beautypg.com

Cli configuration steps, Example static route to an internal destination – Fortinet FortiGate 4000 User Manual

Page 78

background image

78

Fortinet Inc.

Transparent mode configuration examples

Transparent mode installation

2

Go to System > Network > Management.

• Change the Management IP and Netmask:

IP: 192.168.1.1
Mask: 255.255.255.0

• Select Apply.

3

Go to System > Network > Routing.

• Select New to add the static route to the FortiResponse server.

Destination IP: 24.102.233.5
Mask: 255.255.255.0
Gateway: 192.168.1.2

• Select OK.
• Select New to add the default route to the external network.

Destination IP: 0.0.0.0
Mask: 0.0.0.0
Gateway: 192.168.1.2

• Select OK.

CLI configuration steps

To configure the Fortinet basic settings and a static route using the CLI:

1

Set the system to operate in Transparent Mode.

set system opmode transparent

2

Add the Management IP address and Netmask.

set system management ip 192.168.1.1 255.255.255.0

3

Add the static route to the primary FortiResponse server.

set system route number 1 dst 24.102.233.5 255.255.255.0 gw1

192.168.1.2

4

Add the default route to the external network.

set system route number 2 gw1 192.168.1.2

Example static route to an internal destination

Figure 25

shows a FortiGate unit where the FDN is located on an external subnet and

the management computer is located on a remote, internal subnet. To reach the FDN,
you need to enter a single default route that points to the upstream router as the next
hop/default gateway. To reach the management computer, you need to enter a single
static route that leads directly to it. This route points to the internal router as the next
hop. (No route is required for the DNS servers because they are on the same layer 3
subnet as the FortiGate unit.)