Table of Contents
Advertisement
Quick Links
This FortiGate-5001B Security System Guide describes FortiGate-5001B hardware features, how to install a
FortiGate-5001B board in a FortiGate-5000 series chassis, and how to configure the FortiGate-5001B security system for
your network.
The most recent versions of this and all FortiGate-5000 series documents are available from the
the
Fortinet Technical Documentation
Visit
https://support.fortinet.com
updates, customer support, and FortiGuard services.
FortiGate-5001B Security System Guide
01-400-134818-20120216
web site (http://docs.fortinet.com).
to register your FortiGate-5001B security system. By registering you can receive product
FortiGate-5001B
Security System Guide
FortiGate-5000
page of
Advertisement
Table of Contents
Related Manuals for Fortinet FortiGate-5001B
Summary of Contents for Fortinet FortiGate-5001B
- Page 1 Security System Guide This FortiGate-5001B Security System Guide describes FortiGate-5001B hardware features, how to install a FortiGate-5001B board in a FortiGate-5000 series chassis, and how to configure the FortiGate-5001B security system for your network. The most recent versions of this and all FortiGate-5000 series documents are available from the...
-
Page 2: Warnings And Cautions
ESD connector such as the ESD sockets provided on FortiGate-5000 series chassis. • Make sure all FortiGate-5000 series components have reliable grounding. Fortinet recommends direct connections to the building ground. • If you install a FortiGate-5000 series component in a closed or multi-unit rack assembly, the operating ambient temperature of the rack environment may be greater than room ambient. -
Page 3: Table Of Contents
FortiGate-5001B mounting components ......14 Inserting a FortiGate-5001B board ......15 Shutting down and removing a FortiGate-5001B board . - Page 4 Using the CLI to configure Transparent mode ....30 Upgrading FortiGate-5001B firmware ......30 FortiGate-5001B base backplane data communication .
-
Page 5: Fortigate-5001B Security System
NEBS-compliant FortiGate-5140-R chassis. Table 1 lists FortiGate-5000 series chassis that can support the FortiGate-5001B board. For most up-to-date list of all chassis that can support the FortiGate-5001B board see the FortiGate-5001B Release Notes. Table 1: FortiGate-5000 series chassis that support the FortiGate-5001B board... -
Page 6: Physical Description
NP4-accelerated network processing for eligible traffic passing through these interfaces. You can also configure two or more FortiGate-5001B boards to create a high availability (HA) cluster using the base or fabric backplane interfaces for HA heartbeat communication through the chassis backplane, leaving front panel interfaces available for network connections. -
Page 7: Front Panel Components
Front panel components Front panel components From the FortiGate-5001B front panel you can view the status of the front panel LEDs to verify that the board is functioning normally. You also connect the FortiGate-5001B board to your 10-gigabit network using the 1 to 8 front panel SFP+ or SFP connectors. The front panel also includes two Ethernet management interfaces, an RJ-45 console port for connecting to the FortiOS CLI and a USB port. -
Page 8: Connectors
Blue The FortiGate-5001B board is ready to be hot-swapped (removed from the chassis). If the IPM light is blue and no other LEDs are lit the FortiGate-5001B board has lost power Flashing The FortiGate-5001B board is changing from hot swap Blue to running mode or from running mode to hot swap. -
Page 9: Nmi Switch
Fabric backplane communication The FortiGate-5001B fabric backplane interfaces (fabric1 and fabric2) are typically used for data communication between FortiGate-5001B boards installed in the same or in different FortiGate-5000 series chassis. To support 10-gigabit fabric backplane communications your FortiGate-5000 series chassis must include one or more FortiSwitch-5003A or FortiSwitch-5003B boards or other 10-gigabit fabric backplane switching boards installed in the chassis in fabric slots 1 and 2. - Page 10 For example, for maximum NP4 acceleration of traffic received on port1 the traffic must exit the FortiGate-5001B board on port2, port3, port4, or fabric1. Also, for maximum acceleration of traffic received on port5 the traffic must exit the FortiGate-5001B board on port6, port7, port8, or fabric2.
-
Page 11: Hardware Installation
Troubleshooting Installing SFP+ transceivers The FortiGate-5001B board ships with two SR SFP+ transceivers that you must install for normal operation of the FortiGate-5001B front panel interfaces (port1 to port8). Since the board is shipped with 2 SPT+ interfaces, if you want to connect more than 2 front panel interfaces you should purchase and install additional compatible SFP+ transceivers for these interfaces. -
Page 12: Changing Fortigate-5001B Sw2 Switch Settings
FortiGate-5001B board in a chassis that does not contain a functioning shelf manager. The default SW2 setting is required for most uses of the FortiGate-5001B including ELBCv3. The SW2 switch on the FortiGate-5001B board is factory set by Fortinet to detect a shelf manager (Figure 3). -
Page 13: Factory Default
(Requires Shelf Manager) By default a FortiGate-5001B board will not start up if the board is installed in a chassis that does not contain a shelf manager or that contains a shelf manager that is not operating. Before installing a FortiGate-5001B in a chassis that does not contain an... -
Page 14: Fortigate-5001B Mounting Components
“Inserting a FortiGate-5001B board” on page FortiGate-5001B mounting components To install a FortiGate-5001B board you slide the board into an open slot in the front of an ATCA chassis and then use the mounting components to lock the board into place in the slot. -
Page 15: Inserting A Fortigate-5001B Board
“Front panel components” on page It is important to carefully seat the FortiGate-5001B board all the way into the chassis, to avoid using excessive force on the handles, and to make sure that the handles are properly locked. Only then will the FortiGate-5001B board power-on and start up correctly. - Page 16 Hardware installation To insert a FortiGate-5001B board into a chassis slot Do not carry the FortiGate-5001B board by holding the handles or retention screws. When inserting or removing the FortiGate-5001B board from a chassis slot, handle the board by the front panel. The handles are not designed for carrying the board. If the handles become bent or damaged the FortiGate-5001B board may not align correctly in the chassis slot.
-
Page 17: Shutting Down And Removing A Fortigate-5001B Board
The handles should hook into the sides of the chassis slot. Closing the handles draws the FortiGate-5001B board into place in the chassis slot and into full contact with the chassis backplane. The FortiGate-5001B front panel should be in contact with the chassis front panel and both handles should lock into place. - Page 18 Shutting down and removing a FortiGate-5001B board Hardware installation FortiGate-5001B boards are hot swappable. The procedure for removing a FortiGate-5001B board from a chassis slot is the same whether or not the chassis is powered on. To remove a FortiGate-5001B board from a chassis slot Do not carry the FortiGate-5001B board by holding the handles or retention screws.
-
Page 19: Power Cycling A Fortigate-5001B Board
Power cycling a FortiGate-5001B board This section describes how to cycle the power on a FortiGate-5001B board by opening the right handle (the lower handle when the board is installed vertically in a FortiGate-5140 chassis) to activate a switch that cycles the power without removing the board from the chassis. -
Page 20: Troubleshooting
7 After 10 seconds snap both handles back into place. The board powers up, the LEDs light and in a few minutes the FortiGate-5001B board operates normally. 8 Fully tighten the retention screws to lock the FortiGate-5001B board into position in the chassis slot. -
Page 21: Fortigate-5001B Sta (Status) Led Is Flashing During System Operation
FortiGate-5000 series components. All chassis: Firmware problem If the FortiGate-5001B board is receiving power and the handles are fully closed, and you have restarted the chassis and the FortiGate-5001B still does not start up, the problem could be with FortiOS. Connect to the FortiGate-5001B console and try cycling the power to the board. - Page 22 Troubleshooting Hardware installation FortiGate-5001B Security System Guide 01-400-134818-20120216 http://docs.fortinet.com/...
-
Page 23: Quick Configuration Guide
NAT/Route mode (the default) or Transparent mode. NAT/Route mode In NAT/Route mode, the FortiGate-5001B security system is visible to the networks that it is connected to. Each interface connected to a network must be configured with an IP address that is valid for that network. -
Page 24: Transparent Mode
Transparent mode In Transparent mode, the FortiGate-5001B security system is invisible to the network. All of the FortiGate-5001B interfaces are connected to different segments of the same network. In Transparent mode you only have to configure a management IP address so... -
Page 25: Choosing The Configuration Tool
You can use either the web-based manager or the Command Line Interface (CLI) to configure the FortiGate board. Web-based manager The FortiGate-5001B web-based manager is an easy to use management tool. Use the web-based manager to configure the FortiGate-5001B administrator password, the interface addresses, the default gateway, and the DNS server addresses. -
Page 26: Factory Default Settings
Configuring NAT/Route mode Table 8 to gather the information you need to customize NAT/Route mode settings for the FortiGate-5001B security system. You can use one table for each board to configure. Table 8: FortiGate-5001B board NAT/Route mode settings Admin Administrator Password: _____._____._____._____... -
Page 27: Using The Web-Based Manager To Configure Nat/Route Mode
Configuring NAT/Route mode Using the web-based manager to configure NAT/Route mode 1 Connect port1 of the FortiGate-5001B board to the same hub or switch as the computer you will use to configure the FortiGate-5001B board. If you cannot connect to port1, see “Using the CLI to configure NAT/Route mode”... -
Page 28: Using The Cli To Configure Nat/Route Mode
Quick Configuration Guide Using the CLI to configure NAT/Route mode 1 Use the serial cable supplied with your FortiGate-5001B board to connect the FortiGate-5001B Console port to the management computer serial port. 2 Start a terminal emulation program (HyperTerminal) on the management computer. -
Page 29: Configuring Transparent Mode
_____._____._____._____ Using the web-based manager to configure Transparent mode 1 Connect port1 of the FortiGate-5001B board to the same hub or switch as the computer you will use to configure the FortiGate-5001B board. If you cannot connect to port1, see “Using the CLI to configure Transparent mode”... -
Page 30: Using The Cli To Configure Transparent Mode
Apply. Using the CLI to configure Transparent mode 1 Use the serial cable supplied with your FortiGate-5001B board to connect the FortiGate-5001B Console port to the management computer serial port. 2 Start a terminal emulation program (HyperTerminal) on the management computer. - Page 31 9 Update the FortiGate-5001B antivirus and attack definitions. See the FortiGate-5001B online help for details. To upgrade the firmware using the CLI To use the following procedure, you must have a TFTP server the FortiGate-5001B board can connect to. 1 Make sure the TFTP server is running.
-
Page 32: Fortigate-5001B Base Backplane Data Communication
To enable base backplane data communication from the FortiGate-5001B CLI From the FortiGate-5001B board CLI you can use the following steps to enable base backplane data communication. 1 Enter the following command to show the backplane interfaces:... - Page 33 To enable fabric backplane data communication from the FortiGate-5001B CLI From the FortiGate-5001B board CLI you can use the following steps to enable fabric backplane data communication. 1 Enter the following command to show the backplane interfaces:...
- Page 34 FortiGate-5001B fabric backplane data communication Quick Configuration Guide FortiGate-5001B Security System Guide 01-400-134818-20120216 http://docs.fortinet.com/...
-
Page 35: For More Information
FortiGate-5001B For more information Training Services Fortinet Training Services offers courses that orient you quickly to your new equipment, and certifications to verify your knowledge level. Fortinet training programs serve the needs of Fortinet customers and partners world-wide. Visit Fortinet Training Services at http://campus.training.fortinet.com, or email training@fortinet.com. - Page 36 For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
Need help?
Do you have a question about the FortiGate-5001B and is the answer not in the manual?
Questions and answers