beautypg.com

Adding a ping server to an interface, Controlling management access to an interface – Fortinet FortiGate 100 User Manual

Page 111

background image

Network configuration

Adding a ping server to an interface

FortiGate-100 Installation and Configuration Guide

111

You can also configure management access and add a ping server to the secondary
IP address.

set system interface config secallowaccess ping

https ssh snmp http telnet

set system interface config secgwdetect enable

Adding a ping server to an interface

Add a ping server to an interface if you want the FortiGate unit to confirm connectivity
with the next hop router on the network connected to the interface. Adding a ping
server is required for routing failover. See

“Adding destination-based routes to the

routing table” on page 116

.

1

Go to System > Network > Interface.

2

Select Modify

for the interface to which to add a Ping server.

3

Set Ping Server to the IP address of the next hop router on the network connected to
the interface.

4

Select Enable.
The FortiGate unit uses dead gateway detection to ping the Ping Server IP address to
make sure that the FortiGate unit can connect to the this IP address. To configure
dead gateway detection, see

“To modify the Dead Gateway Detection settings” on

page 131

.

5

Select OK to save your changes.

Controlling management access to an interface

1

Go to System > Network > Interface.

2

Select Modify

for the interface for which to configure management access.

3

Select the management Access methods for the interface.

Configuring management access for an interface connected to the Internet allows

remote administration of the FortiGate unit from any location on the Internet. Allowing

management access from the Internet could compromise the security of your

FortiGate unit. You should avoid allowing management access for an interface

connected to the Internet unless this is required for your configuration. To improve the

security of a FortiGate unit that allows remote management from the Internet, add

secure administrative user passwords, change these passwords regularly, and only

enable secure management access using HTTPS or SSH.

4

Select OK to save your changes.

HTTPS

To allow HTTPS connections to the web-based manager through this interface.

PING

If you want this interface to respond to pings. Use this setting to verify your

installation and for testing.

HTTP

To allow HTTP connections to the web-based manager through this interface.

HTTP connections are not secure and can be intercepted by a third party.

SSH

To allow secure SSH connections to the CLI through this interface.

SNMP

To allow a remote SNMP manager to request SNMP information by connecting to

this interface. See

“Configuring SNMP” on page 134

.

TELNET

To allow Telnet connections to the CLI through this interface. Telnet connections

are not secure and can be intercepted by a third party.

See also other documents in the category Fortinet Hardware: