12.03.2015 Views

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

Switch (<strong>FortiGate</strong>-224B only)<br />

Overview<br />

Switch (<strong>FortiGate</strong>-224B only)<br />

This section describes how to configure the switch portion of your <strong>FortiGate</strong>-224B<br />

unit. The following topics are included in this section:<br />

• Overview<br />

• Enabling switch view<br />

• Viewing WAN ports and WAN VLAN interfaces<br />

• Viewing switch-LAN ports<br />

• Viewing switch VLANs<br />

• Configuring port monitoring<br />

• Using Spanning-Tree Protocol<br />

• Configuring IGMP snooping<br />

• Configuring QoS<br />

• Configuring port quarantine<br />

• Configuring dynamic policies<br />

• Configuring 802.1X authentication<br />

• Viewing switch status<br />

Overview<br />

The <strong>FortiGate</strong>-224B unit contains all of the functionality of the Fortinet <strong>FortiGate</strong><br />

product family plus it can provide security and enhanced functionality for your<br />

local switched LAN.<br />

The <strong>FortiGate</strong>-224B firmware has two views:<br />

• firewall view - the unit is the same as other <strong>FortiGate</strong> models, except that it has<br />

28 network interfaces. This is the default mode.<br />

• switch mode - port1 through port26 are switch ports on the swlan interface.<br />

The web-based manager Switch menu is available, providing access to<br />

enhanced security features. HA is not supported.<br />

The switch portion of the <strong>FortiGate</strong>-224B unit is by default a single <strong>FortiGate</strong><br />

interface, native. You can configure firewall policies to permit <strong>com</strong>munication with<br />

other interfaces, applying antivirus and IPS scanning as needed.<br />

For security within the native network, you have several options:<br />

• Create switch VLANs. Configure firewall policies from each switch VLAN to<br />

other switch VLANs and other interfaces to control and protect traffic.<br />

• Create secure ports on native and its switch VLANs. A secure switch port is<br />

subject to <strong>FortiGate</strong> firewall policies and protection profiles. Configure firewall<br />

policies to control and protect traffic between switch ports.<br />

<strong>FortiGate</strong> Version 3.0 MR5 <strong>Administration</strong> <strong>Guide</strong><br />

01-30005-0203-20070830 207

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!