Fortinet 100A User Manual

142

01-28007-0068-20041203

Fortinet Inc.

Router

For example, consider

Figure 50

, which shows a FortiGate unit connected to a router.

To ensure that all outbound packets destined to any network beyond the router are
routed to the correct destination, you must edit the default configuration and make the
router the default gateway for the FortiGate unit.

Figure 50: Making a router the default gateway

To route outbound packets from the internal network to destinations that are not on
network 192.168.20.0/24, you would edit the default static route and include the
following settings:

• Destination IP/mask: 0.0.0.0/0.0.0.0
• Gateway: 192.168.10.1
• Device: Name of the interface connected to network 192.168.10.0/24 (e.g.

external).

• Distance: 10

The Gateway setting specifies the IP address of the next hop router interface to the
FortiGate external interface. The interface behind the router (192.168.10.1) is

the default gateway for FortiGate_1.

In some cases, there may be routers behind the FortiGate unit. If the destination IP
address of a packet is not on the local network but is on a network behind one of those
routers, the FortiGate routing table must include a static route to that network. For
example, in

Figure 51

, the FortiGate unit must be configured with static routes to

interfaces 192.168.10.1 and 192.168.10.2 in order to forward packets to Network_1
and Network_2 respectively.

Esc

Enter

FortiGate_1

192.168.20.0/24

Internal network

Router

Internet

192.168.10.1

external