Fortinet FortiWiFi 60 Скачать руководство пользователя | Manualshive

Страница: 42 / 76

background image

42

01-28008-0030-20050128

Fortinet Inc.

Preparing to configure the FortiGate unit in NAT/Route mode

NAT/Route mode installation

DHCP or PPPoE configuration

You can configure any FortiGate interface to acquire its IP address from a DHCP or
PPPoE server. Your ISP may provide IP addresses using one of these protocols.

To use the FortiGate DHCP server, you need to configure an IP address range and
default route for the server. No configuration information is required for interfaces that
are configured to use DHCP.

PPPoE requires you to supply a user name and password. In addition, PPPoE
unnumbered configurations require you to supply an IP address. Use

Table 8

to

record the information you require for your PPPoE configuration.

Table 7: NAT/Route mode settings

Administrator Password:

Internal

IP:

_____._____._____._____

Netmask:

_____._____._____._____

WAN1

IP:

_____._____._____._____

Netmask:

_____._____._____._____

WAN2

IP:

_____._____._____._____

Netmask:

_____._____._____._____

DMZ

IP:

_____._____._____._____

Netmask:

_____._____._____._____

WLAN

IP:

_____._____._____._____

Netmask:

_____._____._____._____

Network settings

Default Gateway:

_____._____._____._____

Interface connected to

external network (usually

wan1):

A default route consists of a default gateway and the name of the

interface connected to the external network (usually the Internet).

The default gateway directs all non-local traffic to this interface and

to the external network.

Primary DNS Server:

_____._____._____._____

Secondary DNS Server:

_____._____._____._____

Table 8: PPPoE settings

User name:
Password:

«
...
40
41
42
43
44
...
»

Содержание FortiWiFi 60

Страница 1: ...iWiFi 60 Installation and Configuration Guide INTERNAL DMZ 4 3 2 1 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 LINK 100 WAN1 WAN2 PWR WLAN Version 2 80 MR8 28 January 2005 01 28008 0030 2005...

Страница 2: ...rior written permission of Fortinet Inc FortiWiFi 60 Installation Guide Version 2 80 MR8 28 January 2005 01 28008 0030 20050128 Trademarks Products mentioned in this document are trademarks or registe...

Страница 3: ...te unit power on and off 17 Connecting to the web based manager 19 Connecting to the command line interface CLI 20 Quick installation using factory defaults 21 Factory default FortiGate configuration...

Страница 4: ...FortiGate unit to operate in NAT Route mode 44 Using the setup wizard 47 Starting the setup wizard 48 Connecting the FortiGate unit to the network s 48 Configuring the networks 50 Configuring the Mode...

Страница 5: ...cluster 67 Configuring the modem interface 69 Selecting a modem mode 69 Redundant mode configuration 69 Standalone mode configuration 70 Configuring modem settings 71 Connecting and disconnecting the...

Страница 6: ...Contents 6 01 28008 0030 20050128 Fortinet Inc...

Страница 7: ...everages breakthroughs in chip design networking security and content analysis The unique ASIC based architecture analyzes content and behavior in real time enabling key applications to be deployed ri...

Страница 8: ...sed manager Using HTTP or a secure HTTPS connection from any computer running Internet Explorer you can configure and manage the FortiGate unit The web based manager supports multiple languages You ca...

Страница 9: ...rtiGate unit The wizard walks through the configuration of a new administrator password FortiGate interfaces DHCP server settings internal servers web FTP etc and basic antivirus settings Document con...

Страница 10: ...all the options you want to apply and excluding all the options you want to remove FortiGate documentation Information about FortiGate products is available from the following guides FortiGate QuickSt...

Страница 11: ...ical documentation is available from the Fortinet Knowledge Center The knowledge center contains short how to articles FAQs technical notes product and feature guides and much more Visit the Fortinet...

Страница 12: ...web based manager as you work FortiMail Web Mail Online Help Describes how to use the FortiMail web based email client including how to send and receive email how to add import and export addresses an...

Страница 13: ...il address Telephone number FortiGate unit serial number FortiGate model FortiGate FortiOS firmware version Detailed description of the problem amer_support fortinet com For customers in the United St...

Страница 14: ...14 01 28008 0030 20050128 Fortinet Inc Customer service and technical support Introduction...

Страница 15: ...p and powering on a FortiGate Antivirus Firewall unit This section includes Package contents Mounting Turning the FortiGate unit power on and off Connecting to the web based manager Connecting to the...

Страница 16: ...air flow and cooling Dimensions 8 63 x 6 13 x 1 38 in 21 9 x 15 6 x 3 5 cm Weight 1 5 lb 0 68 kg Power requirements DC input voltage 12 V DC input current 3 A Null Modem Cable RS 232 Ethernet Cables O...

Страница 17: ...ughput and range Follow these basic guidelines to ensure the best possible performance Install the access point in an area where large steel structures such as shelving units bookcases and filing cabi...

Страница 18: ...nit is powered off Status Green The FortiGate unit is starting up Off The FortiGate unit is running normally Link Internal DMZ WAN1 WAN2 Green The correct cable is in use and the connected equipment h...

Страница 19: ...t connection to the static IP address 192 168 1 2 with a netmask of 255 255 255 0 You can also configure the management computer to obtain an IP address automatically using DHCP The FortiGate DHCP ser...

Страница 20: ...nications port of your computer and to the FortiGate Console port 2 Make sure that the FortiGate unit is powered on 3 Start HyperTerminal enter a name for the connection and select OK 4 Configure Hype...

Страница 21: ...er IP addresses added to the FortiGate unit configuration and returns lookup results to the internal network For more information about default DHCP server settings see Factory default DHCP server con...

Страница 22: ...e the FortiGate unit in Transparent mode you can switch to Transparent mode from the factory default configuration and then configure the FortiGate unit onto the network in Transparent mode Once the n...

Страница 23: ...terface responds to ping requests Table 3 FortiGate DHCP Server default configuration Name internal_dhcp_server Interface Internal Default Gateway 192 168 1 99 IP Range 192 168 1 110 192 168 1 210 Net...

Страница 24: ...llowing firewall configuration settings are included in the default firewall configuration to make it easier to add firewall policies Network Settings Default Gateway for default route 192 168 100 1 I...

Страница 25: ...on traffic between trusted internal addresses might need moderate protection You can configure firewall policies for different traffic services to use the same or different protection profiles Protect...

Страница 26: ...plan depends on the operating mode that you select The FortiGate unit can be configured in one of two modes NAT Route mode the default or Transparent mode You can also configure the FortiGate unit an...

Страница 27: ...ased on the source address destination address and service of each packet In NAT mode the FortiGate unit performs network address translation before it sends the packet to the destination network In R...

Страница 28: ...ate network and the external public network usually the Internet If you have multiple internal networks such as one or more DMZ networks in addition to the internal private network you can create rout...

Страница 29: ...e web based manager Setup Wizard guides you through the initial configuration steps Use the Setup Wizard to configure the administrator password the interface addresses the default gateway address and...

Страница 30: ...ate in Transparent mode you can switch to Transparent mode from the web based manager and then use the setup wizard to add the administration password the management IP address and gateway and the DNS...

Страница 31: ...ake your wireless network as efficient as possible This chapter includes Setting up a wireless network Wireless Security FortiWiFi 60 operation modes Setting up the FortiWiFi 60 as an Access Point Set...

Страница 32: ...ysical interference you may encounter dead spots that receive no signals Ensure the FortiWiFi 60 AP is located in a prominent location within a room for maximum coverage rather than in a corner Constr...

Страница 33: ...need to use multiple FortiWiFi 60 APs to help distribute the radio signal around the room Figure 10 shows how positioning two FortiWiFi 60 APs within a uniquely shaped office space helps to distribut...

Страница 34: ...lly error prone Consequently keys are rarely changed over months or years leaving a hacker plenty of time to get the key and gain access to the network In small wireless networking environments activa...

Страница 35: ...more difficult for a hacker using random MAC addresses or spoofing a MAC address to gain access to your network Service Set Identifier The Service Set Identifier SSID is the network name shared by all...

Страница 36: ...in a warehouse where shipping and receiving are on opposite sides of the building Running cables is not an option due to the warehouse environment The FortiWiFi 60 unit can support wired users using i...

Страница 37: ...reless security features to provide a secure wireless environment This section contains the following steps Log into the web based manager Set the DHCP settings Set the security options Configure the...

Страница 38: ...a DHCP server you need to configure the DHCP server settings To configure a DHCP server for an interface 1 Go to System DHCP Server 2 Select Create New 3 Enter a name for the DHCP server 4 Select the...

Страница 39: ...WAN2 interfaces The following example creates a policy from the wireless clients WLAN interface to the Internet WAN1 interface using traffic shaping firewall authentication and the default Strict cont...

Страница 40: ...40 01 28008 0030 20050128 Fortinet Inc Setting up the FortiWiFi 60 as an Access Point Using a wireless network...

Страница 41: ...g the setup wizard Connecting the FortiGate unit to the network s Configuring the networks Configuring the modem interface Next steps Preparing to configure the FortiGate unit in NAT Route mode Use Ta...

Страница 42: ...u require for your PPPoE configuration Table 7 NAT Route mode settings Administrator Password Internal IP _____ _____ _____ _____ Netmask _____ _____ _____ _____ WAN1 IP _____ _____ _____ _____ Netmas...

Страница 43: ...an interface 3 Set the addressing mode for the interface Choose from manual DHCP or PPPoE 4 Complete the addressing configuration For manual addressing enter the IP address and netmask for the interfa...

Страница 44: ...t Mask to 0 0 0 0 6 Set Gateway to the default gateway IP address 7 Set Device to the interface connected to the external network 8 Select OK Using the command line interface You can also configure th...

Страница 45: ...u recorded in Table 7 on page 42 To set the static IP address and netmask enter config system interface edit wan1 set mode static set ip address_ip netmask end Example config system interface edit wan...

Страница 46: ...add a default route Add a default route to configure where the FortiGate unit sends traffic that should be sent to an external network usually the Internet Adding the default route also defines which...

Страница 47: ...additional settings that you can configure with the setup wizard See Table 7 on page 42 and Table 8 on page 42 for other settings Table 9 Setup wizard settings Password Prepare an administrator passw...

Страница 48: ...locking and blocking of oversize email for HTTP FTP IMAP POP3 and SMTP Add this protection profile to a default firewall policy Medium Create a protection profile that enables virus scanning for HTTP...

Страница 49: ...network The Internal interface functions as a switch allowing up to four devices to be connected to the internal network and the internal interface 2 Connect the WAN1 interface to the Internet Connect...

Страница 50: ...eway address of all computers and routers connected directly to your DMZ network to the IP address of the FortiGate DMZ interface For the external network route all packets to the FortiGate WAN1 or WA...

Страница 51: ...Gate Administration Guide for complete information on configuring monitoring and maintaining the FortiGate unit To set the date and time For effective scheduling and logging the FortiGate system date...

Страница 52: ...figure the FortiGate unit to automatically keep virus grayware and attack definitions up to date 1 Go to System Maintenance Update Center 2 Select Refresh to test the FortiGate unit connectivity with...

Страница 53: ...nt mode see Planning the FortiGate configuration on page 26 This chapter describes Preparing to configure Transparent mode Using the web based manager Using the command line interface Using the setup...

Страница 54: ...management computer to 10 10 10 2 Connect to the internal or DMZ interface and browse to https followed by the Transparent mode management IP address The default FortiGate Transparent mode management...

Страница 55: ...b based manager by browsing to https 10 10 10 1 If you connect to the management interface through a router make sure that you have added a default gateway for that router to the management IP default...

Страница 56: ...ystem manageip set ip 10 10 10 2 255 255 255 0 end 3 Confirm that the address is correct Enter get system manageip The CLI lists the management IP address and netmask To configure DNS server settings...

Страница 57: ...nt computer to 10 10 10 2 Connect to the internal or DMZ interface and browse to https followed by the Transparent mode management IP address The default FortiGate Transparent mode management IP addre...

Страница 58: ...nt mode 1 Connect the Internal interface connectors to PCs and other network devices in your internal network The Internal interface functions as a switch allowing up to four devices to be connected t...

Страница 59: ...tem date and time 6 Set the hour minute second month day and year as required 7 Select Apply To use NTP to set the FortiGate date and time 1 Go to System Config Time 2 Select Synchronize with NTP Serv...

Страница 60: ...e FDN the FortiGate unit default route must point to a network such as the Internet to which a connection to the FDN can be established If FortiProtect Distribution Network changes to Available then t...

Страница 61: ...steps for changing the priorities of heartbeat devices or for configuring monitor priorities settings Both of these HA settings should be configured after the cluster is up and running Configuring For...

Страница 62: ...in the cluster get the same virtual MAC address This virtual MAC address is set according to the group ID Group ID MAC Address 0 00 09 0f 06 ff 00 1 00 09 0f 06 ff 01 2 00 09 0f 06 ff 02 3 00 09 0f 06...

Страница 63: ...ches select Least connection to distribute traffic to the cluster unit with the fewest concurrent connections Round Robin Round robin load balancing If the FortiGate units are connected using switches...

Страница 64: ...ce all of the units are configured continue with Connecting the cluster to your networks on page 65 11 If you are configuring a Transparent mode cluster reconnect to the web based manager You may have...

Страница 65: ...he FortiGate units in the cluster Once all of the units are configured continue with Connecting the cluster to your networks on page 65 3 If you are configuring a Transparent mode cluster switch the F...

Страница 66: ...each FortiGate unit to a switch or hub connected to your internal network Connect the WAN1 interfaces of each FortiGate unit to a switch or hub connected to your external network Connect the DMZ inte...

Страница 67: ...the FortiGate units in the cluster are synchronized so that the FortiGate units can function as a cluster Because of this synchronization you configure and manage the HA cluster instead of managing th...

Страница 68: ...68 01 28008 0030 20050128 Fortinet Inc Installing and configuring the cluster High availability installation...

Страница 69: ...ngs Connecting and disconnecting the modem in Standalone mode Defining a Ping Server Adding firewall policies for modem connections Selecting a modem mode The external modem when connected to the Fort...

Страница 70: ...account The modem interface operates as the primary connection to the Internet The FortiGate unit routes traffic through the modem interface which remains permanently connected to the dialup account...

Страница 71: ...FortiGate interface that the modem is redundant for Figure 17 Modem settings Standalone and Redundant Enable Modem or Enable USB Modem Select to enable the FortiGate modem Depending on the model the m...

Страница 72: ...ut Standalone mode only Enter the timeout duration in minutes After this period of inactivity the modem disconnects Holddown Timer Redundant mode only Enter the time 1 60 seconds that the FortiGate un...

Страница 73: ...interface To add a ping server to an interface 1 Go to System Network Interface 2 Choose an interface and select Edit 3 Set Ping Server to the IP address of the next hop router on the network connecte...

Страница 74: ...or modem connections The modem interface requires firewall addresses and policies You can add one or more addresses to the modem interface For information about adding addresses see the FortiGate Admi...

Страница 75: ...figuring Transparent mode 56 default route 23 dial now 71 dial on demand 72 E encryption 34 WEP 34 WPA 34 environmental specifications 17 F firewall policies 39 modem 74 firewall setup wizard 8 43 47...

Страница 76: ...et time 51 59 setup wizard 43 47 54 57 starting 43 48 54 57 SSID 35 broadcasting 35 standalone mode configuring 70 modem 69 70 starting IP DHCP 23 synchronize with NTP server 51 59 T technical support...

Отзывы:

Нет отзывов

Похожие инструкции для FortiWiFi 60

Бренд: Forcepoint Страницы: 12

Бренд: SonicWALL Страницы: 38

FortiGate 310B-LENC

Бренд: Fortinet Страницы: 2

Бренд: Blockbit Страницы: 29

Бренд: Cisco Страницы: 796

Бренд: Lanner Страницы: 64

Бренд: Triton Страницы: 26

Amphion S14-H Green Box

Бренд: ei3 Страницы: 26

Symantec PacketShaper PS-S200

Бренд: Broadcom Страницы: 6

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды