Fortinet FortiGate FortiGate-5005FA2 Security System Manual Download Page 1

Page: 1 / 30

www.fortinet.com

FortiGate-5005FA2 Security System Guide

01-30000-0377-20070201

FortiGate-5005FA2

S e c u r i t y S y s t e m G u i d e

CONSOLE

ACT

LINK

BRIC

BASE

USB

OOS

ACC

STATUS

IPM

A detailed guide to the features and capabilities FortiGate-5005FA2 Security System. This

FortiGate-5005FA2

Security System Guide

describes FortiGate-5005FA2 hardware features, how to install the FortiGate-5005FA2

module in a FortiGate-5000 series chassis, how to configure the FortiGate-5005FA2 security system for your
network, and contains troubleshooting information to help you diagnose and fix problems.

The most recent versions of this and all FortiGate-5000 series documents are available from the

FortiGate-5000

page of the

Fortinet Technical Documentation

web site (

http://docs.forticare.com

Visit

http://support.fortinet.com

to register your FortiGate-5005FA2 system. By registering you can receive product

updates, technical support, and FortiGuard services.

Summary of Contents for FortiGate FortiGate-5005FA2

Page 1: ...w to install the FortiGate 5005FA2 module in a FortiGate 5000 series chassis how to configure the FortiGate 5005FA2 security system for your network and contains troubleshooting information to help you diagnose and fix problems The most recent versions of this and all FortiGate 5000 series documents are available from the FortiGate 5000 page of the Fortinet Technical Documentation web site http do...

Page 2: ...000 series component in a closed or multi unit rack assembly the operating ambient temperature of the rack environment may be greater than room ambient Make sure the operating ambient temperature does not exceed the manufacturer s maximum rated ambient temperature Installing FortiGate 5000 series equipment in a rack should be such that the amount of airflow required for safe operation of the equip...

Page 3: ...odule 13 Troubleshooting 15 FortiGate 5005FA2 does not start up 15 Quick Configuration Guide 17 Registering your Fortinet product 17 Planning the configuration 17 NAT Route mode 18 Transparent mode 18 Choosing the configuration tool 19 Web based manager 19 Command Line Interface CLI 20 Factory default settings 20 Configuring NAT Route mode 21 Using the web based manager to configure NAT Route mode...

Page 4: ...0070201 Contents For more information 29 Fortinet documentation 29 Fortinet Tools and Documentation CD 29 Fortinet Knowledge Center 29 Comments on Fortinet technical documentation 29 Customer service and technical support 29 Register your Fortinet product 29 ...

Page 5: ...802 1Q VLANs multiple virtual domains 802 3ad aggregate interfaces and FortiGate 5000 chassis monitoring Figure 1 FortiGate 5005FA2 front panel The FortiGate 5005FA2 module includes the following features A total of eight front panel gigabit interfaces that can accept Small Formfactor Pluggable SFP fiber or copper gigabit transceivers Six standard gigabit interfaces interfaces 1 to 6 Two accelerat...

Page 6: ...e 5005FA2 module LEDs LED State Description Fabric ACT 2 Amber Network activity at backplane fabric interface 2 LINK 2 Green Backplane fabric interface 2 is connected at 1000 Mbps ACT 1 Amber Network activity at backplane fabric interface 1 LINK 1 Green Backplane fabric interface 1 is connected at 1000 Mbps Base ACT 2 Amber Network activity at backplane base interface 2 backplane2 LINK 2 Green Bac...

Page 7: ...e Installing FortiGate 5005FA2 modules on page 10 for more information Flashing Blue The FortiGate 5005FA2 is changing from hot swap to running mode or from running mode to hot swap Off Normal operation The FortiGate 5005FA2 module is in contact with the chassis backplane 1 2 3 4 5 6 7 8 Green The correct cable is connected to the gigabit SFP interface Flashing Network activity at the gigabit SFP ...

Page 8: ... or the FortiGate HA Guide for more information Base backplane gigabit communication The FortiGate 5005FA2 base1 and base2 backplane gigabit interfaces can be used for HA heartbeat communication between FortiGate 5005FA2 modules installed in the same or in different FortiGate 5000 chassis You can also configure FortiGate 5005FA2 modules to use the base backplane interfaces for data communication b...

Page 9: ...n install the following types of SFP transceivers for connectors 1 to 8 SFP fiber transceivers SFP 1000Base LX SM module SFP 1000Base SX MM module multimode SFP copper transceivers SFP 1000Base T SERDES version only SGMII version not supported To install SFP transceivers To complete this procedure you need A FortiGate 5005FA2 module Eight SFP transceivers An electrostatic discharge ESD preventive ...

Page 10: ...5005FA2 module all the way into the chassis to not use too much force on the extraction levers and to make sure that the extraction levers are properly locked Only then will the FortiGate 5005FA2 module power on and start up correctly Figure 2 FortiGate 5005FA2 module mounting components You can install SFP transceivers into the FortiGate 5005FA2 front cage slots either before or after installing ...

Page 11: ...action lever locks 3 Open the left and right extraction levers to their fully open positions 4 Insert the FortiGate 5005FA2 module into the empty slot in the chassis Caution Do not carry the FortiGate 5005FA2 module by holding the extraction levers When inserting or removing the FortiGate 5005FA2 module from a chassis slot handle the module by the front panel The extraction levers are designed for...

Page 12: ...should be in contact with the chassis front panel When the extraction levers are fully closed they lock into place If the chassis is powered on as the module slides into place the IPM LED starts flashing blue If the module is aligned correctly inserted all the way into the slot and the extraction levers are properly locked the IPM LED flashes blue for a few seconds At the same time the STATUS LED ...

Page 13: ...ventive wrist or ankle strap with connection cord 1 Attach the ESD wrist or ankle strap to your wrist or ankle and to an ESD socket or to a bare metal surface on the chassis or frame 2 Disconnect all cables from the FortiGate 5005FA2 module including all network cables the console cable and any USB cables or keys Tighten Mounting Knot Caution Do not carry the FortiGate 5005FA2 module by holding th...

Page 14: ...extraction levers slides the module a short distance out of the slot disconnecting the module from the chassis backplane The IPM LED turns solid blue All other LEDs turn off 6 Pull the module about half way out All LEDs turn off 7 Turn both extraction levers to their fully closed positions When the extraction levers are fully closed they lock into place 8 Carefully slide the module completely out ...

Page 15: ...ositioned incorrectly the FortiGate 5005FA2 module will not start up Make sure the extraction levers are correctly aligned fully inserted and locked All chassis Firmware problem If the FortiGate 5005FA2 module is receiving power and the extraction levers are fully closed and the FortiGate 5005FA2 still does not start up the problem could be with FortiOS Connect to the FortiGate 5005FA2 console and...

Page 16: ...FortiGate 5005FA2 Security System Guide 16 01 30000 0377 20070201 Troubleshooting Hardware installation ...

Page 17: ...ing Transparent mode Upgrading FortiGate 5005FA2 firmware FortiGate 5005FA2 base backplane data communication Powering off the FortiGate 5005FA2 module Registering your Fortinet product Register your Fortinet product to receive Fortinet customer services such as product updates and technical support You must also register your product for FortiGuard services such as FortiGuard Antivirus and Intrus...

Page 18: ...or in Route mode In NAT mode the FortiGate firewall performs network address translation before IP packets are sent to the destination network In Route mode no translation takes place Figure 3 Example FortiGate 5005FA2 module operating in NAT Route mode Transparent mode In Transparent mode the FortiGate 5005FA2 security system is invisible to the network All of the FortiGate 5005FA2 interfaces are...

Page 19: ...anager The FortiGate 5005FA2 web based manager is an easy to use management tool Use the web based manager to configure the FortiGate 5005FA2 administrator password the interface addresses the default gateway and the DNS server addresses Requirements An Ethernet connection between the FortiGate 5005FA2 module and management computer Internet Explorer 6 0 or higher on the management computer CONSOL...

Page 20: ...005FA2 module onto the network To configure the FortiGate 5005FA2 module onto the network you add an administrator password change the network interface IP addresses add DNS server IP addresses and if required configure basic routing Table 4 FortiGate 5005FA2 factory default settings Operation Mode NAT Route Administrator Account User Name admin Password none port1 IP Netmask 192 168 1 99 24 port2...

Page 21: ...ode settings Admin Administrator Password port1 IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ port2 IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ port3 IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ port4 IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ port5 IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ port6 IP _____ _____ _____ _____ ...

Page 22: ...ings To configure the Primary and Secondary DNS server IP addresses 1 Go to System Network Options 2 Enter the Primary and Secondary DNS IP addresses that you added to Table 5 on page 21 as required and select Apply To configure the Default Gateway 1 Go to Router Static and select Edit icon for the static route 2 Select the Device that you recorded above 3 Set Gateway to the Default Gateway IP add...

Page 23: ...gateway gateway_ip end Configuring Transparent mode Use Table 6 to gather the information you need to customize Transparent mode settings Using the web based manager to configure Transparent mode 1 Connect port1 of the FortiGate 5005FA2 module to the same hub or switch as the computer you will use to configure the FortiGate module Table 6 Transparent mode settings Admin Administrator Password Mana...

Page 24: ...or the admin administrator and enter the password that you added to Table 6 on page 23 To change the management interface 1 Go to System Config Operation 2 Enter the Management IP address and netmask hat you added to Table 6 on page 23 and select Apply To configure the Primary and Secondary DNS server IP addresses 1 Go to System Network Options 2 Enter the Primary and Secondary DNS IP addresses th...

Page 25: ...manager or CLI and using the FortiUSB key see the FortiGate 5000 Series Firmware and FortiUSB Guide To upgrade the firmware using the web based manager 1 Copy the firmware image file to your management computer 2 Log into the web based manager as the admin administrator 3 Go to System Status 4 Under System Information Firmware Version select Update 5 Type the path and filename of the firmware imag...

Page 26: ...ntivirus and attack definitions You can use the command execute update now FortiGate 5005FA2 base backplane data communication You can configure the FortiGate 5005FA2 modules for data communications using the two FortiGate 5140 FortiGate 5050 or FortiGate 5020 chassis base backplane interfaces By default the base backplane interfaces are not enabled for data communication Using the information in ...

Page 27: ...FortiSwitch 5003 module see the FortiGate 5000 Base Backplane Communication Guide To enable base backplane data communication from the FortiGate 5005FA2 web based manager From the FortiGate 5005FA2 web based manager use the following steps to enable base backplane data communication 1 Go to System Network Interface 2 Select Show backplane interfaces The base1 base2 fabric1 and fabric2 backplane in...

Page 28: ...the FortiGate 5005FA2 module from a chassis slot or before powering down the chassis To power off a FortiGate 5005FA2 module 1 Shut down the FortiGate 5005FA2 operating system From the web based manager go to System Status System Operation select Shutdown and then select Go From the CLI enter execute shutdown 2 Remove the FortiGate 5005FA2 module from the chassis slot Note Once a shutdown operatio...

Page 29: ...ble from the Fortinet Knowledge Center The knowledge center contains troubleshooting and how to articles FAQs technical notes and more Visit the Fortinet Knowledge Center at http kc forticare com Comments on Fortinet technical documentation Please send information about any errors or omissions in this document or any Fortinet technical documentation to techdoc fortinet com Customer service and tec...

Page 30: ...ynamic Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard FortiGuard Antispam FortiGuard Antivirus FortiGuard Intrusion FortiGuard Web FortiLog FortiAnalyzer FortiManager Fortinet FortiOS FortiPartner FortiProtect FortiReporter FortiResponse FortiShield FortiVoIP and FortiWiFi are trademarks of Fortinet...

Search results

Summary of Contents for FortiGate FortiGate-5005FA2

Reviews:

Related manuals for FortiGate FortiGate-5005FA2

Brands by name

Popular brands

Fortinet FortiGate FortiGate-5005FA2, Security System Manual

Search results

Summary of Contents for FortiGate FortiGate-5005FA2

Reviews:

Related manuals for FortiGate FortiGate-5005FA2

Brands by name

Popular brands