Network
The FortiAnalyzer unit can manage Fortinet devices connected to any of its interfaces. The DNS servers must be on the networks to which the FortiAnalyzer unit connects, and should have two different addresses.
To view the configured network interfaces, go to System Settings > Network. The network screen is displayed.
Figure 46:Network page
Configure the following settings:
Management Interface
| IP/Netmask | The IP address and netmask associated with this interface. |
| IPv6 Address | The IPv6 address and netmask associated with this interface. |
| Administrative
Access |
Select the allowed administrative service protocols from: HTTPS,
HTTP, PING, SSH, TELNET, SNMP, Web Service, and Aggregator. |
| IPv6 Administrative
Access |
Select the allowed IPv6 administrative service protocols from: HTTPS, HTTP, PING, SSH, TELNET, SNMP, Web Service, and Aggregator. |
| Default Gateway | The default gateway associated with this interface |
| DNS |
Primary DNS Server Enter the primary DNS server IP address.
| Secondary DNS
Server |
Enter the secondary DNS server IP address. |
| All Interfaces | Click to open the network interface list. See “Network interfaces” on page 70. |
| Routing Table | Click to open the routing table. See “Static routes” on page 72. |
| IPv6 Routing Table | Click to open the IPv6 routing table. See “Static routes” on page 72. |
| Diagnostic Tools | Select to run available diagnostic tools, including Ping, Traceroute, and View logs. See “Diagnostic tools” on page 73. |
Network interfaces
To view the Network interface list, select the All Interfaces button.
Figure 47:Network interface list
The following information is displayed:
| Name | The names of the physical interfaces on your FortiAnalyzer unit. The name of a physical interface depends on the model. Unlike FortiGate, you cannot set alias names for the interfaces. For more information, on configuring the interface, see “To edit a network interface:” on page 71.
If HA operation is enabled, the HA interface has /HA appended to its name. |
| IP / Netmask | The IP address and netmask associated with this interface. |
| IPv6 Address | The IPv6 address associated with this interface. |
| Description | A description of the interface. |
| Administrative
Access |
The list of allowed administrative service protocols on this interface. |
IPv6 Administrative The list of allowed IPv6 administrative service protocols on this access interface.
The following options are available:
| Edit | Right-click on an interface and select Edit in the in the pop-up menu. Alternatively, double-click the entry to open the Edit Interface page. See “To edit a network interface:” on page 71. |
| Delete | Right-click on an interface and select Delete in the pop-up menu to remove the entry. Select OK in the confirmation dialog box to complete the delete action. |
To edit a network interface:
Either right-click on an interface and select Edit in the in the pop-up menu, or double-click the entry to open the Edit Interface page. The Edit Interface window opens.
Figure 48:Configure network interfaces
Configure the following settings, then select OK to apply your changes:
| Enable | Select to enable this interface. An enabled icon, , appears in the interface list to indicate the interface is accepting network traffic.
When not selected, a disabled icon, , appears in the interface list to indicate the interface is down and not accepting network traffic. |
| Alias | Enter an alias for the port to make it easily recognizable. |
| IP Address/Netmask | Enter the IP address and netmask for the interface. |
| IPv6 Address | Enter the IPv6 address for the interface. |
| Administrative
Access |
Select the services to allow on this interface. Any interface that is used to provide administration access to the FortiAnalyzer unit will require at least HTTPS or HTTP for Web-based Manager access, or SSH for CLI access. |
| IPv6 Administrative
Access |
Select the services to allow on this interface. Any interface that is used to provide administration access to the FortiAnalyzer unit will require at least HTTPS or HTTP for Web-based Manager access, or SSH for CLI access. |
| Description | Enter a brief description of the interface (optional). |
Static routes
From System Settings > Network, select Routing Table to manage IPv4 static routes, or select IPv6 Routing Table to manage IPv6 static routes.
Figure 49:Routing table
The following information is displayed:
| ID | The route number. |
| IP/Netmask | The destination IPv4 or IPv6 address and netmask for this route. |
| Gateway | The address of the next hop router to which this route directs traffic. |
| Interface | The network interface that connects to the gateway. |
The following options are available:
| Create New | Select Create New to add a new route. See “To add a static route:” on page 72. |
| Delete | Select the check box next to the route number then select Delete to remove the route from the table. Delete is also available in the right-click menu. |
| View | Select from the right-click menu to open the Create Route window. |
To add a static route:
From the routing table, select Create New, double-click on a current route, or right-click and select View, to open the Create Route or Create IPv6 Route window.
Figure 50:Create new route
Configure the following settings, then select OK to create the new static route:
Destination IP/Mask Enter the destination IP address and netmask, or IPv6 prefix, for this route.
| Gateway | Enter the address of the next hop router to which this route directs traffic. |
| Interface | Select the network interface that connects to the gateway. |