Manuel d'utilisation / d'entretien du produit 60B du fabricant Fortinet
Aller à la page of 66
www.fortinet.com FortiG at e -6 0B FortiO S 3 .0 MR 6 INST ALL GUIDE.
FortiGate-60 B Install Guide FortiOS 3.0 MR6 10 September 200 8 01-30006-04 46-20080910 © Copyright 2008 Fortine t, Inc. All rights reserved. No part of this publication including text, examples , di.
Contents FortiGate-60B FortiOS 3.0 MR6 Install Guide 01-30006-0446-2008091 0 3 Content s Contents...................................................................... .............. .......... 3 Introduction ............... ..........................
FortiGate-60B FortiOS 3.0 MR6 Install Guide 4 01-30006-0446-200809 10 Contents Configure a DNS server ...................... ................... .................... .......... 22 Adding a default route and gateway . ......... ................. ......
Contents FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 5 Configuring the PCMCIA modem card ......................... ................... .............. 45 FortiGate Firmware ............ .......................................
FortiGate-60B FortiOS 3.0 MR6 Install Guide 6 01-30006-0446-200809 10 Contents.
Introduction Register your FortiGate unit FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 7 Introduction Welcome and than k you for selecting Fortinet products fo r your real-time network protection.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 8 01-30006-0446-200809 10 About the FortiGate-60B Introduction About the FortiGate-60B The FortiGate-60B multi-thre at security solution of fers Small and M.
Introduction Further Reading FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 9 Typographic conventions FortiGate document ation uses the fo llowing typographical conven tions: F.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 10 01-30006-0446-200809 10 Customer service and technical support Introduction • FortiGate Log Message Refe rence Available exclusively from the Fortinet .
Installing Environmental specifications FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 11 Inst alling This chapter describes in stalling your FortiGate unit in your server room, environmental specifications and how to mount the FortiGate in a rack if applicable.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 12 01-30006-0446-200809 10 Cautions and warnings Installing • Connect the equipment into a n outlet on a circuit differen t from that to which the receiver is connecte d. • Consult the dealer or an experien ced radio/TV technician for help.
Installing Plugging in the FortiGate FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 13 Mounting If required to fit into a rack unit, remove the rubber feet from the bottom of the FortiGate u nit. Adhere the rubber fee t included in the package to the under side of the FortiGate unit, near the corners of the device.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 14 01-30006-0446-200809 10 T urning off the Fo rtiGate unit Installing.
Configuring NA T vs. T r ansparent mode FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 15 Configuring This section provides an overview of t he operating modes of the FortiGate unit, NA T/Route and T ranspa rent, and how to configure the FortiGate unit for each mode.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 16 01-30006-0446-200809 10 Connecting to the FortiGate unit Configuring Transparent mode In T ransparen t mode, the FortiGate u nit is invisible t o the network . Similar to a network bridge, all FortiGate interfaces must be on the same subnet.
Configuring Connecting to the FortiGate unit FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 17 T o support a secure HTTPS authentication method, the FortiGate unit ships with a self-signed security certific ate, which is offered to remote clients whenever they initiate a HTTPS connecti on to the FortiGate unit.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 18 01-30006-0446-200809 10 Configuring NA T mode Configuring Configuring NA T mode Configuring NA T mode involves defining interface addresses an d default routes, and simple firewall p olicies. Y ou can use the web-based manage r or the CLI to configure the FortiGate unit in NA T/Route mode.
Configuring Configuring NA T mode FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 19 4 Select OK. 5 Repeat this procedure for each interf ace as required. Configure a DNS server A DNS server is a service that conver ts symbolic node names to IP add resses.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 20 01-30006-0446-200809 10 Configuring NA T mode Configuring For an initial configuration, you must edit the fa ctory configured static defau lt route to specify a different defau lt gateway for the FortiGat e unit.
Configuring Configuring NA T mode FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 21 3 Set the following and select OK. Firewall policy configurati on is the same in NA T/Route mode and T ransp arent mode. Note that these policies allo w all traffic throug h.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 22 01-30006-0446-200809 10 Configuring NA T mode Configuring T o set an interface to use PPPo E addressing config system interface edit external set mode pp.
Configuring Configuring T ransparent mode FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 23 For an initial configuration, you must edit th e factory configured st atic default route to specify a different default gateway for the FortiGate unit.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 24 01-30006-0446-200809 10 Configuring T ransparent mod e Configuring Using the web-based manager After conn ecting to the web-based manager , you can use the following procedures to complete the ba sic configur ation of the FortiGate unit.
Configuring Configuring T ransparent mode FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 25 T o add an outgoing traffic firewall policy 1 Go to Firewall > Policy . 2 Select Create New . 3 Set the following and select OK. T o add an incoming traffic firewall policy 1 Go to Firewall > Policy .
FortiGate-60B FortiOS 3.0 MR6 Install Guide 26 01-30006-0446-200809 10 Configuring T ransparent mod e Configuring Configure a DNS server A DNS server is a service that convert s symbolic node names to IP addresses. A domain name server (DNS server ) implemen ts the protocol.
Configuring V erify the co nfiguration FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 27 V erify the configuration Y our FortiGate unit is now configured and connected to the network.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 28 01-30006-0446-200809 10 Restoring a configuration Configuring Restoring a configuration Should you need to restore the config uration file, use the following steps. T o restore the FortiGate co nfiguration 1 Go to System > Maintenance > Backup & Restore .
Configuring Addition al configurat ion FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 29 T o change the administrator p assword 1 Go to System > Admin > Administrators . 2 Select Change Password and enter a new p assword.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 30 01-30006-0446-200809 10 Additional confi guration Configuring.
Advanced configuration Protection profiles FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 31 Advanced configuration The FortiGate unit and the FortiOS o perating system provide a wide range of features that enable you to control netwo rk and internet traffic an d protect your network.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 32 01-30006-0446-200809 10 Firewall p olicies Advanced configuration The best way to begin creating your own protectio n profile is to open a predefined profile. This way you can see how a profile is set up, and th en modify it suit your requirements.
Advanced configuration Antivirus options FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 33 Configuring firewall policies T o add or edit a firewall policy go to Firewall > Policy and select Edit on an existing policy , or select Create New to add a policy .
FortiGate-60B FortiOS 3.0 MR6 Install Guide 34 01-30006-0446-200809 10 AntiSpam options Advanced configuration • Graywar e - These ar e unsolicited commercial so ftware programs th at are installed on computer s, often without the user's consent or knowledge.
Advanced configuration We b filtering FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 35 Banned word lists are specific w ords that may be typically found in email. The FortiGate un it searches f or words or patter ns in email me ssages.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 36 01-30006-0446-200809 10 Logging Advanced configuration T o configure content blocking, go to W eb Filter > Content Block . URL filter enables you to control additional web sites that you can block or allow .
Configuring the modem interface Selecting a modem mode FortiGate-60B FortiOS 3.0 MR6 Install Guide 01-30006-0446-2008091 0 37 Configuring the modem interface This chapter describes th e modem inte rfac e configuration options. The FortiGate unit supports the mod em interface only when running in NA T/Route mode.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 38 01-30006-0446-200809 10 Configuring modem settings Configuring the modem in terface When the Ether net interface can co nnect to its network again, the FortiGate unit disconnects the modem interf ace and swit ches back to the Ethernet in terface.
Configuring the modem interface Configuring modem setti ngs FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 39 Y ou can configure and use the modem in NA T/Route mode only . T o configure modem settings 1 Go to System > Network > Modem .
FortiGate-60B FortiOS 3.0 MR6 Install Guide 40 01-30006-0446-200809 10 Configuring the modem using the CL I Configuring the modem in terface Configuring the modem using the CLI Configure the modem setting s using the CLI.
Configuring the modem interface Configuring th e modem using the CLI FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 41 Keyword s and variables Descri ption Default account_relation {equal | fallback} When using a PCMCIA wireless modem, set the relationship betwe en the wireless modem and the internal modem.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 42 01-30006-0446-200809 10 Configuring the modem using the CL I Configuring the modem in terface holddown-timer <seconds> Used only wh en the modem is configured as a backup for an interface.
Configuring the modem interface Configuring th e modem using the CLI FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 43 Example This example shows how to en able the modem and configure the modem to ac t as a backup for the WAN1 interface.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 44 01-30006-0446-200809 10 Adding a Ping Server Configuring the modem in terface config system modem set action dial set status enable set holddown-timer 5 .
Configuring the modem interface Adding firewall policie s for modem connections FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 45 Adding firewall policies for modem connections The modem interface requ ires firewall addresses and policies.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 46 01-30006-0446-200809 10 Configuring the PCMCIA modem card Configuring the modem inte rface 7 If a security pin is required, enter in the Extra Initialization S tring field in the following format: at+cpin=5555 where 5555 is the pin provide d to you by your ISP .
FortiGate Firmware Downloading firmware FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 47 FortiGate Firmware Fortinet periodically updates th e FortiGat e firmware to include new featur es and address issues.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 48 01-30006-0446-200809 10 Using the web-based ma nager FortiGate Firmware T o download firmware 1 Log into the site using your user n ame and password. 2 Go to Firmware Images > FortiGate . 3 Select the most recent FortiOS version, and MR release and p atch release.
FortiGate Firmware Using the web-based manager FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 49 T o revert to a previous firm ware version 1 Copy the firmware image file to the managem ent computer . 2 Log into the FortiGate web- based manager .
FortiGate-60B FortiOS 3.0 MR6 Install Guide 50 01-30006-0446-200809 10 Using the CLI FortiGate Firmware T o configure the USB Auto- Insta ll 1 Go to System > Maintenance > Backup and Restore . 2 Select the blue arrow to expa nd the Advanced options.
FortiGate Firmware Using the CLI FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 51 5 Enter the fo llowing command to copy the firmware image from the TFTP server to the FortiGa.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 52 01-30006-0446-200809 10 Installing firmware from a system reboot using the CLI FortiGate Firmware 4 Make sure the FortiGate unit can conne ct to the TFTP server . Y ou can use the f ollowing comma nd to ping the computer running the TFTP server .
FortiGate Firmware Installing firmware from a system reboot using the CLI FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 53 If you are revert ing to a previou s FortiOS version, you might not be ab le to restore the previous configuration from the backup configuration file .
FortiGate-60B FortiOS 3.0 MR6 Install Guide 54 01-30006-0446-200809 10 Installing firmware from a system reboot using the CLI FortiGate Firmware 9 T ype the address of the TFTP server and press Enter: The following message appears: Enter Local Address [192.
FortiGate Firmware Installing firmware from a system reboot using the CLI FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 55 T o restore configuration us ing the CLI 1 Log into the CLI.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 56 01-30006-0446-200809 10 T esti ng new firmware before installing FortiGate Firmware T esting new firmware before inst alling Y ou can test a new fi rmware image by installing the firmware image from a system reboot and saving it to system memory .
FortiGate Firmware T esting new firmware before installing FortiGate-6 0B FortiOS 3.0 MR 6 Install G uide 01-30006-0446-20080 910 57 8 T ype G to get t he new firmwar e image fr om the TFTP server . The following m essage appears: Enter TFTP server address [192.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 58 01-30006-0446-200809 10 T esti ng new firmware before installing FortiGate Firmware.
Index FortiGate-60B FortiOS 3.0 MR6 Install Guide 01-30006-0446-2008091 0 59 Index A adding a default ro ute 19, 22 additional resources 9 admin password 28 air flow 11 altmode system modem 41 ambient.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 60 01-30006-0446-200809 10 Index Initial Disc Timeout 18 interface system modem 42 interface, configure 21 interface, configuring 18 K Knowledge Center 10 L.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 61 01-30006-0446-200809 10 Index.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 62 01-30006-0446-200809 10 Index.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 63 01-30006-0446-200809 10 Index.
FortiGate-60B FortiOS 3.0 MR6 Install Guide 64 01-30006-0446-200809 10 Index.
www.fortinet.com.
www.fortinet.com.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté Fortinet 60B c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du Fortinet 60B - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation Fortinet 60B, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le Fortinet 60B va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le Fortinet 60B, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du Fortinet 60B.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le Fortinet 60B. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei Fortinet 60B ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.