Resumen del contenido incluido en la página 1
™
FortiGate Voice
Version 4.0 MR1
Administration Guide
Visit http://support.fortinet.com to register your FortiGate Voice product. By registering you
can receive product updates, technical support, and FortiGuard services.��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumen del contenido incluido en la página 2
FortiGate Voice Administration Guide Version 4.0 MR1 1 June 2010 01-410-112851-20100601 © Copyright 2010 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc. Trademarks Dynamic Threat Prevention System (DTPS), APSecure, FortiASIC, FortiB
Resumen del contenido incluido en la página 3
Contents Contents Introduction .............................................................................................. 5 Fortinet products ............................................................................................................ 6 Before you begin............................................................................................................. 6 How this guide is organized.......................................................................................
Resumen del contenido incluido en la página 4
Contents PBX configuration......................................................................................................... 36 Configuring service providers ................................................................................... 36 Configuring extensions ............................................................................................. 37 Configuring extension groups (ring groups).............................................................. 39 Configuring dial pla
Resumen del contenido incluido en la página 5
Introduction Introduction FortiGate Voice units integrate FortiGate UTM functionality with VoIP phone PBX functionality. Some FortiGate Voice models also support connections to the public switched telephone network (PSTN). A small office or an enterprise branch office can use a FortiGate Voice unit to provide routing, Ethernet switching, Internet connectivity, UTM security, VoIP gateway, and VoIP PBX features for the office. FortiGate Voice PBX functionality includes: • Four Foreign eXchan
Resumen del contenido incluido en la página 6
Fortinet products Introduction This document includes a configuration example that describes how to configure a FortiGate Voice-80C to provide VoIP, networking, and UTM services for a branch office network. Also included is a configuration reference to FortiGate Voice VoIP, PBX, and PSTN web-based manager and CLI functionality. This chapter contains the following sections: • Fortinet products • Before you begin • How this guide is organized • Document conventions • Registering your Fortinet p
Resumen del contenido incluido en la página 7
Introduction How this guide is organized The most recent version of this document is available from the FortiGate page of the Fortinet Technical Documentation web site. You can also learn more about the FortiGate Voice product from the same FortiGate page, as well as from the Fortinet Knowledge Base. This administration guide contains the following chapters: • Example FortiGate Voice branch office configuration provides a configuration example that describes how to configure a FortiGate Voice
Resumen del contenido incluido en la página 8
How this guide is organized Introduction FortiGate Voice Version 4.0 MR1 Administration Guide 8 01-410-112851-20100601 http://docs.fortinet.com/ • Feedback���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumen del contenido incluido en la página 9
Document conventions Fortinet technical documentation uses the conventions described below. IP addresses To avoid publication of public IP addresses that belong to Fortinet or any other organization, the IP addresses used in Fortinet technical documentation are fictional and follow the documentation guidelines specific to Fortinet. The addresses used are from the private IP address ranges defined in RFC 1918: Address Allocation for Private Internets, available at http://ietf.org/rfc/rfc1918.
Resumen del contenido incluido en la página 10
Document conventions The following table shows some examples of how to choose an IP number for a device based on the information given. For internal and dmz, it is assumed in this case there is only one interface being used. Table 1: Examples of the IP numbering Location and device Internal Dmz External Head Office, one FortiGate 10.011.101.100 10.011.201.100 172.20.120.191 Head Office, second FortiGate 10.012.101.100 10.012.201.100 172.20.120.192 Branch Office, one FortiGate 10.021.101.100 10
Resumen del contenido incluido en la página 11
Document conventions Example Network configuration The network configuration shown in Figure 2 or variations on it is used for many of the examples in this document. In this example, the 172.20.120.0 network is equivalent to the Internet. The network consists of a head office and two branch offices. Figure 2: Example network configuration Head office WLAN: 10.12.101.100 SSID: example.com Password: supermarine FortiMail-100C DHCP range: 10.12.101.200-249 Port1: 10.11.101.110 Internal FortiAnal
Resumen del contenido incluido en la página 12
Document conventions Cautions, Notes and Tips Fortinet technical documentation uses the following guidance and styles for cautions, notes and tips. Caution: Warns you about commands or procedures that could have unexpected or undesirable results including loss of data or damage to equipment. Note: Presents useful information, but usually focused on an alternative, optional method, such as a shortcut, to perform a step. Tip: Highlights useful additional information, often tailored to your work
Resumen del contenido incluido en la página 13
Document conventions Typographical conventions Fortinet documentation uses the following typographical conventions: Table 2: Typographical conventions in Fortinet technical documentation Convention Example Button, menu, text box, From Minimum log level, select Notification. field, or check box label CLI input config system dns set primary end CLI output FGT-602803030703 # get system settings comments : (null) opmode : nat Emphasis HTTP connections are not
Resumen del contenido incluido en la página 14
Document conventions Table 3: Command syntax notation Convention Description Square brackets [] A non-required word or series of words. For example: [verbose {1 | 2 | 3}] indicates that you may either omit or type both the verbose word and its accompanying option, such as: verbose 3 Angle brackets <> A word constrained by data type. To define acceptable input, the angled brackets contain a descriptive name followed by an underscore (_ ) and suffix that indicates the valid data type. For exam
Resumen del contenido incluido en la página 15
Registering your Fortinet product Table 3: Command syntax notation (Continued) Convention Description Options Mutually exclusive options. For example: delimited by {enable | disable} vertical bars| indicates that you must enter either enable or disable, but must not enter both. Options Non-mutually exclusive options. For example: delimited by {http https ping snmp ssh telnet} spaces indicates that you may enter all or a subset of those options, in any order, in a space-delimited list, such a
Resumen del contenido incluido en la página 16
Customer service and technical support Fortinet Tools and Documentation CD Many Fortinet publications are available on the Fortinet Tools and Documentation CD shipped with your Fortinet product. The documents on this CD are current at shipping time. For current versions of Fortinet documentation, visit the Fortinet Technical Documentation web site, http://docs.fortinet.com. Fortinet Knowledge Base The Fortinet Knowledge Base provides additional Fortinet technical documentation, such as trou
Resumen del contenido incluido en la página 17
Example FortiGate Voice branch office configuration Example FortiGate Voice branch office configuration This section describes how to configure a FortiGate Voice-80C unit to operate in NAT/Route mode and provide basic UTM and SIP services for the example branch office network shown in Figure 3 on page 18. The non-PSTN parts of this example configuration also apply to FortiGate Voice models that do not include PSTN interfaces. In this example the FortiGate Voice-80C unit provides: • Internet
Resumen del contenido incluido en la página 18
General configuration steps Example FortiGate Voice branch office configuration Figure 3: Example Branch Office network configuration Branch Office Remote Users Internal network with FortiFones or PCs with SIP soft phones SIP soft phones and FortiFones Extension range Subnet: 172.20.120.0 6000 - 6999 Extension Range 6000 - 6999 Remote FortiGate unit PC PSTN in NAT mode external a/b - wire 192.168.40.10 FortiFone fxo1 PC SIP SIP Trunking SIP Trunking Internet WAN WAN LAN internal wan1 172.20.120
Resumen del contenido incluido en la página 19
Example FortiGate Voice branch office configuration Connecting the FortiGate Voice unit 5 Configure the FortiFones on the internal network. 6 Configuring the FortiGate Voice unit to SIP phone users behind a remote NAT device. Connecting the FortiGate Voice unit The following procedure describes how to connect the FortiGate Voice unit to the Internet, the branch office internal network, and the PSTN (supported by some FortiGate Voice models). To connect the FortiGate Voice unit 1 Use an Etherne
Resumen del contenido incluido en la página 20
Configuring basic FortiGate Voice network and UTM settings Example FortiGate Voice branch office configuration Addressing Mode Manual IP/Netmask 192.168.10.10/255.255.255.0 SIP Traffic Select Enable Configure other network interface settings as required and select OK. Note: You can also set the Addressing mode to DHCP or PPPoE for the wan1 interface depending on the requirements of your ISP. In the example the wan1 interface has a static IP address. 5 Go to System > Network > Options. 6 Add th
