Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Set up the Deployment Network

Use the Deception > Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK.

    You can select multiple ports.

  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Action

    Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

    Appliance

    Destination of the VLAN/Subnet. This can be local (manager) or remote client (remote appliance). This column only shows in Central Management mode on the manager.

    Status

    Status of the IP address, such as if it is initialized.

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    VLAN ID

    The VLAN's unique integer ID.

    Deploy Monitor IP/Mask

    The IP address to monitor.

    Gateway

    The gateway IP address of the deployment network.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

  5. Click Save.

The deploy monitor IP/Mask must be an IP address and not a subnet.

You must use the following guidelines to set the network IP/mask:

  • Interface name and VLAN ID must be unique among all network IP/masks.
  • If VLAN ID is 0, the network IP/mask must be unique among all the network IP/masks without VLAN and all system interfaces.
  • If VLAN is not 0, the network IP/mask must be unique among all subnets in the same VLAN.

Set up the Deployment Network

Use the Deception > Deployment Network page to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Deployment Network.
  2. Enable Auto VLAN Detection to automatically detect the VLANs on your network.

    Auto VLAN detection allows FortiDeceptor to detect the available VLANs on the deployment network interface and display them in the GUI. You can select and add the VLANs for the deployment of Decoys later.

  3. Select the Detection Interface and click OK.

    You can select multiple ports.

  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet. Configure the following settings:

    Action

    Click Edit to edit the VLAN or subnet entry. The Edit button is visible only after the entry is saved.

    Appliance

    Destination of the VLAN/Subnet. This can be local (manager) or remote client (remote appliance). This column only shows in Central Management mode on the manager.

    Status

    Status of the IP address, such as if it is initialized.

    Name

    Name of the VLAN or subnet.

    Interface

    The port that connects to the VLAN or subnet.

    VLAN ID

    The VLAN's unique integer ID.

    Deploy Monitor IP/Mask

    The IP address to monitor.

    Gateway

    The gateway IP address of the deployment network.

    Tag

    You can specify a tag for the VLAN or subnet.

    Ref

    The number of objects referring to this object.

  5. Click Save.

The deploy monitor IP/Mask must be an IP address and not a subnet.

You must use the following guidelines to set the network IP/mask:

  • Interface name and VLAN ID must be unique among all network IP/masks.
  • If VLAN ID is 0, the network IP/mask must be unique among all the network IP/masks without VLAN and all system interfaces.
  • If VLAN is not 0, the network IP/mask must be unique among all subnets in the same VLAN.