manualshive.com logo in svg

Fortinet FortiGate FortiGate-5001FA2, Security System Manual

The Fortinet FortiGate FortiGate-5001FA2 is a robust and advanced security system designed to protect your network from cyber threats. Ensure seamless operation and optimal security by accessing the comprehensive Security System Manual, available for free download exclusively from manualshive.com, offering detailed instructions and helpful insights.

Share
Download
background image

FortiGate-5001FA2   Security System Guide

30

01-30000-0379-20080606

FortiGate-5001FA2 base backplane data communication

Quick Configuration Guide

FortiGate-5001FA2 base backplane data communication

You can configure the FortiGate-5001FA2 boards for data communications using 
the two FortiGate-5140, FortiGate-5050, or FortiGate-5020 chassis base 
backplane interfaces.

By default the base backplane interfaces are used for HA heartbeat 
communication. However, using the information in this section, you can configure 
the FortiGate-5001FA2 to also use the base backplane interfaces for data 
communication. Once the base backplane interfaces are configured for data 
communication you can operate and configure them in the same way as any 
FortiGate-5001FA2 interface.

Although not recommended, you can use base backplane interfaces for data 
communication and HA heartbeat communication at the same time.

In a FortiGate-5140 or FortiGate-5050 chassis, FortiGate-5001FA2 base 
backplane communication requires one or two FortiSwitch-5003 boards. 
A FortiSwitch-5003 board installed in chassis slot 1 provides communication on 
the port9 interface. A FortiSwitch-5003 board installed in chassis slot 2 provides 
communication on the port10 interface. The FortiGate-5020 chassis supports 
base backplane data communication for both interfaces with no additions or 
changes to the chassis. 

For details and configuration examples of FortiGate-5001FA2 base backplane 
communication using the FortiSwitch-5003 board, see the 

FortiGate-5000 Base 

Backplane Communication Guide

.

To enable base backplane data communication from the FortiGate-5001FA2 
web-based manager

From the FortiGate-5001FA2 web-based manager use the following steps to 
enable base backplane data communication.

1

Go to 

System > Network > Interface

.

2

Select Show backplane interfaces.

The port9 and port10 backplane interfaces now appear in the Interface list.

Note: 

Different FortiGate-5000 series boards may use different names for the base 

backplane interfaces. For example, on the FortiGate-5001SX and FortiGate-5001FA2 
boards the base backplane interfaces are called port9 and port10. On the 
FortiGate-5005FA2 and FortiGate-5001A boards the base backplane interfaces are called 
base1 and base2.

Note: 

VLAN communication over the backplane is only available for FortiGate-5005FA2 

boards installed in a FortiGate-5020 chassis. The FortiSwitch-5003 does not support 
VLAN-tagged packets so VLAN communication is not available over the FortiGate-5050 
and FortiGate-5140 chassis backplanes.

Summary of Contents for FortiGate FortiGate-5001FA2

Page 1: ...FA2 board in a FortiGate 5000 series chassis how to configure the FortiGate 5001FA2 security system for your network and contains troubleshooting information to help you diagnose and fix problems The most recent versions of this and all FortiGate 5000 series documents are available from the FortiGate 5000 page of the Fortinet Technical Documentation web site http docs forticare com Visit http supp...

Page 2: ... assembly the operating ambient temperature of the rack environment may be greater than room ambient Make sure the operating ambient temperature does not exceed the manufacturer s maximum rated ambient temperature Installing FortiGate 5000 series equipment in a rack should be such that the amount of airflow required for safe operation of the equipment is not compromised Refer to the ATCA specifica...

Page 3: ...Gate 5001FA2 board from a chassis 17 Troubleshooting 18 FortiGate 5001FA2 does not startup 18 FortiGate 5001FA2 cannot display chassis information 20 Quick Configuration Guide 21 Registering your Fortinet product 21 Planning the configuration 21 NAT Route mode 22 Transparent mode 22 Choosing the configuration tool 23 Web based manager 23 Command Line Interface CLI 23 Factory default settings 24 Co...

Page 4: ...0080606 Contents For more information 33 Fortinet documentation 33 Fortinet Tools and Documentation CD 33 Fortinet Knowledge Center 33 Comments on Fortinet technical documentation 33 Customer service and technical support 33 Register your Fortinet product 33 ...

Page 5: ...pports high end FortiGate features including 802 1Q VLANs multiple virtual domains 802 3ad aggregate interfaces and FortiGate 5000 chassis monitoring Figure 1 FortiGate 5001FA2 front panel The FortiGate 5001FA2 board includes the following features A total of eight front panel gigabit interfaces Two accelerated packet forwarding and policy enforcement gigabit interfaces that can accept optical Sma...

Page 6: ...s and describes the FortiGate 5001FA2 board LEDs Table 1 FortiGate 5001FA2 board LEDs LED State Description PWR Green The FortiGate 50012FA2 board is powered on ACC Off or Flashing red The ACC LED flashes red when the FortiGate 5001FA2 board accesses the FortiOS flash disk The FortiOS flash disk stores the current FortiOS firmware build and configuration files The system accesses the flash disk wh...

Page 7: ... equipment has power Flashing Network activity at this interface Speed LED Green The interface is connected at 1000 Mbps Amber The interface is connected at 100 Mbps Unlit The interface is connected at 10 Mbps Table 1 FortiGate 5001FA2 board LEDs Continued LED State Description Table 2 FortiGate 5001FA2 connectors Connector Type Speed Protocol Description 1 and 2 LC SFP 1000Base SX Ethernet Two ac...

Page 8: ...high CPU requirement for antivirus scanning FA2 interfaces and active active HA performance FortiOS v3 0 MR4 firmware can also use FA2 acceleration to improve active active HA load balancing performance See the FortiGate HA Overview or the FortiGate HA Guide for more information Base backplane gigabit communication The FortiGate 5001FA2 port9 and port10 base backplane gigabit interfaces can be use...

Page 9: ...001FA2 board ships with two RAM DIMMs installed on the FortiGate 5001FA2 circuit board You should confirm that the RAM DIMMs are installed correctly before inserting the FortiGate 5001FA2 board into a chassis To install FortiGate 5001FA2 RAM DIMMs To complete this procedure you need A FortiGate 5001FA2 board Two RAM DIMMs to be installed into the FortiGate 5001FA2 board RAM DIMM slots An electrost...

Page 10: ... If you cannot lock the locking levers the DIM is not aligned correctly or is in upside down Installing SFP transceivers The FortiGate 5001FA2 board ships with four SFP transceivers that you must install for normal operation of the FortiGate 5001FA2 board The SFP transceivers are inserted into cage sockets numbered 1 to 4 on the FortiGate 5001FA2 front panel You can install the SFP transceivers be...

Page 11: ...mper settings The JP3 jumper on the FortiGate 5001FA2 board is factory set by Fortinet into one of two positions see Figure 3 on page 12 For a FortiGate 5140 or FortiGate 5050 chassis the jumper connects pins 2 and 3 For a FortiGate 5020 chassis the jumper connects pins 1 and 2 The jumper must connect pins 2 and 3 if the chassis contains a shelf manager Both the FortiGate 5140 and the FortiGate 50...

Page 12: ...orrect JP3 Jumper Setting Result of wrong jumper setting FortiGate 5140 pins 2 and 3 Shelf manager cannot find FortiGate 5001FA2 board No chassis information available FortiGate 5050 pins 2 and 3 Shelf manager cannot find FortiGate 5001FA2 board No chassis information available FortiGate 5020 pins 1 and 2 FortiGate 5001FA2 board will not start up Note If the shelf manager in a FortiGate 5140 or Fo...

Page 13: ...tiGate 5001FA2 board into a chassis The following procedure describes how to correctly use the FortiGate 5001FA2 mounting components shown in Figure 4 to insert a FortiGate 5001FA2 board into a FortiGate 5000 series chassis slot The FortiGate 5001FA2 board left handle contacts to a hidden power switch The board must be fully installed in a chassis slot and this handle must be closed and locked for...

Page 14: ...r not the FortiGate 5000 series chassis is powered on To insert a FortiGate 5001FA2 board into a FortiGate 5000 series chassis To complete this procedure you need A FortiGate 5001FA2 board A FortiGate 5000 series chassis with an empty slot An electrostatic discharge ESD preventive wrist strap with connection cord Closed Open Alignment Pin Retention Screw Lock Handle Alignment Pin Retention Screw L...

Page 15: ... the front faceplate not the handles to slide the board into the slot The board should glide smoothly into the chassis If you encounter any resistance while sliding the board in the board could be aligned incorrectly Pull the board back out and try inserting it again 6 Slide the board in until the alignment pins are inserted half way into their sockets in the chassis If the chassis is powered on t...

Page 16: ...they lock into place If the chassis is powered on as the board slides into place the IPM LED starts flashing blue 8 Fully tighten the left and right retention screws to lock the FortiGate 5001FA2 board into position in the chassis slot If the chassis is powered on the PWR LED turns green and the STA LED turns red The ACC LED also starts flashing red After a few minutes if the board is operating co...

Page 17: ...assis or frame 2 Disconnect all cables from the FortiGate 5001FA2 board including all network cables the console cable and any USB cables or keys 3 Fully loosen the retention screws on the left and right sides of the FortiGate 5001FA2 front panel 4 Unlock the left and right handles by squeezing the handle locks Caution Do not carry the FortiGate 5001FA2 board by holding the handles When inserting ...

Page 18: ...mpletely out of the slot Troubleshooting This section describes the following troubleshooting topics FortiGate 5001FA2 does not startup FortiGate 5001FA2 cannot display chassis information FortiGate 5001FA2 does not startup Positioning of FortiGate 5001FA2 handles the presence or absence of a functioning shelf manager incorrect jumper settings and firmware problems may all prevent a FortiGate 5001...

Page 19: ...rtiGate 5140 or 5050 chassis shelf manager not installed or not functioning If you are operating a FortiGate 5001FA2 in a FortiGate 5140 or 5050 chassis the FortiGate 5001FA2 board will not start up if the JP3 jumper connects pins 2 and 3 see Figure 3 on page 12 and a shelf manager is not installed or is not operating correctly If the shelf manager is not installed or not operating correctly when ...

Page 20: ...d if the JP3 jumper is set between pins 2 and 3 the FortiGate 5001FA2 board should be able to communicate with the chassis shelf manager If the FortiGate 5001FA2 board can communicate with the shelf manager the FortiGate 5001FA2 web based manager System Chassis pages should display information about the boards installed in the chassis If any one of the conditions listed above are not met theFortiG...

Page 21: ... mode Configuring Transparent mode Upgrading FortiGate 5001FA2 firmware FortiGate 5001FA2 base backplane data communication Powering off the FortiGate 5001FA2 board Registering your Fortinet product Register your Fortinet product to receive Fortinet customer services such as product updates and technical support You must also register your product for FortiGuard services such as FortiGuard Antivir...

Page 22: ...perate in NAT mode or in Route mode In NAT mode the FortiGate firewall performs network address translation before IP packets are sent to the destination network In Route mode no translation takes place Figure 7 Example FortiGate 5001FA2 board operating in NAT Route mode Transparent mode In Transparent mode the FortiGate 5001FA2 security system is invisible to the network All of the FortiGate 5001...

Page 23: ... interface addresses the default gateway and the DNS server addresses Requirements An Ethernet connection between the FortiGate 5001FA2 board and management computer Internet Explorer 6 0 or higher on the management computer Command Line Interface CLI The CLI is a full featured management tool Use it to configure the administrator password the interface addresses the default gateway and the DNS se...

Page 24: ...tmask 192 168 100 99 24 Default route Gateway 192 168 100 1 Device port2 Primary DNS Server 65 39 139 53 Secondary DNS Server 65 39 139 53 Note At any time during the configuration process if you run into problems you can reset the FortiGate 5001FA2 board to the factory defaults and start over From the web based manager go to System Status find System Operation at the bottom of the page and select...

Page 25: ...inistrator and enter a new password To configure interfaces 1 Go to System Network Interface 2 Select the edit icon for each interface to configure 3 Set the addressing mode for the interface See the online help for information For manual addressing enter the IP address and netmask for the interface that you added to Table 6 on page 24 For DHCP addressing select DHCP and any required settings For ...

Page 26: ...inistrator password config system admin edit admin set password password end 5 Configure the port1 internal interface to the setting that you added to Table 6 on page 24 config system interface edit port1 set ip intf_ip netmask_ip end 6 Repeat to configure each interface as required for example to configure the port2 interface to the setting that you added to Table 6 on page 24 config system inter...

Page 27: ...sparent 3 Set the Management IP Netmask to the settings that you added to Table 7 on page 27 4 Set the default Gateway to the setting that you added to Table 7 on page 27 To change the admin administrator password 1 Go to System Admin Administrators 2 Select Change Password for the admin administrator and enter the password that you added to Table 7 on page 27 To change the management interface 1 ...

Page 28: ...arent set manageip mng_ip netmask set gateway gateway_ip end 5 Configure the primary and secondary DNS server IP addresses to the settings that you added to Table 7 on page 27 config system dns set primary dns server_ip set secondary dns server_ip end Upgrading FortiGate 5001FA2 firmware Fortinet periodically updates the FortiGate 5001FA2 FortiOS firmware to include enhancements and address issues...

Page 29: ... TFTP server 3 Log into the CLI 4 Make sure the FortiGate board can connect to the TFTP server You can use the following command to ping the computer running the TFTP server For example if the IP address of the TFTP server is 192 168 1 168 execute ping 192 168 1 168 5 Enter the following command to copy the firmware image from the TFTP server to the FortiGate 5001FA2 board execute restore image na...

Page 30: ...stalled in chassis slot 2 provides communication on the port10 interface The FortiGate 5020 chassis supports base backplane data communication for both interfaces with no additions or changes to the chassis For details and configuration examples of FortiGate 5001FA2 base backplane communication using the FortiSwitch 5003 board see the FortiGate 5000 Base Backplane Communication Guide To enable bas...

Page 31: ...port10 backplane interfaces now appear in all Interface lists Powering off the FortiGate 5001FA2 board To avoid potential hardware problems always shut down the FortiGate 5001FA2 operating system properly before removing the FortiGate 5001FA2 board from a chassis slot or before powering down the chassis To power off a FortiGate 5001FA2 board 1 Shut down the FortiGate 5001FA2 operating system From ...

Page 32: ...FortiGate 5001FA2 Security System Guide 32 01 30000 0379 20080606 Powering off the FortiGate 5001FA2 board Quick Configuration Guide ...

Page 33: ...ble from the Fortinet Knowledge Center The knowledge center contains troubleshooting and how to articles FAQs technical notes and more Visit the Fortinet Knowledge Center at http kc forticare com Comments on Fortinet technical documentation Please send information about any errors or omissions in this document or any Fortinet technical documentation to techdoc fortinet com Customer service and tec...

Page 34: ... and FortiGuard are registered trademarks and Dynamic Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard Antispam FortiGuard Antivirus FortiGuard Intrusion FortiGuard Web FortiLog FortiAnalyzer FortiManager FortiOS FortiPartner FortiProtect FortiReporter FortiResponse FortiShield and FortiVoIP are trade...

Reviews:

No comments

Related manuals for FortiGate FortiGate-5001FA2

IBM SP3001 Replacement Instructions preview
SP3001
Brand: IBM Pages: 2
Dojo Pebble User Manual preview
Pebble
Brand: Dojo Pages: 34
Stonesoft StoneGate SG-200 Quick Start Manual preview
StoneGate SG-200
Brand: Stonesoft Pages: 25
Stonesoft FW-1030 Appliance Installation Manual preview
FW-1030
Brand: Stonesoft Pages: 27
Stonesoft StoneGate FW-5105 Installation Manual preview
StoneGate FW-5105
Brand: Stonesoft Pages: 35
NETGEAR FVG318v2 - ProSafe 802.11g Wireless VPN Firewall Switch Use Manual preview
FVG318v2 - ProSafe 802.11g Wireless VPN Firewall Switch
Brand: NETGEAR Pages: 9
NETGEAR FVS328 - ProSafe VPN Firewall Reference Manual preview
FVS328 - ProSafe VPN Firewall
Brand: NETGEAR Pages: 228

Brands by name

Popular brands

Load more brands