Support User Manuals

Fortinet FortiGate-800 Network Card User Manual

Open as PDF

of 336

Network configuration VLAN overview

FortiGate-800 Installation and Configuration Guide 145

• Enable secure administrative access to this interface using only HTTPS or SSH,

• Do not change the system idle timeout from the default value of 5 minutes (see “To

set the system idle timeout” on page 170).

To configure the management interface in Transparent mode

1 Go to System > Network > Management.

2 Change the Management IP and Netmask as required.

This must be a valid address for the network that you want to manage the FortiGate

unit from.

3 Add a default gateway IP address if the FortiGate unit must connect to a default

gateway to reach the management computer.

4 Select the administrative access methods for each interface.

5 Select Log for each interface that you want to record log messages whenever a

firewall policy accepts a connection to this interface.

6 Select Apply to save the changes.

VLAN overview

FortiGate units support IEEE 802.1Q Virtual LAN (VLAN) technology. A VLAN is group

of PCs, servers, and other network devices that communicate as if they were on the

same LAN segment, even though they may not be. For example, the workstations and

servers for an accounting department could be scattered throughout an office,

connected to numerous network segments, but they can still belong to the same

VLAN.

A VLAN segregates devices logically instead of physically. Each VLAN is treated as a

broadcast domain. Devices in VLAN 1 can connect with other devices in VLAN 1, but

cannot connect with devices in other VLANs. The communication among devices on a

VLAN is independent of the physical network.

A VLAN segregates devices by adding 802.1Q VLAN tags to all of the packets sent

and received by the devices in the VLAN. VLAN tags are 4-byte frame extensions that

contain a VLAN identifier as well as other information.

HTTPS To allow secure HTTPS connections to the web-based manager through this

interface.

PING If you want this interface to respond to pings. Use this setting to verify your

installation and for testing.

HTTP To allow HTTP connections to the web-based manager through this interface.

HTTP connections are not secure and can be intercepted by a third party.

SSH To allow SSH connections to the CLI through this interface.

SNMP To allow a remote SNMP manager to request SNMP information by connecting to

this interface. See “Configuring SNMP” on page 173.

TELNET To allow Telnet connections to the CLI through this interface. Telnet connections

are not secure and can be intercepted by a third party.

previous next