Português dropdown-ico

Fortinet 800 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

Ir para a página of

Manuais similares

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Fortinet 800. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoFortinet 800 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Fortinet 800 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Fortinet 800, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Fortinet 800 deve conte:
- dados técnicos do dispositivo Fortinet 800
- nome do fabricante e ano de fabricação do dispositivo Fortinet 800
- instruções de utilização, regulação e manutenção do dispositivo Fortinet 800
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Fortinet 800 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Fortinet 800 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Fortinet na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Fortinet 800, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Fortinet 800, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Fortinet 800. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    FortiGate 800/800F Installation Guide Esc Enter CONSOLE INTERNAL EXTERNAL DMZ H A 1 2 3 4 USB 800F PWR Esc Enter CONSOLE INTERNAL EXTERNAL DMZ HA 123 4 USB 8 PWR F or tiGate-800F F or tiGate-800 Ve r s i o n 2 . 8 0 M R 6 26 October 2004 01-28006-00 24-20041026[...]

  • Página 2

    © Copyright 2004 Fortine t Inc. All rights reserved. No part of this publication incl uding text, examples , diagrams or illustrations may be reproduced, transmitted, or translated in any form or by an y means, electro nic, mechanical, manual, optical or otherwise, for any purpose, without prio r written permiss ion of Fortinet Inc. FortiGate-800/[...]

  • Página 3

    Contents FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 3 Table of Contents Introduction ............. .............................. ........................................................ ......... 5 Secure installation, configurat ion, and management ................ ................... ................... .... 5 Web-based manag[...]

  • Página 4

    Contents 4 01-28006-0024-2004102 6 Fortinet Inc. Using the setup wizard............. ................... .................... ................ ................... ............... 34 Starting the setup wizard .................. ................... .................... ................... .................. 35 Connecting the FortiGate unit to the net[...]

  • Página 5

    FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 5 Introduction FortiGate A ntivirus Firewalls improve netwo rk security , reduc e network misu se and abuse, and help you use communication s resources more efficiently without compromising the performance of yo ur netw ork. Fort[...]

  • Página 6

    6 01-28006-0024-2004102 6 Fortinet Inc. Web-based manage r Introduction The CLI or the web-based manager can then be used to complete configuration and to perform maintenance and administration. Web-based manager Using HTTP or a secure HTTPS connection from any co mputer running Internet Explorer , you can configure and manage th e FortiGate unit. [...]

  • Página 7

    Introduction Setup wizard FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 7 Setup wizard The FortiGate setup wizard p rovides an easy way to configure the b asic initial settings for the FortiGate unit. Th e wizard walks through the con figuration of a new administrato r password, FortiGat e interfaces, D HCP server se ttings, intern[...]

  • Página 8

    8 01-28006-0024-2004102 6 Fortinet Inc. Setup wizard Introduction set allowaccess {ping https ssh snmp http telnet} Y ou can enter an y of the following: set allowaccess ping set allowaccess ping https ssh set allowaccess https ping ssh set allowaccess snmp In most ca ses to make cha n ges to lists that contain options se parated by sp aces, you ne[...]

  • Página 9

    Introduction FortiManager documentation FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 9 Related document ation Additional info rmation about Fortinet produc t s is available from the following related documentation . FortiManager documentation • FortiManager QuickS tart Guide Explains how to inst all the FortiManager Console , se[...]

  • Página 10

    10 01-28006-0024-2004102 6 Fortinet Inc. FortiLog documentation Introduction FortiLog documentation • FortiLog Administration Guide Describes how to install and configure a FortiLog unit to collect FortiGa te and FortiMail log files. It also describes how to view FortiGate and FortiMail log files, generate and view log report s, and use the Forti[...]

  • Página 11

    Introduction Comments on Fortine t technical documenta tion FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 11 Customer service and technical support For antiviru s and attack defi nition up dates, firmware updates, updated product documentation , technical support informatio n, and other r esources, please visit the Fortinet technic[...]

  • Página 12

    12 01-28006-0024-2004102 6 Fortinet Inc. Comments on Fortinet technica l docume ntation Introduction[...]

  • Página 13

    FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 13 Getting st arted This section describes unp acking, setting up, and powering on a For tiGate Antivirus Firewall unit. This section includes: • Package content s • Mounting • T u rning the F ortiGate unit power on and off[...]

  • Página 14

    14 01-28006-0024-2004102 6 Fortinet Inc. Getting started Package content s The FortiGate-800 an d FortiGate-800F packa ge contains the following items: • FortiGate-800 or FortiGate-80 0F Antivirus Firewall • one orange crossover ethernet cable (F ortinet part number CC300248) • one grey regular ethernet cable (Fortin et part number CC300249) [...]

  • Página 15

    Getting started FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 15 Mounting The FortiGate-800/8 00F unit can be mounte d in a standa rd 19-inch rack. It requires 1 U of vertical space in the rack. The FortiGate-800/8 00F unit can also be inst alled as a free-standing a ppliance on any stable surface. Dimensions • 16.75 x 12 x 1.75 [...]

  • Página 16

    16 01-28006-0024-2004102 6 Fortinet Inc. Getting started T urning the FortiGate unit power on and off T a ble 2: FortiGate- 800F LED in dicators T o power off the FortiGate unit Always shut down the FortiGate operatin g system properly bef ore turning off the power switch. 1 From the web-ba sed manager , go to System > Maintenance > ShutDown [...]

  • Página 17

    Getting started FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 17 T o connect to the web-based manager, you need: • a computer with an ethernet connection, • Internet Explorer version 6.0 or higher , • a crossover cable or an etherne t hub and two ethernet cable s. T o connect to the web-based manager 1 Set the IP address of t[...]

  • Página 18

    18 01-28006-0024-2004102 6 Fortinet Inc. Getting started T o connect to the CLI 1 Connect the serial cable to the communication s port of your computer and to the FortiGate Console port. Use the RJ-45 to DB-9 conver tor if your PC communications port re quires a DB-9 connector . 2 Make sure that the FortiGa te unit is powered on. 3 S tart HyperT er[...]

  • Página 19

    Getting started Factory default NAT/Route mod e network configuration FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 19 Factory default FortiGate configuration settings The FortiGate unit is shipped with a fa ct ory default co nfiguration. T he default configuration allows you to connect to and use the FortiGa te web-based manager t[...]

  • Página 20

    20 01-28006-0024-2004102 6 Fortinet Inc. Factory default Transpar ent mode network configuration Getting started Factory default Transparent mode network configuration In T ransparent mode, th e FortiGate unit has the default network configurat ion listed in Ta b l e 4 . HA interface IP: 0.0.0.0 Netmask: 0.0.0.0 Administrative Access: Ping Port 1 I[...]

  • Página 21

    Getting started Factory default firewall configurati on FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 21 Factory default firewall configuration FortiGate firewall policies cont rol how all traf fic is processed by the FortiGate unit. Until firewall p olicies are added , no traffic can be ac cepted by or pass th rough the FortiGate [...]

  • Página 22

    22 01-28006-0024-2004102 6 Fortinet Inc. Factory default protection profiles Getting started Using protection profiles, you can build pr ot ection configurations that can be applied to different types of firewall policies. This allows you to customize types and levels of protection for dif ferent firewall policies. For example, while traf fic betwe[...]

  • Página 23

    Getting started NAT/Route mode FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 23 Planning the FortiGate configuration Before you configure the F ortiGate unit, you need to plan how to integrate the unit into the network. Amo ng other things, yo u must decide whethe r you want the unit to be visible to the network, which firewall fun[...]

  • Página 24

    24 01-28006-0024-2004102 6 Fortinet Inc. NAT/Route mode with multiple external network connecti ons Getting started NAT/Route mode with multiple external network connections In NA T/Route mode, you can configure th e FortiGate u nit with multiple redundant connections to the external networ k (usually the Intern et). For example, you could create t[...]

  • Página 25

    Getting started Configuration options FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 25 Figure 8: Example T ra nsp arent mode networ k configuration Y ou can connect up to 8 network segment s to the FortiGate unit to control traffic between these network segment s. • External can connect to the external firewall or router . • In[...]

  • Página 26

    26 01-28006-0024-2004102 6 Fortinet Inc. Configuration opti ons Getting started If you are configuring the FortiGate unit to operate in Tr ansparent mode, you can use the front k eypad and LCD to s witch to Transparent mode. Then you can add t he management IP addr ess and default gateway . If you are configuring the FortiGate unit to operate in Tr[...]

  • Página 27

    FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 27 NA T/Route mode inst allation This chapter describes how to install the FortiGate un it in NA T/Route mode. For information about installing a FortiGate unit in T ransparent mode, see “T ransp arent mode inst allation” on [...]

  • Página 28

    28 01-28006-0024-2004102 6 Fortinet Inc. DHCP or PPPoE confi guration NAT/Route mode installati on DHCP or PPPoE configuration Y ou can configure any FortiGate interface to acquire it s IP address from a DHCP or PPPoE server . Y our ISP may provide IP add resses using one of these protocols. T o use the FortiGate DHCP server , you need to configure[...]

  • Página 29

    NAT/Route mode installation Configuring basic settings FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 29 PPPoE requires you to supp ly a user name and pass word. In addition, PPPoE unnumbered configu rations require you to supply an IP address. Use T able 7 to record the information you requi re for your PPPo E configuration. Using [...]

  • Página 30

    30 01-28006-0024-2004102 6 Fortinet Inc. Configuring basic settin gs NAT/Route mode installati on T o configure DNS server settin gs 1 Go to System > Network > DNS . 2 Enter the IP address of the primary DNS se rver . 3 Enter the IP address of the secondary DNS server . 4 Select OK. T o add a default route Add a default route to configure wh [...]

  • Página 31

    NAT/Route mode installation Configuring the Fo rtiGate unit to oper ate in NAT/Route mode FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 31 2 Use the up and down arrows to hi ghlight the name of the interface to change and press Enter . 3 Press Enter for IP address. 4 Use the up and down arrow keys to increase or decrea se the value[...]

  • Página 32

    32 01-28006-0024-2004102 6 Fortinet Inc. Configur ing the FortiGat e unit to operate in NAT /Route mode NAT/Rout e mode installat ion config system admin edit admin set password <psswrd> end T o configure interfaces 1 Log in to the CLI. 2 Set the IP address and netmask of the internal interface to the internal IP address and netmask that you [...]

  • Página 33

    NAT/Route mode installation Configuring the Fo rtiGate unit to oper ate in NAT/Route mode FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 33 config system external edit external set mode static set ip <address_ip> <netmask> end Example config system external edit external set mode static set ip <204.23.1.5> <255.[...]

  • Página 34

    34 01-28006-0024-2004102 6 Fortinet Inc. Configur ing the FortiGat e unit to operate in NAT /Route mode NAT/Rout e mode installat ion T o add a default route Add a default route to configure wh ere the FortiGate unit sends traf fic that should be sent to an external netwo r k (usually the Internet). A dding the default route also defines which inte[...]

  • Página 35

    NAT/Route mode installati on Starting the setup wizard FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 35 Starting the setup wizard 1 In the web-based manager, sele ct Easy Setup Wizard. Figure 9: Select the Easy Setup W izard 2 Follow the instructions on th e wizard pages and use the in formation that you gathered in T a ble 6 on pa[...]

  • Página 36

    36 01-28006-0024-2004102 6 Fortinet Inc. Starting the setup wizard NAT/Route mode installati on Y ou are now finished the initial c onfiguration of the FortiGate unit. Connecting the FortiGate unit to the network(s) After you co mplete the initial configu ration, you can connect the FortiGate unit between the internal networ k and the Internet. Y o[...]

  • Página 37

    NAT/Route mode installati on Starting the setup wizard FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 37 T o connect the FortiGate unit running in NA T/Route mode 1 Connect the Internal interfac e to the hub or switch connected to the internal network. 2 Connect the External interface to your public switch or ro uter . 3 Optionally [...]

  • Página 38

    38 01-28006-0024-2004102 6 Fortinet Inc. Starting the setup wizard NAT/Route mode installati on 2 Repeat for all user-defined inter faces that you have configured. The example in Figure 1 1 shows an intern al network connected to user-defined interface 1 and an externa l network c onnected to user-defined interfa ce 4. Figure 1 1: Example FortiGate[...]

  • Página 39

    NAT/Route mode installati on Starting the setup wizard FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 39 In standalone m ode, the mo dem interf ace is the c onnection fro m the FortiG ate unit to the Internet. When connect ing to the IS P , in either conf iguration, the F ortiGate unit m odem can automatica lly dial up to thr ee dia[...]

  • Página 40

    40 01-28006-0024-2004102 6 Fortinet Inc. Starting the setup wizard NAT/Route mode installati on T o register , enter your contact informatio n and the serial numbers of the FortiGate units that you or your or ganization have purchased. Y ou can register multiple FortiGate units in a single session without re-entering your contact inform ation. T o [...]

  • Página 41

    FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 41 T r ansp arent mode inst allation This chapter de scribes how to insta ll a FortiGate unit in T ransparent mode . If you want to install the FortiGate un it in NA T/Ro ute m ode, see “NA T/Route mode installa tion” on pag [...]

  • Página 42

    42 01-28006-0024-2004102 6 Fortinet Inc. Transparen t mode installatio n Using the web-based manager Y ou can use the web-based manager to complete the initial configuration of the FortiGate unit. Y ou can continue to use the web-based mana ger for all FortiGate unit settings. For information about co nnecting to the web-based man ager, see “Conn[...]

  • Página 43

    Transparent mode installatio n Reco nnecting to the web-based manager FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 43 2 Enter the IP address of the primary DNS se rver . 3 Enter the IP address of the secondary DNS server . 4 Select OK. T o configure the default gateway 1 Go to System > Network > Management . 2 Set Default Ga[...]

  • Página 44

    44 01-28006-0024-2004102 6 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation T o add a default gateway 1 Press Enter to display the option list. 2 Use the down arrow to highl ight Default Gateway . 3 Press Enter and set the default gatewa y . 4 After you set the last digit of the default gateway , press Enter . 5 Pre[...]

  • Página 45

    Transparent mode installatio n Reco nnecting to the web-based manager FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 45 config system manageip set ip 10.10.10.2 255.255.255.0 end 3 Confirm that the addre ss is correct. Enter: get system manageip The CLI lists the managemen t IP address and netmask. T o configure DNS server settin gs[...]

  • Página 46

    46 01-28006-0024-2004102 6 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation The first tim e you connec t to the Fort iGate un it, it is configured to run in NA T/Route mode. T o switch to T ranspare nt mode using the web-based manag er 1 Go to System > S t atus . 2 Select Change beside the Operation Mode. 3 Selec[...]

  • Página 47

    Transparent mode installatio n Reco nnecting to the web-based manager FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 47 There are 4 10/1 00 Base-TX connectors on the FortiGate-8 00: • user-defined interfaces 1 to 4 for connecti ng up to four additional networks to the FortiGate un it. FortiGate-800F There are 4 LC-SFP 1000 Base-SX[...]

  • Página 48

    48 01-28006-0024-2004102 6 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation Figure 12: FortiGate-800/800F T r ansp arent mode connectio ns Next step s Y ou can use the following information to co nfigure FortiGat e system time, to register the FortiGate unit, and to configure ant ivirus and att ack definition update[...]

  • Página 49

    Transparent mode installatio n Reco nnecting to the web-based manager FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 49 5 Select Set T ime and set the FortiGate system date and time. 6 Set the hour , minute, second, month, day , and year as required. 7 Select Apply . T o use NTP to set the FortiGate date and time 1 Go to System >[...]

  • Página 50

    50 01-28006-0024-2004102 6 Fortinet Inc. Reconnecting to the web-based manager Transparent mode installation[...]

  • Página 51

    FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 51 High availability inst allation This chapter describes how to install two or more FortiGate units in an HA cluster . HA installation involves three basic steps: • Configuring FortiGate un its for HA operation • Connecting [...]

  • Página 52

    52 01-28006-0024-2004102 6 Fortinet Inc. High availability configuration se ttings High availability installation T a ble 10: High availability settings Mode Active-Active Load balancing and failo ve r HA. Each FortiGate unit in the HA cluster actively processes co nnections and monitors the statu s of the other FortiGat e units in the clu ster . T[...]

  • Página 53

    High availability installation Configuring Fort iGate units for HA usi ng the web-based manager FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 53 Configuring FortiGate units for HA using the web-based manager Use the followin g procedure to configure e ach FortiGat e unit for HA op eration. T o change the FortiGate unit host name Ch[...]

  • Página 54

    54 01-28006-0024-2004102 6 Fortinet Inc. Configuring FortiGate units for HA usin g the CLI High availability installati on T o configure a FortiGate unit for HA operation 1 Go to System > Config > HA . 2 Select High Availability . 3 Select the mode. 4 Select a Group ID for the HA cluster . 5 If required, change the Unit Priority . 6 If requir[...]

  • Página 55

    High availability installation Configuring FortiGate units for HA using the CLI FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 55 T o configure the FortiGate unit for HA operation 1 Configure HA settings. Use the following command to: • Set the HA mode • Set the Group ID • Change the unit priority • Enab le override mast er [...]

  • Página 56

    56 01-28006-0024-2004102 6 Fortinet Inc. Configuring FortiGate units for HA usin g the CLI High availability installati on Inserting an HA cluster into your networ k temporarily interrupt s communications on the network because new ph ysical connectio ns are being made to ro ute traffic throug h the cluster . Also, starting th e cluster in terrupts[...]

  • Página 57

    High availability installation Configuring FortiGate units for HA using the CLI FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 57 Figure 13: HA network confi guration 2 Power on all the FortiGat e units in the cluster . As the units st art, they negotiate to choose the primary cluster un it and the subordinat e units. This negotiati[...]

  • Página 58

    58 01-28006-0024-2004102 6 Fortinet Inc. Configuring FortiGate units for HA usin g the CLI High availability installati on The configurations of all of the FortiGate uni ts in the cluster are synchronized so that the FortiGate units can functi on as a cluster . Because of th is synchron ization, you configure and m anage the HA cluste r instead of [...]

  • Página 59

    FortiGate-800/800F Installati on Guide 01-28006-0024-2004102 6 59 FortiGate-800/800F Inst allati on Guide V ersion 2.80 MR6 Index C CLI 6 configuring IP addresses 44 configuring NAT/Route mode 31 connecting to 17 cluster connecting 55, 57 command line interface 6 connect cluster 55, 57 connecting to network 36 , 46 web-based manager 16 customer ser[...]

  • Página 60

    60 01-28006-0024-2004102 6 Fortinet Inc. Index[...]