Fortinet black logo

Cookbook

Home FortiGate / FortiOS 6.0.0 Cookbook

Installing Accounting and Marketing

6.0.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:761492
Download PDF

Installing Accounting and Marketing

  1. To edit wan1 on Accounting, go to Network > Interfaces.
  2. Set an IP/Network Mask for the interface that is on the same subnet as port 10 on Edge (in the example, 192.168.10.10/255.255.255.0).

  3. Under Administrative Access, select HTTPS and SSH to allow Edge to use this interface to manage the FortiGate.

  4. Edit the lan interface.

  5. Set Addressing mode to Manual and set the IP/Network Mask to a private IP address (in the example, 10.10.10.1/255.255.255.0).

  6. Set Administrative Access to allow FortiTelemetry.

  7. If you require the FortiGate to provide IP addresses using DHCP to devices that connect to this interface, enable DHCP Server.

  8. Under Networked Devices, enable Device Detection.

    Note

    It's a best practice to enable Device Detection on all interfaces classified as LAN or DMZ.

  9. To add a static route, go to Network > Static Routes. Set Gateway to the IP address of port 10 on Edge.

  10. To create a policy to allow users on the Accounting network to access Edge, go to Policy & Objects > IPv4 Policy.

  11. To add Accounting to the Security Fabric, go to Security Fabric > Settings. Enable FortiGate Telemetry, then enter the same Group name and Group password that you set previously on Edge (the Group password option isn’t available isn’t available in FortiOS 6.0.3 and later).

  12. Enable Connect to upstream FortiGate and enter the IP address of port 10 on Edge.

  13. FortiAnalyzer Logging is enabled by default. Settings for the FortiAnalyzer are retrieved when Accounting connects to Edge.

  14. Connect WAN 1 on Accounting to port 10 on Edge.

  15. Connect and configure Marketing, using the same method that you used to configure Accounting. Make sure you complete the following steps:

    • Configure WAN 1 to connect to Edge (IP address: 192.168.200.10/255.255.255.0) and allow HTTPS and SSH access.

    • Configure the LAN interface for the Marketing network (IP address: 10.10.200.2/255.255.255.0).

    1. Create a static route pointing traffic to port 11 on Edge.

    2. Create a policy to allow users on the Marketing network to access Edge.

    3. Add Marketing to the Security Fabric.

  16. If you’re using FortiOS 6.0.3 and later, connect to Edge and go to Security Fabric > Settings. Authorize both Accounting and Marketing to join the Security Fabric.

Previous
Next

Related Videos

sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 1: Introduction

  • 7,629 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 2: Asset Tagging

  • 1,676 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 3: Compromised Hosts Management

  • 882 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 4: Connectors

  • 1,343 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 5: SSO and Identity Connectors

  • 1,363 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 6: Automation

  • 1,381 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 7: Automation: AWS Lambda and Gener

  • 866 views
  • 5 years ago
sidebar video

Fortinet Security Fabric 6.0.0 Series - Part 8: Security Rating

  • 1,843 views
  • 5 years ago

Installing Accounting and Marketing

  1. To edit wan1 on Accounting, go to Network > Interfaces.
  2. Set an IP/Network Mask for the interface that is on the same subnet as port 10 on Edge (in the example, 192.168.10.10/255.255.255.0).

  3. Under Administrative Access, select HTTPS and SSH to allow Edge to use this interface to manage the FortiGate.

  4. Edit the lan interface.

  5. Set Addressing mode to Manual and set the IP/Network Mask to a private IP address (in the example, 10.10.10.1/255.255.255.0).

  6. Set Administrative Access to allow FortiTelemetry.

  7. If you require the FortiGate to provide IP addresses using DHCP to devices that connect to this interface, enable DHCP Server.

  8. Under Networked Devices, enable Device Detection.

    Note

    It's a best practice to enable Device Detection on all interfaces classified as LAN or DMZ.

  9. To add a static route, go to Network > Static Routes. Set Gateway to the IP address of port 10 on Edge.

  10. To create a policy to allow users on the Accounting network to access Edge, go to Policy & Objects > IPv4 Policy.

  11. To add Accounting to the Security Fabric, go to Security Fabric > Settings. Enable FortiGate Telemetry, then enter the same Group name and Group password that you set previously on Edge (the Group password option isn’t available isn’t available in FortiOS 6.0.3 and later).

  12. Enable Connect to upstream FortiGate and enter the IP address of port 10 on Edge.

  13. FortiAnalyzer Logging is enabled by default. Settings for the FortiAnalyzer are retrieved when Accounting connects to Edge.

  14. Connect WAN 1 on Accounting to port 10 on Edge.

  15. Connect and configure Marketing, using the same method that you used to configure Accounting. Make sure you complete the following steps:

    • Configure WAN 1 to connect to Edge (IP address: 192.168.200.10/255.255.255.0) and allow HTTPS and SSH access.

    • Configure the LAN interface for the Marketing network (IP address: 10.10.200.2/255.255.255.0).

    1. Create a static route pointing traffic to port 11 on Edge.

    2. Create a policy to allow users on the Marketing network to access Edge.

    3. Add Marketing to the Security Fabric.

  16. If you’re using FortiOS 6.0.3 and later, connect to Edge and go to Security Fabric > Settings. Authorize both Accounting and Marketing to join the Security Fabric.

Previous
Next