Esc
Enter
4 / HA
3
1
2
Power Cable
Rack-Mount Brackets
Null-Modem Cable
(RS-232)
Documentation
Ethernet Cables:
Orange - Crossover
Grey - Straight-through
USER MANUAL
FortiGate-400
QuickStart Guide
Copyright 2003 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.
Removable
Hard Drive
Power
Connection
Power
Switch
Front
Back
Esc
Enter
4 / HA
3
1
2
LCD
Control
Buttons
Interface
1, 2, 3, 4/HA
Power
LED
RS-232 Serial
Connection
Status
LED
Esc
Enter
4 / HA
3
1
2
Esc
Enter
4 / HA
3
1
2
Straight-through Ethernet cable connects to public network (public switch, router or modem)
Straight-through Ethernet cable connects to LAN or switch on private network
Crossover Ethernet cable connects to management computer on private network
Straight-through Ethernet cable connects to third network
Optional null modem cable connects
to serial port on management computer
or
Power cable connects to power outlet
Straight-through Ethernet cable connects to fourth network, or to another FortiGate-400 for HA
Connector Type
Speed
Protocol Description
Port 1
RJ-45
10/100Base_T Ethernet
Connection to the internal network.
Port 2
RJ-45 10/100Base_T Ethernet
Connection to the Internet.
Port 3
RJ-45
10/100Base_T Ethernet
Optional connection to a DMZ or other network. For details,
see the Documentation CD-ROM.
Port 4/HA
RJ-45
10/100 Base_T Ethernet
Optional connection to another network or other
FortiGate-400 units for high availability (HA). For details,
see the Documentation CD-ROM.
CONSOLE
DB-9
9600 bps
RS-232
serial
Optional connection to the management computer.
Provides access to the command line interface (CLI).
FortiGate-400 LED Indicators
LED
State
Description
Power
Green
The FortiGate unit is powered on.
Off
The FortiGate unit is powered off.
1
2
3
4/HA
Amber
The correct cable is in use, and the connected
equipment has power.
Flashing
amber
Network activity at this interface.
Green
The interface is connected at 100 Mbps.
Off
No link established.
Connect the FortiGate-400 unit to power outlets and to the internal and external networks.
NAT/Route mode
In NAT/Route mode, the FortiGate-400 is visible to the networks that it is connected to.
All of its interfaces are on different subnets. You must configure the Port 1 and Port 2
interfaces with IP addresses. Optionally, you can also configure the Port 3 and
Port 4/HA interfaces.
You would typically use NAT/Route mode when the FortiGate-400 is deployed as a
gateway between private and public networks. In its default NAT/Route mode
configuration, the unit functions as a firewall. Firewall policies control communications
through the FortiGate-400 unit. No traffic can pass through the FortiGate-400 unit until
you add firewall policies.
In NAT/Route mode, firewall policies can operate in NAT mode or in Route mode. In
NAT mode, the FortiGate-400 performs network address translation before IP packets
are sent to the destination network. In Route mode, no translation takes place.
Transparent mode
In Transparent mode, the FortiGate-400 is invisible to the network. All of its interfaces
are on the same subnet. You only have to configure a management IP address so that
you can make configuration changes.
You would typically use the FortiGate-400 in Transparent mode on a private network
behind an existing firewall or behind a router. In its default Transparent mode
configuration, the unit functions as a firewall. No traffic can pass through the
FortiGate-400 unit until you add firewall policies.
You can connect up to four network segments to the FortiGate unit to control traffic
between these network segments.
FortiGate-400 Unit
in NAT/Route mode
Route mode policies
controlling traffic between
internal networks.
Internal network
DMZ network
Interface 1
192.168.1.99
Interface 3
10.10.10.1
192.168.1.3
10.10.10.2
Interface 2
204.23.1.5
NAT mode policies controlling
traffic between internal and
external networks.
Internet
Esc
Enter
4 / HA
3
1
2
Esc
Enter
4 / HA
3
1
2
Internal network
10.10.10.3
FortiGate-400 Unit
in Transparent mode
10.10.10.1
Management IP
Interface 2
Interface 1
10.10.10.2
Transparent mode policies
controlling traffic between
internal and external networks
204.23.1.5
(firewall, router)
Gateway to
public network
Internet
Before configuring the FortiGate-400, you need to plan how to integrate the unit into your
network. Your configuration plan is dependent upon the operating mode that you select: NAT/
Route mode (the default) or Transparent mode.
Web-based
manager and
Setup Wizard
Using the Setup
Wizard you can add
basic settings by
stepping through the
wizard pages and
filling in the information required.
The FortiGate web-based manager is an easy to use
management tool. Use it to configure the administrator
password, interface addresses, the default gateway
address, and the DNS server addresses.
Requirements:
•
Ethernet connection between the FortiGate-400 and
a management computer.
•
Internet Explorer version 6.0 or higher on the
management computer.
Command Line
Interface (CLI)
The CLI is a full-featured
management tool.
Use it to configure the
administrator password,
the interface addresses,
the default gateway
address, and the DNS
server addresses. To configure advanced settings, see
the Documentation CD-ROM.
Requirements:
•
The RJ-45-serial connection between the
FortiGate-400 and management computer.
•
A terminal emulation application (HyperTerminal for
Windows) on the management computer.
Control
Buttons &
LCD
The control buttons and LCD are located on the front
panel of the FortiGate-400. Use them to configure the
internal, external and Port 1 (DMZ) interface addresses,
and the default gateway address. To configure the other
interface addresses, and the DNS server addresses,
use the web-based manager or the CLI.
Requirements:
•
Physical access to the FortiGate-400.
Choose among three different tools to configure the FortiGate-400.
QuickStart Guide
FortiGate-400
Check that the package contents are complete.
•
Place the unit on a stable surface or mount it in a 19-inch rack. It
requires 1.5 inches clearance (3.75 cm) on each side to allow for
cooling.
•
Make sure the power switch on the back of the unit is turned off before
connecting the power and network cables.
•
MAIN MENU appears when the unit is up and running.
Checking the package contents
1
Connecting the FortiGate-400
2
Planning the configuration
3
Choosing a configuration tool
4
© Copyright 2004 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks or registered trademarks of their respective holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS
03 November 2004
For technical support please visit http://www.fortinet.com.
Factory default settings
NAT/Route mode
Transparent mode
Port 1 interface
192.168.1.99
Management IP
10.10.10.1
Port 2 interface
192.168.100.99
Administrative account settings
Port 3 interface
0.0.0.0
User name
admin
Port 4/HA interface
0.0.0.0
Password
(none)
Refer to the Documentation CD-ROM for information on how to control traffic, and how to configure HA, antivirus protection, Web content filtering, Spam filtering, intrusion
prevention (IPS), and virtual private networking (VPN).
01-28005-0036-20041103
