FortiGate’s initial configuration for internet access is a simple procedure that just requires a few uncomplicated commands. Fortinet firewall configuration is completed using the GUI or a few clicks if the CLI is being used. Though the steps may turn out to be simple, the user needs to have a fair understanding of what needs to be done with the Fortinet next-generation firewall in order to accomplish them.
The Fortinet firewall configuration for internet access can be broken down into three mandatory tasks. It includes the IP address assignment, firewall policy, and default route configuration. These three components should be configured for users to have access to the internet via a FortiGate. Let us try to understand Fortinet’s next-generation firewall one step at a time.
FortiGate’s initial configuration
The FortiGate initial configuration includes the configuration of the system name, login credentials, allowed users, etc. These tasks turn out to be purely administrative and do not form part of the configuration requirements for users to have access to the internet.
FortiGate IP address assignment
To assign an IP, navigate to the network and interfaces. To assign an IP, double-click on any interface. Choose manual or DHCP for a static IP if your ISP has set up a DHCP server for you. Verify administrative duties for any access type. Keep in mind that you must configure IP addresses for both your WAN and LAN interfaces. You need to configure the Fortinet firewall configuration to reach the gateway ISP address.
FortiGate Default Static Route
We configure the default route to direct internet-bound traffic to the ISP. To enter details, click on network, static route, create a new static route, and then click on details. This is a critical step when it comes to Fortinet firewall configuration.
Installing a FortiGate in NAT mode
A common method is to configure a FortiGate in NAT mode. This will connect a private network to the internet. In NAT mode, you will install FortiGate as a router or gateway between two networks. Normally, this is between a private network and the internet. This would allow FortiGate to hide the IP address of the private network using NAT. It contributes to the security of the network by hiding the private IP address from the outside world. Below are the steps for a Fortinet web application module.
- The FortiGate is to be connected to the ISP-supplied equipment using the internet-facing interface. This is typically WAN or WAN 1, depending on your model.
- Connect a PC to FortiGate using an internal port.
- Power on the ISP equipment, the FortiGate, and the PC on the internal port.
- The PC is used to connect to the FortiGate GUI using an internet browser or a Forti Explorer. For more information on connecting to the GUI, the QuickStart guide model is there for your handy reference.
- Log in using an admin account. The default admin account has the user admin and no password.
If you have been successful until this point in time with the Fortinet web application firewall, then kudos. The Fortinet initial configuration is done to allow connected users to access the internet. It’s time to check your cable connection’s readiness, try using any Lan PC to access the internet, and use your FortiGate to ping the internet. The source is the IP address configured on your LAN device.