System Network Interface
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 83
Additional configuration for interfaces
Once the interface is selected with the basic settings configured, some additional
configuration may be considered. Additional configuration for an interface consists
of setting:
• Administrative access to an interface
• Interface MTU packet size
• Traffic logging for an interface
• Secondary IP Addresses
Administrative access to an interface
For a VDOM running in NAT/Route mode, you can control administrative access
to the interfaces in that VDOM.
You can allow remote administration of the FortiGate unit. However, allowing
remote administration from the Internet could compromise the security of the
FortiGate unit. You should avoid this unless it is required for your configuration. To
improve the security of a FortiGate unit that allows remote administration from the
Internet:
Use secure administrative user passwords.
Change these passwords regularly.
Enable secure administrative access to this interface using only HTTPS or SSH.
Name The name of the IPSec interface.
Virtual Domain Select the VDOM of the IPSec interface.
IP
Remote IP
If you want to use dynamic routing with the tunnel or be able to ping
the tunnel interface, enter IP addresses for the local and remote
ends of the tunnel. These two addresses must not be used
anywhere else in the network.
Administrative
Access
Select the types of administrative access permitted on this
interface.
HTTPS Allow secure HTTPS connections to the web-based manager
through this interface.
PING Interface responds to pings. Use this setting to verify your
installation and for testing.
HTTP Allow HTTP connections to the web-based manager through this
interface. HTTP connections are not secure and can be intercepted
by a third party.
SSH Allow SSH connections to the CLI through this interface.
SNMP Allow a remote SNMP manager to request SNMP information by
connecting to this interface. See “Configuring SNMP” on page 127.
TELNET Allow Telnet connections to the CLI through this interface. Telnet
connections are not secure and can be intercepted by a third party.
Log Select Log to record logs for any traffic to or from the interface. To
record logs you must also enable traffic log for a logging location
and set the logging severity level to Notification or lower. Go to
Log&Report > Log Config to configure logging locations and
types. For information about logging see “Log&Report” on
page 407.
Description Optionally, enter a description up to 63 characters long.
To Next Page
Loading...
Need help?
General