Esc
Enter
A
CONSOLE
10/100
10/100/1000
USB
1
2
3
4 5 6
Power Cable
Rack-Mount Brackets
Documentation
Ethernet Cables:
Orange - Crossover
Grey - Straight-through
USER MANUAL
FortiGate-400A
QuickStart Guide
Copyright 2003 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.
Front
LCD
Control
Buttons
Power
LED
1, 2, 3, 4
10/100
5, 6
10/100/1000
Esc
Enter
DMZ2
DMZ1
INTERNAL
WAN1
WAN2
CONSOLE
USB
1
2
3
4
A
Back
Power
Connection
Power
Switch
USB
(future)
Serial
Port
RJ-45 to
DB-9 Serial Cable
Esc
Enter
A
CONSOLE
10/100
10/100/1000
USB
1
2
3
4 5 6
Straight-through Ethernet cable connects
to Internet (public switch, router, or modem)
Power cable connects to power outlet
Optional RJ-45 serial cable connects to management computer
Straight-through Ethernet cable connects to LAN or switch on internal network
Crossover Ethernet cable connects to management computer on internal network
Straight-through Ethernet cables connect
to other networks
Esc
Enter
A
CONSOLE
10/100
10/100/1000
USB
1
2
3
4 5 6
Connector Type
Speed
Protocol Description
Port 1
RJ-45
10/100Base_T Ethernet
Default connection to the internal network.
Port 2
RJ-45 10/100Base_T Ethernet
Default connection to the Internet.
Port 3 and 4 RJ-45
10/100Base_T Ethernet
Optional connections to other networks, or to other
FortiGate-400A units for HA. For details, see the
Documentation CD-ROM.
Port 5 and 6 RJ-45
10/100/1000
Base-T
Ethernet
Optional connection to other networks.
CONSOLE
RJ-45
9600 bps
RS-232
serial
Optional connection to the management computer.
Provides access to the command line interface (CLI).
FortiGate-400A LED Indicators
LED
State
Description
Power
Green
The FortiGate unit is powered on.
Off
The FortiGate unit is powered off.
Ports 1, 2,
3, 4, 5 and 6
Amber (Left LED)
The correct cable is in use and the connected equipment has
power on ports.
Flashing Amber
(Left LED)
Network activity at this interface.
Green (Right LED) Ports 1, 2, 3, 4, the interface is connected at 100 Mbps.
Amber (Right LED) Ports 5 and 6, the interface is connected at 1000 Mbps.
Connect the FortiGate-400A unit to a power outlet and to networks.
NAT/Route mode
In NAT/Route mode, the FortiGate-400A is visible to the networks that it is connected
to. All of its interfaces are on different subnets. You must configure the Port 1 and Port 2
interfaces with IP addresses. Optionally, you can also configure Ports 3 to 6.
You would typically use NAT/Route mode when the FortiGate-400A is deployed as a
gateway between private and public networks. In its default NAT/Route mode
configuration, the unit functions as a firewall. Firewall policies control communications
through the FortiGate-400A unit.
In NAT/Route mode, firewall policies can operate in NAT mode or in Route mode. In
NAT mode, the FortiGate-400A performs network address translation before IP packets
are sent to the destination network. In Route mode, no translation takes place. By
default, the unit has a single NAT mode policy that allows users on the internal network
to securely access and download content from the Internet. No other traffic is possible
until you have configured more policies.
Transparent mode
In Transparent mode, the FortiGate-400A is invisible to the network. All of its interfaces
are on the same subnet. You only have to configure a management IP address so that
you can make configuration changes.
You would typically use the FortiGate-400A in Transparent mode on a private network
behind an existing firewall or behind a router. In its default Transparent mode
configuration, the unit functions as a firewall. By default, the unit has a single firewall
policy that allows users on the internal network segment to connect to the external
network segment. No other traffic is possible until you have configured more policies.
You can connect up to 5 network segments to the FortiGate-400A unit to control traffic
between these network segments.
FortiGate-400A Unit
in NAT/Route mode
Route mode policies
controlling traffic between
internal networks.
Internal network
DMZ network
Port 1
192.168.1.99
Port 4
10.10.10.1
192.168.1.3
10.10.10.2
Port 2
204.23.1.5
NAT mode policies controlling
traffic between internal and
external networks.
Internet
Esc
Enter
A
CONSOLE
10/100
10/100/1000
USB
1
2
3
4 5 6
FortiGate-400A Unit
in Transparent mode
Internet
10.10.10.1
Management IP
10.10.10.3
Port 2
Port 1
10.10.10.2
Transparent mode policies
controlling traffic between
internal and external networks
204.23.1.5
(firewall, router)
Gateway to
public network
Internal network
Esc
Enter
A
CONSOLE
10/100
10/100/1000
USB
1
2
3
4 5 6
Before configuring the FortiGate-400A, you need to plan how to integrate the unit into your
network. Your configuration plan is dependent upon the operating mode that you select:
NAT/Route mode (the default) or Transparent mode.
Choose among three different tools to configure the FortiGate-400A.
QuickStart Guide
FortiGate-400A
Check that the package contents are complete.
•
Place the unit on a stable surface or mount it in a 19-inch rack. It
requires 1.5 inches clearance (3.75 cm) on each side to allow for
cooling.
•
Make sure the power switch on the back of the unit is turned off before
connecting the power and network cables.
Checking the package contents
1
Connecting the FortiGate-400A
2
Planning the configuration
3
Choosing a configuration tool
4
© Copyright 2005 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks or registered trademarks of their respective holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS
25 May 2005
For technical support please visit http://www.fortinet.com.
Factory default settings
NAT/Route mode
Transparent mode
Port 1 interface
192.168.1.99
Management IP
10.10.10.1
Port 2 interface
192.168.100.99
Administrative account settings
Port 4 interface
10.10.10.1
User name
admin
Password
(none)
Web-based
manager &
Setup Wizard
The FortiGate web-based
manager Setup Wizard
guides you through the
initial configuration steps.
Use it to configure the administrator password, the
interface addresses, the default gateway address, and
the DNS server addresses. Optionally, use the Setup
Wizard to configure the internal server settings for
NAT/Route mode.
Requirements:
•
Ethernet connection between the FortiGate-400A
and management computer.
•
Internet Explorer version 6.0 or higher on the
management computer.
Command
Line Interface
(CLI)
The CLI is a full-featured
management tool.
Use it to configure the
administrator password,
the interface addresses,
the default gateway
address, and the DNS server addresses. To configure
advanced settings, see the Documentation CD-ROM.
Requirements:
•
Serial connection between the FortiGate-400A and
management computer.
•
A terminal emulation application (HyperTerminal for
Windows) on the management computer.
Control
Buttons &
LCD
The control buttons and LCD are located on the front
panel of the FortiGate-400A. Use them to configure the
Port 1, Port 2 and Port 5 interface addresses, and the
default gateway address. To configure the other
interface addresses, the DNS server addresses and
other settings, use the web-based manager, or the CLI.
Requirements:
•
Physical access to the FortiGate-400A.
Refer to the Documentation CD-ROM for information on how to control traffic, and how to configure HA, antivirus protection, Web content filtering, Spam filtering, intrusion
prevention (IPS), and virtual private networking (VPN).
01-28005-0099-20050525
