Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
2Activity

Table Of Contents

Introduction
Antivirus protection
Web content filtering
Spam filtering
NAT/Route mode
Transparent mode
VLANs and virtual domains
Introduction Intrusion Prevention System (IPS)
Intrusion Prevention System (IPS)
High availability
Secure installation, configuration, and management
Web-based manager
Command line interface
Logging and reporting
Document conventions
Fortinet documentation
Comments on Fortinet technical documentation
Customer service and technical support Introduction
Customer service and technical support
System status
Console access
Status
Viewing system status
Changing unit information
To change FortiGate host name
To update the firmware version
To update the antivirus definitions manually
To update the attack definitions manually
To change to Transparent mode
To change to NAT/Route mode
Session list
Changing the FortiGate firmware
Upgrading to a new firmware version
Upgrading the firmware using the web-based manager
Reverting to a previous firmware version
Installing firmware images from a system reboot using the CLI
Testing a new firmware image before installing it
System network
Interface
Interface settings
Management
Routing table (Transparent Mode)
Routing table list
Transparent mode route settings
Configuring the modem interface
Connecting a modem to the FortiGate unit
Configuring modem settings
Connecting and disconnecting the modem
Backup mode configuration
Standalone mode configuration
Adding firewall policies for modem connections
VLAN overview
FortiGate units and VLANs
VLANs in NAT/Route mode
Rules for VLAN IDs
Rules for VLAN IP addresses
Adding VLAN subinterfaces
To add firewall policies for VLAN subinterfaces
VLANs in Transparent mode
Transparent mode virtual domains and VLANs
Transparent mode VLAN list
Transparent mode VLAN settings
To add a VLAN subinterface in Transparent mode
FortiGate IPv6 support
System DHCP
Service
DHCP service settings
To configure an interface to be a DHCP server
Server
DHCP server settings
Exclude range
DHCP exclude range settings
IP/MAC binding
DHCP IP/MAC binding settings
Dynamic IP
System config
System time
Options
HA
HA configuration
Standalone Mode
High Availability
Override Master
Priorities of Heartbeat Device
Monitor priorities
Configuring an HA cluster
Managing an HA cluster
SNMP
Configuring SNMP
SNMP community
FortiGate MIBs
FortiGate traps
Fortinet MIB fields
Replacement messages
Replacement messages list
Changing replacement messages
FortiManager
System administration
Administrators
Administrators list
Administrators options
Access profiles
Access profile list
Access profile options
System maintenance
Backup and restore
Backing up and Restoring
Update center
Updating antivirus and attack definitions
To enable scheduled updates through a proxy server
Enabling push updates
Enabling push updates through a NAT device
Support
Sending a bug report
Registering a FortiGate unit
Shutdown
System virtual domain
Virtual domain properties
Exclusive virtual domain properties
Shared configuration settings
Administration and management
Virtual domains
Adding a virtual domain
Selecting a virtual domain
Selecting a management virtual domain
To select a management virtual domain
To select a management virtual domain and add a management IP
Configuring virtual domains
Adding interfaces, VLAN subinterfaces, and zones to a virtual domain
To add physical interfaces to a virtual domain
To add VLAN subinterfaces to a virtual domain
To add zones to a virtual domain
Configuring routing for a virtual domain
Configuring firewall policies for a virtual domain
To add firewall policies to a virtual domain
To add firewall addresses to a virtual domain
To add IP pools to a virtual domain
To add Virtual IPs to a virtual domain
Configuring IPSec VPN for a virtual domain
To configure VPN for a virtual domain
Router
Static route
Static route list
Static route options
Policy
Policy route list
Policy route options
General
Networks list
Networks options
Interface list
Interface options
Distribute list
Distribute list options
Offset list
Offset list options
Router objects
Access list
New access list
New access list entry
Prefix list
New Prefix list
New prefix list entry
Route-map list
New Route-map
Route-map list entry
Key chain list
New key chain
Key chain list entry
Monitor
Routing monitor list
Firewall
How policy matching works
Policy list
Policy options
Advanced policy options
Configuring firewall policies
Address
Address list
Address options
Configuring addresses
Address group list
Address group options
Configuring address groups
Predefined service list
Custom service list
Custom service options
Configuring custom services
Service group list
Service group options
Configuring service groups
Schedule
One-time schedule list
One-time schedule options
Configuring one-time schedules
Recurring schedule list
IP pool options
Configuring IP pools
IP Pools for firewall policies that use fixed ports
IP pools and dynamic NAT
Protection profile
Protection profile list
Default protection profiles
Protection profile options
Configuring web category filtering options
Configuring protection profiles
To add a protection profile to a policy
Users and authentication
Setting authentication timeout
Local
Local user list
Local user options
RADIUS
RADIUS server list
RADIUS server options
LDAP
LDAP server list
LDAP server options
User group
User group list
User group options
CLI configuration
peer
peergrp
IPSec VPN
Phase 1
Phase 1 list
Phase 1 basic settings
Phase 1 advanced options
Configuring XAuth
Phase 2
Phase 2 list
Phase 2 basic settings
Phase 2 advanced options
Manual Key
Manual key list
Manual key options
Concentrator
Concentrator list
Concentrator options
Configuring the hub
Configuring the spoke
Dialup monitor
Static IP and dynamic DNS monitor
IPSec VPN ping generator IPSec VPN
IPSec VPN ping generator
Ping generator options
IPSec VPN AutoIKE IPSec VPN with preshared keys
AutoIKE IPSec VPN with preshared keys
AutoIKE IPSec VPN with certificates IPSec VPN
AutoIKE IPSec VPN with certificates
Peer to peer VPN
Dialup VPN
Dynamic DNS VPN
Manual key IPSec VPN IPSec VPN
Manual key IPSec VPN
Adding firewall policies for IPSec VPN
IPSec VPN firewall policy direction
Source addresses for IPSec VPN firewall policies
Destination addresses for IPSec VPN firewall policies
Adding IPSec firewall policies
DHCP over IPSec
Internet browsing through a VPN tunnel IPSec VPN
Internet browsing through a VPN tunnel
Configuring Internet browsing through a VPN tunnel
IPSec VPN IPSec VPN in Transparent mode
IPSec VPN in Transparent mode
Special rules
Hub and spoke VPNs
Configuring spokes
IPSec VPN Redundant IPSec VPNs
Redundant IPSec VPNs
Configuring redundant IPSec VPNs
Managing digital certificates
Peer identification
Local certificates
Generating the certificate request
Local certificate list
Importing the signed local certificate
Uploading a local certificate
To import the signed local certificate
Backing up and restoring the local certificate and private key
CA certificates
Troubleshooting
PPTP and L2TP VPNs
PPTP
General configuration steps
Specifying a PPTP range
Configuring a Windows 98 client for PPTP
To configure a PPTP dialup connection
Configuring a Windows 2000 client for PPTP
Configuring a Windows XP client for PPTP
PPTP passthrough
Configuring PPTP passthrough
L2TP
Specifying an L2TP range
Configuring a Windows 2000 client for L2TP
Configuring a Windows XP client for L2TP
Signature
Anomaly
Configuring IPS logging and alert email IPS
Configuring IPS logging and alert email
Antivirus
File block
File block list
Configuring the file block list
Quarantine
Quarantined files list
Quarantined files list options
AutoSubmit list
AutoSubmit list options
Configuring the AutoSubmit list
Config
Virus list
Grayware
Grayware options
heuristic
quarantine
service http
service ftp
service pop3
service imap
service smtp
Web filter
Content block
Web content block list
Web content block options
Configuring the web content block list
URL block
Web URL block list
Web URL block options
Configuring the web URL block list
Web pattern block list
Web pattern block options
Configuring web pattern block
URL exempt
URL exempt list
URL exempt list options
Configuring URL exempt
Category block
FortiGuard managed web filtering service
Category block configuration options
Figure 52:Category block configuration
Configuring web category block
Category block reports
Category block reports options
Generating a category block report
CLI Configuration
Script filter
Web script filter options
Spam filter
IP address
IP address list
IP address options
Configuring the IP address list
RBL & ORDBL
RBL & ORDBL list
RBL and ORDBL options
Configuring the RBL & ORDBL list
Email address
Email address list
Email address options
Configuring the email address list
MIME headers
MIME headers list
MIME headers options
Configuring the MIME headers list
Banned word
Banned word list
Banned word options
Configuring the banned word list
Using Perl regular expressions
Log & Report
Log config
Log Setting options
Log file upload settings
Alert E-mail options
Log filter options
Configuring log filters
Enabling traffic logging
Log access
Local disk log access
Memory buffer log access
fortilog setting
syslogd setting
FortiGuard categories
FortiGate maximum values
Glossary
Index
0 of .
Results for:
No results containing your search query
P. 1
3006537 60 Administration Guide

3006537 60 Administration Guide

Ratings: (0)|Views: 6,006|Likes:
Published by lcole02

More info:

Published by: lcole02 on Jan 11, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/11/2011

pdf

text

original

You're Reading a Free Preview
Pages 8 to 45 are not shown in this preview.
You're Reading a Free Preview
Pages 54 to 179 are not shown in this preview.
You're Reading a Free Preview
Pages 187 to 259 are not shown in this preview.
You're Reading a Free Preview
Pages 267 to 354 are not shown in this preview.

Activity (2)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->