Português dropdown-ico

Fortinet Version 3.0 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

Ir para a página of

Manuais similares

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Fortinet Version 3.0. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoFortinet Version 3.0 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Fortinet Version 3.0 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Fortinet Version 3.0, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Fortinet Version 3.0 deve conte:
- dados técnicos do dispositivo Fortinet Version 3.0
- nome do fabricante e ano de fabricação do dispositivo Fortinet Version 3.0
- instruções de utilização, regulação e manutenção do dispositivo Fortinet Version 3.0
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Fortinet Version 3.0 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Fortinet Version 3.0 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Fortinet na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Fortinet Version 3.0, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Fortinet Version 3.0, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Fortinet Version 3.0. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    www.fortinet.com FortiB ri dge V ersion 3.0 Administration Guide[...]

  • Página 2

    FortiBridge Administration Guide V ersion 3.0 9 November 200 6 09-30000-01 63-20061 109 © Copyright 2006 Fortine t, Inc. All rights reserved. No part of this publication including te xt, examp les, diagrams or illustrations may be re produced, transmitted, or translate d in any form or by any means, electronic, mechanical, manual , optical or othe[...]

  • Página 3

    Contents FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 3 Contents Introduction ............... ................................. .............................. .......... 7 About FortiBridge ....................... ................ .................... ................ ................ ... 7 About this document .............[...]

  • Página 4

    FortiBridge Version 3.0 Administration Guide 4 09-30000-0163-20061 109 Contents Completing the basic FortiBridge confi guration ................ ................ .......... 26 Adding an administrator password .......... ................ ................ ................... . 27 Changing the management IP address ..... ... ... .... ... ... ... .... [...]

  • Página 5

    Contents FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 5 system console ..................... ................ ................... ................ .................... .... 61 system dns ............ ................ ................ ................... ................ ................ ........ 62 get system status . .....[...]

  • Página 6

    FortiBridge Version 3.0 Administration Guide 6 09-30000-0163-20061 109 Contents[...]

  • Página 7

    Introduction About FortiBridge FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 7 Introduction This chapter introduces yo u to the FortiBridge-1000 an d FortiBridge-1000F products that pr ovide fail open protection for FortiGat e Antivirus Fir ewalls operating in transp ar ent mode. Fail open pr otection keeps network traffic fl[...]

  • Página 8

    FortiBridge Version 3.0 Administration Guide 8 09-30000-0163-20061 109 Fortinet documentation Introduction • Using th e CLI describes how to use the FortiBridge CLI. • config CLI commands is the FortiBridge config CLI command r eference. • execute CLI commands is the FortiBridge execute CLI command reference. Fortinet document ation The most [...]

  • Página 9

    FortiBridge operating principles Example FortiBridge ap plica tion FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 9 FortiBridge operating principles This chapter descri bes a typical transp arent mode FortiGate network and how to add a FortiBridge unit to this network to provide fail open protection. This chapter also cont ain[...]

  • Página 10

    FortiBridge Version 3.0 Administration Guide 10 09-30000-0163-20061 109 Example FortiBridge applicati on FortiBridge operating principle s The FortiGate unit acts as an extra layer of protec tion for your in ternal netw ork. While it is operating, the FortiGate un it protects the interna l network from threats originating on the Intern et. All user[...]

  • Página 11

    FortiBridge operating princip les Normal mode operation FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 11 1 Connect the FortiBridge-100 0 INT 2 interface to the FortiGate intern al inter face. 2 Connect the FortiGate external interface to the Fort iBridge-1000 EXT 2 interface. 3 Connect the internal network to the FortiBridg [...]

  • Página 12

    FortiBridge Version 3.0 Administration Guide 12 09-30000-0163-20061 109 Normal mode operation FortiBridge operating principle s Figure 5: FortiBridge unit operating i n normal mode sendin g probe p acket s Y ou can enable ICMP (ping), HTTP , FTP , POP3, SMTP , and IMAP probes to test connectivity through the FortiGate un it for each of these pr oto[...]

  • Página 13

    FortiBridge operating princip les Normal mode operation FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 13 Enabling probes to detect For tiGate hardware failure A FortiGate unit can stop processing networ k traf fic because of a hardware failu re such as the failure of a hardware component, a loss of power , or a loss of conne[...]

  • Página 14

    FortiBridge Version 3.0 Administration Guide 14 09-30000-0163-20061 109 Bypass mode operation FortiBridge operating principle s Byp ass mode operation When the FortiBri dge unit operates in bypass mode, the FortiBridge INT 1 and EXT 1 interfaces are directly connected. All traf fic between the internal and external network segment s flows, whether [...]

  • Página 15

    FortiBridge operating princip les Example Fo rtiGate HA clu ster FortiBridge ap plication FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 15 Example FortiGate HA cluster FortiBridge application A FortiBridge unit can p rovide fail open protection for a FortiGate HA cluster operating in transp arent mode in much the same way as[...]

  • Página 16

    FortiBridge Version 3.0 Administration Guide 16 09-30000-0163-20061 109 Example conf i gu ra tion with other Fo rti G ate interfaces FortiBridge operating principle s 1 Connect the For tiBr idg e- 1 00 0 INT 2 inte rf ac e to th e switc h co nn ec te d to the HA cluster internal interface. 2 Connect the switch connected to the HA cluster external i[...]

  • Página 17

    FortiBridge operating princip l es Example configuration wit h other FortiG ate interfaces FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 17 3 Connect the internal network to the FortiBridg e-1000 INT 1 interface. 4 Connect the FortiBridge-1000 EXT 1 inter fa ce to the router . Y ou must add port 5 -> port 6 firewall polic[...]

  • Página 18

    FortiBridge Version 3.0 Administration Guide 18 09-30000-0163-20061 109 Example conf i gu ra tion with other Fo rti G ate interfaces FortiBridge operating principle s[...]

  • Página 19

    Setting up FortiBridge units FortiBridge unit ba si c information FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 19 Setting up FortiBridge unit s This chapter cont ains the info rmation you need to unp ack, connect, and config ure your FortiBridge unit: • FortiBridge unit ba sic inf or ma tion • Connecting and turning on t[...]

  • Página 20

    FortiBridge Version 3.0 Administration Guide 20 09-30000-0163-20061 109 FortiBridge unit basic info rmation Setting up FortiBridge units Figure 9: FortiBridge- 1000 package contents FortiBridge-1000F Package contents The FortiBridge-1000F p ackage conta ins the following items: • the FortiBridge- 1000F unit • one RJ-45 to DB-9 serial cable (For[...]

  • Página 21

    Setting up FortiBridge units FortiBridge unit ba si c information FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 21 Technical specifications LED indicators T able 2: Fo rtiB ridge-1000 and 1000F tech nical sp ecifications Dimensions 8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm) Wei gh t 1.5 lb. (0.68 kg) Power Requirement s D[...]

  • Página 22

    FortiBridge Version 3.0 Administration Guide 22 09-30000-0163-20061 109 FortiBridge unit basic info rmation Setting up FortiBridge units Connectors Factory default configuration T able 5: FortiBridge-1000 connectors Connector T ype Speed Protocol Descrip tion INT 1 RJ-45 10/100/1000 Base-T Ethernet Copper gigabit ethernet connection to the internal[...]

  • Página 23

    Setting up FortiBridge units Connecting and turning on the FortiBridge uni t FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 23 Connecting and turning on the FortiBridge unit In most cases, you can connect the For tiBridge unit without making any configuration changes to your network or your FortiGate unit. All that is req uir[...]

  • Página 24

    FortiBridge Version 3.0 Administration Guide 24 09-30000-0163-20061 109 Connecting and tu rning on the FortiBridge unit Setting up FortiBridge u nits T o connect and turn on the FortiBridge-1000 unit 1 Connect the FortiBridge-1000 INT 2 interface to the FortiGate unit internal interface. 2 Connect the FortiBridge-10 00 EXT 2 interface to the FortiG[...]

  • Página 25

    Setting up FortiBridge units Connecting to the command line inte rface (CLI) FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 25 3 Connect the internal network to the FortiBridg e-1000F INT 1 interface. 4 Connect the FortiBridge-1000F EXT 1 inter face to the router . Connecting to the command line interface (CLI) Y ou configure[...]

  • Página 26

    FortiBridge Version 3.0 Administration Guide 26 09-30000-0163-20061 109 Completing the basic FortiBri dge configuration Setting up FortiBridge units 9 T ype the password for t his administra tor and pre ss Enter . The defa ult admin acco unt does n ot require a password. For improv ed security , you should add a p assword for this account as soon a[...]

  • Página 27

    Setting up FortiBridge units Completing the basic FortiBridge configu ration FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 27 • Adding an administrator p assword • Changing the management IP addres s • Changing DNS server IP addresses • Adding static routes • Allowing management access to the EXT 1 interface • Ch[...]

  • Página 28

    FortiBridge Version 3.0 Administration Guide 28 09-30000-0163-20061 109 Completing the basic FortiBri dge configuration Setting up FortiBridge units Changing DNS ser ver IP addresses Change the FortiBridge DNS server IP ad dresses to the IP addresses of your DNS servers. Th e correct DNS server configur ation is required for aler t email. T o chang[...]

  • Página 29

    Setting up FortiBridge units Completing the basic FortiBridge configu ration FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 29 Allowing management access to the EXT 1 interface By default no m anagement access is conf igu red for the EXT 1 interface. Use the following procedure to add management ac cess to this inte rface if [...]

  • Página 30

    FortiBridge Version 3.0 Administration Guide 30 09-30000-0163-20061 109 Resetting to the factory default conf iguration Setting up FortiBridge units config system admin edit <admin_name_str> set password <password> set accprofile prof_admin end For example : config system admin edit new_admin set password p8ssw0rd set accprofile prof_ad[...]

  • Página 31

    Setting up FortiBridge units Installing FortiBridge unit firmware FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 31 Upgrading to a new firmware version Y ou cannot use this procedure to re-inst all the current firmware or to revert to an older versio n of the firmw are. If you need to re-in stall the current firmwa re or reve[...]

  • Página 32

    FortiBridge Version 3.0 Administration Guide 32 09-30000-0163-20061 109 Installing FortiBridge unit firmware Setting up FortiBridge units Reverting to a previous firmware version This procedure revert s the FortiBridge unit to a previous firmware version and rests th e un it to its factory default co nfiguration. Before using this procedure you can[...]

  • Página 33

    Setting up FortiBridge units Installing FortiBridge unit firmware FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 33 Installing firmware from a system reboot This procedure inst alls a specified firmware image and re se t s the FortiBridge unit to default settings. Y ou can use this procedure to upgrade to a new firmware versi[...]

  • Página 34

    FortiBridge Version 3.0 Administration Guide 34 09-30000-0163-20061 109 Installing FortiBridge unit firmware Setting up FortiBridge units The following message appears: Enter firmware image file [image.out]: 10 T ype the firmware image file na m e an d pr es s Ente r . The TFTP server uploads the firmwar e ima ge file to the FortiBridge unit and th[...]

  • Página 35

    Configuration and operating proc edu res Example network settings FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 35 Configuration and operating procedures This chapter describes ho w to configure a FortiBridge un it to provide fail open protection for a FortiGate unit operating in transp arent mode. This chapter also describes[...]

  • Página 36

    FortiBridge Version 3.0 Administration Guide 36 09-30000-0163-20061 109 Configuring FortiBridge probe s Confi guration and operating procedure s Figure 13: Example FortiBridge application Ta b l e 9 lists the internal network configuration . Ta b l e 1 0 lists the basic For tiBridge unit configuration settings. Configuring FortiBridge probes T o mo[...]

  • Página 37

    Configuration and operating procedu res Configuring FortiBridge probes FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 37 This section describes: • Probe settings • Enabling probes • V erifyi ng that probes are functioning • T uning the failure threshold and probe inte rval Probe settings Configure probe setting s to c[...]

  • Página 38

    FortiBridge Version 3.0 Administration Guide 38 09-30000-0163-20061 109 Configuring FortiBridge probe s Confi guration and operating procedure s 2 Configure probe settings. Enter: config probe setting set action_on_failure alertmail failopen snmp syslog set dynamic_ip_pattern 2.2.2.* set fgt_serial FGT8002803923050 end Enabling probes Enable probes[...]

  • Página 39

    Configuration and operating procedu res Configuring FortiBridge probes FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 39 3 Display ping probe settings, enter: get probe probe_list ping name : ping failure_threshold : 3 probe_interval : 1 status : enable 4 Enable the FTP prob e . Incr ea se the failu re thresh o ld to 5 an d t[...]

  • Página 40

    FortiBridge Version 3.0 Administration Guide 40 09-30000-0163-20061 109 Configuring FortiBridge alerts Conf igurati on and operating pr ocedures Figure 15: FortiGate Session li st showing Forti Bridge probe s This session list shows the following: • The FortiBridge dynamic prob e IP ad dresses are 2.2.2 .213 and 2.2.2.214. • IMAP probe packe ts[...]

  • Página 41

    Configuration and operating procedu res Configuring FortiBridge al erts FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 41 FortiBridge alert email If you set the probe action on failure to alertmail , yo u can configure alert em ail so that the FortiBridge unit sends an email message to up to three email addresses if the Forti[...]

  • Página 42

    FortiBridge Version 3.0 Administration Guide 42 09-30000-0163-20061 109 Configuring FortiBridge alerts Conf igurati on and operating pr ocedures 02-01-2005 8:21:27 Local7.Alert 172.20.120.13 date=2005-02- 01 time=15:26:59 device_id= log_id=0100020001 type=event subtype=system pri=alert msg="FortiBridge detect FortiGate failure: [failed time: T[...]

  • Página 43

    Configuration and o perating procedures Recovering from a FortiGa te failure FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 43 T o add and enable an SNMP community 1 Log into the CLI. 2 Add the first SNMP community and name it snmp1 . Enter: config system snmp community edit 1 set name snmp_1 end The new SNMP community is ena[...]

  • Página 44

    FortiBridge Version 3.0 Administration Guide 44 09-30000-0163-20061 109 Manually switching between F ortiBridge operatin g modes Configuration and operating procedures 2 Make the required changes to fix the pr oblem. Depending on the cause, this could mean re-connecting and rest arting the FortiGate unit, or diagnosing a pr oblem wi th the FortiG a[...]

  • Página 45

    Configuration and o perating procedures Backing up and restoring the FortiBridg e co nfiguration FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 45 3 Restore the system configuration from a text file on the TFT P serv er . Enter: execute restore config <filename_str> <tftp-server_ipv4> The config file is copied fro[...]

  • Página 46

    FortiBridge Version 3.0 Administration Guide 46 09-30000-0163-20061 109 Backing up and restoring the FortiBridge conf i guration Configuration and operating procedures[...]

  • Página 47

    Using the CLI CLI basics FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 47 Using the CLI This chapter explains how to connect to the command line inter face (CLI) and contains some ba sic information about using the CLI. Y ou us e CLI comma nds to view all system information and to change all system configuration settings. Thi[...]

  • Página 48

    FortiBridge Version 3.0 Administration Guide 48 09-30000-0163-20061 109 Connecting to the FortiBridge CLI using SSH or T elnet Using the CLI For example, to configure the inter nal in terface to accept SSH connections, enter: config system interface edit internal set allowaccess ssh end 3 Use the following command to configure an interface to accep[...]

  • Página 49

    Using the CLI Connecting to the FortiBridge CLI using SSH or T elnet FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 49 T o connect to the CLI using SSH 1 Install and st art an SSH client. 2 Connect to a FortiBridge in terface that is configured for SSH connections. 3 T y pe a valid administrato r name and press Enter . 4 T y [...]

  • Página 50

    FortiBridge Version 3.0 Administration Guide 50 09-30000-0163-20061 109 Connecting to the FortiBridge CLI using SSH or T elnet Using the CLI[...]

  • Página 51

    config CLI commands FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 51 config CLI commands alertemail setting log syslogd setting probe probe_list {ping | h ttp | ft p | pop3 | smtp | imap} probe setting system accprofile system admin system console system dns get system status system fail_close system global system interface {[...]

  • Página 52

    FortiBridge Version 3.0 Administration Guide 52 09-30000-0163-20061 109 alertemail setting config CLI commands alertemail setting Use this command to configure the FortiBridg e unit to send alert email to up to three recipient s when action on failure is set to send a alert email message. Command syntax pattern config alertemail setting set <key[...]

  • Página 53

    config CLI commands alertemail setti ng FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 53 Related Commands • probe setting[...]

  • Página 54

    FortiBridge Version 3.0 Administration Guide 54 09-30000-0163-20061 109 log syslogd setting config CLI commands log syslogd setting Use this command to configure the FortiBridg e unit to send a syslog message to a remote syslog server when action on failure is set to send a syslog message. Command syntax pattern config log syslogd setting set <k[...]

  • Página 55

    config CLI commands probe probe_list {ping | http | ftp | pop3 | smtp | imap} FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 55 probe probe_list {ping | http | f tp | pop3 | smtp | imap} Use this command to configur e probes for ping, HTTP , FTP , POP3, SMTP , and IMAP traffic. Probes monitor different types of traffic. For e[...]

  • Página 56

    FortiBridge Version 3.0 Administration Guide 56 09-30000-0163-20061 109 probe setting config CLI commands probe setting Use this command to configure how the For tiBridge unit responds when a p robe determines that the FortiGate unit has failed. Y ou can also configu re the dynamic IP pattern used by prob es and add the FortiGate serial number , wh[...]

  • Página 57

    config CLI commands system accprofile FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 57 system accprofile Use this command to add access pr ofiles that control ad ministra tor access to FortiBridge features. Each administra to r ac co un t mu st inc lud e an acc ess profile. Y ou can create ac ces s profile s th at de n y acc[...]

  • Página 58

    FortiBridge Version 3.0 Administration Guide 58 09-30000-0163-20061 109 system accprofile config CLI commands Example Use the following commands to add a new access profile named policy_profile that allows read and write access system shut down. An administrator account with this access profile can shut down the system and upgrade firm ware. config[...]

  • Página 59

    config CLI commands system admin FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 59 system admin Use this command to add, edit, and delete administrator account s. Use the admin account or an account with system configuration read and write privileges to add new administrato r accounts and co ntrol their per mission levels. Ea[...]

  • Página 60

    FortiBridge Version 3.0 Administration Guide 60 09-30000-0163-20061 109 system admin config CLI commands Example Use the following commands to add a new ad ministrator account named new_admin with the password set to p8ssw0rd and that includes an access profile named policy_profile . Administrators that log in to this account will have administrato[...]

  • Página 61

    config CLI commands system console FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 61 system console Use this command to set the cons o le command mode and outp ut setting. Command syntax pattern config system console set <keyword> <variable> end config system console unset <keyword> end get system console sh[...]

  • Página 62

    FortiBridge Version 3.0 Administration Guide 62 09-30000-0163-20061 109 system dns config CLI commands system dns Use this command to set th e DNS ser ve r addr e sse s. Sev eral FortiBridge fu nct ion s, includ in g sen d ing email alerts and URL blocking, use DNS. On models numbered 100 and lower , you can use this command to set up DNS forward i[...]

  • Página 63

    config CLI commands get system status FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 63 get system st atus Use this command to display syste m status information. This comma nd displays: • FortiBridge un it firm wa re vers ion an d bu ild num be r • FortiBridge un it ho st na m e • FortiBridge unit operation mode (norm [...]

  • Página 64

    FortiBridge Version 3.0 Administration Guide 64 09-30000-0163-20061 109 system fail_close config CLI commands system fail_close Use this com mand to con figure the fail close feature. Command syntax pattern config system fail_close set <keyword> <variable> end config system fail_close unset <keyword> end get system fail_close show[...]

  • Página 65

    config CLI commands system fail_close FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 65 Example This example shows how to enable the Fort iBridge fail_ close feature, and set the threshold time to five seconds. config system fail_close set status fail_close set threshold 5 end This example sh ows how to disp lay th e co nfig [...]

  • Página 66

    FortiBridge Version 3.0 Administration Guide 66 09-30000-0163-20061 109 system global config CLI commands system global Use this command to configure global se ttings that affect various FortiBridge systems and configurat ions. Command syntax pattern config system global set <keyword> <variable> end config system global unset <keywor[...]

  • Página 67

    config CLI commands system global FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 67 Example This examp le shows how to set the Fort iBridge system t imezone, ad d the IP addr ess of an NTP server , and enable synchronization with the NTP server . The IP address of the NTP server is 192.168.20.1. config system global set timez[...]

  • Página 68

    FortiBridge Version 3.0 Administration Guide 68 09-30000-0163-20061 109 system interface {internal | external} config CLI commands system interface {internal | external} Use this command to configure managemen t access to the FortiBridge internal or external interface. The internal interface in the INT 1 interface. The external interface is the EXT[...]

  • Página 69

    config CLI commands system manageip FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 69 system manageip Configure the FortiBridge management IP addr es s. Use the ma nagement IP address fo r management access to the FortiBridge unit. Command syntax pattern config system manageip set <keyword> <variable> end config s[...]

  • Página 70

    FortiBridge Version 3.0 Administration Guide 70 09-30000-0163-20061 109 system route config CLI commands system route Use this command to add or edit FortiBridge static routes. Command syntax pattern config system route edit <sequence_integer> set <keyword> <variable> end config router static unset <keyword> get system route[...]

  • Página 71

    config CLI commands system snmp community FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 71 system snmp community Use this command to configur e SNMP communities. Add SNMP communities so that the FortiBridge unit can send SNMP v1 and v2c trap s to SNMP manage rs when action on failur e is set to send SNMP traps. Y ou can add [...]

  • Página 72

    FortiBridge Version 3.0 Administration Guide 72 09-30000-0163-20061 109 system snmp community config CLI commands Command syntax pattern config hosts edit <id_integer> set <keyword> <variable> end config hosts edit <id_integer> unset <keyword> end config hosts delete <id_integer> end get system snmp community [&l[...]

  • Página 73

    execute CLI commands FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 73 execute CLI commands backup date factoryr eset ping reboot restore switch-mode time[...]

  • Página 74

    FortiBridge Version 3.0 Administration Guide 74 09-30000-0163-20061 109 backup execute CLI commands backup Backup the FortiBridge configurat ion to a file on a TFTP server . Command syntax execute backup config <filename_str> <tftp-server_ipv4> Example This example shows how to backup a system configur ation file from the For tiBridge u[...]

  • Página 75

    execute CLI commands date FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 75 date Get or set the system date. Command syntax execute date [<date_str>] date_str has th e form mm/dd/yyyy , where • mm is the mont h and can be 01 to 12 • dd is the day o f the mont h and can be 01 to 31 • yyyy is the year and can be 200[...]

  • Página 76

    FortiBridge Version 3.0 Administration Guide 76 09-30000-0163-20061 109 factoryreset execute CLI commands factoryreset Reset the FortiBr idge configuratio n to factory de fault settings. Command syntax execute factoryreset ! Caution: This procedure deletes all changes tha t you have made to the FortiBridge configuration and reverts the system to it[...]

  • Página 77

    execute CLI commands ping FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 77 ping Send five ICMP ec ho requests (pings) to test the network connectio n between the For tiBridge unit and another network device. Command syntax execute ping {<address_ipv4> | <host-name_str>} Example This examp le shows how to ping a h[...]

  • Página 78

    FortiBridge Version 3.0 Administration Guide 78 09-30000-0163-20061 109 reboot execute CLI commands reboot Rest art the FortiBridge unit. Command syntax execute reboot[...]

  • Página 79

    execute CLI commands restore FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 79 restore Use this command to restore a backup confi guration and to change the FortiBridge firmware. Command syntax execute restore config <filename_str> <tftp-server_ipv4> execute restore image <filename_str> <tftp-server_ipv4&[...]

  • Página 80

    FortiBridge Version 3.0 Administration Guide 80 09-30000-0163-20061 109 switch-mode execute CLI commands switch-mode Use this command to switch between byp ass and normal mode. Command syntax execute switch-mode[...]

  • Página 81

    execute CLI commands time FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 81 time Get or set the system time. Command syntax execute time [<time_str>] time_str has the form hh:mm:ss , where • hh is the hour and can be 00 to 23 • mm is the minutes and can be 00 to 59 • ss is the seconds and can be 00 to 59 If you do[...]

  • Página 82

    FortiBridge Version 3.0 Administration Guide 82 09-30000-0163-20061 109 time execute CLI commands[...]

  • Página 83

    Index FortiBridge Version 3.0 Administration Guide 09-30000-0163-20061 109 83 Index A accprofile 59 action on failure fail open 37 probe 37 send alertmail 37 SNMP trap 37 syslog 37 action_on_failure 56 admingrp 57 administr ative access for SSH or Telnet 47 administrator adding a password 27 administrator accounts adding 29 admintimeout 66 alert em[...]

  • Página 84

    FortiBridge Version 3.0 Administration Guide 84 09-30000-0163-20061 109 Index HA cluster 15 other FortiGate interfaces 16 execute CLI commands 73 switch-mode 44 execute switch-mode 14 EXT 1 management access 29 F facility 54 factory default configuration 22 resetting 30 factoryres et 76 fail bypass 64 fail close 64 fail bypass 64 threshold 64 fail [...]

  • Página 85

    Index FortiBridge V ersion 3.0 Administration Guide 09-30000-0163-20061 109 85 monitor FortiGate unit 11 mounting instructions 20 N name 71 new version FortiBridge firmware 31 normal mode 10, 11 monitoring the FortiGate unit 11 probe 11 resuming from bypass mode 43 switching to 14 switching to bypass mode 14 traffic flow 11 ntpserver 66 ntpsync {di[...]

  • Página 86

    FortiBridge Version 3.0 Administration Guide 86 09-30000-0163-20061 109 Index v2c 42 snmp action_on_failure 56 SSH access to CLI 47 standalon e FortiGate unit 9 static ro ute adding 28 status 5 4 status {disable | enable} 54, 55, 71 switch switching between modes 14 switching between operating modes 44 switch-mode 14, 80 execute 44 syncinterval 67 [...]

  • Página 87

    www.fortinet.com[...]

  • Página 88

    www.fortinet.com[...]