Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Related Videos

Fortinet Security Fabric 6.0.0 Series - Part 1: Introduction

  • 6,438 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 2: Asset Tagging

  • 1,421 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 3: Compromised Hosts Management

  • 853 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 4: Connectors

  • 1,126 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 5: SSO and Identity Connectors

  • 1,168 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 6: Automation

  • 1,066 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 7: Automation: AWS Lambda and Gener

  • 745 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 8: Security Rating

  • 1,397 views
  • 1 years ago

Cookbook

Download PDF
Copy Link

Installing Accounting and Marketing

  1. To edit wan1 on Accounting, go to Network > Interfaces.
  2. Set an IP/Network Mask for the interface that is on the same subnet as port 10 on Edge (in the example, 192.168.10.10/255.255.255.0).
  3. Under Administrative Access, select HTTPS and SSH to allow Edge to use this interface to manage the FortiGate.

  4. Edit the lan interface.

  5. Set Addressing mode to Manual and set the IP/Network Mask to a private IP address (in the example, 10.10.10.1/255.255.255.0).

  6. Set Administrative Access to allow FortiTelemetry.
  7. If you require the FortiGate to provide IP addresses using DHCP to devices that connect to this interface, enable DHCP Server.

  8. Under Networked Devices, enable Device Detection.

    Note

    It's a best practice to enable Device Detection on all interfaces classified as LAN or DMZ.

  9. To add a static route, go to Network > Static Routes. Set Gateway to the IP address of port 10 on Edge.

  10. To create a policy to allow users on the Accounting network to access Edge, go to Policy & Objects > IPv4 Policy.

  11. To add Accounting to the Security Fabric, go to Security Fabric > Settings. Enable FortiGate Telemetry, then enter the same Group name and Group password that you set previously on Edge (the Group password option isn’t available isn’t available in FortiOS 6.0.3 and later).

  12. Enable Connect to upstream FortiGate and enter the IP address of port 10 on Edge.

  13. FortiAnalyzer Logging is enabled by default. Settings for the FortiAnalyzer are retrieved when Accounting connects to Edge.

  14. Connect WAN 1 on Accounting to port 10 on Edge.

  15. Connect and configure Marketing, using the same method that you used to configure Accounting. Make sure you complete the following steps:

    • Configure WAN 1 to connect to Edge (IP address: 192.168.200.10/255.255.255.0) and allow HTTPS and SSH access.

    • Configure the LAN interface for the Marketing network (IP address: 10.10.200.2/255.255.255.0).

    1. Create a static route pointing traffic to port 11 on Edge.

    2. Create a policy to allow users on the Marketing network to access Edge.

    3. Add Marketing to the Security Fabric.

  16. If you’re using FortiOS 6.0.3 and later, connect to Edge and go to Security Fabric > Settings. Authorize both Accounting and Marketing to join the Security Fabric.

Related Videos

Fortinet Security Fabric 6.0.0 Series - Part 1: Introduction

  • 6,438 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 2: Asset Tagging

  • 1,421 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 3: Compromised Hosts Management

  • 853 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 4: Connectors

  • 1,126 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 5: SSO and Identity Connectors

  • 1,168 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 6: Automation

  • 1,066 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 7: Automation: AWS Lambda and Gener

  • 745 views
  • 1 years ago

Fortinet Security Fabric 6.0.0 Series - Part 8: Security Rating

  • 1,397 views
  • 1 years ago

Installing Accounting and Marketing

  1. To edit wan1 on Accounting, go to Network > Interfaces.
  2. Set an IP/Network Mask for the interface that is on the same subnet as port 10 on Edge (in the example, 192.168.10.10/255.255.255.0).
  3. Under Administrative Access, select HTTPS and SSH to allow Edge to use this interface to manage the FortiGate.

  4. Edit the lan interface.

  5. Set Addressing mode to Manual and set the IP/Network Mask to a private IP address (in the example, 10.10.10.1/255.255.255.0).

  6. Set Administrative Access to allow FortiTelemetry.
  7. If you require the FortiGate to provide IP addresses using DHCP to devices that connect to this interface, enable DHCP Server.

  8. Under Networked Devices, enable Device Detection.

    Note

    It's a best practice to enable Device Detection on all interfaces classified as LAN or DMZ.

  9. To add a static route, go to Network > Static Routes. Set Gateway to the IP address of port 10 on Edge.

  10. To create a policy to allow users on the Accounting network to access Edge, go to Policy & Objects > IPv4 Policy.

  11. To add Accounting to the Security Fabric, go to Security Fabric > Settings. Enable FortiGate Telemetry, then enter the same Group name and Group password that you set previously on Edge (the Group password option isn’t available isn’t available in FortiOS 6.0.3 and later).

  12. Enable Connect to upstream FortiGate and enter the IP address of port 10 on Edge.

  13. FortiAnalyzer Logging is enabled by default. Settings for the FortiAnalyzer are retrieved when Accounting connects to Edge.

  14. Connect WAN 1 on Accounting to port 10 on Edge.

  15. Connect and configure Marketing, using the same method that you used to configure Accounting. Make sure you complete the following steps:

    • Configure WAN 1 to connect to Edge (IP address: 192.168.200.10/255.255.255.0) and allow HTTPS and SSH access.

    • Configure the LAN interface for the Marketing network (IP address: 10.10.200.2/255.255.255.0).

    1. Create a static route pointing traffic to port 11 on Edge.

    2. Create a policy to allow users on the Marketing network to access Edge.

    3. Add Marketing to the Security Fabric.

  16. If you’re using FortiOS 6.0.3 and later, connect to Edge and go to Security Fabric > Settings. Authorize both Accounting and Marketing to join the Security Fabric.