Fortinet FortiAnalyzer 1000B User Manual

R

1000B

R

1000B

For future

use

USB

Ethernet

ports

Ethernet ports

Power supply

Console

connection

Ethernet cables connect to
the internal network and to
the Internet (public switch
or router)

Power cable
connects to
power supply

Ethernet cables connect to
the internal network and to
the Internet (public switch
or router)

Null modem
cable connects to serial
port on management
computer

FortiGat e-30B

Tools and Documenation

Copyright 2008 Fortin et Incorpor ated. All r ights reser ved.

Trademarks

Products m entioned in this docum ent are tra demarks.

QuickS tart Gu ide

Welcome | Bienvenue | Willkommen | ?迎 | 歓迎 | Bienvenido | Benvenuto

2 Mounting Slide Rails

R

1000B

Straight-through

Ethernet cable

Power Cable

Null-Modem Cable

(RS-232)

LED State Description

Green The correct cable is connected to the copper

Ports 1 to 4 Left LED

Flashing Network activity at this interface.

Ports 1 to 4 Right LED

Green The interface is connected at 1000 Mbps.

Yellow The interface is connected at 100 Mbps.

Off The interface is connected at 10 Mbps.

Visit these links for more information and documentation for your Fortinet product.

Technical Documentation - http://docs.forticare.com

•
Fortinet Knowledge Center - http://kc.forticare.com

•
Fortinet Technical Support - http://support.fortinet.com

•

10/100/1000 interface and the connected equip­ment has power.

QuickStart Guide

© Copyright 2008 Fortinet Incorporated. All rights reserved.
Products mentioned in this document are trademarks or registered trademarks
of their respective holders.
Regulatory Compliance
FCC Class B Part 15 CSA/CUS
30 September 2008

FortiAnalyzer-1000B

05-30006-0480-20080930

Package Contents

Connector Type Speed Protocol Description

Ports 1 to 4 RJ-45 10/100/1000

CONSOLE DB9 9600 8/N/1 RS-232 serial Optional connection to the management computer. Provides access to

USB USB USB Optional connection to a USB key for rmware backup and installation.

Ethernet Copper gigabit connection to 10/100/1000 copper networks.

Base-T

the command line interface (CLI).

Connecting

Connect the following to the FortiAnalyzer unit. Ensure the FortiAnalyzer unit is placed on a stable surface or install in a standard 19 inch rack. See
the FortiAnalyzer-1000B Rack Install Guide for details.

Insert a network cable to port 1.

•

Connect the other end of network cable to the network hub or switch.

•

Connect the AC Power Cord to the Power Supply.

•

Connect the Power Cord to a surge protected

•

power bar or power supply.

Conguration Tools

Web-based manager

The FortiAnalyzer web-based manager is an easy to use management tool.

Use it to congure the administrator password, the interface and default gateway addresses,
add Fortinet devices and congure reports.

Requirements:

An Ethernet connection between the FortiAnalyzer unit and management computer.

•
A web browser such as FireFox or Internet Explorer on the management computer.

•

Command Line Interface (CLI)

The CLI is a full-featured management tool. Use it to congure the administrator password,
the interface addresses, the default gateway address, and the DNS server addresses. To
congure advanced settings, see the Tools and Documentation CD included with the

FortiAnalyzer unit.

Requirements:

The DB9 serial connection between the FortiAnalyzer unit and management computer.

•
A terminal emulation application (HyperTerminal for Windows) on the management

•
computer.

Collecting Information

Port Information

Port 1 IP: ____.____.____.____

Netmask: ____.____.____.____

Port 2 IP: ____.____.____.____

Netmask: ____.____.____.____

Port 3 IP: ____.____.____.____

Netmask: ____.____.____.____

Port 4 IP: ____.____.____.____

Netmask: ____.____.____.____

The internal interface IP address and netmask must be valid for the internal network.

Conguring

General settings

Administrator password:

Network Settings: Default Gateway:

Primary DNS Server: ____.____.____.____

Secondary DNS Server: ____.____.____.____

____.____.____.____

Factory default settings

NAT/Route mode Transparent mode

Port 1 interface 192.168.1.99 Management IP 0.0.0.0

Port 2 interface 0.0.0.0 Administrative account settings

Port 3 interface 0.0.0.0 User name admin

Port 4 interface 0.0.0.0 Password (none)

To reset the FortiAnalyzer unit to the factory defaults, in the CLI type the command
execute factory reset

Web-based Manager

Use the following procedure to connect to the web-based manager for the rst time. Congu­ration changes made with the web-based manager are effective immediately without reset­ting the FortiAnalyzer unit or interrupting service.

To connect to the web-based manager

Connect the Port 1 interface of the FortiAnalyzer unit to Ethernet port of the manage-

1.
ment computer.
Use a cross-over Ethernet cable to connect the devices directly. Use straight-through
Ethernet cables to connect the devices through a hub or switch.

Congure the management computer to be on the same subnet as the FortiAnalyzer

2.
Port 1 interface.

To do this, change the IP address of the management computer to 192.168.1.2 and the

netmask to 255.255.255.0.

To access the FortiAnalyzer web-based manager, in your browser, go to

3.
https://192.168.1.99 (remember to include the “s” in https://).
Type admin in the Name eld and select Login.

4.

After connecting to the Web-based manager, you can congure the FortiAnalyzer unit IP ad­dress, DNS server IP address, and default gateway to connect the FortiAnalyzer unit to the

network.

To congure interfaces

Go to System > Network > Interface.

1.

Select the edit icon for each interface to congure.

2.
Set the IP address and netmask for the interface.

3.
Select OK.

4.

To congure the Primary and Secondary DNS server IP addresses

Go to System > Network > DNS, enter the Primary and Secondary DNS IP addresses

1.
select Apply.

To congure a Default Gateway

Go to System > Network > Routing and select Create New.

1.
Set Gateway to the Default Gateway IP address and select OK.

2.

Command Line Interface

The FortiAnalyzer-1000B has serial port. Use the null modem cable to connect it to your
management computer.

To connect to the FortiAnalyzer unit

Use a null modem cable to connect the FortiAnalyzer serial port to the management

1.
computer serial port.
Start a terminal emulation program (such as HyperTerminal) on the management com-

2.

puter. Use these settings: Baud Rate 9600, Data bits 8, Parity None, Stop bits 1, Flow
Control None.
At the login: prompt, type admin and press Enter twice.

3.
(The login prompt is preceded by the server default host name.)

After connecting to the CLI, you can congure the FortiAnalyzer unit IP address, DNS server
IP address, and default gateway to connect the FortiAnalyzer unit to the network.

To congure the FortiAnalyzer unit using the CLI

Set the IP address and netmask of the Port1 interface.

1.

cong system interface

edit port1
set ip <intf_ip>/<netmask_ip>
end

Congure the primary and secondary DNS server IP addresses.

3.

cong system dns

set primary <dns-server_ip>
set secondary <dns-server_ip>
end

Congure the default gateway.

4.

cong system route

edit 1
set device <interface>
set dst <destination_ip>

set gateway <gateway_ip>

end

Adding an administration password

By default, the admin user does not have a password. To restrict access to the FortiAnalyzer
unit management account, add password for the admin user account.

To add the admin user account password

Go to System > Admin.

1.

For the admin user, select the Change Password icon.

2.

Enter a new password in the New Password box.

3.

Reenter the password to Conrm Password box.

4.
Select OK.

5.

Adding an administration password using the CLI

To add an administration password in the CLI enter the following commands:

cong system admin

edit admin

set password <password>

end

Shutting down the FortiAnalyzer unit

When powering off the FortiAnalyzer unit, always shut down the unit using the following pro­cedures before disconnecting the power supply. Not following this procedure can increase

the risk of damaging the FortiAnalyzer hard disk.

To power off the FortiAnalyzer unit

Go to System > Dashboard.

1.

In the System Operation list, select Shut Down.

2.
Select Go.

3.
Once the indicates the shut down procedure has completed, disconnect the

4.
FortiAnalyzer unit from the power source.

Shutting down the FortiAnalyzer unit using the CLI

Enter the following command at the prompt:

execute shutdown