Manual de instrucciones de Fortinet FortiGate 60c Security Appliance 60c

Resumen del contenido incluido en la página 1

FortiGate 60
Installation Guide
INTERNAL
PWR STATUS 1 2 3 4 DMZ WAN1 WAN2
LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100
Version 2.80 MR8
28 January 2005
01-28008-0018-20050128

Resumen del contenido incluido en la página 2

© Copyright 2005 Fortinet Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet Inc. FortiGate-60 Installation Guide Version 2.80 MR8 28 January 2005 01-28008-0018-20050128 Trademarks Products mentioned in this document are trademarks or registered tradem

Resumen del contenido incluido en la página 3

Contents Table of Contents Introduction ............................................................................................................ 5 Secure installation, configuration, and management.......................................................... 5 Web-based manager ...................................................................................................... 6 Command line interface ............................................................................................

Resumen del contenido incluido en la página 4

Contents Using the command line interface..................................................................................... 30 Configuring the FortiGate unit to operate in NAT/Route mode ..................................... 30 Using the setup wizard...................................................................................................... 32 Starting the setup wizard .............................................................................................. 34 Connecting the Fo

Resumen del contenido incluido en la página 5

FortiGate-60 Installation Guide Version 2.80 MR8 Introduction FortiGate Antivirus Firewalls improve network security, reduce network misuse and abuse, and help you use communications resources more efficiently without compromising the performance of your network. FortiGate Antivirus Firewalls are ICSA-certified for firewall, IPSec, and antivirus services. The FortiGate Antivirus Firewall is a dedicated easily managed security device that delivers a full suite of capabilities that include: •

Resumen del contenido incluido en la página 6

Secure installation, configuration, and management Introduction The CLI or the web-based manager can then be used to complete configuration and to perform maintenance and administration. Web-based manager Using HTTP or a secure HTTPS connection from any computer running Internet Explorer, you can configure and manage the FortiGate unit. The web-based manager supports multiple languages. You can configure the FortiGate unit for HTTP and HTTPS administration from any FortiGate interface. You c

Resumen del contenido incluido en la página 7

Introduction Document conventions Setup wizard The FortiGate setup wizard provides an easy way to configure the basic initial settings for the FortiGate unit. The wizard walks through the configuration of a new administrator password, FortiGate interfaces, DHCP server settings, internal servers (web, FTP, etc.), and basic antivirus settings. Document conventions This guide uses the following conventions to describe command syntax. • Angle brackets < > to indicate variables. For example: execu

Resumen del contenido incluido en la página 8

FortiGate documentation Introduction For example: set allowaccess {ping https ssh snmp http telnet} You can enter any of the following: set allowaccess ping set allowaccess ping https ssh set allowaccess https ping ssh set allowaccess snmp In most cases to make changes to lists that contain options separated by spaces, you need to retype the whole list including all the options you want to apply and excluding all the options you want to remove. FortiGate documentation Information about FortiGa

Resumen del contenido incluido en la página 9

Introduction Related documentation • FortiGate IPS Guide Describes how to configure the FortiGate Intrusion Prevention System settings and how the FortiGate IPS deals with some common attacks. • FortiGate VPN Guide Explains how to configure VPNs using the web-based manager. Fortinet Knowledge Center The most recent Fortinet technical documentation is available from the Fortinet Knowledge Center. The knowledge center contains short how-to articles, FAQs, technical notes, product and feature gu

Resumen del contenido incluido en la página 10

Customer service and technical support Introduction FortiMail documentation • FortiMail Administration Guide Describes how to install, configure, and manage a FortiMail unit in gateway mode and server mode, including how to configure the unit; create profiles and policies; configure antispam and antivirus filters; create user accounts; and set up logging and reporting. • FortiMail online help Provides a searchable version of the Administration Guide in HTML format. You can access online hel

Resumen del contenido incluido en la página 11

Introduction Customer service and technical support For information on Fortinet telephone support, see http://support.fortinet.com. When requesting technical support, please provide the following information: • Your name • Company name •Location • Email address • Telephone number • FortiGate unit serial number • FortiGate model • FortiGate FortiOS firmware version • Detailed description of the problem FortiGate-60 Installation Guide 01-28008-0018-20050128 11

Resumen del contenido incluido en la página 12

Customer service and technical support Introduction 12 01-28008-0018-20050128 Fortinet Inc.

Resumen del contenido incluido en la página 13

FortiGate-60 Installation Guide Version 2.80 MR8 Getting started This section describes unpacking, setting up, and powering on a FortiGate Antivirus Firewall unit. This section includes: • Package contents • Mounting • Turning the FortiGate unit power on and off • Connecting to the web-based manager • Connecting to the command line interface (CLI) • Quick installation using factory defaults • Factory default FortiGate configuration settings • Planning the FortiGate configuration • Next steps Fo

Resumen del contenido incluido en la página 14

Package contents Getting started Package contents The FortiGate-60 package contains the following items: • FortiGate-60 Antivirus Firewall • one orange crossover ethernet cable (Fortinet part number CC300248) • one gray regular ethernet cable (Fortinet part number CC300249) • one RS-232 null modem cable (Fortinet part number CC300247) • FortiGate-60 Quick Start Guide • CD containing the FortiGate user documentation • one power cable and AC adapter Figure 2: FortiGate-60 package contents Front Et

Resumen del contenido incluido en la página 15

Getting started Turning the FortiGate unit power on and off Power requirements • DC input voltage: 12 V • DC input current: 3 A Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C) • Storage temperature: -13 to 158°F (-25 to 70°C) • Humidity: 5 to 95% non-condensing Turning the FortiGate unit power on and off To power on the FortiGate unit 1 Connect the AC adapter to the power connection at the back of the FortiGate-60 unit. 2 Connect the AC adapter to the power cable. 3

Resumen del contenido incluido en la página 16

Connecting to the web-based manager Getting started Connecting to the web-based manager Use the following procedure to connect to the web-based manager for the first time. Configuration changes made with the web-based manager are effective immediately without resetting the firewall or interrupting service. To connect to the web-based manager, you need: • a computer with an ethernet connection, • Internet Explorer version 6.0 or higher, • an ethernet cable. Note: You can use the web-based manag

Resumen del contenido incluido en la página 17

Getting started Connecting to the command line interface (CLI) Connecting to the command line interface (CLI) As an alternative to the web-based manager, you can install and configure the FortiGate unit using the CLI. Configuration changes made with the CLI are effective immediately without resetting the firewall or interrupting service. To connect to the FortiGate CLI, you need: • a computer with an available communications port, • the null modem cable included in your FortiGate package, • te

Resumen del contenido incluido en la página 18

Quick installation using factory defaults Getting started Quick installation using factory defaults You can quickly set up your FortiGate unit for a home or small office using the web- based manager and the factory default FortiGate configuration. All you need to do is set your network computers to obtain an IP address automatically and to obtain DNS server IP addresses automatically (using DHCP), access the web-based manager, and configure the required settings for the FortiGate WAN1 interfa

Resumen del contenido incluido en la página 19

Getting started Factory default FortiGate configuration settings 7 Select one of the following DNS settings • Obtain DNS server address automatically: select to get the DNS addresses from the ISP, select Apply • Use the following DNS server addresses: select and enter the DNS server addresses given to you by the ISP, select Apply 8 Go to Router > Static, edit route #1 and change Gateway to the default gateway IP address from the ISP and select OK. Network configuration is complete. Proceed to

Resumen del contenido incluido en la página 20

Factory default FortiGate configuration settings Getting started Table 2: FortiGate DHCP Server default configuration Name internal_dhcp_server Interface Internal Default Gateway 192.168.1.99 IP Range 192.168.1.110 – 192.168.1.210 Network Mask 255.255.255.0 Lease Duration 7 days DNS Server 1 192.168.1.99 Factory default NAT/Route mode network configuration When the FortiGate unit is first powered on, it is running in NAT/Route mode and has the basic network configuration listed in Table 3 on pa