least 1.5 inches (3.75 cm) of clearance on each side to ensure adequate airflow for cooling. For rack mounting, use the mounting brackets and screws included with the Forti

Inhaltszusammenfassung zur Seite Nr. 16

Plugging in the FortiGate Installing Figure 3: Mounting in a rack Plugging in the FortiGate Use the following steps to connect the power supply to the FortiGate unit. To power on the FortiGate unit 1 Ensure the power switch, located at the back of the FortiGate unit is in the off position, indicated by the “O”. 2 Connect the power cord at the back of the FotiGate unit. 3 Connect the power cable to a power outlet. 4 Set the power switch on the back left of the FortiGate to the on position indica

Inhaltszusammenfassung zur Seite Nr. 17

Configuring NAT vs. Transparent mode Configuring This section provides an overview of the operating modes of the FortiGate unit, NAT/Route and Transparent, and how to configure the FortiGate unit for each mode. There are two ways you can configure the FortiGate unit, using the web-based manager or the command line interface (CLI). This section will step through using both methods. Use whichever you are most comfortable with. This section includes the following topics: • NAT vs. Transparent

Inhaltszusammenfassung zur Seite Nr. 18

Connecting to the FortiGate unit Configuring Transparent mode In Transparent mode, the FortiGate unit is invisible to the network. Similar to a network bridge, all FortiGate interfaces must be on the same subnet. You only have to configure a management IP address to make configuration changes. The management IP address is also used for antivirus and attack definition updates. Figure 5: FortiGate unit in Transparent mode 10.10.10.1 Management IP Internal Network Gateway to public network 204.2

Inhaltszusammenfassung zur Seite Nr. 19

Configuring Connecting to the FortiGate unit To support a secure HTTPS authentication method, the FortiGate unit ships with a self-signed security certificate, which is offered to remote clients whenever they initiate a HTTPS connection to the FortiGate unit. When you connect, the FortiGate unit displays two security warnings in a browser. The first warning prompts you to accept and optionally install the FortiGate unit’s self-signed security certificate. If you do not accept the certificat

Inhaltszusammenfassung zur Seite Nr. 20

Configuring NAT mode Configuring Configuring NAT mode Configuring NAT mode involves defining interface addresses and default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in NAT/Route mode. Using the web-based manager After connecting to the web-based manager, you can use the following procedures to complete the basic configuration of the FortiGate unit. Ensure you read the section “Connecting to the web-based manager” on p