Basic OSPF network topology
Note that other subnets can be added to the internal interfaces without changing the configuration.
Assumptions
- The FortiGate units used in this example have interfaces named port1, port2, and port3.
- All FortiGate units in this example have factory default configuration with FortiOS 4.0 MR2 firmware installed, and are in NAT/Route operation mode.
- Basic firewalls are in place to allow unfiltered traffic between all connected interfaces in both directions.
- This OSPF network is not connected to any other OSPF networks.
- Both Internet connections are always available.
- The modem connection is very slow and expensive.
- Other devices may be on the network, but do not affect this basic configuration.
- Router3 is responsible for redistributing all routes into and out of the OSPF AS.
Configuring the FortiGate units
Each FortiGate unit needs the interfaces, and basic system information such as hostname configured. This section includes:
- Configuring Router1
- Configuring Router2
- Configuring Router3
Configuring Router1
Router1 has two interfaces connected to the network—internal (port1) and external (port2). Its host name must be changed to Router1.
To configure Router1 interfaces – web-based manager
1. Go to System > Dashboard > Status.
2. Beside the host name, select Change.
3. Enter a hostname of Router1, and select OK.
4. Go to System > Network > Interfaces, edit port1, set the following information, and select OK.
Alias internal
IP/Network Mask 10.11.101.1/255.255.255.0
Administrative Access HTTPS SSH PING
Description Head office and Router2
Administrative Status Up
5. Edit port2, set the following information, and select OK.
Alias External
IP/Network Mask 10.11.102.1/255.255.255.0
Administrative Access HTTPS SSH PING
Description Router3
Administrative Status Up
Configuring Router2
Router2 configuration is the same as Router1, except Router2 also has the DSL interface to configure.
The DSL interface is configured with a username of “user1” and a password of “ospf_example”. The default gateway will be retrieved from the ISP, and the defaults will be used for the rest of the PPPoE settings.
To configure Router2 interfaces – web-based manager
1. Go to System > Dashboard > Status.
2. Beside the host name, select Change.
3. Enter a hostname of Router2, and select OK.
4. Go to System > Network > Interfaces, edit port1, set the following information, and select OK.
Alias internal
IP/Network Mask 10.11.101.2/255.255.255.0
Administrative Access HTTPS SSH PING
Description Head office and Router1
Administrative Status Up
5. Edit port2, set the following information, and select OK.
Alias External
IP/Network Mask 10.11.103.2/255.255.255.0
Administrative Access HTTPS SSH PING
Description Router3
Administrative Status Up
6. Edit DSL (port3), set the following information, and select OK.
Alias DSL
Addressing Mode PPPoE
Username user1
Password ospf_example
Unnumbered IP 10.12.101.2/255.255.255.0
Retrieve default gateway from server
Enable
Administrative Access HTTPS SSH PING
Description DSL
Administrative Status Up
Configuring Router3
Router3 is similar to Router1 and Router2 configurations. The main difference is the External (port3) interface connected to the ISP BGP network which has no administration access enabled for security reasons.