Static routing example
This is an example of a typical small network configuration that uses only static routing.
This network is in a dentist office that includes a number of dentists, assistants, and office staff. The size of the office is not expected to grow significantly in the near future, and the network usage is very stable—there are no new applications being added to the network.
The users on the network are:
- Admin staff – access to local patient records, and perform online billing
- Dentists – access and update local patient records, research online from desk
- Assistants – access and update local patient records in exam rooms
The distinction here is mainly that only the admin staff and dentist’s office need access to the Internet—all the other traffic is local and doesn’t need to leave the local network. Routing is only required for the outbound traffic, and the computers that have valid outbound traffic.
Configuring routing only on computers that need it acts as an additional layer of secur- ity by helping prevent malicious traffic from leaving the network.
This section includes the following topics:
- Network layout and assumptions
- General configuration steps
- Configure FortiGate unit
- Configure Admin PC and Dentist PCs
- Testing network configuration
Network layout and assumptions
The computers on the network are admin staff computers, dentist office computers, and dental exam room computers. While there are other devices on the local network such as printers, they do not need Internet access or any routing.
This networked office equipment includes 1 admin staff PC, 3 dentist PCs, and 5 exam room PCs. There are also a network printer, and a router on the network as well.
Assumptions about these computers, and network include:
- The FortiGate unit is a model with interfaces labeled port1 and port2.
- The FortiGate unit has been installed and is configured in NAT/Route mode.
- VDOMs are not enabled.
- The computers on the network are running MS Windows software.
- Any hubs required in the network are not shown in the network diagram.
- The network administrator has access to the ISP IP addresses, and is the super_admin administrator on the FortiGate unit.
Static routing example device names, IP addresses, and level of access
Device Name(s) | IP address | Need external access? |
Router |
192.168.10.1 |
YES |
Admin |
192.168.10.11 |
YES |
Device Name(s) | IP address | Need external access? |
Dentist1–3 |
192.168.10.21-23 |
YES |
Exam1–5 |
192.168.10.31-35 |
NO |
Printer |
192.168.10.41 |
NO |