English dropdown-ico

Fortinet FortiOS 3.0 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

Go to page of

Similar user manuals

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Fortinet FortiOS 3.0, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Fortinet FortiOS 3.0 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Fortinet FortiOS 3.0. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Fortinet FortiOS 3.0 should contain:
- informations concerning technical data of Fortinet FortiOS 3.0
- name of the manufacturer and a year of construction of the Fortinet FortiOS 3.0 item
- rules of operation, control and maintenance of the Fortinet FortiOS 3.0 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Fortinet FortiOS 3.0 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Fortinet FortiOS 3.0, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Fortinet service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Fortinet FortiOS 3.0.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Fortinet FortiOS 3.0 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    www.fortinet.com U pgrade Guide for FortiO S 3 . 0 UPGRADE GUIDE[...]

  • Page 2

    Upgrade Guide fo r FortiOS 3.0 24 April 2006 01-30000-03 17-20060424 © Copyright 2006 Fortine t, Inc. All rights reserved. No part of this publication including text, examples , diagrams or illustrations may be reproduced, tra nsmitted, or translated in any form or by any means, electronic, mechanical, manual, op tical or otherwise, for any purpos[...]

  • Page 3

    Contents Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 3 Content s Introduction ............... ................................. .............................. .......... 7 About this document ............... ................ ............. ................ ............. ................ 7 Document conventions ........................... [...]

  • Page 4

    Upgrade Guide for Forti OS v3.0 4 01-30000-0317-200604 24 Contents VPN ..... ................ ............. ............. ................ ............. ............. ................ .......... 23 IPSec ..................... ............. ................. ............ ................. ............ ............. . 23 SSL ........ ............. ..[...]

  • Page 5

    Contents Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 5 Upgrading your FortiGate unit ......... ................ ................ ................ ............. . 34 Upgrading to FortiOS 3.0 .... ................ ............. ............. ................ ............. . 34 Upgrading using the web-based manag er ........... ...........[...]

  • Page 6

    Upgrade Guide for Forti OS v3.0 6 01-30000-0317-200604 24 Contents[...]

  • Page 7

    Introduction About this document Upgrade Guide for FortiOS v3.0 01-30000-0317-2006042 4 7 Introduction Over the past year , Fortinet has been developing, testin g and refining a new operating system for your FortiGate un it. FortiOS 3.0 is a more dynamic and robust operating system, of fering you even better pro tection, blocking and monitoring fe [...]

  • Page 8

    Upgrade Guide for Forti OS v3.0 8 01-30000-0317-200604 24 Fortinet documentation Introduction Typographic conventions FortiGate document ation uses the fol lowing typographical conventions: Fortinet document ation The most up-to-da te publications and previous releases of Fortinet product documenta tion are available from the Fort inet T echnical D[...]

  • Page 9

    Introduction Customer service a nd technical support Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 9 • FortiGate Lo g Message Re ference Available exclusively from the Fortine t Knowledge Center , the FortiGate Log Message Reference describe s the structure of FortiGate log message s and provides information abou t the log messages that[...]

  • Page 10

    Upgrade Guide for Forti OS v3.0 10 01-30000-0317-200604 24 Customer service and technical support Introduction[...]

  • Page 11

    Upgrade Notes Backing up configuration fi les Upgrade Guide for FortiOS v3.0 01-30000-0317-2006042 4 11 Upgrade Notes Before downloading Fo rtiOS 3.0, it is recommended that you read this chapter to learn about on the new feature s and/or changes to existing features with the operating sys tem. This chapte r describes thes e changes and fe atures, [...]

  • Page 12

    Upgrade Guide for Forti OS v3.0 12 01-30000-0317-200604 24 Web-based manager changes Upgrade Notes Figure 1: LCD main menu settings for NA T/Ro ute mode Figure 2: LCD main menu settin g for T ransparent mode W eb-based manager changes The system dashboard in FortiOS 3.0 ha s been enhanced, with various system information now cate gorized and additi[...]

  • Page 13

    Upgrade Notes Changes to the web-based manager Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 13 The FortiGate image in the upper-ri ght-hand corner of the web-based manager , displays the status of th e unit’s port settings. Wh en you hover your mouse over a port, it displays the port name, IP/Netma sk address, link st atus, speed, incl[...]

  • Page 14

    Upgrade Guide for Forti OS v3.0 14 01-30000-0317-200604 24 USB support Upgrade Notes USB support The USB is supported in FortiOS 3.0. The FortiUSB key (purchased sep arately) enables you to backup configuration file s and re store backed up configuration files. Y ou can even configure the FortiGate unit to automatically inst all a firmware image an[...]

  • Page 15

    Upgrade Notes Other Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 15 • WLAN upgrades are unsuccessfully si nce during the upgrade process the wireless daemon is turned of f to conserve memory . • Certain IPS group settings are no t carried forward. Y ou need to manually configure these settings af ter upgrading. • Lists fr om FortiO[...]

  • Page 16

    Upgrade Guide for Forti OS v3.0 16 01-30000-0317-200604 24 Other Upgrade N otes[...]

  • Page 17

    New features and changes System Upgrade Guide for FortiOS v3.0 01-30000-0317-2006042 4 17 New features and changes There are seve ral new features included in FortiOS 3.0, as well as changes to existing feat ures. This c hapter out lines th e new features as well as the changes. Before you proceed to upgrade your FortiG ate unit, it is recommended [...]

  • Page 18

    Upgrade Guide for Forti OS v3.0 18 01-30000-0317-200604 24 System New features and changes Status The S t atus page displays the System Dashboar d. The System Dashboard is categorized and five new ite ms have been added: • CPU, memory usage sta tistics history • FortiGuard Subscription-b ased services and license information • Image of the Fo[...]

  • Page 19

    New features and changes System Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 19 Admin The Admin menu includes two new t abs along with the previous t abs, the Administrato rs and Access Profile . In the Administrators t ab, you can config ure an access p rofile while co nfiguring a new administra tor . The FortiManager t ab is now locate[...]

  • Page 20

    Upgrade Guide for Forti OS v3.0 20 01-30000-0317-200604 24 System New features and changes The FortiGuard Center , previously the Upda te Cen ter , displays seve ral options fo r enabling the FortiGate unit to connect to the Fortinet Distrib ution Network (FDN), and for updating antivi rus and attack definitions. Y ou can also test the availability[...]

  • Page 21

    New features and changes Router Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 21 • an administration account with access profile that provides read and write access to • only the admin administrator account c an configure a VDOM un less you create and assign a regular administrator to that VDOM Router The Router menu consist s of the [...]

  • Page 22

    Upgrade Guide for Forti OS v3.0 22 01-30000-0317-200604 24 Firewall New features and changes Monitor The Routing Monitor t ab displays the entries in the Fort iGate routing table. Y ou can apply a filter to display cert ain routes to search for specific routing protocols. Firewall The Firewall menu consists of the following menus: • Policy • Ad[...]

  • Page 23

    New features and changes VPN Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 23 VPN The VPN menu cont ains the following menus: • IPSec • SSL • Certificates The VPN menu has several significant change s for FortiOS 3.0. Configuration of VPNs has also significantly changed. It is r ecommended you read the Release Notes FortiOS 3.0MR1 t[...]

  • Page 24

    Upgrade Guide for Forti OS v3.0 24 01-30000-0317-200604 24 User New features and changes User The User menu cons ists of the following menus: • Local • Radius • LDAP • Windows AD • User Group Local The Loca l menu is un changed. Radius The Radius menu is unchanged. LDAP The LDAP menu is uncha nged. However , it now has the Common Name Ide[...]

  • Page 25

    New features and changes Antivirus Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 25 Antivirus The Antivirus menu is now located below the User men u. It consists of the following me nus: • File Pattern • Quarantine • Config File Pattern The File Pattern menu has change d. The columns on the File Pattern page are now Pattern, Action [...]

  • Page 26

    Upgrade Guide for Forti OS v3.0 26 01-30000-0317-200604 24 Web F i l te r New features and changes Anomaly The Anomaly menu dete cts and identifie s ne twork traffic that attempts to take advantage of known exploit s. When you are creating a new anomaly , you can now specify the severity , and instead of selecting Lo gging, you now select Pa cket L[...]

  • Page 27

    New features and changes AntiSpam (formerly Spam Filter) Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 27 The FortiGuard-W eb Filter menu con tains the Override t ab, Local Categories t ab and Local Ratings t ab. On FortiGate units with a hard disk, you can crea te reports from the Report s tab. The Override tab provides administrators wi[...]

  • Page 28

    Upgrade Guide for Forti OS v3.0 28 01-30000-0317-200604 24 IM/P2P (new) New features and changes Banned word The Banned word menu st ill controls spam by blocking email messages contai ning specific words or p atterns. The Action column on the Banned W ord page is now Score, and is reflected when co nfiguring a new banned word. Score is a numerical[...]

  • Page 29

    New features and changes Log & Report Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 29 Statistics The S tatistics menu provides administrato r s with a view of instant messaging and point to point statistics to gain insight into how these protocols are being used within the network. The Overview tab provide s detail statistics for all[...]

  • Page 30

    Upgrade Guide for Forti OS v3.0 30 01-30000-0317-200604 24 HA New features and changes The web trends option and traffic filtering a re now available in the CLI. See the FortiGate CLI Reference for more information. Logging options for various protocols and traf fic is now in the Protection Profiles menu. Log Access The Log Access menu has two t ab[...]

  • Page 31

    New features and changes SNMP MIBs and traps changes Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 31 Upgrading the HA clus ter for FortiOS 3.0 The following procedure will help you upgra de a FortiOS 2.80 HA cluster to FortiOS 3.0. Y ou can use either the web-based manager or the execute restore image CLI command and a TFTP ser ver to up[...]

  • Page 32

    Upgrade Guide for Forti OS v3.0 32 01-30000-0317-200604 24 SNMP MIBs and traps changes New features and changes fnSysMemCapacity New HA fnHaLBSchedule fnHaSchedule fnHaGroupID fnHaGroupID fnHaPriority No longer available fnHaOverride No longer available fnHaAutoSync No longer available Options fnOptAuthTimeout New fnOptionLanguage New fnOptLcdProte[...]

  • Page 33

    Upgrading to FortiOS 3.0 Backing up your configurati on Upgrade Guide for FortiOS v3.0 01-30000-0317-2006042 4 33 Upgrading to FortiOS 3.0 Before you begin upgr ading to F ortiOS 3.0, it is recommend ed that you first review this chapter as well as the release notes so you can be fully aware of these new featur es and ch anges. This chapte r includ[...]

  • Page 34

    Upgrade Guide for Forti OS v3.0 34 01-30000-0317-200604 24 Upgradi ng your FortiGat e unit Upgrading to FortiOS 3 .0 Backing up your configur ation using the CLI Use the following procedure to backup up your current configuration in th e CLI. T o backup your configurat ion file using the CLI Backup the configuration file. Enter: execute backup allc[...]

  • Page 35

    Upgrading to FortiOS 3.0 Upgrading your FortiGate unit Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 35 4 Under Unit Informat ion, select Update. 5 T ype the path and filename of the firmware image file, or select Browse and locate the file. 6 Select OK. The FortiGate unit uploads the firmwa re image file, upgrad es to the new firmware ve[...]

  • Page 36

    Upgrade Guide for Forti OS v3.0 36 01-30000-0317-200604 24 Upgradi ng your FortiGat e unit Upgrading to FortiOS 3 .0 7 Reconnect to the CLI. 8 T o confirm the firmware image is successfully inst alled, enter: get system status 9 Update antivirus and att ack definitions (see the FortiGate Admi nistration Guide ), or from the CLI, enter: execute upda[...]

  • Page 37

    Reverting to FortiOS v2.80MR1 1 Backi ng up your FortiOS 3.0 co nfiguration Update Guide for FortiOS v3. 0 01-30000-0317-2006042 4 37 Reverting to FortiOS v2.80MR1 1 Y ou may need to revert to a pervious firmware version if the upgrade did not inst all successfully . The following sections will help you to backup your current FortiOS 3.0 configurat[...]

  • Page 38

    Update Guide for FortiOS v3.0 38 01-30000-0317-200604 24 Downgrading to FortiOS v2.80MR1 1 using web-bas ed manage r Reverting to FortiOS v2.80MR1 1 Downgrading to FortiOS v2.80M R1 1 using web-based manager When you downgrade to FortiOS v2 .80MR1 1, only the following settings are retaine d: • Operation mode • Interface IP/Management IP • Ro[...]

  • Page 39

    Reverting to FortiOS v2.80MR1 1 Downgrading to FortiOS v2.80MR1 1 using web-based manager Update Guide for FortiOS v3.0 01-30000-0317-20060 424 39 Downgrading to FortiOS v2.80MR11 using the CLI Use the followin g proced ure to dow ngrade to FortiOS v2.8 0MR1 1 in t he CLI. If you have created additional settings in FortiOS 3.0, make sure you back u[...]

  • Page 40

    Update Guide for FortiOS v3.0 40 01-30000-0317-200604 24 Restoring your configuration Reverting to FortiOS v2.80MR1 1 Restoring your configuration Y our configuration settings may not have carr ied over after you h ave downgraded to FortiOS v2.80MR1 1. Y ou can restore your configuration settings for FortiOS v2.80MR1 1 with the configuration file(s[...]

  • Page 41

    Reverting to FortiOS v2.80MR1 1 Restoring your configurati on Update Guide for FortiOS v3.0 01-30000-0317-20060 424 41 5 Enter the following command to copy the ba ckup co nfiguration file to restor e the file on the FortiGate unit: execute restore allconfig <name_str> <tftp_ipv4> <passwrd> Where <name_str> is the name of th[...]

  • Page 42

    Update Guide for FortiOS v3.0 42 01-30000-0317-200604 24 Restoring your configuration Reverting to FortiOS v2.80MR1 1[...]

  • Page 43

    Index Upgrade Guide fo r FortiOS v3.0 01-30000-0317-20060 424 43 Index A antispam black/whit e list menu 28 antivirus config menu 25 file pattern menu 25 quarantine menu 25 B Backing 33 backing up 3.0 config 37 3.0 config to FortiUSB 37 3.0 to PC 37 config files in 3.0 11 config using web-based manager 33 configuration 33 using the CLI 34 backup an[...]

  • Page 44

    Upgrade Guide for Forti OS v3.0 44 01-30000-0317-200604 24 Index system menu admin 19 backup and restore 19 config 18 maintenance 19 network 18 sessions 18 status 1 8 T technical support 9 U upgrade notes 11, 12 , 13, 14 backing up config 11 backing up config files 11 backing up config, v2.80MR11 33 CLI changes 13 name change, FortiLog 11 other 14 [...]

  • Page 45

    www.fortinet.com[...]

  • Page 46

    www.fortinet.com[...]