98
Fortinet Inc.
Configuring routing
Network configuration
Configuring the routing table
The routing table shows the destination IP address and mask of each route you add
as well as the gateways and devices added to the route. The routing table also
displays the gateway connection status. A green check mark indicates that the
FortiGate unit has used the ping server and dead gateway detection to determine that
it can connect to the gateway; a red X means that a connection cannot be established.
A blue question mark means that the connection status is unknown. For more
information, see
“Adding a ping server to an interface” on page 91
, and
The FortiGate unit assigns routes by searching for a match starting at the top of the
routing table and moving down until it finds the first match. You must arrange routes in
the routing table from more specific to more general. The default route is the most
general route. If you add a default route, it should be at the bottom of the routing table.
1
Go to
System > Network > Routing Table
.
2
Choose a route to move and select Move to
to change its order in the routing
table.
3
Type a number in the Move to field to specify where in the routing table to move the
route and select OK.
4
Select Delete
to remove a route from the routing table.
Figure 3: Routing table
Policy routing
Policy routing extends the functions of destination routing. Using policy routing you
can route traffic based not only the destination address but also on:
• Source address
• Protocol, service type, or port range
• Incoming or source interface
Using policy routing you can build a routing policy database (RPDB) that selects the
appropriate route for traffic by executing a set of routing rules. To select a route for
traffic the FortiGate unit matches the traffic with the policy routes added to the RPDB
starting at the top of the list. The first policy route to match the traffic is used to set the
route for the traffic. The route supplies the next hop gateway as well as the FortiGate
interface to be used by the traffic.
Packets are matched with policy routes before they are matched with destination
routes. If a packet does not match a policy route it is routed using destination routes.
Содержание FortiGate FortiGate-50
Страница 16: ...16 Fortinet Inc Customer service and technical support Introduction...
Страница 32: ...32 Fortinet Inc Next steps Getting started...
Страница 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation...
Страница 88: ...88 Fortinet Inc Registering a FortiGate unit after an RMA Virus and attack definitions updates and registration...
Страница 112: ...112 Fortinet Inc Customizing replacement messages System configuration...
Страница 144: ...144 Fortinet Inc Content profiles Firewall configuration...
Страница 202: ...202 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS...
Страница 216: ...216 Fortinet Inc Exempt URL list Web filtering...
Страница 228: ...228 Fortinet Inc Configuring alert email Logging and reporting...
Страница 232: ...232 Fortinet Inc Glossary...