Out of band management – Fortinet FortiGate 4000 User Manual

Page 149

Advertising
background image

Network configuration

Out of band management

FortiGate-4000 Installation and Configuration Guide

149

• Enable secure administrative access to this interface using only HTTPS or SSH,
• Do not change the system idle timeout from the default value of 5 minutes (see

“To

set the system idle timeout” on page 176

).

To configure the management interface in Transparent mode

1

Go to System > Network > Management.

2

Change the Management IP and Netmask as required.
This must be a valid IP address for the network that you want to manage the FortiGate
unit from.

3

Add a default gateway IP address if the FortiGate unit must connect to a default
gateway to reach the management computer.

4

Select the administrative access methods for each interface.

5

Select Log for each interface that you want to record log messages whenever a
firewall policy accepts a connection to this interface.

6

Select Apply to save the changes.

Out of band management

Configure the out of band management interface to set the out of band management
IP address of the FortiGate-4000 unit. You can also change the default route for the
out of band management interface and control administrative access connect to the
out of band management interface.

The out of band management interface is available in NAT/Route mode and in
Transparent mode.

To configure the out of band management interface

1

Go to System > Network > OOB Management.

2

Change the IP and Netmask as required.
This must be a valid IP address for the network that you want to manage the FortiGate
unit from.

3

Add a default gateway IP address if one is required for your network.

4

Select the administrative access methods for the out of band management interface.

HTTPS

To allow secure HTTPS connections to the web-based manager through this

interface.

PING

If you want this interface to respond to pings. Use this setting to verify your

installation and for testing.

HTTP

To allow HTTP connections to the web-based manager through this interface.

HTTP connections are not secure and can be intercepted by a third party.

SSH

To allow SSH connections to the CLI through this interface.

SNMP

To allow a remote SNMP manager to request SNMP information by connecting to

this interface. See

“Configuring SNMP” on page 180

.

TELNET

To allow Telnet connections to the CLI through this interface. Telnet connections

are not secure and can be intercepted by a third party.

Advertising
Popular Brands
Popular manuals