80
Fortinet Inc.
Updating antivirus and attack definitions
Virus and attack definitions updates and registration
5
Set Port to the External Service Port added to the virtual IP.
For the example topology, enter 45001.
6
Select Apply.
The FortiGate unit sends the override push IP address and Port to the FDN. The FDN
will now use this IP address and port for push updates to the FortiGate unit on the
internal network.
If the External IP Address or External Service Port change, add the changes to the
Use override push configuration and select Apply to update the push information on
the FDN.
Figure 4: Example push update configuration
7
Select Apply.
8
You can select Refresh to make sure that push updates work.
Push Update should change to Available.
Scheduled updates through a proxy server
If your FortiGate unit must connect to the Internet through a proxy server, you can use
the
set system autoupdate tunneling
command to allow the FortiGate unit to
connect (or tunnel) to the FDN using the proxy server. Using the command you can
specify the IP address and port of the proxy server. As well, if the proxy server
requires authentication, you can add the user name and password required for the
proxy server to the autoupdate configuration. The full syntax for enabling updates
through a proxy server is:
set system autouopdate tunneling enable [address
<proxy-address_ip> [port <proxy-port> [username <username_str>
[password <password_str>]]]]
For example, if the IP address of the proxy server is 64.23.6.89 and its port is 8080,
enter the following command:
set system autouopdate tunneling enable address 64.23.6.89
port 8080
For more information about the
set system autoupdate
command, see
Volume 6,
FortiGate CLI Reference Guide.
The FortiGate unit connects to the proxy server using the HTTP CONNECT method,
as described in RFC 2616. The FortiGate unit sends an HTTP CONNECT request to
the proxy server (optionally with authentication information) specifying the IP address
and port required to connect to the FDN. The proxy server establishes the connection
to the FDN and passes information between the FortiGate unit and the FDN.
The CONNECT method is used mostly for tunneling SSL traffic. Some proxy servers
won't allow the CONNECT to connect to just any port; they restrict the allowed ports to
the well known ports for HTTPS and perhaps some other similar services. Because
FortiGate autoupdates use HTTPS on port 8890 to connect to the FDN, your proxy
server may have to be configured to allow connections on this port.
Содержание FortiGate FortiGate-50
Страница 16: ...16 Fortinet Inc Customer service and technical support Introduction...
Страница 32: ...32 Fortinet Inc Next steps Getting started...
Страница 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation...
Страница 88: ...88 Fortinet Inc Registering a FortiGate unit after an RMA Virus and attack definitions updates and registration...
Страница 112: ...112 Fortinet Inc Customizing replacement messages System configuration...
Страница 144: ...144 Fortinet Inc Content profiles Firewall configuration...
Страница 202: ...202 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS...
Страница 216: ...216 Fortinet Inc Exempt URL list Web filtering...
Страница 228: ...228 Fortinet Inc Configuring alert email Logging and reporting...
Страница 232: ...232 Fortinet Inc Glossary...