background image

Upgrade Guide for FortiOS v3.0 

20

01-30000-0317-20060424

System

New features and changes

The FortiGuard Center, previously the Update Center, displays several options for 
enabling the FortiGate unit to connect to the Fortinet Distribution Network (FDN), 
and for updating antivirus and attack definitions. You can also test the availability 
of FortiGuard services from this page. 

Figure 5: FortiGuard Center page 

The following tabs are no longer in the Maintenance menu: 

• Support tab is no longer available. 
• Shutdown is now located on 

System > Status > System Operation

Virtual Domain

This menu is now an option in 

System > Admin > Settings

. When you enable 

this option, you must log back into the web-based manager to configure VDOM 
settings. Both the web-based manager and CLI change as follows to reflect 
VDOM: 

• Global and per VDOM configurations are separated
• only admin administrator accounts can view or configure global options
• admin administrator accounts can configure all VDOM configurations
• admin administrator accounts can connect through any interface in the root 

VDOM

• admin administrator accounts can connect through any interface that belongs 

to a VDOM that a regular administration account has been assigned 

• a regular administration account can only configure the VDOM it is assigned to 

and access the FortiGate interface belonging to that VDOM

• a regular administration account can create a VLAN subinterface in its own 

VDOM on a physical interface in its own VDOM

Содержание FortiOS 3.0

Страница 1: ...www fortinet com Upgrade Guide for FortiOS 3 0 U P G R A D E G U I D E...

Страница 2: ...hreat Prevention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard FortiGuard Antispam FortiGuard Antivirus FortiGuard In...

Страница 3: ...upport 9 Upgrade Notes 11 Backing up configuration files 11 Setup Wizard 11 FortiLog name change 11 LCD display changes 11 Web based manager changes 12 Changes to the web based manager 13 Command Line...

Страница 4: ...nt Block 26 URL Filter 26 FortiGuard Web Filter 26 AntiSpam formerly Spam Filter 27 Banned word 28 Black White list 28 IM P2P new 28 Statistics 29 User 29 Log Report 29 Log Config 29 Log Access 30 Rep...

Страница 5: ...36 Reverting to FortiOS v2 80MR11 37 Backing up your FortiOS 3 0 configuration 37 Backing up to a FortiUSB key 37 Downgrading to FortiOS v2 80MR11 using web based manager 38 Verifying the downgrade 38...

Страница 6: ...Upgrade Guide for FortiOS v3 0 6 01 30000 0317 20060424 Contents...

Страница 7: ...ing chapters Upgrade Notes Provides information on changes and new features for FortiOS 3 0 New features and changes Provides information on what has changed from FortiOS v2 80MR11 Upgrading to FortiO...

Страница 8: ...Guide Provides basic information about how to configure a FortiGate unit including how to define FortiGate protection profiles and firewall policies how to apply intrusion prevention antivirus protect...

Страница 9: ...r Guide Explains how to configure a PPTP VPN using the web based manager FortiGate Certificate Management User Guide Contains procedures for managing digital certificates including generating certific...

Страница 10: ...Upgrade Guide for FortiOS v3 0 10 01 30000 0317 20060424 Customer service and technical support Introduction...

Страница 11: ...FortiLog name change LCD display changes Web based manager changes Web based manager changes Command Line Interface changes USB support Other Backing up configuration files You now have the option to...

Страница 12: ...w categorized and additional features added to better monitor your FortiGate unit Figure 3 System Dashboard of a FortiGate 60 Menu Fortigat NAT Standalone Menu Fortigat Transparent Standalone System I...

Страница 13: ...formation Also some FortiOS 2 80MR11 web based manager features have been moved to the CLI See the New features and changes on page 17 for information on these changes Firmware Version The current fir...

Страница 14: ...be aware of not included in the above sections or in New features and changes on page 17 Antivirus scanning blocking and quarantine is available for instant messaging file transfers with AIM MSN Yaho...

Страница 15: ...d forward You need to manually configure these settings after upgrading Lists from FortiOS 2 80MR11 cannot be restored in FortiOS 3 0 Make sure to document these lists before upgrading If you upgrade...

Страница 16: ...Upgrade Guide for FortiOS v3 0 16 01 30000 0317 20060424 Other Upgrade Notes...

Страница 17: ...e following documents to familiarize yourself the new features and changes FortiGate Administration Guide FortiGate CLI Reference The following topics are included in this section System Firewall VPN...

Страница 18: ...ed manager changes on page 12 for more information on the System Dashboard Sessions The Sessions information is now located in System Status Statistics Network The Network tab appears in the System me...

Страница 19: ...options available for backing up and restoring configuration files From this tab you can backup or restore a configuration file and select to encrypt the configuration file You also select your Local...

Страница 20: ...u enable this option you must log back into the web based manager to configure VDOM settings Both the web based manager and CLI change as follows to reflect VDOM Global and per VDOM configurations are...

Страница 21: ...distance vector routing protocol for small networks or similar networks OSPF is slightly different and is a link state routing protocol most often used in large networks to share networking informati...

Страница 22: ...nal options Protection Profile and Log Allowed Traffic When you select Traffic Shaping you can then select guaranteed bandwidth maximum bandwidth and the traffic priority Address The Address menu now...

Страница 23: ...enable this protocol through the CLI in the VPN chapter See the FortiGate CLI Reference for more information on SSL Also you can enable the use of digital certificates for authenticating remote client...

Страница 24: ...enables you to configure your FortiGate unit on a Windows Active Directory AD network so it can transparently authenticate the user without asking for their username and password From the Windows AD...

Страница 25: ...nd you can configure file and email size limits including grayware blocking Config The Config menu includes the Virus List and Grayware tabs The Config tab is now located in the CLI under Antivirus Se...

Страница 26: ...of the following menus It is now located under Intrusion Protection Content Block URL Filter FortiGuard Web Filter Content Block The Content Block menu has a new tab called Web Content Exempt URL Fil...

Страница 27: ...additional features for FortiGate 800 units and above In the Banned word list you can create new antispam banned word list view antispam banned word catalog You can also configure the following for th...

Страница 28: ...ender to the IP address in sequence when doing an IP address list check If the FortiGate unit finds a match the action associated with the IP address is taken If there is no match then the message pas...

Страница 29: ...a new menu Report Log Report consists of the following menus Log Config Log Access Report Log Config The Log Config menu has a new tab Event Log The Event Log tab enables you to choose the events you...

Страница 30: ...choose from over a thousand of FortiAnalyzer reports to display logs Also you can customize a default report for your FortiGate unit You can also select what you want included in your report from News...

Страница 31: ...oad and install to your SNMP management system SNMP traps and variables that used hyphens for example xxx yyy have dropped the hyphen and capitalized the second term xxxYyy The v3 0 MIB file also has...

Страница 32: ...e fnHaSchedule fnHaGroupID fnHaGroupID fnHaPriority No longer available fnHaOverride No longer available fnHaAutoSync No longer available Options fnOptAuthTimeout New fnOptionLanguage New fnOptLcdProt...

Страница 33: ...r configuration file s for FortiOS v2 80MR11 in either the web based manager or the CLI Backing up your configuration using the web based manager Use the following procedure to backup your current con...

Страница 34: ...rmware images such as FortiOS 2 80MR11 and FortiOS 3 0 for downgrading upgrading purposes Use the Fortinet Knowlege Center article 2 80MR11 to 3 0MR1 upgrade downgrade dual boot to configure a dual bo...

Страница 35: ...is running 2 Copy the new firmware image file to the root directory of the TFTP server 3 Log into the CLI 4 Make sure the FortiGate unit can connect to the TFTP server You can use the following comma...

Страница 36: ...ettings have been carried forward For example if you go to System Network Options you can see your DNS settings carried forward from your FortiOS v2 80MR11 configuration settings Even though your conf...

Страница 37: ...following procedure to backup your configuration onto your PC To backup your configuration to your PC 1 Go to System Maintenance Backup Restore 2 Select Local PC from Backup Configuration to list If...

Страница 38: ...ersion 2 Select Update 3 Type the location of the firmware version or select Browse 4 Select OK The following message appears The new image does not support CC mode Do you want to continue to upgrade...

Страница 39: ...of the firmware image file and tftp_ipv4 is the IP address of the TFTP server For example if the firmware image file name is image out and the IP address of the TFTP server er is 192 168 1 168 enter e...

Страница 40: ...assword for the configuration file 5 Type the location of the file or select Browse to locate the file 6 Select OK The FortiGate unit restores the configuration settings for FortiOS v2 80MR11 This may...

Страница 41: ...IP address of the TFTP server is 192 168 1 168 and the password is ghrffdt123 execute restore allconfig confall 192 168 1 168 ghrffdt123 The FortiGate unit responds with the message This operation wil...

Страница 42: ...Update Guide for FortiOS v3 0 42 01 30000 0317 20060424 Restoring your configuration Reverting to FortiOS v2 80MR11...

Страница 43: ...Center system menu 20 FortiLog name change 11 Fortinet customer service 9 documentation 8 Knowledge Center 9 I IM P2P menu statistics menu 29 user 29 intrusion protection protocol anomaly menu 26 sign...

Страница 44: ...11 USB support 14 web based manager 12 web based manager changes 13 upgrading 3 0 using the CLI 35 3 0 using web based manager 34 config using CLI 34 FortiGate unit to 3 0 34 using the web based mana...

Страница 45: ...www fortinet com...

Страница 46: ...www fortinet com...

Отзывы: