Hướng dẫn cấu hình Fortinet trên EVE-NG
Tham khảo:
https://www.eve-ng.net/index.php/documentation/howtos/howto-add-fortinet-images/
https://docs.fortinet.com/document/fortigate-private-cloud/6.0.0/fortigate-vm-on-kvm/615472/configuring-port-1
https://docs.fortinet.com/document/fortigate-private-cloud/6.2.0/kvm-administration-guide/142213/connecting-to-the-fortigate-vm-gui
Download OS: https://tinyurl.com/fortinet1010
User: admin với password là rỗng
Cấu hình Port1 trên Fortinet FW:
config system interface
edit port1
set mode dhcp
append allowaccess http
append allowaccess https
next
end
+++++++++++++++++++++++++++++++++++++
config system interface
edit port1
set mode static
set ip 192.168.0.100 255.255.255.0
append allowaccess http
next
end
++++++++++++++++++++++++++++++++++++
Xem thông tin IP:
show system interface? //có dấu ? ở cuối lệnh
+++++++++++++++++++++++
Configuring port 1
VM platform or hypervisor management environments include a guest console window. On the FortiGate-VM, this provides access to the FortiGate console, equivalent to the console port on a hardware FortiGate unit. Before you can access the GUI, you must configure FortiGate-VM port1 with an IP address and administrative access.
To configure the port1 IP address:
In your hypervisor manager, start the FortiGate-VM and access the console window. You may need to press Enter to see a login prompt.
At the FortiGate-VM login prompt enter the username admin. By default there is no password. Press Enter.
Using CLI commands, configure the port1 IP address and netmask. Also, HTTP access must be enabled because until it is licensed the FortiGate-VM supports only low-strength encryption. HTTPS access will not work.
For example:
config system interface
edit port1
set mode static
set ip 192.168.0.100 255.255.255.0
append allowaccess http
next
end
Note
You can also use the append allowaccess CLI command to enable other access protocols, such as auto-ipsec, http, probe-response, radius-acct, snmp, and telnet. The ping, https, ssh, and fgfm protocols are enabled on the port1 interface by default.
To configure the default gateway, enter the following CLI commands:
config router static
edit 1
set device port1
set gateway
next
end
Note
You must configure the default gateway with an IPv4 address. FortiGate-VM must access the Internet to contact the FortiGuard Distribution Network (FDN) to validate its license.
To configure your DNS servers, enter the following CLI commands:
config system dns
set primary
set secondary
end
Tooltip
The default DNS servers are 208.91.112.53 and 208.91.112.52.