Optional null modem cable connects
to serial port on management computer
Esc
Enter
INTERNAL
EXTERNAL
1 2 3 4 / HA
Straight-through Ethernet cables
connect to other networks
Straight-through Ethernet cable connects to
LAN or switch on internal network
Crossover Ethernet cable connects to
management computer on internal network
or
Straight-through Ethernet cable
connects to Internet
(public switch, router or modem)
Power cable connects
to power outlet
Connector Type Speed Protocol Description
Internal RJ-45 1000 Base-T Ethernet Copper gigabit connection to the internal
network.
External RJ-45 1000 Base-T Ethernet Copper gigabit connection to the Internet.
Port 1 to 3 RJ-45 10/100 Base-T Ethernet Optional connection to other networks.
Port 4/HA RJ-45 10/100 Base-T Ethernet Optional connection to other networks, or to
other FortiGate-1000 units for high avail-
ability (HA).
CONSOLE DB-9 9600 bps RS-232
serial
Optional connection to the management
computer.
Provides access to the command line inter-
face (CLI).
Place the unit on a stable surface.
The FortiGate unit requires 1.5 inches (3.75 cm) clearance above and on each side to
allow for cooling.
Make sure the power switch on the back of the unit is turned off before connecting the
power and network cables.
MAIN MENU appears when the unit is up and running.
•
•
•
•
Connect the FortiGate unit to a power outlet and to the internal and external networks.
Before beginning to congure the FortiGate unit, you need to plan how to integrate the unit into your network. Your conguration plan is dependent upon the operating mode that you select:
NAT/Route mode (the default) or Transparent mode. Refer to the Documentation CD-ROM for information on how to control trafc, and how to congure HA, antivirus protection, FortiGuard,
Web content ltering, Spam ltering, intrusion prevention (IPS), and virtual private networking (VPN).
NAT/Route mode
In NAT/Route mode, each FortiGate unit is visible to the network that it is connected to. All
of its interfaces are on different subnets. Each interface connected to a network must be
congured with an IP address that is valid for that network.
You would typically use NAT/Route mode when the FortiGate unit is deployed as a gateway
between private and public networks. In its default NAT/Route mode conguration, the unit
functions as a rewall. Firewall policies control communications through the FortiGate unit.
No trafc can pass through the FortiGate unit until you add rewall policies.
In NAT/Route mode, rewall policies can operate in NAT mode or in Route mode. In NAT
mode, the FortiGate unit performs network address translation before IP packets are sent to
the destination network. In Route mode, no translation takes place.
Transparent mode
In Transparent mode, the FortiGate unit is invisible to the network. All of its interfaces are on
the same subnet. You only have to congure a management IP address so that you can make
conguration changes.
You would typically use the FortiGate unit in Transparent mode on a private network behind
an existing rewall or behind a router. In its default Transparent mode conguration, the unit
functions as a rewall. No trafc can pass through the FortiGate unit until you add rewall
policies.
You can connect up to four network segments to the FortiGate unit to control trafc between
these network segments.
FortiGate-1000
01-30002-0039-20060705
LED State Description
Power
Green The FortiGate unit is on.
Off The FortiGate unit is off.
Internal
External
Port 1
Port 2
Port 3
Port 4/HA
Amber The correct cable is in use and the connected equip-
ment has power.
Flashing
Amber
Network activity at this interface.
Green The interface is connected.
Port 1 to 4 at up to 100 Mbps.
Internal and External connect at up to 1000 Mbps.
Off No link established.
To Next Page
Need help?
General