Fortigate firewall how to
8
FORTIGATE FIREWALL HOW TO INITIAL CONFIGURATION www.ipmax.it
-
Upload
ipmax-srl -
Category
Self Improvement
-
view
1.268 -
download
7
description
How to perform the initial configuration of a FortiGate Firewall
Transcript of Fortigate firewall how to
FORTIGATE FIREWALL HOW TOINITIAL CONFIGURATION
www.ipmax.it
VIRTUAL LAB
LAN segment 1
Firewall Port 2 – bridged to the physical machine
network port
External network – to the Internet
FortiGate VM
Firewall port 1 – configured on VMware
LAN segment 1
Virtual machine with Ethernet port on Vmware
LAN segment 1
The FortiGate firewall is available not only as an appliance but also as a virtual machine, the Fortigate VM. The following virtual lab will be used in the following examples.
This scenario is very simple, so it could be used to easily learn how to configure the FortiGate firewall.
FORTIGATE VM INITIAL CONFIGURATIONWe will assume that the reader has already installed the virtual machine on its PC and he/she hasgenerated a valid license.When the machine has already been started up, we can only configure it through the console: a login isrequired.Enter username admin and no password.
In order to have the web interface available, some basic commands are required. These commands willpermit to configure an IP address to the machine and activate the license on the Internet.The license file should be downloaded to the machine using TFTP, so a TFTP server should beconfigured.The IP addresses used in the following are chosen as an example; you are free to change them.
Let’s start with the initial configuration!
FORTIGATE VM INITIAL CONFIGURATION -CONTINUED
# On the CLI, configure port 1 (only port 1 is already configured for device management). Port 1 will be connected to the PC used to configure the device and then to the internal network. All ports are already in administrative status up.
config system interface
edit port1
set ip 192.168.255.1 255.255.255.0
end
# Now we can leave the console and start to use an SSH terminal. Connect port 1 to your PC Ethernet port and configure it with a static IP address on the same subnet you configured on port 1 of the firewall.
# Now we will configure port 2 to connect it to Internet. In this case we will use a DHCP configuration as an example.
config system interface
edit port2
set mode dhcp
set defaultgw enable #We use the default gateway received by DHCP
end
FORTIGATE VM INITIAL CONFIGURATION -CONTINUED
# In case we chose to use a static IP address, the configuration will be
config system interfaceedit port2set ip 172.16.255.2 255.255.255.0
end
# In this case we should configure a static default route.
config router staticedit 1
set device port2set gateway 172.16.255.1
end
#So, verify the connectivity and the DNS configuration.
execute ping fortinet.com
#We download the license file from our TFTP server (with IP address 192.168.255.2, for example).
execute restore vmlicense tftp FGVMXXXXXXXXXXXX.lic 192.168.255.2
FORTIGATE VM INITIAL CONFIGURATION -CONTINUEDNow we can connect to the firewall using the web interface (user admin and no password). The activation process is not immediate, so the following page will be shown.
If we want to speed up the process, the following CLI command could be used:execute update-nowWhen the activation procedure is completed, we will be able to connect to the device’s web interface.
IPMAX
IPMAX is a Fortinet Partner in Italy.IPMAX is the ideal partner for companies seeking quality in products and services. IPMAX guarantees method and professionalism to support its customers in selecting technologies with the best quality / price ratio, in the design, installation, commissioning and operation.
IPMAX srlVia Ponchielli, 420063 Cernusco sul Naviglio (MI) – Italy+39 02 9290 9171
