Registering your fortigate unit, Configuring virus and attack definition updates, Configuration example: multiple connections to – Fortinet FortiGate-800 User Manual
Page 50
50
Fortinet Inc.
Configuration example: Multiple connections to the Internet
NAT/Route mode installation
Registering your FortiGate unit
After purchasing and installing a new FortiGate unit, you can register the unit by going
to the System Update Support page, or using a web browser to connect to
http://support.fortinet.com and selecting Product Registration.
To register, enter your contact information and the serial numbers of the FortiGate
units that you or your organization have purchased. You can register multiple
FortiGate units in a single session without re-entering your contact information.
For more information about registration, see
“Registering FortiGate units” on
Configuring virus and attack definition updates
You can go to the System Update page to configure the FortiGate unit to automatically
check whether new versions of the virus definitions and attack definitions are
available. If it finds new versions, the FortiGate unit automatically downloads and
installs the updated definitions.
The FortiGate unit uses HTTPS on port 8890 to check for updates. The FortiGate
external interface must have a path to the FortiResponse Distribution Network (FDN)
using port 8890.
For information about configuring automatic virus and attack updates, see
antivirus and attack definitions” on page 117
Configuration example: Multiple connections to the Internet
This section describes some basic routing and firewall policy configuration examples
for a FortiGate unit with multiple connections to the Internet (see
Figure 9
). In this
topology, the organization operating the FortiGate unit uses two Internet service
providers to connect to the Internet. The FortiGate unit is connected to the Internet
using the external and DMZ interfaces. The external interface connects to gateway 1,
operated by ISP1 and the DMZ interface connects to gateway 2, operated by ISP2.
You can add ping servers to interfaces and configure routing to control how traffic
uses each Internet connection. With this routing configuration, you can create firewall
policies to support multiple Internet connections.
This section provides some examples of routing and firewall configurations for the
FortiGate unit for multiple Internet connections. To use the information in this section,
you should be familiar with FortiGate routing (see
“Configuring routing” on page 153
)
and FortiGate firewall configuration (see
“Firewall configuration” on page 185
).
The examples below show how to configure destination-based routing and policy
routing to control different traffic patterns.
•
•
Destination-based routing examples
•
•