00:00
>> In this video, you will learn how to add a FortiGate
00:00
in transparent mode to
00:00
your existing network configuration.
00:00
Adding security with no added complexity.
00:00
A FortiGate in transparent mode performs
00:00
no routing or network address translation,
00:00
but can still filter and scan traffic.
00:00
It will silently log traffic and apply
00:00
security profiles like application control, antivirus,
00:00
and web filtering with
00:00
no indication that the FortiGate is there,
00:00
giving you an invisible line of security
00:00
between the Internet and your internal network.
00:00
First, open the FortiGate dashboard to change
00:00
the FortiGate's operation mode from NAT to transparent.
00:00
Changing it will remove some of your configuration.
00:00
We recommend you select backup in
00:00
the system information widget before continuing.
00:00
Select "Change" next to operation mode.
00:00
Set the operation mode to
00:00
transparent and enter a management IP net mask,
00:00
and the default gateway IP to the Internet.
00:00
Visit the new management IP
00:00
>> to get back to the interface.
00:00
>> Now, you'll need to create a policy
00:00
to allow traffic through the FortiGate,
00:00
go to "Policy and Objects",
00:00
"IPV4", and create a new policy.
00:00
Set the incoming interface to the interface
00:00
>> that will connect to the internal network,
00:00
>> and set the outgoing interface to
00:00
the interface that will connect to
00:00
the router and Internet.
00:00
Configure the rest as normal, setting addresses
00:00
and services to all to allow all traffic through.
00:00
Skip enabling security features for now,
00:00
so you can be sure that the network setup is working.
00:00
Scroll down to logging options
00:00
and enable log allowed traffic.
00:00
Selecting all sessions to
00:00
ensure that all traffic is logged.
00:00
Now go to "System", "Dashboard",
00:00
"Status", and find the system resources widget.
00:00
Select "Shutdown" to power off the FortiGate unit,
00:00
or enter execute shut down in the CLI console.
00:00
Wait until the device powers off completely,
00:00
and then connect the router to the Internet facing
00:00
interface and the internal network
00:00
to the internal port interface.
00:00
Power on the FortiGate unit and wait for it to load.
00:00
Open a browser from a computer
00:00
on the internal network and browse
00:00
the Internet to ensure that you've
00:00
connected the devices properly.
00:00
Once you've verified that the setup is working,
00:00
open the FortiGate interface and go
00:00
to "Policy and Objects", "IPV4",
00:00
and edit your internal to Internet policy.
00:00
Scroll down to the security profile section
00:00
and enable some default profiles,
00:00
application control, and web filtering.
00:00
They can be configured further by going to
00:00
security profiles in the interface.
00:00
Open a browser and browse the Internet again.
00:00
You will have direct access to any Internet resources.
00:00
Meanwhile, the FortiGate will
00:00
be scanning your traffic for
00:00
viruses and logging your application use.
00:00
You can view the log traffic by going to
00:00
"Log and Report", "Forward Traffic" log.
00:00
Thank you for watching.
00:00
If you need further details,
00:00
you can visit docs.fortinet.com at
00:00
anytime to access our complete documentation library.
