ページ1に含まれる内容の要旨
INSTALL GUIDE
FortiGate-110C
FortiOS 3.0 MR6
www.fortinet.com������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ2に含まれる内容の要旨
FortiGate-110C Install Guide FortiOS 3.0 MR6 28 July 2008 01-30006-0481-20080728 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet, Inc. Trademarks Fortinet, FortiGate and FortiGuard are registered trademarks and Dynamic
ページ3に含まれる内容の要旨
Contents Contents Contents.............................................................................................. 1 Introduction ........................................................................................ 5 Register your FortiGate unit............................................................................. 5 About the FortiGate-110C ................................................................................. 6 About this document....................................
ページ4に含まれる内容の要旨
Contents Configure a DNS server ....................................................................... 22 Adding a default route and gateway..................................................... 22 Adding firewall policies ......................................................................... 23 Configuring Transparent mode...................................................................... 23 Using the web-based manager ................................................................... 24
ページ5に含まれる内容の要旨
Contents Installing firmware from a system reboot using the CLI.............................. 42 Restoring the previous configuration........................................................... 44 Backup and Restore from a USB key ......................................................... 44 Using the USB Auto-Install.......................................................................... 45 Additional CLI Commands for a USB key ................................................... 45 Testing new
ページ6に含まれる内容の要旨
Contents FortiGate-110C FortiOS 3.0 MR6 Install Guide 4 01-30006-0481-20080728��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ7に含まれる内容の要旨
Introduction Register your FortiGate unit Introduction Welcome and thank you for selecting Fortinet products for your real-time network protection. The FortiGate Unified Threat Management System improves network security, reduces network misuse and abuse, and helps you use communications resources more efficiently without compromising the performance of your network. The FortiGate Unified Threat Management System are ICSA-certified for firewall, IPSec, and antivirus services. The FortiGate
ページ8に含まれる内容の要旨
About the FortiGate-110C Introduction About the FortiGate-110C The FortiGate-110C is an ideal solution for SMB and and Medium to large-sized Enterprises with distributed branch offices. The FortiGate-110C features dual WAN 10/100/1000 link support for redundant internet connections, and an integrated 8-port 10/100 switch that eliminates the need for an external hub or switch, giving networked devices a direct connection to the FortiGate-110C. Figure 1: FortiGate-110C USB CONSOLE 1 2 3 4 5 6
ページ9に含まれる内容の要旨
Introduction Further Reading Typographic conventions FortiGate documentation uses the following typographical conventions: Convention Example Keyboard input In the Gateway Name field, type a name for the remote VPN peer or client (for example, Central_Office_1). Code examples config sys global set ips-open enable end CLI command syntax config firewall policy edit id_integer set http_retry_count set natip end Document names FortiGate Administration Guide Menu c
ページ10に含まれる内容の要旨
Customer service and technical support Introduction • FortiGate IPS User Guide Describes how to configure the FortiGate Intrusion Prevention System settings and how the FortiGate IPS deals with some common attacks. • FortiGate IPSec VPN User Guide Provides step-by-step instructions for configuring IPSec VPNs using the web-based manager. • FortiGate SSL VPN User Guide Compares FortiGate IPSec VPN and FortiGate SSL VPN technology, and describes how to configure web-only mode and tunnel-mode SSL
ページ11に含まれる内容の要旨
Installing Environmental specifications Installing This chapter describes installing your FortiGate unit in your server room, environmental specifications and how to mount the FortiGate in a rack if applicable. This chapter contains the following topics: • Environmental specifications • Cautions and warnings • Plugging in the FortiGate • Plugging in the FortiGate • Turning off the FortiGate unit Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C) If you install the Fo
ページ12に含まれる内容の要旨
Cautions and warnings Installing • Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/TV technician for help. The equipment compliance with FCC radiation exposure limit set forth for uncontrolled Environment. Cautions and warnings Review the following cautions before installing your FortiGate unit. Grounding • Ensure the FortiGate unit is connected and properly grounded to a lightning and surge
ページ13に含まれる内容の要旨
Installing Cautions and warnings When placing the FortiGate unit on any flat, stable surface, ensure the unit has at least 1.5 inches (3.75 cm) of clearance on each side to ensure adequate airflow for cooling. For rack mounting, use the mounting brackets and screws included with the FortiGate unit. Caution: Depending on the size of your FortiGate unit, avoid personal injury, you may ! require two or more people to install the unit in the rack. To install the FortiGate unit into a rack 1 Atta
ページ14に含まれる内容の要旨
Plugging in the FortiGate Installing Figure 3: Mounting in a rack Plugging in the FortiGate Use the following steps to connect the power supply to the FortiGate unit. To power on the FortiGate unit 1 Ensure the power switch, located at the back of the FortiGate unit is in the off position, indicated by the “O”. 2 Connect the power cord at the back of the FotiGate unit. 3 Connect the power cable to a power outlet. 4 Set the power switch on the back left of the FortiGate to the on position indica
ページ15に含まれる内容の要旨
Installing Turning off the FortiGate unit Turning off the FortiGate unit Always shut down the FortiGate operating system properly before turning off the power switch to avoid potential hardware problems. To power off the FortiGate unit 1 From the web-based manager, go to System > Status. 2 In the Unit Operation display, select Shutdown, or from the CLI enter: execute shutdown 3 Disconnect the power cables from the power supply. FortiGate-110C FortiOS 3.0 MR6 Install Guide 01-30006-0481-2008
ページ16に含まれる内容の要旨
Turning off the FortiGate unit Installing FortiGate-110C FortiOS 3.0 MR6 Install Guide 14 01-30006-0481-20080728����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ17に含まれる内容の要旨
Configuring NAT vs. Transparent mode Configuring This section provides an overview of the operating modes of the FortiGate unit, NAT/Route and Transparent, and how to configure the FortiGate unit for each mode. There are two ways you can configure the FortiGate unit, using the web-based manager or the command line interface (CLI). This section will step through using both methods. Use whichever you are most comfortable with. This section includes the following topics: • NAT vs. Transparent
ページ18に含まれる内容の要旨
Connecting to the FortiGate unit Configuring Transparent mode In Transparent mode, the FortiGate unit is invisible to the network. Similar to a network bridge, all FortiGate interfaces must be on the same subnet. You only have to configure a management IP address to make configuration changes. The management IP address is also used for antivirus and attack definition updates. Figure 5: FortiGate unit in Transparent mode 10.10.10.1 Management IP Internal Network Gateway to public network 204.2
ページ19に含まれる内容の要旨
Configuring Connecting to the FortiGate unit To support a secure HTTPS authentication method, the FortiGate unit ships with a self-signed security certificate, which is offered to remote clients whenever they initiate a HTTPS connection to the FortiGate unit. When you connect, the FortiGate unit displays two security warnings in a browser. The first warning prompts you to accept and optionally install the FortiGate unit’s self-signed security certificate. If you do not accept the certificat
ページ20に含まれる内容の要旨
Configuring NAT mode Configuring Configuring NAT mode Configuring NAT mode involves defining interface addresses and default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in NAT/Route mode. Using the web-based manager After connecting to the web-based manager, you can use the following procedures to complete the basic configuration of the FortiGate unit. Ensure you read the section “Connecting to the web-based manager” on p
