Fortigate guide for Begineer - 3

Fortigate guide for Begineer - 1 
Fortigate guide for Begineer - 2

We have two network Internet and Private network. These two are divide by Router.
Now we are going to setup Fortigate between Private Network and Router.
But we don't touch current configuration of Network as shown below picture.


So, let's start install the Fortigate. But your Fortigate must be working with following task after configureation task done.
- Fortigate must block access from Internet to Private Network.
- Fortigate must allow the user to access Internet from Private Network.
- Fortigate must able to Monitor the usage status of user for better protection.
OK. Let's start.

1) Connect a PC to the FortiGate internal interface. Power on the FortiGate unit and PC.

2) Connect to the FortiGate web-based manager. You can configure the PC to get its IP address using DHCP and then browse to https://192.168.1.99. You could also give the PC a static IP address on the 192.168.1.0/255.255.255.0 subnet. Log in using admin and no password. (If you are not sure how to log in, please read above guide 1 and guide 2)

3) Go to System > Dashboard > Status > System Information and beside Operation Mode
select Change and configure the following:



4) Select OK to switch to Transparent mode.

5) Log in to the web-based manager by browsing to https://10.31.101.40.
You will need to change the IP address of the PC to an address on the 10.31.101.0/255.255.255.0 subnet.

6) Go to System > Network > DNS and add Primary and Secondary DNS servers.

7) Go to Policy > Policy > Policy and select Create New to add the following security policy
that allows users on the private network to access the Internet.




8) Select UTM. Select Enable Antivirus and select Enable Application Control.

9) Select OK to save the security policy.

10) Power off the FortiGate unit.

11) Connect the FortiGate unit between the network and the router. Connect the wan1 interface to the router internal interface. Connect the internal network to the FortiGate-60C internal interface switch. If the Internal network consists of only five devices, they can all be connected to the internal interface switch. As shown in below picture.



12) Power on the FortiGate unit.

From a PC on the internal network, open a web browser and browse to any Internet website.You should also be able to connect to the Internet.

May you all happy.
(Be knowledgeable, pass it on then)




Post a Comment