Configuring Network Interfaces – FortiAnalyzer – FortiOS 6.2.3

Network

Configuring network interfaces

Fortinet devices can be connected to any of the FortiAnalyzer unit’s interfaces. The DNS servers must be on the networks to which the FortiAnalyzer unit connects, and should have two different IP addresses.

The following port configuration is recommended:

  • Use port 1 for device log traffic, and disable unneeded services on it, such as SSH, Web Service, and so on.
  • Use a second port for administrator access, and enable HTTPS, Web Service, and SSH for this port. Leave other services disabled.

To configure port 1:

  1. Go to System Settings > Network. The System Network Management Interface pane is displayed.
  2. Configure the following settings for port1, then click Apply to apply your changes.
Name Displays the name of the interface.
IP Address/Netmask The IP address and netmask associated with this interface.
IPv6 Address The IPv6 address associated with this interface.
Administrative Access Select the allowed administrative service protocols from: HTTPS, HTTP, PING, SSH, SNMP, Web Service, and FortiManager.
IPv6 Administrative Access Select the allowed IPv6 administrative service protocols from: HTTPS, HTTP, PING, SSH, SNMP, Web Service, and FortiManager.
Default Gateway The default gateway associated with this interface.
Primary DNS Server The primary DNS server IP address.
Secondary DNS Server The secondary DNS server IP address.

To configure additional ports:

  1. Go to System Settings > Network and click All Interfaces. The interface list opens.
  2. Double-click on a port, right-click on a port then select Edit from the pop-up menu, or select a port then click Edit in the toolbar. The Edit System Interface pane is displayed.
  3. Configure the settings as required.
  4. Click OK to apply your changes.
This entry was posted in Administration Guides, FortiAnalyzer, FortiOS 6.2 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.