Configure a dns server, Adding firewall policies, Configure a dns server adding firewall policies – Fortinet FortiGate 30B User Manual

Page 28

Advertising
background image

FortiGate-30B FortiOS 3.0 MR6 Install Guide

28

01-30006-0459-20080505

Configuring Transparent mode

Configuring

Configure a DNS server

A DNS server is a service that converts symbolic node names to IP addresses. A
domain name server (DNS server) implements the protocol. In simple terms, it
acts as a phone book for the Internet. A DNS server matches domain names with
the computer IP address. This enables you to use readable locations, such as
fortinet.com when browsing the Internet.

DNS server IP addresses are typically provided by your internet service provider.

To configure DNS server settings

config system dns

set autosvr {enable | disable}
set primary <address_ip>
set secondary <address_ip>

end

Note if you set the autosvr to enable, you do not have to configure the primary

or secondary DNS server IP addresses.

Adding firewall policies

Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall
policies define the FortiGate unit process the packets in a communication session.
You can configure the firewall policies to allow only specific traffic, users and
specific times when traffic is allowed.

For the initial installation, a single firewall policy that enables all traffic through will
enable you to verify your configuration is working. On lower-end units such a
default firewall policy is already in place. For the higher end FortiGate units, you
will need to add a firewall policy.

The following steps add two policies that allows all traffic through the FortiGate
unit, to enable you to continue testing the configuration on the network.

To add an outgoing traffic firewall policy

config firewall profile

edit <seq_num>

set srcintf <source_interface>
set srcaddr <source_IP>
set dstintf <destination_interface>
set dstaddr <destination_IP>
set schedule always
set service ANY
set action accept

end

To create an incoming traffic firewall policy, use the same commands with the
addresses reversed.

Note that these policies allow all traffic through. No protection profiles have been
applied. Ensure you create additional firewall policies to accommodate your
network requirements.

Advertising
Popular Brands
Popular manuals