Fortinet FortiAnalyzer-800B Quick Start Manual

© Copyright 2007 Fortinet Incorporated. All rights reserved.
Products mentioned in this document are trademarks or registered trade­marks of their respective holders.
Regulatory Compliance
FCC Class A Part 15 CSA/CUS
28 September 2007

Checking the Package Contents

Connecting

Planning the Configuration

Ethern et Cables:

Orange - Crossove r

Grey - Straight-t hrough

Docume ntation

FortiAnalyz er-800B

Copyright 2007 For tinet Incor porated. Al l rights re served.
Trademarks
Products mentioned in this do cument are trademarks.

Power Cable

Null-M odem Cable

(RS-23 2)

Qu i c kS t ar t Gu i de

Ethernet Ports

1 and 2

DB-9

Serial

Connec tion

Power
Connection

Ethernet Ports

3 and 4

Power Switch

LED in dicators:

Power, E rror, Network ,

and Di sk Access

Straig ht-through Ethernet cab les connect s
to hub or switch on the netwo rk

Null m odem cable connects
to ser ial port on management computer

Power cable conne cts
to pow er outlet

Place the FortiAnalyzer unit on a stable surface.

Use included mounting slide rails to mount on a standard 19” rack.

Connect one end of Ethernet cable to port 1, the other to the network hub or switch.

Make sure the power is not plugged into the wall before connecting the power cable.

•

•

•

•

Connect the FortiAnalyzer unit to a power outlet and to the network hub or switch.

FortiAnalyzer-800B

05-30005-0417-20070928

FortiAnalyzer LED Indicators

Light Icon State Description

Green The correct cable is in use and the equipment has

power.

Flashing Green Network activity at this interface.

Off No link established or the FortiAnalyzer unit is off.

Green Hard disk activity.

Off No hard disk activity

Green The FortiAnalyzer unit is running normally.

Flashing Green The FortiAnalyzer unit is running abnormally.

Off The FortiAnalyzer unit is powered off.

FortiAnalyzer Front Buttons

Power button.

Reset button.

Connector Type Speed Protocol Description

Ports 1 to 4 RJ-45 10/100/1000 Ethernet Connection to the network

CONSOLE DB-9 9600 bps

8/N/1

RS-232 serial Connection to the management computer. Provides

access to the command line interface (CLI).

USB USB USB For future use.

You can add the FortiAnalyzer unit to your local FortiGate network to receive log messages
from your local FortiGate units.

Connect the FortiAnalyzer unit to the same hub or switch as the FortiGate unit. You can also
connect the FortiAnalyzer unit to multiple FortiGate units or remote FortiGate units over the
Internet . To connect the FortiAnalyzer unit to the FortiGate units remotely, you must cong­ure the DNS server and the default gateway.

You can manage the FortiAnalyzer unit within the local network or over the Internet.

Factory Defaults

Administrator Account

User name: admin

Password: (none)

Port 1

IP: 192.168.1.99

Netmask: 255.255.255.0

Management Access: ping, https, http, ssh

Port 2

IP: 192.168.2.99

Netmask: 255.255.255.0

Management Access: ping, https, http, ssh

Port 3

IP: 192.168.3.99

Netmask: 255.255.255.0

Management Access: ping, https, http, ssh

Port 4

IP: 192.168.4.99

Netmask: 255.255.255.0

Management Access: ping, https, http, ssh

Congratulations!

You have nished conguring the basic settings. You are ready to add FortiGate devices and
collect log information. To explore the full range of conguration options, see the online help

or the Tools and Documentation CD.

Visit these links for more information and documentation for your Fortinet product.

Technical Documentation - http://docs.forticare.com
Fortinet Knowledge Center - http://kc.forticare.com
Fortinet Technical Support - http://support.fortinet.com

•

•

•

Completing the Configuration

Configuring the FortiAnalyzer Unit

Web-based Manager

Use the following procedure to connect to the web-based manager for the rst time. Congu­ration changes made with the web-based manager are effective immediately without reset­ting the FortiAnalyzer unit or interrupting service.

To connect to the web-based manager

Connect the Port 1 interface of the FortiAnalyzer unit to Ethernet port of the manage­ment computer.
Use a cross-over Ethernet cable to connect the devices directly. Use straight-through
Ethernet cables to connect the devices through a hub or switch.

Congure the management computer to be on the same subnet as the FortiAnalyzer

Port 1 interface.
To do this, change the IP address of the management computer to 192.168.1.2 and the
netmask to 255.255.255.0.
To access the FortiAnalyzer web-based manager, in your browser, go to
https://192.168.1.99 (remember to include the “s” in https://).
Type admin in the Name eld and select Login.

After connecting to the Web-based manager, you can congure the FortiAnalyzer unit IP ad­dress, DNS server IP address, and default gateway to connect the FortiAnalyzer unit to the
network.

To congure interfaces

Go to System > Network > Interface.

Select the edit icon for each interface to congure.

Set the IP address and netmask for the interface.
Select OK.

To congure the Primary and Secondary DNS server IP addresses

Go to System > Network > DNS, enter the Primary and Secondary DNS IP addresses
select Apply.

To congure a Default Gateway

Go to System > Network > Routing and select Create New.
Set Gateway to the Default Gateway IP address and select OK.

1.

2.

3.

4.

1.

2.

3.

4.

1.

1.

2.

Command Line Interface

The FortiAnalyzer-800B has serial port. Use the null modem cable to connect it to your man­agement computer.

To connect to the FortiAnalyzer unit

Use a null modem cable to connect the FortiAnalyzer serial port to the management
computer serial port.
Start a terminal emulation program (such as HyperTerminal) on the management com­puter. Use these settings: Baud Rate 9600, Data bits 8, Parity None, Stop bits 1, Flow
Control None.
At the login: prompt, type admin and press Enter twice.
(The login prompt is preceded by the server default host name.)

After connecting to the CLI, you can congure the FortiAnalyzer unit IP address, DNS server

IP address, and default gateway to connect the FortiAnalyzer unit to the network.

To congure the FortiAnalyzer unit using the CLI

Set the IP address and netmask of the Port1 interface.

config system interface
edit port1
set ip <intf_ip>/<netmask_ip>
end

Congure the primary and secondary DNS server IP addresses.

config system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end

Congure the default gateway.

config system route
edit 1
set device <interface>
set dst <destination_ip>
set gateway <gateway_ip>
end

1.

2.

3.

1.

3.

4.

Choosing a Configuration Tool

Web-based manager

The FortiAnalyzer web-based manager is an easy to use management tool.

Use it to congure the administrator password, the interface and default gateway addresses,

and the DNS server addresses.

Requirements:

An Ethernet connection between the FortiAnalyzer unit and management computer.
Internet Explorer or FireFox web browser on the management computer.

•

•

Command Line Interface (CLI)

The CLI is a full-featured management tool. Use it to congure the administrator password,

the interface addresses, the default gateway address, and the DNS server addresses. To
congure advanced settings, see the FortiAnalyzer CLI Reference on the Tools and Docu-
mentation CD.

Requirements:

A null modem serial connection between the FortiAnalyzer unit and management com­puter.
A terminal emulation application (HyperTerminal for Windows) on the management
computer.

•

•

Adding an administration password

By default, the admin user does not have a password. To restrict access to the FortiAnalyzer
unit management account, add password for the admin user account.

To add the admin user account password

Go to System > Admin.
For the admin user, select the Change Password icon.
Enter a new password in the New Password box.

Reenter the password to Conrm Password box.

Select OK.

1.

2.

3.

4.

5.

Adding an administration password using the CLI

To add an administration password in the CLI enter the following commands:

cong system settings

edit admin

set password <password>

end

Shutting down the FortiAnalyzer unit

When powering off the FortiAnalyzer unit, always shut down the unit using the following pro­cedures before disconnecting the power supply. Not following this procedure can increase
the risk of damaging the FortiAnalyzer hard disk.

To power off the FortiAnalyzer unit

Go to System > Dashboard.
In the System Operation list, select Shut Down.
Select Go.
Once the indicates the shut down procedure has completed, disconnect the
FortiAnalyzer unit from the power source.

Shutting down the FortiAnalyzer unit using the CLI

Enter the following command at the prompt:

execute shutdown

1.

2.

3.

4.