Fortinet FortiGate 30B manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Fortinet FortiGate 30B. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Fortinet FortiGate 30B ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Fortinet FortiGate 30B décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Fortinet FortiGate 30B devrait contenir:
- informations sur les caractéristiques techniques du dispositif Fortinet FortiGate 30B
- nom du fabricant et année de fabrication Fortinet FortiGate 30B
- instructions d'utilisation, de réglage et d’entretien de l'équipement Fortinet FortiGate 30B
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Fortinet FortiGate 30B ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Fortinet FortiGate 30B et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Fortinet en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Fortinet FortiGate 30B, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Fortinet FortiGate 30B, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Fortinet FortiGate 30B. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    www.fortinet.com FortiG at e -3 0B FortiO S 3 .0 MR 6 INST ALL GUIDE[...]

  • Page 2

    FortiGate-30 B Install Guide FortiOS 3.0 MR6 5 May 2008 01-30006-04 59-20080505 © Copyright 2008 Fortine t, Inc. All rights reserved. No p art of this publication including text, examples , diagrams or illustrations may be reproduced, tra nsmitted, or translated in any form or by any means, electronic, mechanical, manual, op tical or otherwise, fo[...]

  • Page 3

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 3 01-30006-0459-200805 05 Conents Conent s Conents....................................................................... .............. .......... 3 Introduction ............ ................................. ................................. .......... 7 Register your FortiGate unit .......... .........[...]

  • Page 4

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 4 01-30006-0459-200805 05 Conents Configure a DNS server ............ ................ .................... ................ ....... 24 Adding a default route and gateway . ......... ................. ............ .............. 24 Adding firewall policies ..................... ................ ..........[...]

  • Page 5

    Conents FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 5 Installing firmware from a system reboot using the CLI...... ................ ........ 44 Restoring the previous configuration ...................... .................... ................ . 46 Backup and Restore from a USB key .... ............. ................ ......[...]

  • Page 6

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 6 01-30006-0459-200805 05 Conents[...]

  • Page 7

    Introduction Register your FortiGate unit FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 7 Introduction Welcome an d thank you for selecting Fortinet product s for your real-time network protection. The FortiGate Unified Threat Man agement System improves network security , reduces network misuse and abuse, and help s you us[...]

  • Page 8

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 8 01-30006-0459-200805 05 About the FortiGate-30B Introduction About the FortiGate-30B The FortiGate-30B provides a W AN port for connection to the Internet and three integrated switch port s for multiuser environments in a small remote office. It is ideally suited for remote of fices, retail stores, broa[...]

  • Page 9

    Introduction Further Reading FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 9 Document conventions The following document conventio ns are used in this guide: • In the examples, private IP addresses ar e used for both private and public IP addresses. • Notes and Cautions are used to provide import ant information: Typogr[...]

  • Page 10

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 10 01-30006-0459-200805 05 Further Reading Introduction • FortiGate online help Provides a context- sensitive and searchable vers ion of the Administration Guide in HTML format. Y ou can access online help from the web-based manager as you work. • FortiGate CLI Reference Describes how to use the Forti[...]

  • Page 11

    Introduction Customer service a nd technical su pport FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 11 Customer service and technical support Fortinet T echnical Support provides services designed to make sure that your Fortinet systems install quickly , config ure easily , and operate reliably in your network. Please visit[...]

  • Page 12

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 12 01-30006-0459-200805 05 Customer service and technical support Introduction[...]

  • Page 13

    Installing Environmental specifications FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 13 Inst alling This chapter describes in stalling your FortiGate unit in yo ur server room, environmental specifications and how to mount the FortiGate in a rack if applicable. This chapter contains the follow ing topics: • Environmenta [...]

  • Page 14

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 14 01-30006-0459-200805 05 Cautions and warnings Installing • Connect the equipment into an outlet on a circuit different fro m that to which the receiver is connecte d. • Consult the dealer or an experien ced radio/TV technician for help. The equipm ent compliance with FCC radiation exposu re limit s[...]

  • Page 15

    Installing Plugging in the FortiGate FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 15 Place the FortiGate unit on any flat, stable surf ace. Ensure the unit has suf ficient clearance on each side to ensur e adeq uate airflow for cooling. Plugging in the FortiGate Use the following steps to connect the power su pply to the F[...]

  • Page 16

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 16 01-30006-0459-200805 05 T urning off the Fo rtiGate unit Installing[...]

  • Page 17

    Configuring NA T vs. T ransparent mode FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 17 Configuring This section provides an overview of t he operating modes of the FortiGate unit, NA T/Route and T ransp arent, and how to configure the FortiGate unit for each mode. There are two ways you can configure the FortiGa te unit, u[...]

  • Page 18

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 18 01-30006-0459-200805 05 Connecting to the FortiGate unit Configuring Transparent mode In T ransparen t mode, the FortiGate u nit is invisible to the netwo rk. Similar to a network bridge, all FortiGate interfaces must be on the same subnet. Y ou only have to configure a mana gement IP address to make c[...]

  • Page 19

    Configuring Connecting to the FortiGate unit FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 19 T o support a secure HTTPS authentication method, the For tiGate unit ships with a self-signed security certific ate, which is offered to remote clients whenever they initiate a HTTPS connecti on to the FortiGate unit. When you con[...]

  • Page 20

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 20 01-30006-0459-200805 05 Configuring NA T mode Configuring Configuring NA T mode Configuring NA T mode involves defining interface addresses and de fault routes, and simple firewall policies. Y ou can use the web-based m anager or the CLI to configure the FortiGate unit in NA T/Route mode. Using the web[...]

  • Page 21

    Configuring Configuring NA T mode FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 21 4 Select OK. 5 Repeat this procedure for each interf ace as required. Configure a DNS server A DNS server is a service that conver ts symbolic node names to IP addresses. A domain name server (DNS server) imp lements the protoc ol. In simple [...]

  • Page 22

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 22 01-30006-0459-200805 05 Configuring NA T mode Configuring For an initial configuration, you must edit the factor y configured static defau lt route to specify a different defau lt gateway for the FortiGat e unit. This will enable the flow of data th rough the FortiGate unit. For details on add ing addi[...]

  • Page 23

    Configuring Configuring NA T mode FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 23 3 Set the following and select OK. Firewall policy configurati on is the same in NA T/Route mode and T ransp arent mode. Note that these policies allo w all traffic throug h. No protection profiles have been applied. Ensure you create additio[...]

  • Page 24

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 24 01-30006-0459-200805 05 Configuring NA T mode Configuring T o set an interface to use PPPo E addressing config system interface edit external set mode pppoe set username <name_str> set password <psswrd> set ipunnumbered <ip_address> set disc-retry-timeout <integer_seconds> set p[...]

  • Page 25

    Configuring Configuring T r ansparent mode FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 25 For an initial configuration, you must edit th e factory configured st atic default route to specify a different default gateway for the FortiGate unit. This will enable the flow of data through the FortiGate unit. For details on ad [...]

  • Page 26

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 26 01-30006-0459-200805 05 Configuring T ransparent mod e Configuring Using the web-based manager After conn ecting to the web-based manager , you can use the following procedures to complete the ba sic configur ation of the FortiGate unit. Ensure you read the section “Connectin g to the web-based manag[...]

  • Page 27

    Configuring Configuring T r ansparent mode FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 27 T o add an outgoing traffic firewall policy 1 Go to Firewall > Polic y . 2 Select Create New . 3 Set the following and select OK. T o add an incoming traffic firewall policy 1 Go to Firewall > Polic y . 2 Select Create New . 3 [...]

  • Page 28

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 28 01-30006-0459-200805 05 Configuring T ransparent mod e Configuring Configure a DNS server A DNS server is a service that convert s symbolic node names to IP addresses. A domain name server (DNS server ) implemen ts the protocol. In simple te rms, it acts as a phone book for the Internet. A DNS server m[...]

  • Page 29

    Configuring V erify the co nfiguration FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 29 V erify the configuration Y our FortiGate unit is now configured and connected to the network. T o verify the FortiGate unit is connected and configure d correctly , use your web browser to browse a web site, or use your ema il client to[...]

  • Page 30

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 30 01-30006-0459-200805 05 Restoring a configuration Configuring Restoring a configuration Should you need to restore the config uration file, use the following steps. T o restore the FortiGat e configuration 1 Go to System > Maintenance > Backup & Restore . 2 Select to uplo ad the restor e f il[...]

  • Page 31

    Configuring Addition al configurat ion FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 31 T o change the administrator p assword 1 Go to System > Admin > Administrators . 2 Select Change Password and enter a new p assword. 3 Select OK. Alternatively , you can also add new admini strator users by selecting Create New , h[...]

  • Page 32

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 32 01-30006-0459-200805 05 Additional confi guration Configuring[...]

  • Page 33

    Advanced configuration Protection profiles FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 33 Advanced configuration The FortiGate unit and the FortiOS o perating system provide a wide range of features that enable you to control netwo rk and internet traffic and pr otect your network. This chapter describes some of these opt[...]

  • Page 34

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 34 01-30006-0459-200805 05 Firewall p olicies Advanced configuration The best way to begin creating your own protection pr ofile is to open a predefined profile. This way you can see how a profile is set up, and th en modify it suit your requirement s. Y ou access Protecti on profile options by going to F[...]

  • Page 35

    Advanced configuration Antivirus options FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 35 Configuring firewall policies T o add or edit a firewall policy go to Firewall > Policy and select Edit on an existing policy , or select Create New to add a policy . The source and des tination Interface/Zone match the firewall pol[...]

  • Page 36

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 36 01-30006-0459-200805 05 AntiSpam options Advanced configuration • Graywar e - These are unsolicited commercial software programs that are installed on computer s, often without the user's consent or knowledge. Grayware progr ams are generally consider ed an annoyance, but the se programs can cau[...]

  • Page 37

    Advanced configuration Web fi ltering FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 37 Banned word lists are specific wor ds that may be typically found in email. The FortiGate u nit searches f or words or patterns in email m essages. If matches are found, values assigned to the words are to ta lled. If the defined threshol[...]

  • Page 38

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 38 01-30006-0459-200805 05 Logging Advanced configuration T o configure content blocking, go to W eb Filter > Content Block . URL filter enables you to control additional web sites that you can block or allow . This enables you greater con trol over ce rtain URLs or sub-URLs. The Fo rtiGate unit allows[...]

  • Page 39

    FortiGate Firmware Downloading firmware FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 39 FortiGate Firmware Fortinet periodically updates the For tiGat e firmware to include new featur es and address issues. After yo u have registered your FortiGate unit, you can download FortiGate firmware updates is available for download[...]

  • Page 40

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 40 01-30006-0459-200805 05 Using the web-based manage r FortiGate Firmware T o download firmware 1 Log into the site using your user n ame and password. 2 Go to Firmware Images > FortiGate . 3 Select the most recent FortiOS version, and MR release and p atch release. 4 Locate the firmware for your Fort[...]

  • Page 41

    FortiGate Firmware Using the web-based manager FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 41 T o revert to a previous firmwar e version 1 Copy the firmware image file to the managem ent computer . 2 Log into the FortiGate web- based manager . 3 Go to System > St atus . 4 Under System Information > Firmware V ersion[...]

  • Page 42

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 42 01-30006-0459-200805 05 Using the CLI FortiGate Firmware T o configure the USB Au to-Inst all 1 Go to System > Maintenance > Backup and Restore . 2 Select the blue arrow to expa nd the Advanced options. 3 Select the following: • On system restart, auto matically update FortiGate configuration f[...]

  • Page 43

    FortiGate Firmware Using the CLI FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 43 5 Enter the fo llowing command to copy the firmware image from the TFTP server to the FortiGate unit: execute restore image <name_str> <tftp_ip4> Where <name_str> is the nam e of the firmware image file an d <tftp_ip4> [...]

  • Page 44

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 44 01-30006-0459-200805 05 Installing firmware from a system reboot using the CLI FortiGate Firmware 4 Make sure the FortiGate unit can connect to th e TFTP server . Y ou can use the f ollowing comm and to pin g the comput er running th e TFTP server . For example, if the TFTP serv er ’s IP address is 1[...]

  • Page 45

    FortiGate Firmware Installing firmware from a system reboot using the CLI FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 45 If you are revert ing to a previou s FortiOS versio n, you might not be able to restor e the previous configuration from the backup configuration file . T o install firmware from a sys tem reboot 1 Conn[...]

  • Page 46

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 46 01-30006-0459-200805 05 Installing firmware from a system reboot using the CLI FortiGate Firmware 9 T ype the address of the TFTP server and press Enter: The following message appears: Enter Local Address [192.168.1.188]: 10 T ype an IP address the FortiGate unit can use to connect to the TFTP server .[...]

  • Page 47

    FortiGate Firmware Installing firmware from a system reboot using the CLI FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 47 T o restore configuration us ing the CLI 1 Log into the CLI. 2 Enter the following command to re store the configuration files: exec restore image usb <filename> The FortiGate unit responds with t[...]

  • Page 48

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 48 01-30006-0459-200805 05 T esti ng new firmware before installing FortiGate Firmware T esting new firmware before inst alling Y ou can test a new fi rmware image by installing the firmware image from a system reboot and saving it to system memory . After completing this proc edure, the FortiGate unit op[...]

  • Page 49

    FortiGate Firmware T esting new firmware before installing FortiGate-30 B FortiOS 3.0 MR 6 Install G uide 01-30006-0459-20080 505 49 8 T ype G to get t he new firm ware image from the T FTP server . The following m essage appears: Enter TFTP server address [192.168.1.168]: 9 T ype the address of the TFTP ser ver and press Enter: The following m ess[...]

  • Page 50

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 50 01-30006-0459-200805 05 T esti ng new firmware before installing FortiGate Firmware[...]

  • Page 51

    Index FortiGate-30B FortiOS 3.0 MR6 Install Guide 01-30006-0459-2008050 5 51 Index A adding a defa ult route 21, 24 additional resources 9 admin password 30 air flow 13 ambient te mperature 13 antispam options 36 antivirus options 35 auto-install 41 auto-install from CLI 47 B backing up 29 C certificate, security 19 CLI 19 upgrading the firmware 4 [...]

  • Page 52

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 52 01-30006-0459-200805 05 Index P PADT timeout 21 password, changing 30 power off 15 PPPoE 24 protection profiles 33 R registering 7 restore 30 restoring previous firmware configuration 46 reverting firmware 40 S security certificate 19 shielded twisted pair 14 shut down 15 signatures, update 31 static r[...]

  • Page 53

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 53 01-30006-0459-200805 05 Index[...]

  • Page 54

    FortiGate-30B FortiOS 3.0 MR6 Install Guide 54 01-30006-0459-200805 05 Index[...]

  • Page 55

    www.fortinet.com[...]

  • Page 56

    www.fortinet.com[...]