Open navigation menu
Close suggestions
Search
Search
en
Change Language
Upload
Sign in
Sign in
Download free for days
0 ratings
0% found this document useful (0 votes)
553 views
10 pages
Lab 1 - Introduction To FortiGate
Fortigate firewall
Uploaded by
Leslie Ataembo
AI-enhanced title
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content,
claim it here
.
Available Formats
Download as PDF or read online on Scribd
Download
Save
Save Lab 1 - Introduction to FortiGate For Later
Share
0%
0% found this document useful, undefined
0%
, undefined
Print
Embed
Report
0 ratings
0% found this document useful (0 votes)
553 views
10 pages
Lab 1 - Introduction To FortiGate
Fortigate firewall
Uploaded by
Leslie Ataembo
AI-enhanced title
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content,
claim it here
.
Available Formats
Download as PDF or read online on Scribd
Carousel Previous
Carousel Next
Download
Save
Save Lab 1 - Introduction to FortiGate For Later
Share
0%
0% found this document useful, undefined
0%
, undefined
Print
Embed
Report
Download
Save Lab 1 - Introduction to FortiGate For Later
You are on page 1
/ 10
Search
Fullscreen
DO NOT REPRINT © FORTINET LAB 1-Introduetion to FortiGate LAB 1-Introduction to FortiGate This lab provides an introduction to FortiGate's acministrative CLI and GUI. Additionally, the lab will guide you through how to properly backup and restore a configuration file as well as create a new administrator account and modify administrative access permissions. Objectives + Access the FortiGate CLL Backup and restore configuration fies. «Find the FortiGate model and FortiOS firmware build information inside a configuration fle, + Create anew administrative user. Restrict administrative access. Time to Complete Estimated: 25 minutes FortiGate | Student Guide 15DO NOT REPRINT © FORTINET LAB 1~introduction t 1 Working With the Command Line Interface ‘You will start by accessing a FortiGate device using the command line interface (CLI.) Exploring the CLI The next steps will help you get familiar with the FortiGate CLI. To explore the CLI 4. In the virtual lab portal, click the Local-FortiGate icon to open the FortiGate console. (Aiteratively, in the dropdown menu below tke icon, click System > Open.) 2 2. Atthe login prompt, enter the username admin (all lower case) and leave the password blank. 3. Enter the following command: get system status This command displays basic status information about the FortiGate. The output includes the FortiGate's serial number, operation mode, and so on. When the --More--prompt appears in the CLI, press the spacebar to continue scrolling, press Enter to scroll one line at a time, or press Q to exit 4, Enter the following command: get? B note: The ? characteris not displayed on the sereen. This command shows all of the options that the CLI will accept after the get command. Depending on the command, you may need to enter additional words to completely specify a ‘configuration option. 5. Press the Up Arrow key. This displays the previous get system status command. Try some of the other control key sequences that shown here: Action Command Previous command Up Arrow Next command Down Arrow FortiGate | Student Guide 16DO NOT REPRINT © FORTINET LAB ‘1-Introduetion to FortiGate Beginning of line CTRL+A, End of line CTRL#E Back one word CTRLIB Forward one word CTRL#E Delete current character CTRL+D Clear sereen CTRL Abort command and exit CTRL#C 6. Enter the command: execute ? This lists all options that the CLI will accept next after the execute command. 7. Type exe then press the Tab key. Notice that the CLI completes the current word, 8. Press the spacebar. After that, press the Tab key three times. Each time that you press the Tab key, the CL! replaces the second word with the next possible ‘option for the execute command, in alphabetical order. Note: Almost all commands can be abbreviated. In presentations and abs, many ofthe commands that you see wil be m abbreviated form. Use this technique to reduce the number of keystrokes that are required to enter a ‘command. in this way, experts can often configure a FortiGate faster through the CLI than the GUI. If there are other commands that start with the same characters, your abbreviation must be long enough to be specific, so that FortiGate can distinguish them. Otherwise, the CLI will display an error message about ambiguous commands. 9. Enter the following CL! command to check the port 3 interface configuration: show system interface port3 410. Enter this command: show £ull-configuration system interface port3 @ Sop ana Think Compare beth outputs. How are they different? The show ful1-configuration displays all the configuration settings for the interface. ‘The show command displays only those whose values are different than the default values. FortiGate | Student Guide w K Ww c Ee CcDO NOT REPRINT © FORTINET LAB 1=Introduetion t 2 Configuration Backups During this lab exercise you will lear how to generate and restore clear-text and encrypted configuration backups. Restoring a Configuration From a Backup In this procedure you will estore a configuration from a backup. To restore a configuration from a backup 4. Inthe virtual lab portal, click the Local-Windows VM icon to open its VM. (Alternatively, in the ‘dropdown menu below the icon, go to System > Open.) 2° From the | qral-Windows VA, apen a hrnwser and log in as admin to the Local-FortiGate GUI at 10.0.1.254. Bote: Al the ib exercises were tested running Mozita Firefox in LocalWindows VM and Remote-Windows. As a result, to get consistent results, we recommend using Firefox to access both the intemel and ine FortiGate GUIs inthis virtual environment 3. Goto the Dashboard. (It should be the first screen that appears when you log in.) 4. In the System Information widget, click Restore. ‘A dialog should appear where you can select which configuration backup file to restore. Opin tecasertcaterg Prod (ace Mono 330298592014 Feria abun 6 eal (Goo [ESE er) seninchrge Pe 9 darren i 5. Click Upload to select which backup file to restore. FortiGate | Student Guide 18DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate Restore System Configuration Restore from File Password © 6. On your desktop, select the file named Resources\FortiGate-Nintroduction\local-initial.conf, then click OK. Click OK again to confirm. ‘After your browser uploads the configuration, the FortiGate will automatically reboot. 7. Refresh the web page and log in again to the Local-FortiGate GUI. 8, Go to Network > Interfaces and verify that the network interface settings were restored. a Fecwae new | ies Bio» [ore Eger Nave Merbers] Perak Type fecess Png ° portt 10.200 1.1 256.266.256.0 GB Physica! intertace a Fusccees Pn opera 1920021 7552552550 (Pris erce HTTPS S34 ATT Pn , vTPS oro 1001264755 2852550 GH Pry merce ° ° eB Pov ‘SSH |HTTP) The 9. Goto Network > Static Routes. Verify that the default route was restored. P create New 7 By One Destination Gateway intertace Cornment oooon 102001 264 peti Making Configuration Backups ‘You will create a file with the backup of the FortiGate's current configuration. To make a configuration backup 41, In the Local-FortiGate GUI, go to the Dashboard. FortiGate | Student Guide 19DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate 2. Inthe System Information widget, click Backup. System Information Hasta: Standalone [Conf] Host Name: Loca Fortiate (Chon Seria Nmber Fraveevonnn000000 (Operation Mose: Nat Ineoection Mde: Pro based Chane! Spatem Tne: Mon Jun 130234:33 2916 Fortius) Ferme Version wSA.buld2066 (6A) pata) ‘Spe Confgwration: [acu Restre (Resins) ‘current Aiminstratr: ‘sin [Change Passwort Total Deas) Untine as} Ohows) 37 mi 3. Enable Encryption. 4. Enter the password fortinet twice and click the OK. 5. Save the encrypted configuration file to the Downloads folder. BR caution: Aways back up the configuration fle before changing your device (even ifthe change seems minor or unimportant). There is no undo. Restoring a backup will allow you to quickly revert changes if you discover problems. Restoring an Encrypted Configuration Backup In this procedure you will restore the configuratior backup that you created in the previous procedure. To restore an encrypted configuration backup 1, In the Local-FortiGate GUI, got to the Dashboard. 2. From the System Information widget, click Restor 3. Click Upload and select the file that you downloaded in the previous procedure. 4. Click OK. Notice that, this ime, you must enter the password Fortinet, Comparing Both Configuration Files You will open both configuration files with Notepad++ and look at the differences. To compare both configuration fies. 4. Start Notepad++ by clicking its icon in the Windows task bar: K Ww c Ee Cc L FortiGate | Student Guide 20DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate pen the file with the encrypted configuration backup. Start another instance of Notepad++ and open the initial fle you restored: 4. Compare the details in both. B Note: in both the cleartext and encrypted configuration files, the top acts as a header, listing the firmware and model information that this configuration belongs to. FortiGate | Student Guide 24DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate 3 Administrative Accounts FortiGate offers great flexibility for configuring administrator privileges. You can specify the IP addresses administrators are allowed to connect from. This lab includes some procedures related to ‘working with administrative accounts. Creating an Administrator Profile In this procedure, you will create a new administrator profile with read-only access to most of the configuration settings. To configure an administrator profile 4. From the Local-FortiGate GUI, go to System> Admin Profiles. 2. Click Create New and create a new profile called Security_Admin_Profile. 3. Set Security Profile Configuration to Read-Write, but set all other permissions to Read Only. 4, Click OK to save the changes. Creating an Administrator Account In this proocdure, you will ercate a new administrator account, The account will be assigned to the administrator profile created in the previous procedure. This administrator will have only read-only ‘access to most of the configuration settings. To create an administrator account 4. Inthe Local-FortiGate GUI, go to System > Administrators. 2. Click Create New to add a new administrator account. Configure the following settings: Field Value User Name Security Admin Password fortinet Confirm Password fortinet Type Local User Administrator Profile Security Admin Profile g Note: Administrator names and passwords are case sensitive. You cannot include characters such as < > () #” in an administrator account name or password. Spaces are allowed, but not as the first or last character. 3. Click OK to save the changes. FortiGate | Student Guide 22 K Ww c Ee CcDO NOT REPRINT © FORTINET LAB ‘1-Introduetion to FortiGate Testing the New Administrator Account In this procedure you will confirm that the new administrator account has read-write access to only the security profiles configuration. To test the new administrator account 4. Inthe Local-FortiGate GUI, log out of the admin account's GUI session. co f] bemier | = en Cogn a Foren Nome Trusted Hosts alee A Nt ‘ecu Admin 000 8 asym deen ona ‘atrin ies 2. Login as Security Admin with the password fortinet. 3. Test this administrator's access: try to create or modify settings that are not allowed by the ‘account's profile. ‘You should see that this account can only configure security profiles and monitor FortiGuard ‘quotas (which are related to usage by security profiles). Restricting Administrator Access In this procedure you will restrict access to FortiGate administration. Only administrators connecting from a trusted subnet will be able to access. To restrict administrator access In the Local-FortiGate GUI, log out of the Security_Admin account's GU! session. Log in as acini. Go to System > Administrators, Edit the admin account. Enable Restrict login to trusted hosts and set Trusted Host 1 to the address 10.0.2.0/24. Click OK to save the changes. ook eee Testing the Restricted Access In this procedure you will confirm that administrators outside the subnet 10,0.2.0/24 cannot access the FortiGate. To test the restricted access K Ww c Ee Cc L 4. Log out of the admin account's GUI session. 2. Try to log in back using the admin account again. What is the result this time? FortiGate | Student Guide 23DO NOT REPRINT © FORTINET LAB ‘Introduction t Because you are trying to connect from the 10.0.1.10 address, you shouldn't be able to connect. This is because you restricted logins to only the source IP addresses in the list of trusted hosts. icon. (Alternatively, in the dropdown menu 3. Inthe virtual lab portal, click the Local-FortiGate, below its icon, go to System > Open.) 2 4. Enter the following CLI commands to add 10.0.1. 0/24 as the second trusted IP subnet (Trusted Host 2) of the admin account: conf ays admin edit admin set trusthost2 10.0.1.0/24 end 5. Try to access its GUI again. Access should be restored, Student Guide 24
You might also like
Advanced Threat Detection and Response S
PDF
100% (1)
Advanced Threat Detection and Response S
28 pages
Wallix Bastion Privileged Access Management POC Pre-Requisites V1.0 Lulu International Exchange
PDF
100% (1)
Wallix Bastion Privileged Access Management POC Pre-Requisites V1.0 Lulu International Exchange
7 pages
Forcepoint NGFW 7.0 Administrator Student Guide
PDF
No ratings yet
Forcepoint NGFW 7.0 Administrator Student Guide
427 pages
How To Install PfSense On VMware ESXi - Step by Step Guide. - GetLabsDone
PDF
No ratings yet
How To Install PfSense On VMware ESXi - Step by Step Guide. - GetLabsDone
21 pages
Fortigate Firewall 50 PDF
PDF
No ratings yet
Fortigate Firewall 50 PDF
191 pages
Chapter 4 - DHCP and DNS - Windows Server 2022
PDF
No ratings yet
Chapter 4 - DHCP and DNS - Windows Server 2022
107 pages
FMC New Features by Release
PDF
No ratings yet
FMC New Features by Release
97 pages
Cisco Switch Configuration Cheat Sheet: by Via
PDF
No ratings yet
Cisco Switch Configuration Cheat Sheet: by Via
1 page
9.2.2.7 Lab - Certificate Authority Stores PDF
PDF
0% (1)
9.2.2.7 Lab - Certificate Authority Stores PDF
9 pages
12-Security Onion Installation
PDF
No ratings yet
12-Security Onion Installation
15 pages
An Agent Based Intrusion Detection, Response and Blocking Using Signature Method in Active Net Abstract
PDF
100% (1)
An Agent Based Intrusion Detection, Response and Blocking Using Signature Method in Active Net Abstract
3 pages
Fortinet Fortisiem Lab Guide For Fortisiem 63
PDF
No ratings yet
Fortinet Fortisiem Lab Guide For Fortisiem 63
249 pages
PM Checklist ESXi VMWARE
PDF
No ratings yet
PM Checklist ESXi VMWARE
2 pages
CCNA Cyber Ops Module 2
PDF
No ratings yet
CCNA Cyber Ops Module 2
57 pages
Pfsense Basic Configuration
PDF
No ratings yet
Pfsense Basic Configuration
19 pages
Backup and Restore
PDF
No ratings yet
Backup and Restore
6 pages
FortiGate Security
PDF
100% (1)
FortiGate Security
97 pages
Tenable SecurityCenter 4.2 5.x DEMO - Key
PDF
No ratings yet
Tenable SecurityCenter 4.2 5.x DEMO - Key
1 page
LAB 04 Firewall Authentication
PDF
No ratings yet
LAB 04 Firewall Authentication
17 pages
Vignesh K Resume V1.1
PDF
No ratings yet
Vignesh K Resume V1.1
5 pages
Veeam Backup Interfaz Gráifica Funciones
PDF
No ratings yet
Veeam Backup Interfaz Gráifica Funciones
40 pages
Exercise 3
PDF
No ratings yet
Exercise 3
7 pages
Fortimanager 6.2.1 Administrator Guide
PDF
No ratings yet
Fortimanager 6.2.1 Administrator Guide
546 pages
Web Application Proxy and ADFS On The AWS Cloud
PDF
No ratings yet
Web Application Proxy and ADFS On The AWS Cloud
31 pages
Endpoint Security Guide Beginners
PDF
No ratings yet
Endpoint Security Guide Beginners
21 pages
FortiGate Security Study Guide For FortiOS5.6.2
PDF
No ratings yet
FortiGate Security Study Guide For FortiOS5.6.2
666 pages
Mcsa 70-410 Lab Note
PDF
100% (1)
Mcsa 70-410 Lab Note
17 pages
How-To 103 Implement Cisco ISE Server Side Certificates
PDF
No ratings yet
How-To 103 Implement Cisco ISE Server Side Certificates
29 pages
Lab 1 - Introduction To FortiGate PDF
PDF
No ratings yet
Lab 1 - Introduction To FortiGate PDF
10 pages
Network Attacks - A Deeper Look
PDF
No ratings yet
Network Attacks - A Deeper Look
35 pages
Wsus Practical
PDF
No ratings yet
Wsus Practical
2 pages
Fortigate Security - Cours-3
PDF
No ratings yet
Fortigate Security - Cours-3
100 pages
LAB 01 System and Network Settings
PDF
No ratings yet
LAB 01 System and Network Settings
22 pages
Cours - Formation F5 APM
PDF
No ratings yet
Cours - Formation F5 APM
416 pages
LAb3 Security Firewall Policies
PDF
No ratings yet
LAb3 Security Firewall Policies
18 pages
2.1.2.10 Lab - Exploring Processes, Threads, Handles, and Windows Registry
PDF
No ratings yet
2.1.2.10 Lab - Exploring Processes, Threads, Handles, and Windows Registry
8 pages
DevOps Master Program Syllabus Mithun Technologies 2023
PDF
No ratings yet
DevOps Master Program Syllabus Mithun Technologies 2023
13 pages
How To Block Psiphon 3
PDF
No ratings yet
How To Block Psiphon 3
4 pages
LAB 1 - Introduction - Fortinet
PDF
No ratings yet
LAB 1 - Introduction - Fortinet
12 pages
LWB-CTR-E0.3 Ebook
PDF
No ratings yet
LWB-CTR-E0.3 Ebook
22 pages
FTD Install Guide
PDF
No ratings yet
FTD Install Guide
37 pages
CLI Access Modes:: Operational Mode
PDF
No ratings yet
CLI Access Modes:: Operational Mode
3 pages
Managed Fortiswitch 604
PDF
No ratings yet
Managed Fortiswitch 604
109 pages
Configuration Switch Cisco Vlan
PDF
No ratings yet
Configuration Switch Cisco Vlan
2 pages
Sscp-Instruction Material
PDF
No ratings yet
Sscp-Instruction Material
9 pages
Transport Layer TCP and UDP - Raid-5 Technology Myanmar
PDF
No ratings yet
Transport Layer TCP and UDP - Raid-5 Technology Myanmar
10 pages
Fortinet Course Module
PDF
No ratings yet
Fortinet Course Module
1 page
Installation Instructions (For New Buc & Idirect Modem) : 1. Replacing The Outdoor Equipment
PDF
No ratings yet
Installation Instructions (For New Buc & Idirect Modem) : 1. Replacing The Outdoor Equipment
11 pages
Lab Exercise 2 Inter Vlan Routing and Multi Layer Switching 4479
PDF
No ratings yet
Lab Exercise 2 Inter Vlan Routing and Multi Layer Switching 4479
5 pages
Fortinet Network Security Support Engineer Study Guide For Fortios 72
PDF
No ratings yet
Fortinet Network Security Support Engineer Study Guide For Fortios 72
536 pages
2-Hunting Insider Threats Part 1
PDF
No ratings yet
2-Hunting Insider Threats Part 1
22 pages
The OSI Model
PDF
No ratings yet
The OSI Model
3 pages
LAB 5 - Firewall Authentication
PDF
No ratings yet
LAB 5 - Firewall Authentication
12 pages
Ccsa - 156-215.80 V18.75
PDF
No ratings yet
Ccsa - 156-215.80 V18.75
142 pages
Statuory Declaration PDF
PDF
No ratings yet
Statuory Declaration PDF
1 page
FortiGate IPS
PDF
No ratings yet
FortiGate IPS
18 pages
Nse4 Infraestructura 51-100
PDF
No ratings yet
Nse4 Infraestructura 51-100
50 pages
Comptia Security+ Study Guide (Sy0-501) : Sample Lab 1: Security Basics Discussion
PDF
No ratings yet
Comptia Security+ Study Guide (Sy0-501) : Sample Lab 1: Security Basics Discussion
10 pages
Lab 2.2.1.1 Switch Security Implementation
PDF
No ratings yet
Lab 2.2.1.1 Switch Security Implementation
3 pages
B Analysis
PDF
No ratings yet
B Analysis
3 pages
CLIC - Medical Claim Form
PDF
No ratings yet
CLIC - Medical Claim Form
2 pages
Life Assurance Expression of Wish Form
PDF
No ratings yet
Life Assurance Expression of Wish Form
2 pages
81 Troubleshooting FortiGate
PDF
No ratings yet
81 Troubleshooting FortiGate
10 pages
The Marsh Medicare Flyer-Generic - Clic
PDF
No ratings yet
The Marsh Medicare Flyer-Generic - Clic
1 page
Using The FTD CLI
PDF
No ratings yet
Using The FTD CLI
6 pages
Fast Lane - FortiWeb - NSE 6 - Web Application Firewall (WEB)
PDF
No ratings yet
Fast Lane - FortiWeb - NSE 6 - Web Application Firewall (WEB)
2 pages
Reference Solution For Checkpoint - Certkiller.156-215.80.v2020-06-04.by - Venla.131q.vce
PDF
No ratings yet
Reference Solution For Checkpoint - Certkiller.156-215.80.v2020-06-04.by - Venla.131q.vce
4 pages
802.1x + LLADP + Radius
PDF
No ratings yet
802.1x + LLADP + Radius
30 pages