Chapter 1 Initial System Setup & Configuration
1.1 Overview
This section will outline the initial connection, basic setup and configuration of the FortiBalancer appliance. The easy to follow setup steps are introduced below.
1.1.1 Connecting to FortiBalancer
There are three ways to connect to the FortiBalancer appliance in order to begin the configuration:
- Console (recommended)
- SSH
- Web UI
1.1.1.1 Console Connection
If you choose the console connection, first connect the console cable (supplied) to the System Console Port on the FortiBalancer appliance, and then set up your console as follows:
Table 1-1 Console Setup
| Setting | Value |
| Emulation | VT 100 |
| Baud | 9600 |
| Number of Bits | 8 |
| Parity | No |
| Stop Bits | 1 |
| Flow Control | No |
Open a connection between the console and the FortiBalancer appliance. Once this connection is opened, users will see the FortiBalancer appliance prompt and may begin the configuration process.
1.1.1.2 SSH Connection
Once the IP parameters are configured and the SSH service is activated, the FortiBalancer appliance is prepared for custom configuration. You may access the command line interface (CLI) using SSH connection. Below gives an example.
Note: If you require SSH software for Windows, Mac OS X or UNIX, it is available on-line at http://www.openssh.com.
To establish an SSH connection:
- Step 1 Run the SSH program on your workstation
>> # ssh admin@10.3.55.251
10.3.55.251 is the FortiBalancer appliance’s IP address.
- Step 2 After you establish a connection, the FortiBalancer appliance will ask you for a privilege password.
>> # ssh admin@10.3.55.251 >> # admin@10.3.55.251’s password:
Upon the first startup, the user will be prompted for login username and password. The default username is “admin”, and the default password is “admin”.
Note: You must have the IP information setup and basic network connectivity in order to access the box through SSH.
1.1.1.3 Web UI Connection
This section introduces the connection method via FortiBalancer web UI (Web User Interface). The FortiBalancer web UI can:
- Improve user experience with fast response time
- Maximize the functionality and performance of the FortiBalancer appliance
- Simplify system management
If administrators want to take full advantage of the Web UI access to the FortiBalancer appliance, please first assign a valid and unique IP address and a port number to the web UI. For example:
FortiBalancer(config)#webui ip 10.10.0.2
FortiBalancer(config)#webui port 8888
On the FortiBalancer appliance, we use port1’s IP address as the default web UI IP address and the port 8888 as the default web UI port.
Then, turn on the web UI function:
FortiBalancer(config)#webui on
Now open your browser of choice and connect to the FortiBalancer appliance. To do this, simply type in the address bar as such:
https://10.10.0.2:8888
And now press “Enter”. The welcome screen should appear in your browser’s window, protected by the familiar prompt asking for user name and password. The default username and password is admin and admin, just as before. If this screen does not appear, verify the address and port designations for both the port1 interface and web UI port.
The FortiBalancer appliance web UI supports the following browsers:
IE (Recommended)
Firefox
Chrome
Browser resolution should be set to 1024×786 or higher.
1.1.2 Reading the LED
1.1.2.1 LEDs in the Front Panel
The FortiBalancer appliance possesses three LEDs in the front panel: one yellow, one green and one blue. The following is the usage description of each LED in the front panel.
Table 1-2 LEDs in the Front Panel
| Color | Meaning | Description |
| Yellow | Fault | This light is always off when FortiBalancer appliance keeps normal.
It means the following problems have come out if this light turns on: The CPU fan stops working. |
| Color | Meaning | Description |
| The CPU is overheated (equal to or over 85℃).
The system is overheated (equal to or over 75℃ on 1U appliances, or 85℃ on 2U appliances). One of the power supply modules breaks down (If the FortiBalancer appliance supports the dual power supply), the redundant power supply will turn on the Buzzer at the same time. |
||
| Green | Run | The green LED should blink each second when system is idle. CPU activity will be indicated by the blinking of this light; the faster the rate, the higher the CPU activity. |
| Blue | Power | Indication of power and the active state (off|on) of the FortiBalancer appliance. |
Note: If the yellow LED is lighted, please contact Customer Support. You can view system logs to get more information about the problem.
1.1.2.2 LEDs in the Rear Panel
The FortiBalancer appliance provides two LEDs for every Ethernet port in the rear panel:
- Link LED: indicates the speed mode of the link, which can be 1 Gbps, 10 Mbps or 100 Mbps.
- Activity LED: indicates the activity status of the network port.
The following table describes the meaning of each LED on the onboard and add-on NICs of the FortiBalancer appliance.
Table 1-3 LED for Ethernet Ports in Rear Panel
| NIC Type | LED Name | Description |
| Onboard NIC | Link LED | The Link LED has the following indicator colors:
Amber: The speed mode is 1 Gbps. Green: The speed mode is 100 Mbps. Off: No Connection or the speed mode is 10 Mbps. |
| Activity
LED |
The Activity LED has the following indicator colors:
Yellow and blinking: Active Off: Inactive |
|
| Add-on NIC | Link LED | The Link LED has the Yellow indicator color, indicating 1 Gbps, 10 Mbps or 100 Mbps speed mode. |
| Activity
LED |
The Activity LED has the following indicator colors:
Green and blinking: Active Off: Inactive |
1.1.3 Command Line Interface Structure
In this section, you will be provided an overview of the Command Line Interface (CLI) covering the following topics:
- Command Usage Breakdown
- Levels of Access Control
1.1.3.1 Command Usage Breakdown
The CLI allows you to configure and control key functions of the FortiBalancer appliance to better manage the performance of your servers and the accessibility to the contents therein.
The FortiBalancer appliance software has been designed with specific enhancements to make interaction with the Appliance more user friendly, such as Shorthand. Shorthand is the intuitive method by which the Appliance completes CLI commands based on the first letters entered. Other user shortcuts are listed below:
Table 1-4 List of Shortcuts
| CLI Shortcuts | Operation |
| ^a/^e | Move the cursor to the beginning/end of a line. |
| ^f/^b | Move the cursor forward/backward one character. |
| Esc-f | Move the cursor forward one word. |
| Esc-b | Move the cursor backward one word. |
| ^d | Delete the character under the cursor. |
| ^k | Delete from the cursor to the end of the line. |
| ^u | Delete the entire line. |
Note: The symbol “^” indicates holding down the Control (Ctrl) Key while pressing the letter that appears after the symbol.
The FortiBalancer CLI commands will generally adhere to the following style conventions: Table 1-5 FortiBalancer CLI Style Conventions
| Style | Convention |
| Bold | The body of a CLI command is in Boldface. |
| Italic | CLI parameters are in Italic. |
| < > | Parameters in angle brackets < > are required. |
| [ ] | Parameters in square brackets [ ] are optional.
Subcommand such as “no”, “show” and “clear” commands. |
| {x|y|…} | Alternative items are grouped in braces and separated by vertical bars. At least one should be selected. |
| [x|y|…] | Optional alternative items are grouped in square brackets and separated by vertical bars. One or none is selected. |
For example:
ip address {system_ifname|mnet_ifname|vlan_ifname|bond_ifname} <ip_address> {netmask|prefix}
Note: If a string we input for configuring a parameter starts with figure, or the string contains spaces, we must put the configuration string within double quotes to make sure that we can configure the command correctly.
1.1.3.2 Levels of Access Control
The FortiBalancer appliance’s Command Line Interface offers three levels of configuration and access to the OS. The CLI prompt of each level consists of the host name of the FortiBalancer appliance followed by a unique cursor prompt, either “>”, “#” or “(config)#”.
The first level is for basic network troubleshooting and is called the User level. At this level, the user is only authorized to operate some very basic commands and non-critical functions such as ping and traceroute. Here is how the User level prompt appears in the CLI.
FortiBalancer>
The second level of administration is the Enable level. Users at this level have access to a majority of view only commands such as “show version”. Users in the Enable level may execute commands from both the User and Enable levels. In order to gain access to this level of appliance management, the user must employ the command “enable”. Once this command is entered, the FortiBalancer appliance prompts the user for the appropriate password. If correct password is entered, the CLI prompt will change from “FortiBalancer>” to “FortiBalancer#”, which means the user is granted access to the Enable level. The default password for the Enable level is null, i.e. users simply need to press “Enter”.
FortiBalancer>enable Enable password:
FortiBalancer#
The final access level is the Config level. It is with this level of authority that the user can make changes to the configuration of the box. No two users can access the Config level at the same time. Once a user has gained access to this level, he or she can implement commands in all three levels. To gain access to the full configurable functions of the FortiBalancer appliance, the user must use the following command:
FortiBalancer#config terminal
Once this command is entered, the CLI prompt will change to:
FortiBalancer(config)#
In the event that Config level is not available because another Config level session has been opened, the administrator can deploy the following command to gain access to the Config level:
FortiBalancer#config terminal force
WARNING:
You are forcing other user to exit configuration mode.
In case the other user is actively changing the system configuration, the result may be unpredictable.
Do you still want to force into Configuration Mode “YES” or “NO”:
Type “YES” and press “Enter”. You will enter the Config level successfully.
For each level the user can type “?” for available commands. For example, entering
“FortiBalancer(config)#slb real ?” will prompt users with all the possible parameters or protocols the CLI will accept with the “slb real” command.
FortiBalancer(config)#slb real ? [enter]
activation Recovery and warm-up time of real service disable Remove real service from load balancing dns Define SLB DNS real service enable Activate real service for load balancing ftp Define SLB FTP real service