Fortinet FortiGate FortiGate-ASM-FB4 Скачать руководство пользователя | Manualshive

Страница: 6 / 24

background image

FortiGate-ASM-FB4 Version 1.0 Technical Note

6

01-30005-0424-20071002

Fortinet documentation

Introduction

•

FortiGate-ASM-FB4 hardware

describes FortiGate-ASM-FB4 module features,

installation and removal.

•

Specialized CLI settings

describes configuration options in the CLI that

become available when a FortiGate-ASM-FB4 module is installed in a
FortiGate unit.

•

Examples

contains hardware accelerated sample configurations and network

topologies.

Fortinet documentation

The most up-to-date publications and previous releases of Fortinet product
documentation are available from the Fortinet Technical Documentation web site
at

http://docs.forticare.com

.

Fortinet Tools and Documentation CD

All Fortinet documentation is available on the Fortinet Tools and Documentation
CD shipped with your Fortinet product. The documents on this CD are current at
shipping time. For up-to-date versions of Fortinet documentation, see the Fortinet
Technical Documentation web site at

http://docs.forticare.com

.

Fortinet Knowledge Center

Additional Fortinet technical documentation is available from the Fortinet
Knowledge Center. The knowledge center contains troubleshooting and how-to
articles, FAQs, technical notes, and more. Visit the Fortinet Knowledge Center at

http://kc.forticare.com

.

Comments on Fortinet technical documentation

Please send information about any errors or omissions in this document, or any
Fortinet technical documentation, to

[email protected]

.

Customer service and technical support

Fortinet Technical Support provides services designed to make sure that your
Fortinet systems install quickly, configure easily, and operate reliably in your
network.

Please visit the Fortinet Technical Support web site at

http://support.fortinet.com

to learn about the technical support services that Fortinet provides.

«
...
4
5
6
7
8
...
»

Содержание FortiGate FortiGate-ASM-FB4

Страница 1: ...www fortinet com FortiGate ASM FB4 Version 1 0 T E C H N I C A L N O T E...

Страница 2: ...Fortinet Inc Trademarks Dynamic Threat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard FortiGuard Antispam F...

Страница 3: ...to offloading requirements 9 IPSec offloading requirements 9 HA active active offloading requirements 10 FortiGate ASM FB4 hardware 11 Installation and removal 11 To install SFP transceivers 11 To ins...

Страница 4: ...FortiGate ASM FB4 Version 1 0 Technical Note 4 01 30005 0424 20071002 Contents...

Страница 5: ...such as streaming multimedia traffic with long session lifetimes such as FTP IPSec VPN traffic active active HA load balanced traffic P2P traffic Eligible traffic processing is offloaded to the FortiG...

Страница 6: ...duct The documents on this CD are current at shipping time For up to date versions of Fortinet documentation see the Fortinet Technical Documentation web site at http docs forticare com Fortinet Knowl...

Страница 7: ...The FortiGate ASM FB4 module continuously matches packets arriving on its network interfaces against the session keys and SAs it has received from the FortiGate unit If a FortiGate ASM FB4 module s ne...

Страница 8: ...800 IEEE 802 1q VLAN specification is supported link aggregation between FortiGate ASM FB4 module network interfaces may be used IEEE 802 3ad specification is supported Layer 3 protocol must beIPv4 La...

Страница 9: ...but still utilize FortiGate ASM FB4 modules encryption and other capabilities Exceptions include IPSec traffic and active active high availability HA load balanced traffic IPSec offloading requiremen...

Страница 10: ...yption offload Ingress packet Offloaded encryption Encrypted ESP packet egress fast path Packet from FortiGate unit Offloaded encryption Encrypted ESP packet egress HA active active offloading require...

Страница 11: ...he SFP cage sockets on the FortiGate ASM FB4 module front panel 3 Hold the sides of the SFP transceiver and slide the SFP transceiver into the cage until it clicks into place Repeat this action for ea...

Страница 12: ...le into the extended position This unlocks the module from the FortiGate unit 4 Gently pull the latch to remove the module SFP network interfaces FortiGate ASM FB4 modules support both SerDes and SGMI...

Страница 13: ...interface When editing a network interface associated with one of the FortiGate ASM FB4 module s SFP transceivers additional settings appear The following settings configure the SFP media type and whe...

Страница 14: ...curity option pass_ipsecurity Allow IP with security option to pass drop_ipssrr Drop IP with strict source record route option pass_ipssrr Allow IP with strict source record route option to pass drop_...

Страница 15: ...n is enabled in Phase 2 configuration If replay detection is disabled encryption is always offloaded disable dec offload antireplay enable disable Enable or disable offloading of IPSec decryption This...

Страница 16: ...05 0424 20071002 config system npu Specialized CLI settings Example You could configure the traffic shaping limit to be applied as a bidirectional total limit during hardware accelerated sessions conf...

Страница 17: ...tion contains example IPSec configurations whose IPSec encryption and decryption processing is hardware accelerated by FortiGate ASM FB4 modules Figure 1 illustrates the example network topology Table...

Страница 18: ...e CLI For details on encryption and decryption offloading options available in the CLI see config system npu on page 15 4 Go to Firewall Policy 5 Configure one policy to apply the Phase 1 IPSec tunnel...

Страница 19: ...2 set dst 1 1 1 0 255 255 255 0 set gateway 3 3 3 1 next end 15 Activate the IPSec tunnel by sending traffic between the two protected networks To verify tunnel activation go to VPN IPSEC Monitor Acce...

Страница 20: ...section select Specify and type the VPN IP address 3 3 3 1 which is the IP address of FortiGate_1 s FortiGate ASM FB4 module port 2 10 Configure Phase 2 If you enable the checkbox Enable replay detect...

Страница 21: ...18 19 20 ESP 10 F fast path 5 required session characteristics 8 FortiASIC 5 FortiGate documentation commenting on 6 Fortinet documentation 6 Fortinet Knowledge Center 6 fragmented packets 8 FTP 5 9 H...

Страница 22: ...n SA 7 10 15 security option 14 SerDes 14 session key 7 lifetime 5 SFP cages 11 media type 13 14 transceivers 11 SFP small form factor pluggable network interfaces 5 SFP transceivers 11 SGMII 14 15 SH...

Страница 23: ...www fortinet com...

Страница 24: ...www fortinet com...

Отзывы:

Нет отзывов

Похожие инструкции для FortiGate FortiGate-ASM-FB4

Data Loss Prevention Prevent

Бренд: McAfee Страницы: 8

Control Box 1000 Serie

Бренд: Kerio Tech Страницы: 24

Бренд: PaloAlto Networks Страницы: 36

Бренд: NETGEAR Страницы: 2

FVG318 - ProSafe 802.11g Wireless VPN Firewall 8 Router

Бренд: NETGEAR Страницы: 202

Бренд: Netgate Страницы: 35

Бренд: Juniper Страницы: 483

Бренд: SonicWALL Страницы: 2

Бренд: M-Audio Страницы: 20

Бренд: Cisco Страницы: 18

amp threat grid

Бренд: Cisco Страницы: 50

RouteFinder RF850

Бренд: Multitech Страницы: 194

RouteFinder RF650VPN

Бренд: Multitech Страницы: 240

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды