Open navigation menu
Close suggestions
Search
Search
en
Change Language
Upload
Sign in
Sign in
Download free for days
0 ratings
0% found this document useful (0 votes)
553 views
10 pages
Lab 1 - Introduction To FortiGate
Fortigate firewall
Uploaded by
Leslie Ataembo
AI-enhanced title
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content,
claim it here
.
Available Formats
Download as PDF or read online on Scribd
Download
Save
Save Lab 1 - Introduction to FortiGate For Later
0%
0% found this document useful, undefined
0%
, undefined
Embed
Share
Print
Report
0 ratings
0% found this document useful (0 votes)
553 views
10 pages
Lab 1 - Introduction To FortiGate
Fortigate firewall
Uploaded by
Leslie Ataembo
AI-enhanced title
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content,
claim it here
.
Available Formats
Download as PDF or read online on Scribd
Carousel Previous
Carousel Next
Download
Save
Save Lab 1 - Introduction to FortiGate For Later
0%
0% found this document useful, undefined
0%
, undefined
Embed
Share
Print
Report
Download now
Download
You are on page 1
/ 10
Search
Fullscreen
DO NOT REPRINT © FORTINET LAB 1-Introduetion to FortiGate LAB 1-Introduction to FortiGate This lab provides an introduction to FortiGate's acministrative CLI and GUI. Additionally, the lab will guide you through how to properly backup and restore a configuration file as well as create a new administrator account and modify administrative access permissions. Objectives + Access the FortiGate CLL Backup and restore configuration fies. «Find the FortiGate model and FortiOS firmware build information inside a configuration fle, + Create anew administrative user. Restrict administrative access. Time to Complete Estimated: 25 minutes FortiGate | Student Guide 15DO NOT REPRINT © FORTINET LAB 1~introduction t 1 Working With the Command Line Interface ‘You will start by accessing a FortiGate device using the command line interface (CLI.) Exploring the CLI The next steps will help you get familiar with the FortiGate CLI. To explore the CLI 4. In the virtual lab portal, click the Local-FortiGate icon to open the FortiGate console. (Aiteratively, in the dropdown menu below tke icon, click System > Open.) 2 2. Atthe login prompt, enter the username admin (all lower case) and leave the password blank. 3. Enter the following command: get system status This command displays basic status information about the FortiGate. The output includes the FortiGate's serial number, operation mode, and so on. When the --More--prompt appears in the CLI, press the spacebar to continue scrolling, press Enter to scroll one line at a time, or press Q to exit 4, Enter the following command: get? B note: The ? characteris not displayed on the sereen. This command shows all of the options that the CLI will accept after the get command. Depending on the command, you may need to enter additional words to completely specify a ‘configuration option. 5. Press the Up Arrow key. This displays the previous get system status command. Try some of the other control key sequences that shown here: Action Command Previous command Up Arrow Next command Down Arrow FortiGate | Student Guide 16DO NOT REPRINT © FORTINET LAB ‘1-Introduetion to FortiGate Beginning of line CTRL+A, End of line CTRL#E Back one word CTRLIB Forward one word CTRL#E Delete current character CTRL+D Clear sereen CTRL Abort command and exit CTRL#C 6. Enter the command: execute ? This lists all options that the CLI will accept next after the execute command. 7. Type exe then press the Tab key. Notice that the CLI completes the current word, 8. Press the spacebar. After that, press the Tab key three times. Each time that you press the Tab key, the CL! replaces the second word with the next possible ‘option for the execute command, in alphabetical order. Note: Almost all commands can be abbreviated. In presentations and abs, many ofthe commands that you see wil be m abbreviated form. Use this technique to reduce the number of keystrokes that are required to enter a ‘command. in this way, experts can often configure a FortiGate faster through the CLI than the GUI. If there are other commands that start with the same characters, your abbreviation must be long enough to be specific, so that FortiGate can distinguish them. Otherwise, the CLI will display an error message about ambiguous commands. 9. Enter the following CL! command to check the port 3 interface configuration: show system interface port3 410. Enter this command: show £ull-configuration system interface port3 @ Sop ana Think Compare beth outputs. How are they different? The show ful1-configuration displays all the configuration settings for the interface. ‘The show command displays only those whose values are different than the default values. FortiGate | Student Guide w K Ww c Ee CcDO NOT REPRINT © FORTINET LAB 1=Introduetion t 2 Configuration Backups During this lab exercise you will lear how to generate and restore clear-text and encrypted configuration backups. Restoring a Configuration From a Backup In this procedure you will estore a configuration from a backup. To restore a configuration from a backup 4. Inthe virtual lab portal, click the Local-Windows VM icon to open its VM. (Alternatively, in the ‘dropdown menu below the icon, go to System > Open.) 2° From the | qral-Windows VA, apen a hrnwser and log in as admin to the Local-FortiGate GUI at 10.0.1.254. Bote: Al the ib exercises were tested running Mozita Firefox in LocalWindows VM and Remote-Windows. As a result, to get consistent results, we recommend using Firefox to access both the intemel and ine FortiGate GUIs inthis virtual environment 3. Goto the Dashboard. (It should be the first screen that appears when you log in.) 4. In the System Information widget, click Restore. ‘A dialog should appear where you can select which configuration backup file to restore. Opin tecasertcaterg Prod (ace Mono 330298592014 Feria abun 6 eal (Goo [ESE er) seninchrge Pe 9 darren i 5. Click Upload to select which backup file to restore. FortiGate | Student Guide 18DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate Restore System Configuration Restore from File Password © 6. On your desktop, select the file named Resources\FortiGate-Nintroduction\local-initial.conf, then click OK. Click OK again to confirm. ‘After your browser uploads the configuration, the FortiGate will automatically reboot. 7. Refresh the web page and log in again to the Local-FortiGate GUI. 8, Go to Network > Interfaces and verify that the network interface settings were restored. a Fecwae new | ies Bio» [ore Eger Nave Merbers] Perak Type fecess Png ° portt 10.200 1.1 256.266.256.0 GB Physica! intertace a Fusccees Pn opera 1920021 7552552550 (Pris erce HTTPS S34 ATT Pn , vTPS oro 1001264755 2852550 GH Pry merce ° ° eB Pov ‘SSH |HTTP) The 9. Goto Network > Static Routes. Verify that the default route was restored. P create New 7 By One Destination Gateway intertace Cornment oooon 102001 264 peti Making Configuration Backups ‘You will create a file with the backup of the FortiGate's current configuration. To make a configuration backup 41, In the Local-FortiGate GUI, go to the Dashboard. FortiGate | Student Guide 19DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate 2. Inthe System Information widget, click Backup. System Information Hasta: Standalone [Conf] Host Name: Loca Fortiate (Chon Seria Nmber Fraveevonnn000000 (Operation Mose: Nat Ineoection Mde: Pro based Chane! Spatem Tne: Mon Jun 130234:33 2916 Fortius) Ferme Version wSA.buld2066 (6A) pata) ‘Spe Confgwration: [acu Restre (Resins) ‘current Aiminstratr: ‘sin [Change Passwort Total Deas) Untine as} Ohows) 37 mi 3. Enable Encryption. 4. Enter the password fortinet twice and click the OK. 5. Save the encrypted configuration file to the Downloads folder. BR caution: Aways back up the configuration fle before changing your device (even ifthe change seems minor or unimportant). There is no undo. Restoring a backup will allow you to quickly revert changes if you discover problems. Restoring an Encrypted Configuration Backup In this procedure you will restore the configuratior backup that you created in the previous procedure. To restore an encrypted configuration backup 1, In the Local-FortiGate GUI, got to the Dashboard. 2. From the System Information widget, click Restor 3. Click Upload and select the file that you downloaded in the previous procedure. 4. Click OK. Notice that, this ime, you must enter the password Fortinet, Comparing Both Configuration Files You will open both configuration files with Notepad++ and look at the differences. To compare both configuration fies. 4. Start Notepad++ by clicking its icon in the Windows task bar: K Ww c Ee Cc L FortiGate | Student Guide 20DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate pen the file with the encrypted configuration backup. Start another instance of Notepad++ and open the initial fle you restored: 4. Compare the details in both. B Note: in both the cleartext and encrypted configuration files, the top acts as a header, listing the firmware and model information that this configuration belongs to. FortiGate | Student Guide 24DO NOT REPRINT © FORTINET LAB 1-Introduction to FortiGate 3 Administrative Accounts FortiGate offers great flexibility for configuring administrator privileges. You can specify the IP addresses administrators are allowed to connect from. This lab includes some procedures related to ‘working with administrative accounts. Creating an Administrator Profile In this procedure, you will create a new administrator profile with read-only access to most of the configuration settings. To configure an administrator profile 4. From the Local-FortiGate GUI, go to System> Admin Profiles. 2. Click Create New and create a new profile called Security_Admin_Profile. 3. Set Security Profile Configuration to Read-Write, but set all other permissions to Read Only. 4, Click OK to save the changes. Creating an Administrator Account In this proocdure, you will ercate a new administrator account, The account will be assigned to the administrator profile created in the previous procedure. This administrator will have only read-only ‘access to most of the configuration settings. To create an administrator account 4. Inthe Local-FortiGate GUI, go to System > Administrators. 2. Click Create New to add a new administrator account. Configure the following settings: Field Value User Name Security Admin Password fortinet Confirm Password fortinet Type Local User Administrator Profile Security Admin Profile g Note: Administrator names and passwords are case sensitive. You cannot include characters such as < > () #” in an administrator account name or password. Spaces are allowed, but not as the first or last character. 3. Click OK to save the changes. FortiGate | Student Guide 22 K Ww c Ee CcDO NOT REPRINT © FORTINET LAB ‘1-Introduetion to FortiGate Testing the New Administrator Account In this procedure you will confirm that the new administrator account has read-write access to only the security profiles configuration. To test the new administrator account 4. Inthe Local-FortiGate GUI, log out of the admin account's GUI session. co f] bemier | = en Cogn a Foren Nome Trusted Hosts alee A Nt ‘ecu Admin 000 8 asym deen ona ‘atrin ies 2. Login as Security Admin with the password fortinet. 3. Test this administrator's access: try to create or modify settings that are not allowed by the ‘account's profile. ‘You should see that this account can only configure security profiles and monitor FortiGuard ‘quotas (which are related to usage by security profiles). Restricting Administrator Access In this procedure you will restrict access to FortiGate administration. Only administrators connecting from a trusted subnet will be able to access. To restrict administrator access In the Local-FortiGate GUI, log out of the Security_Admin account's GU! session. Log in as acini. Go to System > Administrators, Edit the admin account. Enable Restrict login to trusted hosts and set Trusted Host 1 to the address 10.0.2.0/24. Click OK to save the changes. ook eee Testing the Restricted Access In this procedure you will confirm that administrators outside the subnet 10,0.2.0/24 cannot access the FortiGate. To test the restricted access K Ww c Ee Cc L 4. Log out of the admin account's GUI session. 2. Try to log in back using the admin account again. What is the result this time? FortiGate | Student Guide 23DO NOT REPRINT © FORTINET LAB ‘Introduction t Because you are trying to connect from the 10.0.1.10 address, you shouldn't be able to connect. This is because you restricted logins to only the source IP addresses in the list of trusted hosts. icon. (Alternatively, in the dropdown menu 3. Inthe virtual lab portal, click the Local-FortiGate, below its icon, go to System > Open.) 2 4. Enter the following CLI commands to add 10.0.1. 0/24 as the second trusted IP subnet (Trusted Host 2) of the admin account: conf ays admin edit admin set trusthost2 10.0.1.0/24 end 5. Try to access its GUI again. Access should be restored, Student Guide 24
You might also like
Cisco Cyber Security Analyst Specialist Certification
PDF
No ratings yet
Cisco Cyber Security Analyst Specialist Certification
84 pages
FortiMail 7.4.2 Administration Guide
PDF
No ratings yet
FortiMail 7.4.2 Administration Guide
645 pages
21-FTD Configuration Lab For FMC
PDF
No ratings yet
21-FTD Configuration Lab For FMC
3 pages
Fortinet Nse 4 - Fortios 6.4
PDF
100% (1)
Fortinet Nse 4 - Fortios 6.4
9 pages
Install Fortigate Firewall On Eve-Ng:: Winscp
PDF
No ratings yet
Install Fortigate Firewall On Eve-Ng:: Winscp
5 pages
PrimeKey PKI Appliance Online Help
PDF
No ratings yet
PrimeKey PKI Appliance Online Help
111 pages
SK0-005 CompTIA Server+ Updated Practice Questions
PDF
No ratings yet
SK0-005 CompTIA Server+ Updated Practice Questions
29 pages
Fortinet CLI Troubleshooting Cheat Sheet
PDF
100% (1)
Fortinet CLI Troubleshooting Cheat Sheet
6 pages
Chapter 4 - DHCP and DNS - Windows Server 2022
PDF
No ratings yet
Chapter 4 - DHCP and DNS - Windows Server 2022
107 pages
Fortinet Network Security Support Engineer Study Guide For Fortios 72
PDF
No ratings yet
Fortinet Network Security Support Engineer Study Guide For Fortios 72
536 pages
How-To 103 Implement Cisco ISE Server Side Certificates
PDF
No ratings yet
How-To 103 Implement Cisco ISE Server Side Certificates
29 pages
Questoes Lpi 2 202 PDF
PDF
No ratings yet
Questoes Lpi 2 202 PDF
103 pages
Technical Introduction To Cybersecurity 1.0 Lesson Scripts
PDF
No ratings yet
Technical Introduction To Cybersecurity 1.0 Lesson Scripts
101 pages
PM Checklist ESXi VMWARE
PDF
No ratings yet
PM Checklist ESXi VMWARE
2 pages
Final Year Project(s)
PDF
No ratings yet
Final Year Project(s)
14 pages
Training Manual SignServer-v10-20221012 - 223306
PDF
No ratings yet
Training Manual SignServer-v10-20221012 - 223306
47 pages
LAB 04 Firewall Authentication
PDF
No ratings yet
LAB 04 Firewall Authentication
17 pages
Bind 9
PDF
No ratings yet
Bind 9
33 pages
How To Block Psiphon 3
PDF
No ratings yet
How To Block Psiphon 3
4 pages
FortiAnalyzer 6.2 Cookbook
PDF
No ratings yet
FortiAnalyzer 6.2 Cookbook
62 pages
Active Directory Fundamentals
PDF
No ratings yet
Active Directory Fundamentals
38 pages
Freeradius3 0 3onubuntu14 04lts
PDF
No ratings yet
Freeradius3 0 3onubuntu14 04lts
21 pages
Fortigate Security - Cours-3
PDF
No ratings yet
Fortigate Security - Cours-3
100 pages
Backup and Restore
PDF
No ratings yet
Backup and Restore
6 pages
Consolidado Laboratorios Fortinet
PDF
No ratings yet
Consolidado Laboratorios Fortinet
75 pages
Managed Fortiswitch 604
PDF
No ratings yet
Managed Fortiswitch 604
109 pages
9.2.2.7 Lab - Certificate Authority Stores PDF
PDF
0% (1)
9.2.2.7 Lab - Certificate Authority Stores PDF
9 pages
An Agent Based Intrusion Detection, Response and Blocking Using Signature Method in Active Net Abstract
PDF
100% (1)
An Agent Based Intrusion Detection, Response and Blocking Using Signature Method in Active Net Abstract
3 pages
FortiGate Security Study Guide For FortiOS5.6.2
PDF
No ratings yet
FortiGate Security Study Guide For FortiOS5.6.2
666 pages
Sy0-701 - 9 2
PDF
No ratings yet
Sy0-701 - 9 2
20 pages
Configuration Switch Cisco Vlan
PDF
No ratings yet
Configuration Switch Cisco Vlan
2 pages
Technical Note - Loading FortiGate Firmware Image Using TFTP
PDF
No ratings yet
Technical Note - Loading FortiGate Firmware Image Using TFTP
4 pages
SW HP Procurve
PDF
No ratings yet
SW HP Procurve
3 pages
NSE 4 Network Security Professional: Exam Description
PDF
No ratings yet
NSE 4 Network Security Professional: Exam Description
3 pages
FortiAnalyzer 04 Logs
PDF
No ratings yet
FortiAnalyzer 04 Logs
60 pages
Lab 1 - Introduction To FortiGate PDF
PDF
No ratings yet
Lab 1 - Introduction To FortiGate PDF
10 pages
2-Hunting Insider Threats Part 1
PDF
No ratings yet
2-Hunting Insider Threats Part 1
22 pages
NSE 4 7.0 Sample Questions - Attempt Review
PDF
No ratings yet
NSE 4 7.0 Sample Questions - Attempt Review
16 pages
Nse4 - FGT 6.0 Exam Dumps 2019 PDF
PDF
100% (1)
Nse4 - FGT 6.0 Exam Dumps 2019 PDF
6 pages
Fault Management
PDF
No ratings yet
Fault Management
19 pages
Exercise 3
PDF
No ratings yet
Exercise 3
7 pages
Pfsense Training - 2
PDF
No ratings yet
Pfsense Training - 2
32 pages
FortiGate Security
PDF
100% (1)
FortiGate Security
97 pages
69.DNS Interview Questions & Answers - Vishnuprasad.c
PDF
No ratings yet
69.DNS Interview Questions & Answers - Vishnuprasad.c
13 pages
VCTA Course Registration Instructions (Premium Access Required)
PDF
No ratings yet
VCTA Course Registration Instructions (Premium Access Required)
1 page
Backing Up Esxi Server Configurations
PDF
No ratings yet
Backing Up Esxi Server Configurations
4 pages
LAB 01 System and Network Settings
PDF
No ratings yet
LAB 01 System and Network Settings
22 pages
Port Security Questions: Answer
PDF
No ratings yet
Port Security Questions: Answer
28 pages
LAB 5 - Firewall Authentication
PDF
No ratings yet
LAB 5 - Firewall Authentication
12 pages
CCNP Security (SCOR 350-701) Outlines
PDF
No ratings yet
CCNP Security (SCOR 350-701) Outlines
1 page
81 Troubleshooting FortiGate
PDF
No ratings yet
81 Troubleshooting FortiGate
10 pages
FTD Install Guide
PDF
No ratings yet
FTD Install Guide
37 pages
LAB 1 - Introduction - Fortinet
PDF
No ratings yet
LAB 1 - Introduction - Fortinet
12 pages
Overview of Cisco UCS Manager
PDF
No ratings yet
Overview of Cisco UCS Manager
4 pages
CLI Access Modes:: Operational Mode
PDF
No ratings yet
CLI Access Modes:: Operational Mode
3 pages
Reference Solution For Checkpoint - Certkiller.156-215.80.v2020-06-04.by - Venla.131q.vce
PDF
No ratings yet
Reference Solution For Checkpoint - Certkiller.156-215.80.v2020-06-04.by - Venla.131q.vce
4 pages
Vmware Vsphere 6 Torrent: File List
PDF
No ratings yet
Vmware Vsphere 6 Torrent: File List
3 pages
FGT1 01 Introduction
PDF
No ratings yet
FGT1 01 Introduction
39 pages
Ccsa NG: Check Point Certified Security Administrator Study Guide: Exam 156-210 (Vpn-1/Firewall-1 Management I NG) 690 Pages by Justin Menga
PDF
No ratings yet
Ccsa NG: Check Point Certified Security Administrator Study Guide: Exam 156-210 (Vpn-1/Firewall-1 Management I NG) 690 Pages by Justin Menga
1 page
LWB-CTR-E0.3 Ebook
PDF
No ratings yet
LWB-CTR-E0.3 Ebook
22 pages
The OSI Model
PDF
No ratings yet
The OSI Model
3 pages
Statuory Declaration PDF
PDF
No ratings yet
Statuory Declaration PDF
1 page
Installation Instructions (For New Buc & Idirect Modem) : 1. Replacing The Outdoor Equipment
PDF
No ratings yet
Installation Instructions (For New Buc & Idirect Modem) : 1. Replacing The Outdoor Equipment
11 pages
Checkpoint Actualtests 156-215 75 v2012-04-08
PDF
No ratings yet
Checkpoint Actualtests 156-215 75 v2012-04-08
178 pages
B Analysis
PDF
No ratings yet
B Analysis
3 pages
CLIC - Medical Claim Form
PDF
No ratings yet
CLIC - Medical Claim Form
2 pages
Life Assurance Expression of Wish Form
PDF
No ratings yet
Life Assurance Expression of Wish Form
2 pages
The Marsh Medicare Flyer-Generic - Clic
PDF
No ratings yet
The Marsh Medicare Flyer-Generic - Clic
1 page