2. NETWORK SETUP
External network – to the
Internet
In the following, we will try to connect your
LAN to the Internet using a basic setup.
The same setup shown in the previous post
will be used: port 1 connected to the LAN and
port 2 facing to the Internet.
The configuration foresees the use of NAT, a
static IP address for the Internal Interface and
a DHCP received one for the external interface.
The
internal
IP
192.168.255.1/24
address
will
be:
Firewall Port 2 – bridged to
the physical machine
network port
FortiGate VM
Firewall port 1 –
configured on VMware
LAN segment 1
LAN segment 1
Virtual machine with
Ethernet port on Vmware
LAN segment 1
3. CONNECTING TO THE INTERNET
It’s a good practice to assign a meaningful label to each firewall
interface. In this example the “Inside” and “Outside” labels will
be used.
With your web browser open https://192.168.255.1, user admin
and no password.
Go to System > Network > Interfaces
Double click on port 1 and start to
configure it.
4. CONNECTING TO THE INTERNET CONTINUED
Follow the configuration
shown to the right.
Configure the Alias label
and enable the DHCP
server in order to assign IP
addresses
dynamically
onto the LAN.
The interface alias will be
show on all menus and
will help you to recognize
it.
Save configuration and go
to port 2.
5. CONNECTING TO THE INTERNET CONTINUED
Follow the
configuration shown to
the right.
Configure the Alias
label and check
“Retrieve default
gateway from server” in
order to receive the
default gateway using
DHCP.
Check also “Override
internal DNS” to use
DNS servers retrieved
by DHCP.
6. CONNECTING TO THE INTERNET CONTINUED
Go to Policy > Policy > Policy and click
onto “create new”.
Follow the configuration shown to the
right.
Note that a network object has been
used to configure the source address.
A network object associates a subnet
address to an easy to remember
object: the object must be created
manually.
In particular, enable NAT between port
1 and port 2 and log all sessions.
When applied, this rule will enable
your PCs inside the internal LAN to
connect to the Internet.
7. MORE NEEDS?
See hints on www.ipmax.it
Or email us your questions to info_ipmax@ipmax.it
8. IPMAX
IPMAX is a Fortinet Partner in Italy.
IPMAX is the ideal partner for companies seeking quality in products and
services. IPMAX guarantees method and professionalism to support its
customers in selecting technologies with the best quality / price ratio, in the
design, installation, commissioning and operation.
IPMAX srl
Via Ponchielli, 4
20063 Cernusco sul Naviglio (MI) – Italy
+39 02 9290 9171