Completing the Configuration
Congratulations!
You have finished configuring the basic settings. You are now ready to add and manage
FortiGate devices. To explore the full range of configuration options, see the online help or
the Tools and Documentation CD.
Visit these links for more information and documentation for your Fortinet product.
Technical Documentation - http://docs.forticare.com
Fortinet Knowledge Center - http://kc.forticare.com
Fortinet Technical Support - http://support.fortinet.com
•
•
•
Configuring the FortiManager Server unit
Web-based Manager
Connect the FortiManager System interface to a management computer Ethernet in-
terface. Use a cross-over Ethernet cable to connect the devices directly. Use straight-
through Ethernet cables to connect the devices through a hub or switch.
Configure the management computer to be on the same subnet as the internal inter
-
face of the FortiManager System. To do this, change the IP address of the manage-
ment computer to 192.168.1.2 and the netmask to 255.255.255.0.
To access the FortiManager System web-based manager, start Internet Explorer and
browse to https://192.168.1.99 (remember to include the “s” in https://).
Type admin in the Name field and select Login (no password required).
Changing an Administrator Password
To change the administrator password
On the main toolbar, select System Settings.
Go to
Administration > Administrators
.
Select Edit.
Select Change Password.
Enter and confirm the password.
Select OK.
Configuring the IP Address and Netmask
To configure the IP address
On the main toolbar, select System Settings.
Go to
Network > Interface
.
Select Edit.
Enter the IP address and netmask.
Select OK.
Configuring the Default Gateway
To configure the default gateway
On the main toolbar, select System Settings.
Go to
Network > Routing Table
.
Enter the gateway IP address and netmask.
Enter the Destination IP and select the Interface.
Select OK.
Adding a FortiGate unit
Before you can manage a FortiGate unit, you must add it to the Device Manager. Adding an
existing operational device will not result in an immediate connection to the device. Device
connection only happens when you successfully resync the device.
To add a FortiGate device
In the Device Manager, select
Device > Add Device
from the main toolbar.
Enter the following information and select Discover.
IP Address
Enter the IP Address of the device to add.
Discover via
Select a method used to find the device. Currently, only CLI (via
SSH) is supported. By using the CLI (via SSH) Method, Device
Manager is able to record each device being added.
Admin user
Select Default (admin) if the device uses the default “admin” as its
admin user.
Select Other and enter the admin user name if the device uses a
different user name other than the default “admin”.
Password
Enter the password for the admin user.
The discovery process starts. When it completes, the Add New Device page appears.
Verify the information and add a Description if desired.
Select Add.
Configure the FortiGate unit to be managed through a FortiManager server. Communica
-
tion between the FortiGate unit and the FortiManager server is via an IPSec VPN that is
invisibly pre-configured on the FortiGate unit.
To configure the FortiGate unit
Log in to the FortiGate unit.
Go to
System > Admin > FortiManager
.
Complete the configuration and select OK.
1.
2.
3.
4.
1.
2.
3.
4.
5.
6.
1.
2.
3.
4.
5.
1.
2.
3.
4.
5.
1.
2.
3.
4.
1.
2.
3.
Command Line Interface
Use the DB-9 serial cable to connect the FortiManager System Console port to the
management computer serial port.
Start a terminal emulation program (HyperTerminal) on the management computer. Use
these settings:
Baud Rate (bps) 9600, Data bits 8, Parity None, Stop bits 1, and Flow Control None.
At the Login: prompt, type admin and press Enter twice (no password required).
Changing an Administrator Password
To change the administrator password, enter the following commands
config fmsystem admin user
edit admin
set password <password>
end
Configuring the IP Address and Netmask
To configure the IP address and netmask, enter the following commands
config fmsystem interface
edit port1
set ip <intf_ip>/<netmask_ip>
end
Configuring the Default Gateway
To configure the default gateway, enter the following commands
config fmsystem route
edit <route_number>
set device {port1 | port2}
set dst <ip_address>/<netmask_ip>
set gateway <ip_address>
end
Control Buttons and LCD
Use the front control buttons and LCD on the FortiManager Server unit to configure IP ad
-
dresses, default gateways and console settings without having to go to the command line
interface or the web-based manager.
To configure the FortiManager Server using the control buttons and LCD
Press Enter to access the Main Menu, to select menu items, to move right when enter-
ing IP addresses, and to confirm changes.
Press move up and down to navigate the Main Menu, and to change IP address num-
bers and console baud rate settings.
Press Esc to return to the Main Menu, and to move left when entering IP addresses.
Configure the FortiManager Server IP address and netmask. If the FortiManager Server
connects to a router to reach the Internet, add a default gateway.
Note:
When you enter an IP address, the LCD display always shows three digits for each
part of the IP address. For example, the IP address 192.168.100.1 appears on the LCD
display as 192.168.100.001.
1.
2.
3.
4.
•
•
•
•
Choosing a Configuration Tool
Web-based manager
The FortiManager web-based manager is an easy to use management tool.
Use it to configure the administrator password, the interface and default gateway addresses.
Requirements:
An Ethernet connection between the FortiManager Server and management computer.
Internet Explorer 6.0 or higher on the management computer.
Control Buttons and LCD
The control buttons and LCD provide an easy method of setting the interface addresses and
default gateway addresses directly from the front of the FortiManager System without using a
management computer.
•
•
Command Line Interface (CLI)
The CLI is a full-featured management tool. Use it to configure the administrator password,
the interface addresses, the default gateway addresses. To configure advanced settings, see
the Tools and Documentation CD.
Requirements:
The DB-9 serial connection between the FortiManager Server and management com-
puter.
A terminal emulation application (HyperTerminal for Windows) on the management
computer.
•
•
