beautypg.com

Adding a ping server to an interface, Controlling administrative access to an interface – Fortinet FortiGate 50A User Manual

Page 97

background image

Network configuration

Configuring interfaces

FortiGate-50A Installation and Configuration Guide

97

You can also configure management access and add a ping server to the secondary
IP address.

set system interface config secallowaccess ping
https ssh snmp http telnet
set system interface config secgwdetect enable

Adding a ping server to an interface

Add a ping server to an interface if you want the FortiGate unit to confirm connectivity
with the next hop router on the network connected to the interface. Adding a ping
server is required for routing failover. See

“Adding destination-based routes to the

routing table” on page 101

.

To add a ping server to an interface

1

Go to System > Network > Interface.

2

Choose an interface and select Modify

.

3

Set Ping Server to the IP address of the next hop router on the network connected to
the interface.

4

Select the Enable check box.
The FortiGate unit uses dead gateway detection to ping the Ping Server IP address to
make sure that the FortiGate unit can connect to this IP address. To configure dead
gateway detection, see

“Modifying the Dead Gateway Detection settings” on

page 123

.

5

Select OK to save the changes.

Controlling administrative access to an interface

For a FortiGate unit running in NAT/Route mode, you can control administrative
access to an interface to control how administrators access the FortiGate unit and the
FortiGate interfaces to which administrators can connect.

Controlling administrative access for an interface connected to the Internet allows
remote administration of the FortiGate unit from any location on the Internet. However,
allowing remote administration from the Internet could compromise the security of
your FortiGate unit. You should avoid allowing administrative access for an interface
connected to the Internet unless this is required for your configuration. To improve the
security of a FortiGate unit that allows remote administration from the Internet:

• Use secure administrative user passwords,
• Change these passwords regularly,
• Enable secure administrative access to this interface using only HTTPS or SSH,
• Do not change the system idle timeout from the default value of 5 minutes (see

“To

set the system idle timeout” on page 122

).

To configure administrative access in Transparent mode, see

“Configuring the

management interface in Transparent mode” on page 99

.

To control administrative access to an interface

1

Go to System > Network > Interface.

See also other documents in the category Fortinet Hardware: