Fortinet FortiGate 50A User Manual Page 139
- Page / 272
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Firewall configuration Default firewall configuration
FortiGate-50A Installation and Configuration Guide 139
The firewall uses these addresses to match the source and destination addresses of
packets received by the firewall. The default policy matches all connections from the
internal network because it includes the Internal_All address. The default policy also
matches all connections to the external network because it includes the External_All
address.
You can add more addresses to each interface to improve the control you have over
connections through the firewall. For more information about firewall addresses, see
“Addresses” on page 146.
You can also add firewall policies that perform network address translation (NAT). To
use NAT to translate destination addresses, you must add virtual IPs. Virtual IPs map
addresses on one network to a translated address on another network. For more
information about Virtual IPs, see “Virtual IPs” on page 157.
Services
Policies can control connections based on the service or destination port number of
packets. The default policy accepts connections using any service or destination port
number. The firewall is configured with over 40 predefined services. You can add
these services to a policy for more control over the services that can be used by
connections through the firewall. You can also add user-defined services. For more
information about services, see “Services” on page 149.
Schedules
Policies can control connections based on the time of day or day of the week when the
firewall receives the connection. The default policy accepts connections at any time.
The firewall is configured with one schedule that accepts connections at any time. You
can add more schedules to control when policies are active. For more information
about schedules, see “Schedules” on page 154.
Content profiles
Add content profiles to policies to apply antivirus protection, web filtering, and email
filtering to web, file transfer, and email services. The FortiGate unit includes the
following default content profiles:
• Strict—to apply maximum content protection to HTTP, FTP, IMAP, POP3, and
SMTP content traffic.
• Scan—to apply antivirus scanning to HTTP, FTP, IMAP, POP3, and SMTP content
traffic.
• Web—to apply antivirus scanning and Web content blocking to HTTP content
traffic.
• Unfiltered—to allow oversized files to pass through the FortiGate unit without
scanned for viruses.
The default policy includes the scan content profile.
For more information about content profiles, see “Content profiles” on page 166.
- Installation and 1
- Configuration Guide 1
- Table of Contents 3
- 4 Fortinet Inc 4
- 6 Fortinet Inc 6
- 8 Fortinet Inc 8
- 10 Fortinet Inc 10
- Contents 11
- 12 Fortinet Inc 12
- Introduction 13
- Document conventions 14
- Fortinet documentation 15
- 16 Fortinet Inc 16
- Getting started 17
- Package contents 18
- Mounting 18
- Powering on 19
- 20 Fortinet Inc 20
- 22 Fortinet Inc 22
- 24 Fortinet Inc 24
- Strict content profile 25
- 26 Fortinet Inc 26
- Scan content profile 26
- Web content profile 26
- Unfiltered content profile 27
- NAT/Route mode 27
- 28 Fortinet Inc 28
- Transparent mode 28
- Configuration options 28
- Setup wizard 28
- 30 Fortinet Inc 30
- Next steps 31
- 32 Fortinet Inc 32
- NAT/Route mode installation 33
- 34 Fortinet Inc 34
- Using the setup wizard 35
- 36 Fortinet Inc 36
- FortiGate-50A 37
- Configuring your networks 38
- Completing the configuration 38
- 40 Fortinet Inc 40
- Transparent mode installation 41
- Changing to Transparent mode 43
- 46 Fortinet Inc 46
- General configuration steps 47
- 48 Fortinet Inc 48
- CLI configuration steps 48
- 50 Fortinet Inc 50
- 52 Fortinet Inc 52
- System status 53
- 54 Fortinet Inc 54
- 56 Fortinet Inc 56
- 58 Fortinet Inc 58
- 60 Fortinet Inc 60
- 62 Fortinet Inc 62
- Backing up system settings 64
- Restoring system settings 64
- Changing to NAT/Route mode 66
- Restarting the FortiGate unit 66
- 68 Fortinet Inc 68
- System status System status 69
- Session list 70
- 72 Fortinet Inc 72
- 74 Fortinet Inc 74
- Scheduling updates 76
- Adding an override server 77
- Enabling push updates 78
- 80 Fortinet Inc 80
- 82 Fortinet Inc 82
- Registering FortiGate units 83
- 84 Fortinet Inc 84
- FortiCare Service Contracts 84
- 86 Fortinet Inc 86
- 88 Fortinet Inc 88
- 90 Fortinet Inc 90
- 92 Fortinet Inc 92
- Network configuration 93
- 94 Fortinet Inc 94
- Viewing the interface list 94
- 96 Fortinet Inc 96
- 98 Fortinet Inc 98
- Configuring routing 100
- 102 Fortinet Inc 102
- Configuring the routing table 102
- Policy routing 103
- Configuring DHCP services 104
- Configuring a DHCP server 105
- 106 Fortinet Inc 106
- 108 Fortinet Inc 108
- Configuring modem settings 108
- Disconnecting the modem 109
- 110 Fortinet Inc 110
- Viewing modem status 110
- Backup mode configuration 110
- Standalone mode configuration 110
- 112 Fortinet Inc 112
- RIP configuration 113
- 114 Fortinet Inc 114
- 116 Fortinet Inc 116
- Adding RIP filters 117
- 118 Fortinet Inc 118
- 120 Fortinet Inc 120
- System configuration 121
- Changing system options 122
- 124 Fortinet Inc 124
- Configuring SNMP 125
- 126 Fortinet Inc 126
- 4 Select Apply 127
- 128 Fortinet Inc 128
- FortiGate MIBs 128
- FortiGate traps 129
- General FortiGate traps 129
- System traps 129
- Firewall configuration 131
- Replacement messages 133
- 134 Fortinet Inc 134
- Customizing alert emails 134
- NIDS event 135
- Virus alert 135
- Block alert 135
- 136 Fortinet Inc 136
- 138 Fortinet Inc 138
- Addresses 138
- Services 139
- Schedules 139
- Content profiles 139
- Adding firewall policies 140
- 142 Fortinet Inc 142
- VPN Tunnel 142
- Traffic Shaping 142
- Authentication 143
- Anti-Virus & Web filter 143
- Configuring policy lists 144
- Policy matching in detail 145
- Adding addresses 147
- 148 Fortinet Inc 148
- Editing addresses 148
- Deleting addresses 148
- 150 Fortinet Inc 150
- 152 Fortinet Inc 152
- Adding custom ICMP services 153
- Adding custom IP services 153
- Grouping services 153
- Creating one-time schedules 155
- Creating recurring schedules 155
- 156 Fortinet Inc 156
- Adding schedules to policies 156
- Virtual IPs 157
- 158 Fortinet Inc 158
- Adding static NAT virtual IPs 158
- 160 Fortinet Inc 160
- IP pools 161
- 162 Fortinet Inc 162
- Adding an IP pool 162
- IP pools and dynamic NAT 162
- IP/MAC binding 163
- 164 Fortinet Inc 164
- Adding IP/MAC addresses 165
- Enabling IP/MAC binding 165
- Default content profiles 167
- Adding content profiles 167
- 168 Fortinet Inc 168
- 170 Fortinet Inc 170
- Users and authentication 171
- 172 Fortinet Inc 172
- Configuring RADIUS support 174
- Configuring LDAP support 175
- 176 Fortinet Inc 176
- Deleting LDAP servers 176
- Configuring user groups 177
- 178 Fortinet Inc 178
- Deleting user groups 178
- IPSec VPN 179
- Key management 180
- Manual key IPSec VPNs 181
- AutoIKE IPSec VPNs 182
- IPSec VPN AutoIKE IPSec VPNs 183
- 184 Fortinet Inc 184
- Configuring advanced options 185
- 186 Fortinet Inc 186
- 188 Fortinet Inc 188
- Managing digital certificates 190
- 6 Configure the key 191
- 192 Fortinet Inc 192
- Obtaining CA certificates 192
- Configuring encrypt policies 193
- 194 Fortinet Inc 194
- Adding a source address 194
- Adding a destination address 194
- Adding an encrypt policy 195
- IPSec VPN concentrators 196
- 198 Fortinet Inc 198
- Adding a VPN concentrator 198
- 200 Fortinet Inc 200
- Viewing VPN tunnel status 201
- 202 Fortinet Inc 202
- Testing a VPN 202
- PPTP and L2TP VPN 203
- 204 Fortinet Inc 204
- 206 Fortinet Inc 206
- 208 Fortinet Inc 208
- Configuring L2TP 209
- 210 Fortinet Inc 210
- 212 Fortinet Inc 212
- 214 Fortinet Inc 214
- Detecting attacks 215
- 216 Fortinet Inc 216
- Viewing the signature list 217
- Viewing attack descriptions 217
- 218 Fortinet Inc 218
- Preventing attacks 220
- Logging attacks 222
- Manual message reduction 223
- 224 Fortinet Inc 224
- Antivirus protection 225
- Antivirus scanning 226
- File blocking 227
- 228 Fortinet Inc 228
- Viewing the virus list 229
- 230 Fortinet Inc 230
- Web filtering 231
- Content blocking 232
- Clearing the Banned Word list 233
- 234 Fortinet Inc 234
- URL blocking 235
- 236 Fortinet Inc 236
- Uploading a URL block list 236
- 238 Fortinet Inc 238
- Adding a Cerberian user 238
- Script filtering 240
- Exempt URL list 241
- 242 Fortinet Inc 242
- Uploading a URL Exempt List 242
- 244 Fortinet Inc 244
- Email filter 245
- Email banned word list 246
- Email block list 248
- Email exempt list 249
- Adding a subject tag 250
- Logging and reporting 251
- 252 Fortinet Inc 252
- Filtering log messages 253
- Configuring traffic logging 254
- Enabling traffic logging 255
- 256 Fortinet Inc 256
- Adding traffic filter entries 256
- Configuring alert email 257
- 258 Fortinet Inc 258
- Testing alert email 258
- Enabling alert email 258
- Glossary 259
- 260 Fortinet Inc 260
- Glossary 261
- 262 Fortinet Inc 262
- 264 Fortinet Inc 264
- 266 Fortinet Inc 266
- 268 Fortinet Inc 268
- 270 Fortinet Inc 270
- 272 Fortinet Inc 272
Related products and manuals for Hardware Fortinet FortiGate 50A
Hardware Fortinet FortiGate 620B User Manual
(62 pages)
(62 pages)
Hardware Fortinet FortiGate 100 User Manual
(272 pages)
(272 pages)
Hardware Fortinet FortiGate 5020 User Manual
(14 pages)
(14 pages)
Hardware Fortinet FortiLog-400 User Manual
(124 pages)
(124 pages)
© 2020, manymanuals.com. All rights reserved. | 2.630 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals