Filter
Top Products
Device Manually adding a device
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908 85
To enable the FortiAnalyzer unit to reply to FDP packets
1 On the FortiAnalyzer unit, go to Device > All.
2 Go to System > Network.
3 Select Modify for the network interface that should reply to FDP packets.
4 Enable Fortinet Discovery Protocol.
5 Select OK.
The FortiAnalyzer unit is now configured to respond to FDP packets on that
network interface, including those from FortiGate units’ Automatic Discovery
feature. For more information about connecting the FortiGate unit using FDP, see
“To connect a FortiGate unit to a FortiAnalyzer unit using FDP” on page 85.
To connect a FortiGate unit to a FortiAnalyzer unit using FDP
1 On the FortiGate unit, go to Log&Report > Log Config > Log Setting.
2 Select Remote Logging.
3 Select FortiAnalyzer.
4 From Minimum log level, select the severity threshold that log messages must
meet or exceed to be remotely logged to the FortiAnalyzer unit.
5 In the FortiAnalyzer IP area, select Automatic Discovery.
6 If the FortiAnalyzer unit does not appear in the Connect To list, select Discover.
The FortiGate unit sends FDP packets to other hosts on the FortiGate unit’s
subnet. If a FortiAnalyzer unit exists on the subnet and is configured to reply to
FDP packets, it sends a reply, and its IP address appears in the Connect To list.
If your FortiGate unit is connecting to a FortiAnalyzer unit from another network,
such as through the Internet or through other firewalls, this may fail to locate the
FortiAnalyzer unit, and you may need to configure an IPSec VPN tunnel to
facilitate the connection. For more information and examples, see the Fortinet
Knowledge Center article Sending remote FortiGate logs to a FortiAnalyzer unit
behind a local FortiGate unit.
7 From the Connect To list, select a FortiAnalyzer unit.
8 Select Apply.
9 To verify connectivity with the FortiAnalyzer unit, select Test Connectivity.
Test Connectivity verifies connectivity by OFTP. OFTP is required by device
registration, content archiving, quarantining, and remote viewing of logs and
reports, and display connection permissions, but not to send log messages. If Test
Connectivity fails, the FortiAnalyzer unit’s Unregistered Device Options may
require that you manually register the FortiGate unit with the device list. For more
information, see “Configuring unregistered device connection attempt handling”
on page 79. For more information about manually registering the device, see
“Manually adding a device” on page 80. If the FortiGate unit is registered but Test
Connectivity still fails, verify configurations of any intermediate devices such as
routers or firewalls.