KEMBAR78
Installing A FortiGate in Transparent Mode PDF | PDF | Router (Computing) | Computer Network
0% found this document useful (0 votes)
1K views5 pages

Installing A FortiGate in Transparent Mode PDF

1. The document discusses how to configure a FortiGate device in transparent mode to securely connect an internal network to the internet without changing the existing network configuration. 2. Key steps include changing the FortiGate's operation mode to transparent, creating a policy to allow traffic from the internal network to the internet, and connecting the FortiGate between the internal network router and internet router. 3. Once configured, users on the internal network will be able to browse the internet with traffic being scanned by the FortiGate without any changes to routing or IP addresses.

Uploaded by

Frontos Celerius
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
1K views5 pages

Installing A FortiGate in Transparent Mode PDF

1. The document discusses how to configure a FortiGate device in transparent mode to securely connect an internal network to the internet without changing the existing network configuration. 2. Key steps include changing the FortiGate's operation mode to transparent, creating a policy to allow traffic from the internal network to the internet, and connecting the FortiGate between the internal network router and internet router. 3. Once configured, users on the internal network will be able to browse the internet with traffic being scanned by the FortiGate without any changes to routing or IP addresses.

Uploaded by

Frontos Celerius
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Adding a FortiGate in Transparent mode without

changing your existing configuration


In this example, you will learn how to connect and configure a new FortiGate unit in
Transparent mode to securely connect a private network to the Internet. In Transparent
mode, the FortiGate applies security scanning to traffic without applying routing or
network address translation (NAT).

!
Changing to Transparent mode removes most configuration changes made in NAT/Route mode. To keep your current
NAT/Route mode configuration, backup the configuration using the System Information widget, found at System >
Dashboard > Status.

1. Changing the FortiGate’s operation mode


2. (Optional) Setting the FortiGate’s DNS servers
3. Creating a policy to allow traffic from the internal network to
the Internet
4. Connecting the network devices

Router

Internet

WAN 1

FortiGate
(Transparent
Mode)
port 1

Internal Network
1. Changing the FortiGate’s operation
mode
Go to System > Dashboard >
Status and locate the System
Information widget.
Beside Operation Mode, select
Change.

Set the Operation Mode to


Transparent. Set the Management
IP/Netmask and Default Gateway
to connect the FortiGate unit to the
internal network.
You can now access the GUI by
browsing to the Management IP (in
he example, you would browse to
http://172.20.120.122).

2. (Optional) Setting the FortiGate’s


DNS servers
The FortiGate unit’s DNS Settings are
set to use FortiGuard DNS servers
by default, which is sufficient for
most networks. However, if you need
to change the DNS servers, go to
System > Network > DNS and
add Primary and Secondary DNS
servers.
3. Creating a policy to allow traffic
from the internal network to the
Internet
Go to Policy & Objects > Policy >
IPv4 and create a new policy (if your
network uses IPv6 addresses, go to
Policy & Objects > Policy > IPv6).
Set the Incoming Interface to the an
available external interface (typically
port 1) and the Outgoing Interface
to the Internet-facing interface
(typically WAN1).

It is recommended to avoid
using any security profiles until
after you have successfully
installed the FortiGate unit. After
the installation is verified, you
can apply any required security
profiles.

Scroll down to view the Logging


Options. In order to view the results
later, enable Log Allowed Traffic
and select All Sessions.
4. Connecting the network devices
Go to System > Dashboard >
Status and locate the System
Resources widget. Select Shutdown
to power off the FortiGate unit.
Alternatively, you can enter the
following command in the CLI
Console (also found by going to
System > Dashboard > Status):
execute shutdown

Wait until all the lights, except for the


power light, on your FortiGate have
turned off. If your FortiGate has a
power button, use it to turn the unit
off. Otherwise, unplug the unit.

You can now connect the FortiGate


Router
unit between the internal network and
the router.
Connect the wan1 interface to the
router internal interface and connect
the internal network to the FortiGate
internal interface port.
WAN 1
Power on the FortiGate unit.
port 1

FortiGate
Internal Network
5. Results
You can now browse the Internet
using any computer that connects to
the FortiGate’s internal interface.

You can view information about


the traffic being processed by your
FortiGate by going to System >
FortiView > All Sessions and
finding traffic that has port 1 as the
Src Interface and the Internet-facing
interface as the Dst Interface.

If these two columns are not shown,


select Column Settings and move Src
Interface and Dst Interface to the
list of fields to be shown.

You might also like