Resumo do conteúdo contido na página número 1
FortiGate 50A
Installation and
Configuration Guide
PWR STATUS
INTERNAL EXTERNAL
LINK 100 LINK 100
A
FortiGate User Manual Volume 1
Version 2.50
29 February 2004
Resumo do conteúdo contido na página número 2
© Copyright 2004 Fortinet Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet Inc. FortiGate-50A Installation and Configuration Guide Version 2.50 29 February 2004 Trademarks Products mentioned in this document are trademarks or registered trademarks of
Resumo do conteúdo contido na página número 3
Contents Table of Contents Introduction .......................................................................................................... 13 NAT/Route mode and Transparent mode......................................................................... 13 NAT/Route mode .......................................................................................................... 13 Transparent mode.................................................................................................
Resumo do conteúdo contido na página número 4
Contents Completing the configuration ............................................................................................ 38 Setting the date and time .............................................................................................. 38 Changing antivirus protection ....................................................................................... 38 Registering your FortiGate unit ..................................................................................... 39
Resumo do conteúdo contido na página número 5
Contents Shutting down the FortiGate unit ...................................................................................... 66 System status ................................................................................................................... 67 Viewing CPU and memory status ................................................................................. 67 Viewing sessions and network status ........................................................................... 68 Viewi
Resumo do conteúdo contido na página número 6
Contents Network configuration......................................................................................... 93 Configuring interfaces....................................................................................................... 93 Viewing the interface list ............................................................................................... 94 Changing the administrative status of an interface ....................................................... 94 Configuring
Resumo do conteúdo contido na página número 7
Contents Changing system options................................................................................................ 122 Adding and editing administrator accounts..................................................................... 123 Adding new administrator accounts ............................................................................ 124 Editing administrator accounts.................................................................................... 124 Configuring SNMP .
Resumo do conteúdo contido na página número 8
Contents Virtual IPs........................................................................................................................ 157 Adding static NAT virtual IPs ...................................................................................... 158 Adding port forwarding virtual IPs ............................................................................... 159 Adding policies with virtual IPs...................................................................................
Resumo do conteúdo contido na página número 9
Contents AutoIKE IPSec VPNs...................................................................................................... 182 General configuration steps for an AutoIKE VPN ....................................................... 183 Adding a phase 1 configuration for an AutoIKE VPN.................................................. 183 Adding a phase 2 configuration for an AutoIKE VPN.................................................. 188 Managing digital certificates......................
Resumo do conteúdo contido na página número 10
Contents Logging attacks............................................................................................................... 222 Logging attack messages to the attack log................................................................. 222 Reducing the number of NIDS attack log and email messages.................................. 222 Antivirus protection........................................................................................... 225 General configuration steps..........
Resumo do conteúdo contido na página número 11
Contents Email block list ................................................................................................................ 248 Adding address patterns to the email block list........................................................... 248 Downloading the email block list................................................................................. 248 Uploading an email block list ...................................................................................... 249 Email e
Resumo do conteúdo contido na página número 12
Contents 12 Fortinet Inc.
Resumo do conteúdo contido na página número 13
FortiGate-50A Installation and Configuration Guide Version 2.50 Introduction The FortiGate-50A Antivirus Firewall is an easy-to-deploy and easy-to- administer solution that delivers PWR STATUS INTERNAL EXTERNAL exceptional value and performance for LINK 100 LINK 100 A small office and home office (SOHO) applications. Your FortiGate-50A is a dedicated easily managed security device that delivers a full suite of capabilities that include: • application-level services such as virus protection
Resumo do conteúdo contido na página número 14
Document conventions Introduction Document conventions This guide uses the following conventions to describe CLI command syntax. • angle brackets < > to indicate variable keywords For example: execute restore config You enter restore config myfile.bak indicates an ASCII string variable keyword. indicates an integer variable keyword. indicates an IP address variable keyword. • vertical bar and curly brackets {|} to separate alternative, mutually exc
Resumo do conteúdo contido na página número 15
Introduction Fortinet documentation Fortinet documentation Information about FortiGate products is available from the following FortiGate User Manual volumes: • Volume 1: FortiGate Installation and Configuration Guide Describes installation and basic configuration for the FortiGate unit. Also describes how to use FortiGate firewall policies to control traffic flow through the FortiGate unit and how to use firewall policies to apply antivirus protection, web content filtering, and email filte
Resumo do conteúdo contido na página número 16
Customer service and technical support Introduction Customer service and technical support For antivirus and attack definition updates, firmware updates, updated product documentation, technical support information, and other resources, please visit the Fortinet technical support web site at http://support.fortinet.com. You can also register FortiGate Antivirus Firewalls from http://support.fortinet.com and modify your registration information at any time. Fortinet email support is available
Resumo do conteúdo contido na página número 17
FortiGate-50A Installation and Configuration Guide Version 2.50 Getting started This chapter describes unpacking, setting up, and powering on a FortiGate Antivirus Firewall unit. When you have completed the procedures in this chapter, you can proceed to one of the following: • If you are going to operate the FortiGate unit in NAT/Route mode, go to “NAT/Route mode installation” on page 33. • If you are going to operate the FortiGate unit in Transparent mode, go to “Transparent mode installati
Resumo do conteúdo contido na página número 18
Package contents Getting started Package contents The FortiGate-50A package contains the following items: • the FortiGate-50A Antivirus Firewall • one orange cross-over ethernet cable • one gray regular ethernet cable • one null-modem cable • FortiGate-50A QuickStart Guide • A CD containing the FortiGate user documentation • one AC adapter Figure 1: FortiGate-50A package contents Front Ethernet Cables: Orange - Crossover Grey - Straight-through PWR STATUS PWR STATUS INTERNAL EXTERNAL LINK 100 LI
Resumo do conteúdo contido na página número 19
Getting started Powering on Environmental specifications • Operating temperature: 32 to 104°F (0 to 40°C) • Storage temperature: -13 to 158°F (-25 to 70°C) • Humidity: 5 to 95% non-condensing Powering on To power on the FortiGate-50A unit 1 Connect the AC adapter to the power connection at the back of the FortiGate-50 unit. 2 Connect the AC adapter to a power outlet. The FortiGate-50A starts up. The Power and Status lights light. The Status light flashes while the unit is starting up and turns
Resumo do conteúdo contido na página número 20
Connecting to the command line interface (CLI) Getting started To connect to the web-based manager 1 Set the IP address of the computer with an ethernet connection to the static IP address 192.168.1.2 and a netmask of 255.255.255.0. You can also configure the management computer to obtain an IP address automatically using DHCP. The FortiGate DHCP server assigns the management computer an IP address in the range 192.168.1.1 to 192.168.1.254. 2 Using the crossover cable or the ethernet hub and