System network
Configuring interfaces
FortiGate-100A Administration Guide
01-28007-0068-20041203
57
3
Set Ping Server to the IP address of the next hop router on the network connected to
the interface.
4
Select the Enable check box.
5
Select OK to save the changes.
To control administrative access to an interface
For a FortiGate unit running in NAT/Route mode, you can control administrative
access to an interface to control how administrators access the FortiGate unit and the
FortiGate interfaces to which administrators can connect.
Controlling administrative access for an interface connected to the Internet allows
remote administration of the FortiGate unit from any location on the Internet. However,
allowing remote administration from the Internet could compromise the security of
your FortiGate unit. You should avoid allowing administrative access for an interface
connected to the Internet unless this is required for your configuration. To improve the
security of a FortiGate unit that allows remote administration from the Internet:
• Use secure administrative user passwords,
• Change these passwords regularly,
• Enable secure administrative access to this interface using only HTTPS or SSH,
• Do not change the system idle timeout from the default value of 5 minutes (see
“To
set the system idle timeout” on page 83
).
To configure administrative access in Transparent mode, see
“To configure the
management interface” on page 60
.
1
Go to
System > Network > Interface
.
2
Choose an interface and select Edit.
3
Select the Administrative Access methods for the interface.
4
Select OK to save the changes.
To change the MTU size of the packets leaving an interface
1
Go to
System > Network > Interface
.
2
Choose an interface and select Edit.
3
Select Override default MTU value (1500).
4
Set the MTU size.
To configure traffic logging for connections to an interface
1
Go to
System > Network > Interface
.
2
Choose an interface and select Edit.
3
Select the Log check box to record log messages whenever a firewall policy accepts a
connection to this interface.
4
Select OK to save the changes.
Note:
You cannot set the MTU of a VLAN larger than the MTU of its physical interface. Nor can
you set the MTU of a physical interface smaller than the MTU of any VLAN on that interface.
Содержание FortiGate 100A
Страница 12: ...Contents 12 01 28007 0068 20041203 Fortinet Inc ...
Страница 24: ...24 01 28007 0068 20041203 Fortinet Inc FortiLog documentation Introduction ...
Страница 46: ...46 01 28007 0068 20041203 Fortinet Inc Installing and using a backup firmware image System status ...
Страница 72: ...72 01 28007 0068 20041203 Fortinet Inc Transparent mode VLAN settings System network ...
Страница 80: ...80 01 28007 0068 20041203 Fortinet Inc DHCP IP MAC binding settings System DHCP ...
Страница 114: ...114 01 28007 0068 20041203 Fortinet Inc Access profile options System administration ...
Страница 232: ...232 01 28007 0068 20041203 Fortinet Inc Profile CLI configuration Firewall ...
Страница 244: ...244 01 28007 0068 20041203 Fortinet Inc peergrp Users and authentication ...
Страница 276: ...276 01 28007 0068 20041203 Fortinet Inc ipsec vip VPN ...
Страница 338: ...338 01 28007 0068 20041203 Fortinet Inc Configuring the banned word list Spam filter ...
Страница 356: ...356 01 28007 0068 20041203 Fortinet Inc syslogd setting Log Report ...
Страница 374: ...374 01 28007 0068 20041203 Fortinet Inc Index ...