Fortinet FortiBridge-2002F Quick Start Manual

QuickStart Guide

© Copyright 2010 Fortinet Incorporated. All rights reserved.
Products mentioned in this document are trademarks or registered trademarks of
their respective holders.
Regulatory Compliance
FCC Class A Part 15, UL/CB/CUL, C Tick, VCCI
11 May 2010

FortiBridge-2002F

FortiBridge 2002F

USB2

CONSOLE2

MODEM2

MGMT2

INT3

INT4

INT3

INT4

EXT3

EXT4

EXT3

EXT4

HA2

PWR2

NORMAL2

BYPASS2

MODE2 RESET2

FortiGate

USB1

CONSOLE1

FortiGate

MODEM1

MGMT1

INT1

INT2

INT1

INT2

EXT1

EXT2

EXT1

EXT2

HA1

PWR1

NORMAL1

BYPASS1

MODE1 RESET1

01-410-124834-20100511

Visit these links for more information and documentation for your Fortinet product:

Technical Documentation - http://docs.fortinet.com Fortinet Knowledge Center - http://kb.fortinet.com
Technical Support - http://support.fortinet.com Training Services - http://campus.training.fortinet.com

Conguring

AC Power 50 W, 100 - 240 VAC, 50 - 60Hz

Chassis 1U

Dimensions 44.0 cm x 30.1 cm x 4.44 cm

Network Interfaces

4 1GB LC SFP (SX) Ingress/Egress ports

4 1GB SFP (SX) Ingress/Egress ports

2 10/100/1000 Management ports

2 USB connections

2 Console ports

2 Modem connections

2. Start a terminal emulation program (such as HyperTerminal) on the management
computer. Use these settings: Baud Rate 9600, Data bits 8, Parity None, Stop bits 1,
Flow Control None.

3. At the login: prompt, type admin and press Enter twice.
(The login prompt is preceded by the server default host name.)

To congure the FortiBridge unit using the CLI

1. Change the management IP address.

cong system manageip
set ip <intf_ip>/<netmask_ip>
end

2. Congure the primary and secondary DNS server IP addresses.

cong system dns
set primary <dns-server_ip>
set secondary <dns-server_ip>
end

3. Congure the default gateway.

cong system route
edit 1
set gateway <gateway_ip>
end

4. Change the administrator password.

cong system admin
edit admin
set password <password>
end

Shutting down the FortiBridge unit

When powering off the FortiBridge unit, always shut down the unit using the following pro­cedures before disconnecting the power supply. Not following this procedure can increase
the risk of damaging the FortiBridge ash disk.

To power off the FortiBridge unit

1. Go to System > Status.

2. In the Unit Operation area, click Shut Down.

3. Once the indicates the shut down procedure has completed, disconnect the
FortiBridge unit from the power source.

Web-based Manager

Use the following procedure to connect to the web-based manager for the rst time.
Conguration changes made with the web-based manager are effective immediately with­out resetting the FortiBridge unit or interrupting service.

To connect to the web-based manager

1. Connect the management port of the FortiBridge unit to Ethernet port of the manage­ment computer.
Use a cross-over Ethernet cable to connect the devices directly. Use straight-through
Ethernet cables to connect the devices through a hub or switch.

2. Congure the management computer to be on the same subnet as the FortiBridge
management port interface.
To do this, change the IP address of the management computer to 192.168.1.2 and
the netmask to 255.255.255.0.

3. To access the FortiBridge web-based manager, in your browser, go to
http://192.168.1.99.

4. Type admin in the Name eld and click Login.

To congure Probes

Probes monitor the FortiGate unit by sending packets from the INT 2 interface through
the FortiGate unit to the EXT 2 interface. If probe packets are not received at the EXT 2
interface the FortiBridge unit detects a failure.

Congure probe settings to set actions on failure, add a dynamic IP pattern used by the
probe packets, and enter the serial number of the FortiGate unit. Actions on failure can
include failing open and sending an alert email, a syslog message, and an SNMP trap.

1. Go to Probe > Settings.

2. Enter the Probe IP address pattern (#.#.#.*).

3. Enable ping, HTTP, FTP, POP3, SMTP, and/or IMAP probes.

4. Set the Port Number for each protocol.

5. Change the Failure Threshold and probe Interval for each probe.

To set up Notications

1. Go to Probe > Notications.

2. Enter a Notication Message Tag.

3. Optionally, select the Syslog check box and enter the IP address, port and facility of
the Syslog server that receives FortiBridge syslog messages.

4. Optionally, select the Email check box and enter the SMTP server, email addresses,
SMTP user name, and password of the users to send the alert email.

5. Optionally, select the SNMP check box and enter the name, hosts, and traps of the
SNMP manager to send alerts to a community.

To congure the Management, Default Gateway, and Primary and Secondary DNS server
IP addresses

1. Go to System > Status > Management Port area and click Change.

Command Line Interface

To connect to the FortiBridge unit

1. Use a RJ-45 to DB-9 cable to connect the FortiBridge management port to the man­agement computer serial port.

LED DescriptionPackage Contents

FortiBridge 2002F

USB2

CONSOLE2

MODEM2

MGMT2

INT3

INT4

INT3

INT4

EXT3

EXT4

EXT3

EXT4

HA2

PWR2

NORMAL2

BYPASS2

MODE2 RESET2

FortiGate

USB1

CONSOLE1

FortiGate

MODEM1

MGMT1

INT1

INT2

INT1

INT2

EXT1

EXT2

EXT1

EXT2

HA1

PWR1

NORMAL1

BYPASS1

MODE1 RESET1

DISCONNECT TWO POWER SUPPLY CORDS

BEFORE SERVICING

DISCONNECT TWO POWER SUPPLY CORDS

BEFORE SERVICING

Ground

AC power

connection

Power button Power button

AC power

connection

USB1

Console1

Modem1

Management1

LEDs

USB2

Console2

Modem2

Management2

LEDs

INT1 and

INT2

EXT1 and

EXT2

INT3 and

INT4

EXT3 and

EXT4

Mode1

Reset1

Mode2

Reset2

LEDs LEDs

Interface Description

Connecting

Administrator user name admin

Administrator password (none)

NAT/Route mode

Management1 192.168.1.99

Management2 0.0.0.0

To reset the unit to the factory defaults, in the CLI type the command:

execute factory reset

FortiGate-30B

Tools and Documenation

Copyright 2010 Fortinet Inco rporated. All rights rese rved.

Trademarks

Products mentioned in this d ocument are trademarks.

QuickStart Guid e

Straight- through

Ethernet cable

Power cab le x2

DB9-RJ45 Serial

cable

REGISTER

SFP SX x4

FortiBridge 2002F

USB2

CONSOLE2

MODEM2

MGMT2

INT3

INT4

INT3

INT4

EXT3

EXT4

EXT3

EXT4

HA2

PWR2

NORMAL2

BYPASS2

MODE2RESET2

FortiGate

USB1

CONSOLE1

FortiGate

MODEM1

MGMT1

INT1

INT2

INT1

INT2

EXT1

EXT2

EXT1

EXT2

HA1

PWR1

NORMAL1

BYPASS1

MODE1RESET1

Factory Defaults

LED State Description

Power

Green The unit is powered on.

Off The unit is powered off.

Normal

Green The unit is being used in Normal

mode.

HA

Green The unit is being used in a HA cluster.

Off The unit is in stand-alone mode.

Bypass

Green Bypass network activity at this inter-

face.

Off Normal status.

INT and
EXT LEDs

Green The correct cable is in use and the

connected equipment has power.

Off No link established or the interface

has been turned off.

MGMT1
and
MGMT2
Ports

Link/Activity (left) Green Port has power and network connec-

tion.

Link/Activity (left) Green
ashing

Network data is being sent or re­ceived.

Speed (right) indicator is
Green

Connected at 1000 Mbps.

Speed (right) indicator is
Amber

The interface is connected at 100
Mbps.

Speed (right) indicator
is Off

The interface is connected at 10
Mbps.

Interface Type Speed Proto-

col

Description

Console1
and Con­sole2

RJ-45 9600 bps

8/N/1

RS-232
serial

Connection to the manage­ment computer. Provides
access to the command line
interface (CLI).

Modem1
and Mo­dem2

RJ-45 Connection to external serial

modem with full handshak­ing.

USB1 and
USB2

USB USB Two optional connections to

a USB key for installation.

MGMT1
and
MGMT2

RJ-45 10/100/1000

Base-T

Ethernet Two management ports.

INT1, INT3,
EXT1, and
EXT3

LC
SFP

1000Base-SX Ethernet Fiber optic connections to

gigabit optical networks.

INT2,
INT4,
EXT2, and
EXT4

SFP 1GB-SX Ethernet Small form-factor pluggable

transceiver.

Connect the FortiBridge unit to the internal and external networks and the Forti­Gate unit. Normally, you would use straight-through ethernet cables to connect
the FortiBridge unit. However, for some connections you may need a crossover
ethernet cable (for example, for compatibility with network devices that do not
support Auto MDI/MDIX).

• Connect the FortiBridge INT 2 interface to the FortiGate unit internal inter­face.

• Connect the FortiBridge EXT 2 interface to the FortiGate unit external inter­face.

• Connect the FortiBridge INT 1 interface to the internal network.

• Connect the FortiBridge EXT 1 interface to the external network.

• Turn on the FortiGate unit and any network equipment that was turned off.

• Connect the power cords at the back of the FortiBridge unit. Plug the other
end of the power cables into a grounded electrical outlet.

• The PWR and Bypass Mode LEDs turn on. After a short time, the Forti­Bridge unit switches to Normal mode. The Bypass LED turns off and the
Normal LED turns on.

Note: To ground the unit, use a minimum of 18 AWG (UL Certication) wire with
ring terminals. One end connects to the ground on the back of the unit and the
other end connects to the bracket on the chassis.

Caution: Disconnect both power sources before servicing.