manualshive.com logo in svg

Fortinet FortiWiFi FortiWiFi-60B, Инструкция по установке

Fortinet FortiWiFi-60B это надежное и безопасное решение для вашей домашней или офисной сети. Установочное руководство доступно для бесплатного скачивания на нашем сайте. Подробная инструкция по установке и настройке обеспечит вам стабильное и защищенное подключение к интернету.

Поделиться
Скачать
background image

Advanced configuration 

Antivirus options

FortiWiFi-60B FortiOS 3.0 MR6 Install Guide
01-30006-0447-20080131

37

Configuring firewall policies

To add or edit a firewall policy go to 

Firewall > Policy

 and select Edit on an 

existing policy, or select Create New to add a policy.

The 

source and destination Interface/Zone

 match the firewall policy with the 

source and destination of a communication session. The Address Name matches 
the source and destination address of the communication session.

Schedule

 defines when the firewall policy is enabled. While most policies are 

always on, you can configure a firewall policy so that it is only on at specific times 
of the day. For example, you may want to block news and entertainment sites 
most of the day, except during lunch or after work, enabling your employees to 
only view those sites during non-working times.

Service

 matches the firewall policy with the service used by a communication 

session. This enables you to configure a policy for general web surfing and a 
different policy specifically for other traffic such as SMTP mail or FTP uploads and 
downloads.

Action

 defines how the FortiWiFi unit processes traffic. Specify an action to 

accept or deny traffic or configure a firewall encryption policy.

• Add ACCEPT policies that accept communication sessions. Using an accept 

policy, you can apply FortiWiFi features such as virus scanning and 
authentication to the communication session accepted by the policy.

• Add DENY policies to deny communication sessions.
• Add IPSec encryption policies to enable IPSec tunnel mode VPN traffic and 

SSL VPN encryption policies to enable SSL VPN traffic. Firewall encryption 
policies determine which types of IP traffic will be permitted during an IPSec or 
SSL VPN session.

Select 

Protection Profile

 to include apply a protection profile to the firewall policy 

for scanning of traffic passing through the FortiWiFi unit.

For details on the firewall policies features and settings, see the 

FortiGate 

Administration Guide

 or the FortiWiFi Online Help.

Antivirus options

The FortiWiFi unit’s antivirus configuration prevents malicious files from entering 
and infecting your network environment.

The FortiWiFi unit uses a number of processes to scan files to ensure unwanted 
files and potential attackers do not get through. The FortiWiFi unit scans using 
these antivirus options:

• File pattern - The FortiWiFi will check the file against the file pattern setting you 

have configured. You can set which file names or file types the FortiWiFi unit 
looks for in the incoming traffic.

• Virus scan - The virus definitions are kept up to date through the FortiNet 

Distribution Network. The list is updated on a regular basis so you do not have 
to wait for a firmware upgrade. Note that you must register the FortiWiFi unit to 
and purchase FortiGuard services to use virus scanning through the FDN.

Содержание FortiWiFi FortiWiFi-60B

Страница 1: ...www fortinet com FortiWiFi 60B FortiOS 3 0 MR6 I N S T A L L G U I D E...

Страница 2: ...evention System DTPS APSecure FortiASIC FortiBIOS FortiBridge FortiClient FortiGate FortiGate Unified Threat Management System FortiGuard Antispam FortiGuard Antivirus FortiGuard Intrusion FortiGuard...

Страница 3: ...utions and warnings 14 Grounding 14 Rack mount instructions 14 Mounting 14 Setting up a wireless network 15 Radio Frequency interface 16 Using multiple access points 16 Plugging in the FortiWiFi 17 Co...

Страница 4: ...y the configuration 31 Backing up the configuration 31 Restoring a configuration 32 Additional configuration 32 Set the time and date 32 Set the Administrator password 32 Configure FortiGuard 33 Updat...

Страница 5: ...it as a client 51 Change to Client mode 51 Configure the wireless settings 52 Configure the address and default gateway 52 Set the default gateway 52 Configure the firewall policies 52 Configuring the...

Страница 6: ...8 Reverting to a previous version 69 Installing firmware from a system reboot using the CLI 70 Restoring the previous configuration 72 Backup and Restore from a USB key 72 Using the USB Auto Install 7...

Страница 7: ...Management System uses Fortinet s Dynamic Threat Prevention System DTPS technology which leverages breakthroughs in chip design networking security and content analysis The unique ASIC based architec...

Страница 8: ...FortiWiFi 60B supports a wide range of 3G wireless PC Cards to provide an ideal wireless broadband and wireless LAN gateway Figure 1 FortiWiFi 60B About this document This document explains how to in...

Страница 9: ...tiWiFi unit FortiGate Administration Guide Provides basic information about how to configure a FortiWiFi unit including how to define FortiWiFi protection profiles and firewall policies how to apply i...

Страница 10: ...by step instructions for configuring IPSec VPNs using the web based manager FortiGate SSL VPN User Guide Compares FortiGate IPSec VPN and FortiGate SSL VPN technology and describes how to configure w...

Страница 11: ...and technical support Fortinet Technical Support provides services designed to make sure that your Fortinet systems install quickly configure easily and operate reliably in your network Please visit...

Страница 12: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 12 01 30006 0447 20080131 Customer service and technical support Introduction...

Страница 13: ...re that the appliance has at least 1 5 in 3 75 cm of clearance on each side to allow for adequate air flow and cooling This device complies with part FCC Class A Part 15 UL CUL C Tick CE and VCCI Oper...

Страница 14: ...he rack environment may be greater than room ambient Therefore consideration should be given to installing the equipment in an environment compatible with the maximum ambient temperature Tma specified...

Страница 15: ...g the FortiWiFi on the nails or screws from the brackets Setting up a wireless network When placing the FortiWiFi access point AP your main concern is providing a strong signal to all users A strong s...

Страница 16: ...ireless devices at least 10 feet away from appliances such as microwave ovens and cordless phones If you must have a cordless phone select one that does not use the 2 4GHz frequency range for b g or 5...

Страница 17: ...e back of the FortiGate unit 2 Connect the AC adapter to the power cable 3 Connect the power cable to a power outlet The FortiGate unit starts and the Power and Status LEDs light up The Status LEDs fl...

Страница 18: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 18 01 30006 0447 20080131 Turning off the FortiWiFi unit Installing...

Страница 19: ...ode and Transparent mode Both include the same robust network security features such as antispam antivirus VPN and firewall policies NAT mode In NAT Route mode the FortiWiFi unit is visible to the net...

Страница 20: ...using the web based manger a GUI interface using a current web browser such as FireFox or Internet Explorer using the command line interface CLI a command line interface similar to DOS or UNIX command...

Страница 21: ...e FortiWiFi unit redirects the connection This is an informational message Select OK to continue logging in 4 Type admin in the Name field and select Login Connecting to the CLI To connect to the Fort...

Страница 22: ...gateway retrieved from the DHCP server The administrative distance specifies the relative priority of a route when there are multiple routes to the same destination A lower administrative distance ind...

Страница 23: ...oute is called the static default route If no other routes are present in the routing table and a packet needs to be forwarded beyond the FortiWiFi unit the factory configured static default route cau...

Страница 24: ...tiWiFi interfaces Firewall policies define how the FortiWiFi unit processes the packets in a communication session You can configure the firewall policies to allow only specific traffic users and spec...

Страница 25: ...onnecting to the CLI on page 21 before beginning Configure the interfaces When shipped the FortiWiFi unit has a default address of 192 168 1 99 and a netmask of 255 255 255 0 for either the Port 1 or...

Страница 26: ...he autosvr to enable you do not have to configure the primary or secondary DNS server IP addresses Adding a default route and gateway A route provides the FortiWiFi unit with the information it needs...

Страница 27: ...verify your configuration is working On lower end units such a default firewall policy is already in place For the higher end FortiWiFi units you will need to add a firewall policy The following steps...

Страница 28: ...one book for the Internet A DNS server matches domain names with the computer IP address This enables you to use readable locations such as fortinet com when browsing the Internet DNS server IP addres...

Страница 29: ...the CLI you can use the following procedures to complete the basic configuration of the FortiWiFi unit Ensure you read the section Connecting to the CLI on page 21 before beginning Switching to Transp...

Страница 30: ...unit process the packets in a communication session You can configure the firewall policies to allow only specific traffic users and specific times when traffic is allowed For the initial installatio...

Страница 31: ...acking up the configuration you ensure that if you need to reset the FortiWiFi unit for whatever reason you will be able to quickly return it to operation with minimal effort To back up the FortiWiFi...

Страница 32: ...not mandatory they will help in ensuring better control with the firewall Set the time and date For effective scheduling and logging the FortiGate system date and time must be accurate You can either...

Страница 33: ...ed your FortiWiFi unit you can update antivirus and IPS signatures The FortiGuard Center enables you to receive push updates allow push update to a specific IP address and schedule updates for daily w...

Страница 34: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 34 01 30006 0447 20080131 Additional configuration Configuring...

Страница 35: ...spam filtering content archiving instant messaging filtering and access control P2P access and bandwidth control logging options for policies and configurations within the policies rate limiting for V...

Страница 36: ...firewall action for the connection The action can be to allow the connection deny the connection require authentication before the connection is allowed or process the packet as an IPSec VPN connecti...

Страница 37: ...ou can apply FortiWiFi features such as virus scanning and authentication to the communication session accepted by the policy Add DENY policies to deny communication sessions Add IPSec encryption poli...

Страница 38: ...AntiVirus Config Grayware Antivirus settings are turned on in the protection profile In the protection profile you can enable antivirus options for specific services and which services will use the fi...

Страница 39: ...the email address of the message s sender to the email address list in sequence If a match is found the action associated with the email address is taken If no match is found the message is passed to...

Страница 40: ...You need to have a FortiGuard subscription to take advantage of FortiGuard web filtering The FortiWiFi unit also enables you to override the FortiGuard filtering designation and you can add your own T...

Страница 41: ...reless network FortiWiFi operation modes Wireless Security Setting up the FortiWiFi unit as an access point Setting up the FortiWiFi unit as a client Setting up a wireless network In its simplest form...

Страница 42: ...Radio frequency RF interference occurs when other devices send RF signals during their normal operation that use the same frequency as the FortiWiFi unit Wireless devices such as cordless phones micr...

Страница 43: ...multiple access points set each FortiWiFi unit to a different channel to avoid interference in areas where signals from both FortiWiFi units can be received FortiWiFi operation modes The FortiWiFi uni...

Страница 44: ...does not have a wired infrastructure For example in a warehouse where shipping and receiving are on opposite sides of the building running cables is not an option due to the warehouse environment The...

Страница 45: ...mation from being intercepted by unwanted sources These are Wireless Equivalent Privacy WEP and WiFi Protected Access WPA WPA2 encryption Wireless encryption is only used between the wireless device a...

Страница 46: ...key being used In a network setup where a RADIUS server is not a viable option WPA also provides authentication with preshared keys using Temporal Key Integrity Protocol TKIP Using TKIP the encryptio...

Страница 47: ...tings 2 Select the WLAN interface 3 Clear SSID Broadcast and select OK Setting up the FortiWiFi unit as an access point This section describes how to configure the FortiWiFi unit as an access point to...

Страница 48: ...a MAC address will use an IP address before it is released to the address pool If you have a large number of users connecting you will want to use a shorter lease time Advanced Use only to specify se...

Страница 49: ...dresses and select to Allow or Deny them from the wireless network 8 Select OK Address Mode Enter a static IP and netmask for the interface DHCP and PPPoE are not available on a wireless interface Adm...

Страница 50: ...nistration Guide To create and outgoing firewall policy 1 Go to Firewall Policy 2 Select the blue arrow for WLAN to WAN1 3 Select Create New Configure the following settings and select OK Next create...

Страница 51: ...eless client As a client the FortiWiFi connects to another access point to connect to the Internet All other ports on the FortiWiFi are used to connect a remote network In simple terms it is a wireles...

Страница 52: ...is the next hop for data packets leaving the FortiWiFi unit You need to add the default gateway to ensure traffic will get out to the Internet In this case it is the wireless WLAN port of the access...

Страница 53: ...ue arrow for Internal to WLAN 6 Select Create New Configure the following settings and select OK Interface Zone Source WLAN Interface Zone Destination Internal Address Name Source All Address Name Des...

Страница 54: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 54 01 30006 0447 20080131 Setting up the FortiWiFi unit as a client Using a wireless network...

Страница 55: ...ative access through the modem port Configuring the PCMCIA modem card Selecting a modem mode The modem interface can work in one of two modes redundant and stand alone mode To select an operational mo...

Страница 56: ...lone and Redundant Note Do not add firewall policies for connections between the Ethernet interface that the modem replaces and other interfaces Note Do not add a default route to the Ethernet interfa...

Страница 57: ...erface after the primary interface has been restored Configure a higher value if you find the FortiWiFi unit switching repeatedly between the primary interface and the modem interface Redial Limit The...

Страница 58: ...et idle timer minutes set interface name set mode redudant standalone set modem dev1 internal pcmica wireless set modem dev2 internal pcmica wireless set modem dev3 internal pcmica wireless set passwd...

Страница 59: ...WiFi unit is restarted This is available only when dial on demand is set to disabled and mode is set to standalone disable connect timeout seconds Set the connection completion timeout 30 255 seconds...

Страница 60: ...t to the Internet standalone modem dev1 internal pcmica wireless Set the modem type for the selected dialup account internal modem dev2 internal pcmica wireless Set the modem type for the selected dia...

Страница 61: ...dialup account Do not add spaces to the phone number Make sure to include standard special characters for pauses country codes and other functions as required by your modem to connect to your dialup...

Страница 62: ...work Interface 2 Choose an interface and select Edit 3 Set Ping Server to the IP address of the next hop router on the network connected to the interface 4 Select the Enable check box 5 Select OK to s...

Страница 63: ...odem connection using the standard connection options available to the other FortiWiFi ports telnet ssh http https and ping To enable administrative access on the modem interface 1 Go to System Interf...

Страница 64: ...em interface 7 If a security pin is required enter in the Extra Initialization String field in the following format at cpin 5555 where 5555 is the pin provided to you by your ISP 8 Select Apply Create...

Страница 65: ...tem reboot using the CLI Testing new firmware before installing Downloading firmware Firmware images for all FortiWiFi units is available on the Fortinet Customer Support web site You must register yo...

Страница 66: ...able to restore the previous configuration from the backup configuration file To revert to a previous firmware version 1 Copy the firmware image file to the management computer 2 Log into the FortiWi...

Страница 67: ...ur system settings before shutting down or rebooting your FortiWiFi unit To configure the USB Auto Install 1 Go to System Maintenance Backup and Restore 2 Select the blue arrow to expand the Advanced...

Страница 68: ...FortiWiFi unit can connect to the TFTP server You can use the following command to ping the computer running the TFTP server For example if the IP address of the TFTP server is 192 168 1 168 execute...

Страница 69: ...sure the FortiWiFi unit can connect to the TFTP server You can use the following command to ping the computer running the TFTP server For example if the TFTP server s IP address is 192 168 1 168 exec...

Страница 70: ...To use this procedure you must connect to the CLI using the FortiWiFi console port and a RJ 45 to DB 9 or null modem cable This procedure reverts the FortiWiFi unit to its factory default configuratio...

Страница 71: ...erver F Format boot device Q Quit menu and continue to boot with default firmware H Display this list of options Enter G F Q or H 8 Type G to get to the new firmware image form the TFTP server The fol...

Страница 72: ...SB port To backup configuration using the CLI 1 Log into the CLI 2 Enter the following command to backup the configuration files exec backup config usb filename 3 Enter the following command to check...

Страница 73: ...ng the new firmware image with the current configuration This new firmware image is not permanently installed The next time the FortiWiFi unit restarts it operates with the originally installed firmwa...

Страница 74: ...es appears Press any key to display configuration menu 7 Immediately press any key to interrupt the system startup If you successfully interrupt the startup process the following messages appears G Ge...

Страница 75: ...e following appears Save as Default firmware Backup firmware Run image without saving D B R 12 Type R The FortiWiFi image is installed to system memory and the FortiWiFi unit starts running the new fi...

Страница 76: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 76 01 30006 0447 20080131 Testing new firmware before installing FortiWiFi Firmware...

Страница 77: ...62 default adding a route 23 26 default route 23 26 DHCP 25 wireless 47 dial now button 56 dial on demand 57 dial on demand system modem 59 distance system modem 59 DNS override 22 document convention...

Страница 78: ...redial system modem 61 redial limit 57 redundant mode configuring 55 registering 7 restore 32 restoring previous firmware configuration 72 reverting firmware 66 routing table priority 61 RSA RC4 45 S...

Страница 79: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 79 01 30006 0447 20080131 Index DHCP settings 47 network name 47 security 45 Wireless Equivalent Privacy WEP 45...

Страница 80: ...FortiWiFi 60B FortiOS 3 0 MR6 Install Guide 80 01 30006 0447 20080131 Index...

Страница 81: ...www fortinet com...

Страница 82: ...www fortinet com...

Отзывы:

Нет отзывов

Похожие инструкции для FortiWiFi FortiWiFi-60B

SAINT-GOBAIN SageGlass 300-1194-001 Product Sheet preview
SageGlass 300-1194-001
Бренд: SAINT-GOBAIN Страницы: 2
Watchguard Firebox NV5 Hardware Manual preview
Firebox NV5
Бренд: Watchguard Страницы: 11
NETGEAR ProSafe FVS114 Specifications preview
ProSafe FVS114
Бренд: NETGEAR Страницы: 2
NETGEAR FVX538v1 - ProSafe VPN Firewall Dual WAN Specifications preview
FVX538v1 - ProSafe VPN Firewall Dual WAN
Бренд: NETGEAR Страницы: 2
Mackie D.2 Instalation Instructions preview
D.2
Бренд: Mackie Страницы: 4
PaloAlto Networks PA-3200 Series Hardware Reference Manual preview
PA-3200 Series
Бренд: PaloAlto Networks Страницы: 54
Dat Optic eBOX-F Manual preview
eBOX-F
Бренд: Dat Optic Страницы: 19
Dell NSA E8500 Getting Started Manual preview
NSA E8500
Бренд: Dell Страницы: 74
Dell SonicWALL NSA 6600 Getting Started Manual preview
SonicWALL NSA 6600
Бренд: Dell Страницы: 57
Dell SonicWALL Administration Manual preview
SonicWALL
Бренд: Dell Страницы: 49
Dell SonicWALL GX250 Manual preview
SonicWALL GX250
Бренд: Dell Страницы: 200
One Identity Privileged Passwords 2000 Setup Manual preview
Privileged Passwords 2000
Бренд: One Identity Страницы: 20
BuildingLink KeyLink Product Specifications & Setup Manual preview
KeyLink
Бренд: BuildingLink Страницы: 20
Fidelis Direct 100 Quick Start Manual preview
Direct 100
Бренд: Fidelis Страницы: 14
Global Technology Associates GB-800 Brochure preview
GB-800
Бренд: Global Technology Associates Страницы: 2
Juniper NS-2G24FE Manual preview
NS-2G24FE
Бренд: Juniper Страницы: 17
H3C F1000-AI-20 Manual preview
F1000-AI-20
Бренд: H3C Страницы: 44

Бренды по названию

Популярные бренды

Загрузить еще бренды