Congratulations!
You have finished configuring the basic settings. You are ready to add FortiGate devices and
collect log information. To explore the full range of configuration options, see the online help
or the Documentation CD-ROM.
Visit these links for more information and documentation for your Fortinet product.
Technical Documentation -
http://docs.forticare.com
Fortinet Knowledge Center - http://kc.forticare.com
Fortinet Technical Support - http://support.fortinet.com
•
•
•
Completing the Configuration
Configuring the FortiAnalyzer Unit
Web-based Manager
Use the following procedure to connect to the web-based manager for the first time. Configu
-
ration changes made with the web-based manager are effective immediately without reset-
ting the FortiAnalyzer unit or interrupting service.
To connect to the web-based manager
Connect the Port 1 interface of the FortiAnalyzer unit to Ethernet port of the manage-
ment computer.
Use a cross-over Ethernet cable to connect the devices directly. Use straight-through
Ethernet cables to connect the devices through a hub or switch.
Configure the management computer to be on the same subnet as the FortiAnalyzer
LAN interface.
To do this, change the IP address of the management computer to 192.168.1.2 and the
netmask to 255.255.255.0.
To access the FortiAnalyzer web-based manager, in your browser, go to
https://192.168.1.99 (remember to include the “s” in https://).
Type
admin
in the Name field and select Login.
After connecting to the Web-based manager, you can configure the FortiAnalyzer unit IP ad
-
dress, DNS server IP address, and default gateway to connect the FortiAnalyzer unit to the
network.
To configure interfaces
Go to
System > Network > Interface
.
Select the edit icon for each interface to configure.
Set the IP address and netmask for the interface.
Select OK.
To configure the Primary and Secondary DNS server IP addresses
Go to
System > Network > DNS
, enter the Primary and Secondary DNS IP addresses
select Apply.
To configure a Default Gateway
Go to
System > Network > Routing
and select Create New.
Set Gateway to the Default Gateway IP address and select OK.
1.
2.
3.
4.
1.
2.
3.
4.
1.
1.
2.
Command Line Interface
The FortiAnalyzer-2000 has an RJ-45 console port. Use the RJ-45 to DB-9 cable to connect
it to your management computer.
To connect to the FortiAnalyzer unit
Use a RJ-45 to DB-9 cable to connect the FortiAnalyzer serial port to the management
computer serial port.
Start a terminal emulation program (such as HyperTerminal) on the management com-
puter. Use these settings: Baud Rate 9600, Data bits 8, Parity None, Stop bits 1, Flow
Control None.
At the login: prompt, type
admin
and press Enter twice.
(The login prompt is preceded by the server default host name.)
After connecting to the CLI, you can configure the FortiAnalyzer unit IP address, DNS server
IP address, and default gateway to connect the FortiAnalyzer unit to the network.
To configure the FortiAnalyzer unit using the CLI
Set the IP address and netmask of the Port1 interface.
config system interface
edit port1
set ip <intf_ip>/<netmask_ip>
end
Configure the primary and secondary DNS server IP addresses.
config system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end
Configure the default gateway.
config system route
edit 1
set device <interface>
set dst <destination_ip>
set gateway <gateway_ip>
end
1.
2.
3.
1.
3.
4.
Choosing a Configuration Tool
Web-based manager
The FortiAnalyzer web-based manager is an easy to use management tool.
Use it to configure the administrator password, the interface and default gateway addresses,
and the DNS server addresses.
Requirements:
An Ethernet connection between the FortiAnalyzer unit and management computer.
Internet Explorer 6.0 or higher on the management computer.
•
•
Command Line Interface (CLI)
The CLI is a full-featured management tool. Use it to configure the administrator password,
the interface addresses, the default gateway address, and the DNS server addresses. To
configure advanced settings, see the Documentation CD-ROM.
Requirements:
An RJ-45 serial connection between the FortiAnalyzer unit and management computer.
A terminal emulation application (HyperTerminal for Windows) on the management
computer.
•
•
Adding an administration password
By default, the admin user does not have a password. To restrict access to the FortiAnalyzer
unit management account, add password for the admin user account.
To add the admin user account password
Go to
System > Admin
.
For the admin user, select the Change Password icon.
Enter a new password in the New Password box.
Reenter the password to Confirm Password box.
Select OK.
1.
2.
3.
4.
5.
Adding an administration password using the CLI
To add an administration password in the CLI enter the following commands:
config system settings
edit admin
set password <password>
end
Shutting down the FortiAnalyzer unit
When powering off the FortiAnalyzer unit, always shut down the unit using the following
procedures before disconnecting the power supply. No following this procedure can increase
the risk of damaging the FortiAnalyzer hard disk.
To power off the FortiAnalyzer unit
Go to
System > Dashboard
.
In the System Operation list, select Shut Down.
Select Go.
Once the indicates the shut down procedure has completed, disconnect the
FortiAnalyzer unit from the power source.
Shutting down the FortiAnalyzer unit using the CLI
Enter the following command at the prompt:
execute shutdown
1.
2.
3.
4.
