Fortinet FortiGate MR1 User Manual
FortiGate Voice
™
Version 4.0 MR1
Administration Guide
Visit http://support.fortinet.com to register your FortiGate Voice product. By registering you
can receive product updates, technical support, and FortiGuard services.
FortiGate Voice Administration Guide
Version 4.0 MR1
1 June 2010
01-410-112851-20100601
© Copyright 2010 Fortinet, Inc. All rights reserved. No part of this publication including text, examples,
diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means,
electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of
Fortinet, Inc.
Trademarks
Dynamic Threat Prevention System (DTPS), APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient,
FortiGate®, FortiGate Unified Threat Management System, FortiGuard®, FortiGuard-Antispam,
FortiGuard-Antivirus, FortiGuard-Intrusion, FortiGuard-Web, FortiLog, FortiAnalyzer, FortiManager,
Fortinet®, FortiOS, FortiPartner, FortiProtect, FortiReporter, FortiResponse, FortiShield, FortiVoIP, and
FortiWiFi are trademarks of Fortinet, Inc. in the United States and/or other countries. The names of actual
companies and products mentioned herein may be the trademarks of their respective owners.
Contents
Contents
Introduction .............................................................................................. 5
Fortinet products ............................................................................................................ 6
Before you begin............................................................................................................. 6
How this guide is organized........................................................................................... 6
Document conventions .................................................................................................. 9
IP addresses............................................................................................................... 9
Example Network configuration ................................................................................ 11
Cautions, Notes and Tips ......................................................................................... 12
Typographical conventions ....................................................................................... 13
CLI command syntax conventions............................................................................ 13
Registering your Fortinet product............................................................................... 15
Fortinet products End User License Agreement ....................................................... 15
Training .......................................................................................................................... 15
Documentation ............................................................................................................. 15
Fortinet Tools and Documentation CD ..................................................................... 16
Fortinet Knowledge Base ......................................................................................... 16
Comments on Fortinet technical documentation ..................................................... 16
Customer service and technical support.................................................................... 16
Example FortiGate Voice branch office configuration ....................... 17
General configuration steps ........................................................................................ 18
Connecting the FortiGate Voice unit........................................................................... 19
Configuring basic FortiGate Voice network and UTM settings ................................ 19
Configuring network settings for the devices on the Internal network ................... 22
Configuring the FortiGate Voice PSTN and PBX settings......................................... 22
Configuring the FortiFones on the internal network ................................................. 27
Adding extensions and configuring FortiFones for users behind a
NAT device..................................................................................................................... 28
FortiGate Voice IVR configuration............................................................................... 30
Providing access to the company directory............................................................... 30
Adding a shortcut for checking voicemail.................................................................. 31
Checking voicemail................................................................................................... 31
FortiGate Voice web-based manager configuration reference.......... 33
Dashboard widgets ....................................................................................................... 33
Unit operation dashboard widget .............................................................................. 33
System resources dashboard widget........................................................................ 33
Configuring VoIP interface settings ............................................................................ 34
Configuring PSTN interfaces ....................................................................................... 34
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 3
http://docs.fortinet.com/ • Feedback
Contents
PBX configuration......................................................................................................... 36
Configuring service providers ................................................................................... 36
Configuring extensions ............................................................................................. 37
Configuring extension groups (ring groups).............................................................. 39
Configuring dial plans ............................................................................................... 40
Configuring voice menu options ............................................................................... 43
Configuring direct inward dialing............................................................................... 44
Configuring PBX settings.......................................................................................... 45
Monitoring calls......................................................................................................... 46
Monitoring SIP Trunk status ..................................................................................... 46
Monitoring the status of PBX extensions.................................................................. 46
Logging of PBX activities............................................................................................. 47
Viewing log messages .............................................................................................. 47
FortiGate Voice VoIP, PBX, and PSTN CLI Reference........................ 49
config pbx dialplan ....................................................................................................... 49
config pbx did................................................................................................................ 50
config pbx extension .................................................................................................... 51
config pbx global .......................................................................................................... 52
config pbx ringgrp ........................................................................................................ 53
config pbx smtp ............................................................................................................ 54
config pbx voice-menu ................................................................................................. 55
config pbx voip-provider .............................................................................................. 55
config system pstn ....................................................................................................... 57
config system interface ................................................................................................ 58
execute pbx ................................................................................................................... 58
diagnose pbx restart..................................................................................................... 60
FortiGate Voice Version 4.0 MR1 Administration Guide
4 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Introduction
FortiFones or
other
SIP Phones
SIP
LAN
WAN
FXO (x4)
(some models)
ISP
IMS
NGN
VPN
etc
Class 5
PSTN
(LEC)
SIP Trunking
LAN
LAN
SIP
SIP
PCs with
SIP Soft Phone
POTS/ISDN
Telephone
Adapters (ATA)
a/b - wire
BRI
a/b - wire
FortiGate Voice
unit
Service Provider
Network
Introduction
FortiGate Voice units integrate FortiGate UTM functionality with VoIP phone PBX
functionality. Some FortiGate Voice models also support connections to the public
switched telephone network (PSTN). A small office or an enterprise branch office can use
a FortiGate Voice unit to provide routing, Ethernet switching, Internet connectivity, UTM
security, VoIP gateway, and VoIP PBX features for the office.
FortiGate Voice PBX functionality includes:
• Four Foreign eXchange Office (FXO) interfaces for connected to up to 4 standard
public switch telephone network (PSTN) phone lines (some FortiGate Voice models)
• Flexible number dial plans
• Standard VoIP PBX feature set
• Integrated dial-back up modem and optional 3G wireless cards
•Voicemail
• Message notification
• Unified messaging
• Music on hold
• Automatic Call Distribution (ACD)
• Basic conferencing
• Statistics and logging
Figure 1: FortiGate Voice Network connections
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 5
http://docs.fortinet.com/ • Feedback
Fortinet products Introduction
This document includes a configuration example that describes how to configure a
FortiGate Voice-80C to provide VoIP, networking, and UTM services for a branch office
network. Also included is a configuration reference to FortiGate Voice VoIP, PBX, and
PSTN web-based manager and CLI functionality.
This chapter contains the following sections:
• Fortinet products
• Before you begin
• How this guide is organized
• Document conventions
• Registering your Fortinet product
• Fortinet products End User License Agreement
• Training
• Documentation
• Customer service and technical support
Fortinet products
Fortinet's portfolio of security gateways and complementary products offers a powerful
blend of ASIC-accelerated performance, integrated multi-threat protection, and constantly
updated, in-depth threat intelligence. This unique combination delivers network, content,
and application security for enterprises of all sizes, managed service providers, and
telecommunications carriers, while providing a flexible, scalable path for expansion. For
more information on the Fortinet product family, go to www.fortinet.com/products.
Before you begin
This document is intended for administrators, not end users.
This FortiGate Voice Administration Guide is a supplement to the FortiGate Administration
Guide that provides detailed information about the PBX, and PSTN configuration for
system administrators of a FortiGate Voice unit. It is assumed that you have already
successfully installed a FortiGate unit by following the instructions in the FortiGate Voice-
80C QuickStart Guide. PSTN interfaces are supported on some FortiGate Voice models.
At this stage:
• You have administrative access to the web-based manager and/or CLI.
• The FortiGate Voice unit is integrated into your network.
• The operation mode has been configured.
• The system time, DNS settings, administrator password, and network interfaces have
been configured.
• Firmware, FortiGuard Antivirus and FortiGuard Antispam updates are completed.
Once that basic installation is complete, you can use this document.
How this guide is organized
This section of the guide provides a brief provides a chapter-by-chapter summary of this
guide.
FortiGate Voice Version 4.0 MR1 Administration Guide
6 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Introduction How this guide is organized
The most recent version of this document is available from the FortiGate page of the
Fortinet Technical Documentation web site.
You can also learn more about the FortiGate Voice product from the same FortiGate page,
as well as from the Fortinet Knowledge Base.
This administration guide contains the following chapters:
• Example FortiGate Voice branch office configuration provides a configuration example
that describes how to configure a FortiGate Voice-80C unit to operate in NAT/Route
mode and provide basic UTM and SIP services for an example branch office network.
• FortiGate Voice web-based manager configuration reference describes FortiGate
Voice web-based manager configuration settings.
• FortiGate Voice VoIP, PBX, and PSTN CLI Reference describes upgrading and
managing firmware versions. You should review this section before upgrading your
FortiGate firmware because it contains important information about how to properly
back up your current configuration settings and what to do if the upgrade is
unsuccessful.
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 7
http://docs.fortinet.com/ • Feedback
How this guide is organized Introduction
FortiGate Voice Version 4.0 MR1 Administration Guide
8 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Document conventions
Fortinet technical documentation uses the conventions described below.
IP addresses
To avoid publication of public IP addresses that belong to Fortinet or any other
organization, the IP addresses used in Fortinet technical documentation are fictional and
follow the documentation guidelines specific to Fortinet. The addresses used are from the
private IP address ranges defined in RFC 1918: Address Allocation for Private Internets,
available at http://ietf.org/rfc/rfc1918.txt?number-1918.
Most of the examples in this document use the following IP addressing:
• IP addresses are made up of A.B.C.D
• A - can be one of 192, 172, or 10 - the non-public addresses covered in RFC 1918.
• B - 168, or the branch / device / virtual device number.
• Branch number can be 0xx, 1xx, 2xx - 0 is Head office, 1 is remote, 2 is other.
• Device or virtual device - allows multiple FortiGate units in this address space
(VDOMs).
• Devices can be from x01 to x99.
• C - interface - FortiGate units can have up to 40 interfaces, potentially more than one
on the same subnet
• 001 - 099- physical address ports, and non -virtual interfaces
• 100-255 - VLANs, tunnels, aggregate links, redundant links, vdom-links, etc.
• D - usage based addresses, this part is determined by what device is doing
• The following gives 16 reserved, 140 users, and 100 servers in the subnet.
• 001 - 009 - reserved for networking hardware, like routers, gateways, etc.
• 010 - 099 - DHCP range - users
• 100 - 109 - FortiGate devices - typically only use 100
• 110 - 199 - servers in general (see later for details)
• 200 - 249 - static range - users
• 250 - 255 - reserved (255 is broadcast, 000 not used)
• The D segment servers can be farther broken down into:
• 110 - 119 - Email servers
• 120 - 129 - Web servers
• 130 - 139 - Syslog servers
• 140 - 149 - Authentication (RADIUS, LDAP, TACACS+, FSAE, etc)
• 150 - 159 - VoIP / SIP servers / managers
• 160 - 169 - FortiAnalyzers
• 170 - 179 - FortiManagers
• 180 - 189 - Other Fortinet products (FortiScan, FortiDB, etc.)
• 190 - 199 - Other non-Fortinet servers (NAS, SQL, DNS, DDNS, etc.)
• Fortinet products, non-FortiGate, are found from 160 - 189.
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 9
http://docs.fortinet.com/ • Feedback
Document conventions
The following table shows some examples of how to choose an IP number for a device
based on the information given. For internal and dmz, it is assumed in this case there is
only one interface being used.
Table 1: Examples of the IP numbering
Location and device Internal Dmz External
Head Office, one FortiGate 10.011.101.100 10.011.201.100 172.20.120.191
Head Office, second FortiGate 10.012.101.100 10.012.201.100 172.20.120.192
Branch Office, one FortiGate 10.021.101.100 10.021.201.100 172.20.120.193
Office 7, one FortiGate with 9
VDOMs
Office 3, one FortiGate, web
server
Bob in accounting on the
corporate user network (dhcp)
at Head Office, one FortiGate
Router outside the FortiGate n/a n/a 172.20.120.195
10.079.101.100 10.079.101.100 172.20.120.194
n/a 10.031.201.110 n/a
10.0.11.101.200 n/a n/a
FortiGate Voice Version 4.0 MR1 Administration Guide
10 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Port1
Port2 and Port3
Port1: 172.20.120.141
Port2: 10.11.101.100
FortiGate-620B
Cluster
FortiGate-51B
Linksys SRW2008
Windows PC
10.11.101.10
INT: 10.11.101.101
WLAN: 10.12.101.100
SSID: example.com
Password: supermarine
DHCP range: 10.12.101.200-249
FortiWiFi-80CM
FortiGate-82C
Port2: 10.11.101.102
Port1:
172.20.120.130
(sniffer mode)
Port8
(mirror of Port2 and Port3)
Port5
Old Lab
Head office
Linux PC
10.11.101.20
FortiAnalyzer-100B
Port2: 10.11.101.130
Switch: 10.21.101.100
Port4:
10.22.101.100
WAN1: 172.20.120.131
WAN1: 172.20.120.122
Internal: 10.31.101.100
FortiGate-111C
Linux PC
10.21.101.10
FortiGate-3810A
Port1:
10.21.101.101
FortiManager-3000B
Port1:
10.21.101.160
FortiSwitch-5003A
FortiGate-5050SM
Port1: 10.22.101.161
Port1: 10.22.101.104
FortiSwitch-5003A
FortiGate-5050SM
Port1: 10.21.101.161
Port1: 10.21.101.104
FortiGate-5005FA2
Cluster
FortiGate-5005FA2
Port1: 10.21.101.102
Port1: 10.21.101.102
Port1: 10.21.101.103
Branch office
Branch office
Internet
Internal
Network
Windows PC
10.31.101.10
Engineering
Network
10.22.101.0
FortiMail-100C
Port1: 10.11.101.110
Document conventions
Example Network configuration
The network configuration shown in Figure 2 or variations on it is used for many of the
examples in this document. In this example, the 172.20.120.0 network is equivalent to the
Internet. The network consists of a head office and two branch offices.
Figure 2: Example network configuration
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 11
http://docs.fortinet.com/ • Feedback
Document conventions
Cautions, Notes and Tips
Fortinet technical documentation uses the following guidance and styles for cautions,
notes and tips.
Caution: Warns you about commands or procedures that could have unexpected or
undesirable results including loss of data or damage to equipment.
Note: Presents useful information, but usually focused on an alternative, optional method,
such as a shortcut, to perform a step.
Tip: Highlights useful additional information, often tailored to your workplace activity.
FortiGate Voice Version 4.0 MR1 Administration Guide
12 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Document conventions
Typographical conventions
Fortinet documentation uses the following typographical conventions:
Table 2: Typographical conventions in Fortinet technical documentation
Convention Example
Button, menu, text box,
field, or check box label
CLI input config system dns
CLI output FGT-602803030703 # get system settings
Emphasis HTTP connections are not secure and can be intercepted by a third
File content <HTML><HEAD><TITLE>Firewall
Hyperlink Visit the Fortinet Technical Support web site,
Keyboard entry Type a name for the remote VPN peer or client, such as
Navigation Go to VPN > IPSEC > Auto Key (IKE).
Publication For details, see the FortiOS Handbook.
From Minimum log level, select Notification.
set primary <address_ipv4>
end
comments : (null)
opmode : nat
party.
Authentication</TITLE></HEAD>
<BODY><H4>You must authenticate to use this
service.</H4>
https://support.fortinet.com.
Central_Office_1.
CLI command syntax conventions
This guide uses the following conventions to describe the syntax to use when entering
commands in the Command Line Interface (CLI).
Brackets, braces, and pipes are used to denote valid permutations of the syntax.
Constraint notations, such as <address_ipv4>, indicate which data types or string
patterns are acceptable value input.
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 13
http://docs.fortinet.com/ • Feedback
Document conventions
Table 3: Command syntax notation
Convention Description
Square brackets [] A non-required word or series of words. For example:
[verbose {1 | 2 | 3}]
indicates that you may either omit or type both the verbose word and
its accompanying option, such as:
verbose 3
Angle brackets <> A word constrained by data type.
To define acceptable input, the angled brackets contain a descriptive
name followed by an underscore ( _ ) and suffix that indicates the
valid data type. For example:
<retries_int>
indicates that you should enter a number of retries, such as 5.
Data types include:
• <xxx_name>: A name referring to another part of the
configuration, such as policy_A.
• <xxx_index>: An index number referring to another part of the
configuration, such as 0 for the first static route.
• <xxx_pattern>: A regular expression or word with wild cards
that matches possible variations, such as *@example.com to
match all email addresses ending in @example.com.
• <xxx_fqdn>: A fully qualified domain name (FQDN), such as
mail.example.com.
• <xxx_email>: An email address, such as
admin@mail.example.com.
• <xxx_url>: A uniform resource locator (URL) and its associated
protocol and host name prefix, which together form a uniform
resource identifier (URI), such as
http://www.fortinet./com/.
• <xxx_ipv4>: An IPv4 address, such as 192.168.1.99.
• <xxx_v4mask>: A dotted decimal IPv4 netmask, such as
255.255.255.0.
• <xxx_ipv4mask>: A dotted decimal IPv4 address and netmask
separated by a space, such as
192.168.1.99 255.255.255.0.
• <xxx_ipv4/mask>: A dotted decimal IPv4 address and
CIDR-notation netmask separated by a slash, such as such as
192.168.1.99/24.
• <xxx_ipv6>: A colon( : )-delimited hexadecimal IPv6 address,
such as 3f2e:6a8b:78a3:0d82:1725:6a2f:0370:6234.
• <xxx_v6mask>: An IPv6 netmask, such as /96.
• <xxx_ipv6mask>: An IPv6 address and netmask separated by a
space.
• <xxx_str>: A string of characters that is not another data type,
such as P@ssw0rd. Strings containing spaces or special
characters must be surrounded in quotes or use escape
sequences.
• <xxx_int>: An integer number that is not another data type,
such as 15 for the number of minutes.
Curly braces {} A word or series of words that is constrained to a set of options
delimited by either vertical bars or spaces.
You must enter at least one of the options, unless the set of options is
surrounded by square brackets [ ].
FortiGate Voice Version 4.0 MR1 Administration Guide
14 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Registering your Fortinet product
Table 3: Command syntax notation (Continued)
Convention Description
Options
delimited by
vertical bars |
Options
delimited by
spaces
Mutually exclusive options. For example:
{enable | disable}
indicates that you must enter either enable or disable, but must
not enter both.
Non-mutually exclusive options. For example:
{http https ping snmp ssh telnet}
indicates that you may enter all or a subset of those options, in any
order, in a space-delimited list, such as:
ping https ssh
Note: To change the options, you must re-type the entire list. For
example, to add snmp to the previous example, you would type:
ping https snmp ssh
If the option adds to or subtracts from the existing list of options,
instead of replacing it, or if the list is comma-delimited, the exception
will be noted.
Registering your Fortinet product
Before you begin configuring and customizing features, take a moment to register your
Fortinet product at the Fortinet Technical Support web site, https://support.fortinet.com.
Many Fortinet customer services, such as firmware updates, technical support, and
FortiGuard Antivirus and other FortiGuard services, require product registration.
For more information, see the Fortinet Knowledge Center article Registration Frequently
Asked Questions.
Fortinet products End User License Agreement
See the Fortinet products End User License Agreement.
Training
Fortinet Training Services provides courses that orient you quickly to your new equipment,
and certifications to verify your knowledge level. Fortinet provides a variety of training
programs to serve the needs of our customers and partners world-wide.
To learn about the training services that Fortinet provides, visit the Fortinet Training
Services web site at http://campus.training.fortinet.com, or email training@fortinet.com.
Documentation
The Fortinet Technical Documentation web site, http://docs.fortinet.com, provides the
most up-to-date versions of Fortinet publications, as well as additional technical
documentation such as technical notes.
In addition to the Fortinet Technical Documentation web site, you can find Fortinet
technical documentation on the Fortinet Tools and Documentation CD, and on the Fortinet
Knowledge Center.
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 15
http://docs.fortinet.com/ • Feedback
Customer service and technical support
Fortinet Tools and Documentation CD
Many Fortinet publications are available on the Fortinet Tools and Documentation CD
shipped with your Fortinet product. The documents on this CD are current at shipping
time. For current versions of Fortinet documentation, visit the Fortinet Technical
Documentation web site, http://docs.fortinet.com.
Fortinet Knowledge Base
The Fortinet Knowledge Base provides additional Fortinet technical documentation, such
as troubleshooting and how-to-articles, examples, FAQs, technical notes, a glossary, and
more. Visit the Fortinet Knowledge Base at http://kb.fortinet.com.
Comments on Fortinet technical documentation
Please send information about any errors or omissions in this or any Fortinet technical
document to techdoc@fortinet.com.
Customer service and technical support
Fortinet Technical Support provides services designed to make sure that your Fortinet
products install quickly, configure easily, and operate reliably in your network.
To learn about the technical support services that Fortinet provides, visit the Fortinet
Technical Support web site at https://support.fortinet.com.
You can dramatically improve the time that it takes to resolve your technical support ticket
by providing your configuration file, a network diagram, and other specific information. For
a list of required information, see the Fortinet Knowledge Base article FortiGate
Troubleshooting Guide - Technical Support Requirements.
FortiGate Voice Version 4.0 MR1 Administration Guide
16 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Example FortiGate Voice branch office configuration
Example FortiGate Voice branch office
configuration
This section describes how to configure a FortiGate Voice-80C unit to operate in
NAT/Route mode and provide basic UTM and SIP services for the example branch office
network shown in Figure 3 on page 18. The non-PSTN parts of this example configuration
also apply to FortiGate Voice models that do not include PSTN interfaces.
In this example the FortiGate Voice-80C unit provides:
• Internet connectivity, networking, and UTM features for the PCs on the branch office
internal network.
• An single line a/b wire connection between the FortiGate Voice-80C fxo1 interface and
a public switched telephone network (PSTN) line so that branch office phones can call
the PSTN or receive calls from the PSTN.
• VoIP PBX services for FortiFones and SIP soft phones connected to the branch office
internal network. PBX features include:
• Extensions to the FortiFones and SIP soft phones in the internal network. The
branch office phones use numeric extensions beginning with the number 6 and
including three more digits. Example valid extensions are 6123, 6456, and 6899.
• Extensions for phones behind NAT devices on the internal network.
• Extensions for phones behind NAT devices on a remote network.
• To collect voicemail the branch office phones dial *97.
• SIP trunking to a VoIP provider for calling the head office.
• To call a phone number on the PSTN, the branch office phones dial 9 followed by
the phone number. PSTN support will also include:
• Dialing 911 for emergencies
• Support for dialing international calls
• Support for dialing toll free calls
• Support for long distance calls
• The FortiGate Voice unit sends email notifications to users when they receive
voicemail.
• To call the head office, the branch office phones dial a head office extension
directly. The head office extension range is 2000-2999.
This configuration example describes configuring the FortiGate Voice-80C unit to support
these services and where required also provides configuration steps for other devices
such as the FortiFones and the remote FortiGate unit operating in NAT mode.
Details about the PSTN connection requirements, SIP trunking for the VoIP provider and
the Head Office SIP configuration are not described.
FortiGate Voice Version 4.0 MR1 Administration Guide
01-410-112851-20100601 17
http://docs.fortinet.com/ • Feedback
General configuration steps Example FortiGate Voice branch office configuration
Figure 3: Example Branch Office network configuration
Branch Office
Internal network
PCs with SIP soft phones
and FortiFones
Subnet: 172.20.120.0
Extension Range 6000 - 6999
PC
FortiFone
PC
FortiFone
PC
FortiFone
behind a NAT
device
NAT device
SIP
LAN internal
172.20.120.10
a/b - wire
fxo1
192.168.10.10
FortiGate Voice-80C
PSTN
SIP Trunking SIP Trunking
WAN WAN
wan1
Internet
VoIP Provider
IP: 192.168.20.10
Remote Users
with FortiFones or
SIP soft phones
Extension range
6000 - 6999
Remote
FortiGate unit
in NAT mode
external
192.168.40.10
IP: 192.168.30.10
Extention Range
This section describes:
• General configuration steps
• Connecting the FortiGate Voice unit
• Configuring basic FortiGate Voice network and UTM settings
• Configuring network settings for the devices on the Internal network
• Configuring the FortiGate Voice PSTN and PBX settings
• Configuring the FortiFones on the internal network
• Adding extensions and configuring FortiFones for users behind a NAT device
Head Office
2000 - 2999
General configuration steps
1 Connect the FortiGate Voice unit to the Internet, the internal network and the PSTN.
2 Configure FortiGate Voice unit network and UTM settings.
The network configuration includes enabling the SIP Traffic option on the internal and
wan1 interfaces. You must enable SIP traffic on these interfaces to accept and process
SIP calls. No other special network configuration, firewall policies, or routing is required
for the FortiGate Voice to accept and process SIP calls.
Note: You do not have to add SIP firewall policies to enable SIP traffic for the FortiGate
Voice unit to function as a PBX. Also, with PBX functionality enabled, you cannot apply
FortiGate SIP application control features to SIP traffic received by FortiGate Voice
interfaces for which you have enabled the SIP Traffic option.
This example also describes how to configure the FortiGate Voice as a DHCP server
and DNS server for the branch office internal network. As a DHCP server the FortiGate
Voice can supply network configuration settings for the PCs and FortiFones on the
internal network.
3 Configure network settings for the PCs on the Internal network.
4 Configuring the FortiGate Voice PSTN and PBX settings.
FortiGate Voice Version 4.0 MR1 Administration Guide
18 01-410-112851-20100601
http://docs.fortinet.com/ • Feedback
Loading...