3 déc 2004 · Describes how to configure the FortiGate Intrusion Prevention System settings and how the FortiGate IPS deals with some common attacks
Previous PDF | Next PDF |
[PDF] FortiGate-200 Administration Guide - Andover Consulting Group
3 déc 2004 · Describes how to configure the FortiGate Intrusion Prevention System settings and how the FortiGate IPS deals with some common attacks
[PDF] FortiOS 6011 Release Notes - Fortinet Knowledge Base
6 oct 2020 · Once the FortiGate is upgraded to a patched version, any factory reset will change the default FortiGuard settings to those above—protocol
[PDF] FortiManager Release Notes, v623 - Fortinet Knowledge Base
30 mar 2020 · Newly deployed, factory reset, or disk format may trigger upgrade code on FortiManager 6 2 3 and FortiOS 6 0 9 compatibility issues 29
[PDF] FortiManager Release Notes, v627 - Fortinet Knowledge Base
18 nov 2020 · Newly deployed, factory reset, or disk format may trigger upgrade code on FortiManager 6 2 3 and FortiOS 6 0 9 compatibility issues 31
[PDF] Fortinet Recommended Security Best Practices
2 fév 2018 · Initial security checks available with FortiOS 5 6 0 should be removed, including all default accounts, passwords and management settings
[PDF] FortiOS 620 Release Notes - Fortinet Knowledge Base
28 mar 2019 · FortiGuard update-server-location setting Updated Changes in default behavior > System > Devices FGT-200E in kernel conserve mode
[PDF] FortiGate Administration Guide - adines
24 avr 2009 · Restoring your configuration settings in the CLI System DHCP explains how to configure a FortiGate interface as a DHCP server or
[PDF] FortiOS 601 Release Notes - AWS
5 mar 2020 · FortiGate and FortiWiFi-92D hardware limitation 7 FG-900D and FG-1000D POE reboot and factory reset from Special Notices 2018-06-08
[PDF] FortiOS 5612 Release Notes - AWS
18 sept 2020 · Restore the configuration of the primary FortiGate to a patched version, any factory reset will change the default FortiGuard settings to
[PDF] fortigate 200e manual
[PDF] fortigate 200e price
[PDF] fortigate 200e quick start guide
[PDF] fortigate 200e review
[PDF] fortigate 200e visio stencil
[PDF] fortigate 200f
[PDF] fortigate 201e datasheet
[PDF] fortigate 2200e datasheet
[PDF] fortigate 2500e
[PDF] fortigate 300 datasheet pdf
[PDF] fortigate 3000d
[PDF] fortigate 300d configuration guide
[PDF] fortigate 300d ebay
[PDF] fortigate 300d end of life
FortiGate 200
Administration Guide
DMZCONSOLE INTERNALEXTERNAL
INTERNALPOWERSTATUSEXTERNALDMZ
FortiGate-200 Administration Guide
Version 2.80 MR7
3 December 2004
01-28007-0004-20041203
© Copyright 2004 Fortinet Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of Fortinet Inc.FortiGate-200 Administration Guide
Version 2.80 MR7
3 December 2004
01-28007-0004-20041203
Trademarks
Products mentioned in this document are trademarks or registered trademarks of their respective holders.Regulatory Compliance
FCC Class A Part 15 CSA/CUS
CAUTION: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. For technical support, please visit http://www.fortinet.com.Send information about errors or omissions in this document or any Fortinet technical documentation to
techdoc@fortinet.com.Contents
FortiGate-200 Administration Guide 01-28007-0004-200412033Table of Contents
Introduction.......................................................................................................... 13
About FortiGate Antivirus Firewalls................................................................................... 13
Antivirus protection ....................................................................................................... 14
Web content filtering ..................................................................................................... 14
Spam filtering................................................................................................................ 15
Firewall.......................................................................................................................... 15
VLANs and virtual domains........................................................................................... 16
Intrusion Prevention System (IPS)................................................................................ 17
VPN............................................................................................................................... 17
High availability............................................................................................................. 18
Secure installation, configuration, and management.................................................... 18
Document conventions ..................................................................................................... 19
FortiGate documentation .................................................................................................. 21
Fortinet Knowledge Center ........................................................................................... 21
Comments on Fortinet technical documentation........................................................... 21
Related documentation..................................................................................................... 22
FortiManager documentation........................................................................................ 22
FortiClient documentation............................................................................................. 22
FortiMail documentation................................................................................................ 22
FortiLog documentation ................................................................................................ 23
Customer service and technical support........................................................................... 23
System status....................................................................................................... 25
Console access................................................................................................................. 25
Status................................................................................................................................ 26
Viewing system status .................................................................................................. 26
Changing unit information............................................................................................. 29
Session list........................................................................................................................ 32
Changing the FortiGate firmware...................................................................................... 33
Upgrading to a new firmware version ........................................................................... 33
Reverting to a previous firmware version...................................................................... 35
Installing firmware images from a system reboot using the CLI ................................... 38Testing a new firmware image before installing it......................................................... 41
Installing and using a backup firmware image.............................................................. 43
System network ................................................................................................... 47
Interface............................................................................................................................ 47
Interface settings........................................................................................................... 48
Configuring interfaces................................................................................................... 53
Zone.................................................................................................................................. 58
Zone settings ................................................................................................................ 58
Contents
4 01-28007-0004-20041203 Fortinet Inc.
Management..................................................................................................................... 59
DNS .................................................................................................................................. 61
Routing table (Transparent Mode).................................................................................... 61
Routing table list ........................................................................................................... 61
Transparent mode route settings.................................................................................. 62
VLAN overview ................................................................................................................. 62
FortiGate units and VLANs ........................................................................................... 63
VLANs in NAT/Route mode.............................................................................................. 63
Rules for VLAN IDs....................................................................................................... 64
Rules for VLAN IP addresses ....................................................................................... 64
Adding VLAN subinterfaces.......................................................................................... 65
VLANs in Transparent mode............................................................................................. 66
Rules for VLAN IDs....................................................................................................... 68
Transparent mode virtual domains and VLANs ............................................................ 68
Transparent mode VLAN list......................................................................................... 69
Transparent mode VLAN settings................................................................................. 69
FortiGate IPv6 support...................................................................................................... 71
System DHCP....................................................................................................... 73
Service.............................................................................................................................. 73
DHCP service settings.................................................................................................. 74
Server ............................................................................................................................... 75
DHCP server settings ................................................................................................... 76
Exclude range................................................................................................................... 77
DHCP exclude range settings....................................................................................... 78
IP/MAC binding................................................................................................................. 78
DHCP IP/MAC binding settings .................................................................................... 79
Dynamic IP........................................................................................................................ 79
System config ...................................................................................................... 81
System time...................................................................................................................... 81
Options.............................................................................................................................. 82
HA..................................................................................................................................... 84
HA configuration ........................................................................................................... 85
Configuring an HA cluster............................................................................................. 90
Managing an HA cluster................................................................................................ 94
SNMP................................................................................................................................ 97
Configuring SNMP ........................................................................................................ 97
SNMP community ......................................................................................................... 98
FortiGate MIBs............................................................................................................ 101
FortiGate traps............................................................................................................ 101
Fortinet MIB fields....................................................................................................... 103
Contents
FortiGate-200 Administration Guide 01-28007-0004-200412035Replacement messages ................................................................................................. 105
Replacement messages list........................................................................................ 106
Changing replacement messages .............................................................................. 107
FortiManager................................................................................................................... 108
System administration ...................................................................................... 109
Administrators................................................................................................................. 109
Administrators list........................................................................................................ 110
Administrators options ................................................................................................ 110
Access profiles................................................................................................................ 111
Access profile list ........................................................................................................ 112
Access profile options................................................................................................. 112
System maintenance......................................................................................... 115
Backup and restore......................................................................................................... 115
Backing up and Restoring........................................................................................... 116
Update center ................................................................................................................. 118
Updating antivirus and attack definitions .................................................................... 120
Enabling push updates ............................................................................................... 123
Support ........................................................................................................................... 125
Sending a bug report .................................................................................................. 126
Registering a FortiGate unit........................................................................................ 127
Shutdown........................................................................................................................ 129
System virtual domain....................................................................................... 131
Virtual domain properties................................................................................................ 132
Exclusive virtual domain properties ............................................................................ 132
Shared configuration settings..................................................................................... 133
Administration and management ................................................................................ 134
Virtual domains............................................................................................................... 134
Adding a virtual domain .............................................................................................. 135
Selecting a virtual domain........................................................................................... 135
Selecting a management virtual domain..................................................................... 135
Configuring virtual domains ............................................................................................ 136
Adding interfaces, VLAN subinterfaces, and zones to a virtual domain ..................... 136Configuring routing for a virtual domain...................................................................... 138
Configuring firewall policies for a virtual domain......................................................... 138
Configuring IPSec VPN for a virtual domain............................................................... 140
Router ................................................................................................................. 141
Static............................................................................................................................... 141
Static route list ............................................................................................................ 143
Static route options ..................................................................................................... 144
Contents
6 01-28007-0004-20041203 Fortinet Inc.
Policy .............................................................................................................................. 145
Policy route list............................................................................................................ 145
Policy route options..................................................................................................... 146
RIP.................................................................................................................................. 146
General ....................................................................................................................... 147
Networks list................................................................................................................ 148
Networks options ........................................................................................................ 149
Interface list................................................................................................................. 149
Interface options ......................................................................................................... 150
Distribute list ............................................................................................................... 151
Distribute list options................................................................................................... 152
Offset list..................................................................................................................... 153
Offset list options ........................................................................................................ 153
Router objects................................................................................................................. 154
Access list................................................................................................................... 154
New access list ........................................................................................................... 154
New access list entry .................................................................................................. 155
Prefix list ..................................................................................................................... 155
New Prefix list ............................................................................................................. 156
New prefix list entry..................................................................................................... 157
Route-map list............................................................................................................. 157
New Route-map.......................................................................................................... 158
Route-map list entry.................................................................................................... 159
Key chain list............................................................................................................... 160
New key chain............................................................................................................. 160
Key chain list entry...................................................................................................... 161
Monitor............................................................................................................................ 162
Routing monitor list ..................................................................................................... 162
CLI configuration............................................................................................................. 163
get router info ospf...................................................................................................... 163
get router info protocols .............................................................................................. 163
get router info rip......................................................................................................... 164
config router ospf ....................................................................................................... 164
config router static6..................................................................................................... 187
Firewall................................................................................................................ 189
Policy .............................................................................................................................. 190
How policy matching works......................................................................................... 190
Policy list..................................................................................................................... 190
Policy options.............................................................................................................. 191
Advanced policy options ............................................................................................. 194
Configuring firewall policies ........................................................................................ 196
Policy CLI configuration .............................................................................................. 197
Contents
FortiGate-200 Administration Guide 01-28007-0004-200412037Address........................................................................................................................... 198
Address list ................................................................................................................. 199
Address options .......................................................................................................... 199
Configuring addresses................................................................................................ 200
Address group list ....................................................................................................... 201
Address group options................................................................................................ 201
Configuring address groups........................................................................................ 202
Service............................................................................................................................ 203
Predefined service list................................................................................................. 203
Custom service list...................................................................................................... 206
Custom service options............................................................................................... 207
Configuring custom services....................................................................................... 208
Service group list ........................................................................................................ 209
Service group options ................................................................................................. 209
Configuring service groups ......................................................................................... 210
Schedule......................................................................................................................... 211
One-time schedule list ................................................................................................ 211
One-time schedule options ......................................................................................... 212
Configuring one-time schedules ................................................................................. 212
Recurring schedule list................................................................................................ 213
Recurring schedule options ........................................................................................ 213
Configuring recurring schedules ................................................................................. 214
Virtual IP ......................................................................................................................... 214
Virtual IP list................................................................................................................ 215
Virtual IP options......................................................................................................... 215
Configuring virtual IPs................................................................................................. 216
IP pool............................................................................................................................. 219
IP pool list ................................................................................................................... 220
IP pool options ............................................................................................................ 220
Configuring IP pools.................................................................................................... 220
IP Pools for firewall policies that use fixed ports......................................................... 221
IP pools and dynamic NAT ......................................................................................... 221
Protection profile............................................................................................................. 222
Protection profile list.................................................................................................... 222
Default protection profiles ........................................................................................... 223
Protection profile options ............................................................................................ 223
Configuring protection profiles .................................................................................... 228
Profile CLI configuration.............................................................................................. 229
Users and authentication.................................................................................. 233
Setting authentication timeout......................................................................................... 234
Local ............................................................................................................................... 234
Local user list.............................................................................................................. 234
Local user options....................................................................................................... 234
Contents
8 01-28007-0004-20041203 Fortinet Inc.
RADIUS .......................................................................................................................... 235
RADIUS server list...................................................................................................... 235
RADIUS server options............................................................................................... 236
LDAP............................................................................................................................... 236
LDAP server list .......................................................................................................... 237
LDAP server options................................................................................................... 237
User group...................................................................................................................... 239
User group list............................................................................................................. 239
User group options...................................................................................................... 240
CLI configuration............................................................................................................. 241
peer............................................................................................................................. 241
peergrp........................................................................................................................ 242
VPN...................................................................................................................... 245
Phase 1........................................................................................................................... 246
Phase 1 list ................................................................................................................. 246
Phase 1 basic settings................................................................................................ 247
Phase 1 advanced settings......................................................................................... 249
Phase 2........................................................................................................................... 250
Phase 2 list ................................................................................................................. 251
Phase 2 basic settings................................................................................................ 251
Phase 2 advanced options.......................................................................................... 252
Manual key...................................................................................................................... 253
Manual key list ............................................................................................................ 254
Manual key options..................................................................................................... 255
Concentrator................................................................................................................... 256
Concentrator list.......................................................................................................... 256
Concentrator options................................................................................................... 257
Ping Generator................................................................................................................ 257
Ping generator options................................................................................................ 258
Monitor............................................................................................................................ 258
Dialup monitor............................................................................................................. 259
Static IP and dynamic DNS monitor............................................................................ 259
PPTP............................................................................................................................... 260
PPTP range ................................................................................................................ 260
L2TP .............................................................................................................................. 261
L2TP range ................................................................................................................. 261
Certificates...................................................................................................................... 262
Local certificate list...................................................................................................... 262
Certificate request....................................................................................................... 263
quotesdbs_dbs12.pdfusesText_18