Fortinet FortiLog FortiLog-2000 Quick Start Manual

Internet

Ethernet Cables:

Orange - Crossover

Grey - Straight-through

Documentation

FortiLog-2000

QuickStart Guide

Copyright 2005 Fortinet Incorporated. All rights reserved.
Trademarks
Products mentioned in this document are trademarks.

Power Cable

Front

Ethernet

Connections

RJ-45
Serial

Connection

LCD

Panel

LED indicators:

Power, Error, Network Access

Back

Power

Connections

USB ports

for future use

RJ-45 to

DB-9 Serial Cable

Power cable connects

to power outlet

Backup

power outlet

Straight-through Ethernet cable connects

to hub or switch on the network

RJ-45 to DB-9 serial cable connects
to management computer

Connector Type Speed Protocol Description

Ports 1, 2, 3, 4 RJ-45 10/100Base-T Ethernet Connection to the network.

CONSOLE DB-9 9600 bps RS-232

serial

Connection to the management computer.
Provides access to the command line interface (CLI).

FortiLog unit LED Indicators

LED State Description

Power On The FortiLog unit is powered on.

Off The Forti Log unit is powered off.

Status On The FortiLog unit is running normally.

Ethernet
ports
(back)

Flashing Network activities at this interface.

Off No link at the interface.

10/100 On The interface is connected at 100 Mbps.

Off The interface is conn ected at 10 Mbps.

Link Act Flashing Network activities on the FortiLog unit

On Interface connected.

Check that the package contents are complete.

QuickStart Guide

Checking the package contents

1

Things you need to know before installing the FortiLog unit.

You can add the FortiLog unit to your local FortiGate network to receive log messages from your local FortiGate units, or
connect the FortiLog unit to the FortiGate units remotely using FortiManager. To connect the FortiLog unit to the
FortiGate units remotely, you must configure the DNS server and the default gateway.

To manage the FortiLog unit, you can use a computer within the local network or over the Internet.

Factory Defaults

Administrator
account

User name: admin

Password: (none)

Port 1

IP: 192.168.1.99

Netmask: 255.255.255.0

Management Access: ping, https, ssh, http

Port 2

IP: 192.168.2.99

Netmask: 255.255.255.0

Management Access: ping, https, ssh, http

Port 3

IP: 192.168.3.99

Netmask: 255.255.255.0

Management Access: ping, https, ssh, http

Port 4

IP: 192.168.4.99

Netmask: 255.255.255.0

Management Access: ping, https, ssh, http

Planning the installation

2

Connecting the FortiLog unit

3

Connect the FortiLog unit to a power outlet and to the network hub or switch .

• Place the FortiLog unit on a stable surface. It requires 1.5 inches (3.75 cm) clearance on each side to allow for cooling.

• Make sure the power is not plugged into the wall before connecting the power cable.

• The Status light flashes while the unit is starting up and remains lit when the system is up and running.

© Copyright 2005 Fortinet Incorporated. All rights reserved.

Trademarks

Products mentioned in this document are trademarks or registered trademarks of their respective holders.

Regulatory Compliance

FCC Class A Part 15, CE, and UL
30 September 2005

For technical support please visit http://www.fortinet.com.

FortiLog-2000

05-30000-0237-20050930

Adding an administration password

By default, the admin user does not have a password. To restrict access to the FortiLog
unit management account, add a password for the admin user account.

To add the admin user account password

1. In the web-based manager, go to System > Config > Admin.

2. For the admin user, select the Change Password icon.

3. Enter a new password in the New Password box. Reenter it in the Confirm
Password box.

4. Select OK.

Congratulations! You have set up the FortiLog unit and finished configuring the basic settings.

For more information

7

Technical documentation

The most up-to-date publications and previous releases of Fortinet product
documentation are available from the Fortinet Technical Documentation web

site at http://docs.forticare.com.

Fortinet Knowledge Center

The knowledge center contains short how-to articles, FAQs, technical notes, product
and feature guides, and much more. Visit the Fortinet Knowledge Center at

http://kc.forticare.com.

Technical support

Fortinet Technical Support Web site:

http://support.fortinet.com

Fortinet email support:

amer_support@fortinet.com For customers in the United States, Canada,

Mexico, Latin America and South America.

apac_support@fortinet.com For customers in Japan, Korea, China, Hong Kong,

Singapore, Malaysia, all other Asian countries, and
Australia.

eu_support@fortinet.com For customers in the United Kingdom, Scandinavia,

Mainland Europe, Africa, and the Middle East.

Using the web-based manager

Use the following procedure to connect to the web-based manager for the first time.
Configuration changes made with the web-based manager are effective immediately
without resetting the FortiLog unit or interrupting service.

To connect to the web-based manager, you need:

• An Ethe rnet connection between the FortiLog unit and management computer.

• Internet Explorer version 6.0 or higher, or recent browser such as FireFox on the
management computer.

To connect to the web-based manager

1. Connect the Port 1 interface of the FortiLog unit to Ethernet port of the management
computer.

Use a cross-over Ethernet cable to connect the devices directly. Use
straight-through Ethernet cables to connect the devices through a hub or switch.

2. Configure the management computer to be on the same subnet as the FortiLog
LAN interface.

To do this, change the IP address of the management computer to 192.168.1.2 and
the netmask to 255.255.255.0.

3. To access the FortiLog web-based manager, in your browser, go to https://

192.168.1.99 (remember to include the “s” in https://).

4. Type

admin

in the Name field and select Login.

After connecting to the Web-based manager, you can configure the FortiLog unit IP
address, DNS server IP address, and default gateway to connect the FortiLog unit to
the network.

To configure interfaces

1. Go to System > Network > Interface.

2. Select the edit icon for each interface to configure.

3. Set the IP address and netmask for the interface.

4. Select OK.

To configure the Primary and Secondary DNS server IP addresses

1. Go to System > Network > DNS, enter the Primary and Secondary DNS IP
addresses select Apply.

To configure a Default Gateway

1. Go to System > Network > Routing and select Create New.

2. Set Gateway to the Default Gateway IP address and select OK.

Use these procedures if you experience problems operating the FortiLog unit.

Restarting the FortiLog Unit

5

Should you mistakenly change a network setting and cannot connect to the unit, reboot
the unit and try again or to set the unit back to factory defaults and start over again.

To use the web-based manager procedures

1. Go to System > Dashboard.

2. Do one of the following:

• Select Restart to reboot the unit.

• Select Restore Factory Default to restore the factory default configuration.

To use the CLI

1. Restart the unit:

execute reboot

2. Restore factory default configuration:

execute factoryreset

The FortiLog-2000 has serial port. Use the RJ-45 to DB9 cable to connect it to your
management computer.

To connect to the FortiLog-2000 unit

1. Use RJ-45 to DB9 cable to connect the FortiLog serial port to the management
computer serial port.

2. Start a terminal emulation program (such as HyperTerminal) on the management
computer. Use these settings: Baud Rate 9600, Data bits 8,
Parity None, Stop bits 1, Flow Control None.

3. At the login: prompt, type admin and press Enter twice.
(The

login

prompt is preceded by the server default host name.)

After connecting to the CLI, you can configure the FortiLog unit IP address, DNS server
IP address, and default gateway to connect the FortiLog unit to the network.

To configure the FortiLog unit using the CLI

1. Set the IP address and netmask of the LAN interface:

set system interface <port#> mode static ip <IP_address> <netmask>

2. Confirm that the address is correct:

get system interface

3. Set the primary DNS server IP address:

set system dns primary <IP_address>

4. Optionally set the secondary DNS server IP address:

set system dns secondary <IP_address>

5. Set the default gateway:

set system route number <route_no> dst 0.0.0.0 0.0.0.0 gw1 <gw_ip>

Using the CLI

Use the web-based manager or the Command Line Interface (CLI) to configure the FortiLog unit
IP address, netmask, DNS server IP address, and default gateway IP address.
Remember to change the password.

Configuring the FortiLog unit

4

Using the CLI

Use these procedures when turning off the FortiLog unit.

Shutting down the FortiLog Unit

6

When powering off the FortiLog unit, always shut down the unit using the following
procedures before disconnecting the power supply. By not following this procedure
you risk damaging the FortiLog hard disk.

To power off the FortiLog unit

1. From the web-based manager, go to System > Dashboard.

2. In the System Operation list, select Shut Down and select Go.

From the CLI

Enter

execute shutdown

.