beautypg.com

Normal mode operation – Fortinet Version 3.0 User Manual

Page 11

background image

FortiBridge operating principles

Normal mode operation

FortiBridge Version 3.0 Administration Guide
09-30000-0163-20061109

11

1

Connect the FortiBridge-1000 INT 2 interface to the FortiGate internal interface.

2

Connect the FortiGate external interface to the FortiBridge-1000 EXT 2 interface.

3

Connect the internal network to the FortiBridge-1000 INT 1 interface.

4

Connect the FortiBridge-1000 EXT 1 interface to the router.

Connecting the FortiBridge-1000F (fiber gigabit ethernet)

The FortiBridge-1000F unit contains 4 multimode fiber optic gigabit interfaces that
connect to the internal and external networks and to the FortiGate interfaces that
were connected to these networks. Use the following steps to connect a
FortiBridge-1000F unit to the network as shown in

Figure 3

.

1

Connect the FortiBridge-1000F INT 2 interface to the FortiGate internal interface.

2

Connect the FortiGate external interface to the FortiBridge-1000F EXT 2
interface.

3

Connect the internal network to the FortiBridge-1000F INT 1 interface.

4

Connect the FortiBridge-1000F EXT 1 interface to the router.

Normal mode operation

If the FortiGate unit is operating normally, the FortiBridge unit operates in Normal
mode. Traffic from the internal network enters the FortiBridge INT 1 interface then
exits the INT 2 interface to the FortiGate unit. The traffic from the FortiBridge
INT 2 interface enters the FortiGate internal interface. Firewall policies and
protection profiles are applied to the traffic by the FortiGate unit. Accepted traffic
then exits the FortiGate External interface and enters the FortiBridge EXT 2
interface. The traffic then exits the FortiBridge EXT 1 interface and goes to the
external network. Traffic from the external network reverses this sequence.

Figure 4: Normal mode traffic flow

How the FortiBridge unit monitors the FortiGate unit

To monitor the FortiGate unit for failure, you must enable probes on the
FortiBridge unit. When you enable a probe, the FortiBridge unit sends packets
from the FortiBridge INT 2 interface, through the FortiGate unit to the FortiBridge
EXT 2 interface. If the EXT 2 interface receives the probe packets, the FortiGate
unit is operating normally. If the EXT 2 interface does not receive probe packets
the FortiBridge unit assumes that the FortiGate unit has failed.

Router

INT 1

INT 2

EXT 1

EXT 2

Internal

External

Internal network

Internet

(Transparent mode)

(Normal mode)

See also other documents in the category Fortinet Hardware: