Fortigate Training Articles INSTALLATION-1

Firewall; It is a system that restricts, authorizes, assigns, schedules, in short, accesses from WAN to LAN and from LAN to WAN on the internet and local intra in workplaces or institutions in accordance with the rules and principles you set, and prevents all accesses other than your definitions. Firewall can be used in 2 ways. It works with software only and with a Fortigate type device on a physical device.

There is a simple firewall software on every old and new adsl modem, as well as a firewall and accompanying analyzer type complex systems equipped with more advanced software. Fortigate firewall device can work alone or it can work in harmony with FortiAnalyzer device.

If you are going to work on a Fortigate firewall device for the first time and you have just bought the device, that is, if there is no configuration on it, I will briefly explain how to configure it in this article. My article is prepared according to the fortigate 224 B Version 4 that I use. However, it can be used in other firewall systems as logic and method.

1. First, let’s get to know fortigate ports. The device I am using has 24 100mbps LAN ports, 2 1Gbps LAN ports, 2 WAN ports and 1 console port. According to this, I can connect a maximum of 2 ADSL modems. First of all, it is necessary to pay attention to the following; Before the ADSL modems enter the WAN port, enter the modem’s own interface and disable DHCP and enter Bridge mode. Then it is connected to fortigate from WAN1 or WAN2.

2. Access the Fortigate admin panel. For this, you will need to enter the password after typing https://cihaz ip in iexplorer. The default ip number of the device is delivered to you. It can be changed later upon request. When our administration panel is opened, we will first see the Status screen. There is status information and CLI command field for the active firewall.

3. Go to the Network tab from the menu, on the page that opens you will see all ports and their status. Navigate to the WAN1 port where you connected the modem and press the Edit button on the right. Give a name to Name and select PPOE mode.

At the bottom, type the account name and password given to you by your internet service provider. You will now enter the same information on the firewall as you did before on the modem. The modem will only be a bridge. Leave the other boxes unchanged, check HTTPS and press OK.

When you return to the Network page, look at the bottom opposite WAN1. If the IP number provided by Türk Telekom is taken there, that is, if you see it, this process has been successful. If there is a second modem, you can make the same settings from WAN2. If not, leave the WAN2 settings blank.

4. Connect a patch cable between your distribution switch and Fortigate. If there is a 1000 port on the switch, connect it there and connect it to port 25 or 26, which has a 1000 mbps port on the fortigate side. Doing this is important for speed and traffic. Assume that you have connected to Port 25 and let’s make the settings of PORT25 on the Network page. Let’s go to the setting page with the edit button just to the right of Port 25.

Let’s give a reminder name to the ALIAS section, for example ACCOUNTING. In the Addressing Mode section, select Manual and enter the boxes that open at the bottom. Here we will specify the values for the Local ip block we will create. In the IP/NETMASK section, type 192.168.5.1/255.255.255.255.0. Or type another unique ip subnet. Check Enable DNS Query and select recursive on the side. Check HTTPS and save with OK.