Basically 3 steps involved in this process.
1) Complete the prerequisites to change the mode
2) Change the mode from Switch mode to interface mode
3) Configure the network and allow access to a particular network port.
1) Prerequisites to change the mode
You must disable DHCP service on the Fortigate device and remove the any policies related to internal interface.
Below is the Fortigate device 80C in switch mode. All interfaces are combined together as single ‘internal’interface. In this case, we can’t have different settings ( IPs, policies etc) for every port in this device.
a) To remove DHCP, click on the ‘internal’ and press edit. unselect the check box of DHCP server as shown below.
b) Remove any policies which are related to ‘internal’ port, normally you will find only one policy.
Now we are ready to change the mode.
2) Changing from Switch mode to interface mode.
As said earlier, we should use CLI to complete this task. Use serial cable and any telnet client software for this purpose. If you like to use built in telnet client of Windows 8 or 8.1, check this guide.
Login with default default credentials which username is admin and no password.
Type following command,
config system global
set internal-switch-mode interface
end
And accept put "Y" of yes.
Once the device is rebooted, it will not have any network settings. Therefore, we must configure IP address and allowed access (http or https) to a particular network port which can be accessed through network cable and internet browser later.
3) Configure the network and allow access to a network port
Earlier we have changed switch port mode to interface mode. Now the device will have n number of individual network ports which can have individual settings and policies. After changing the mode, these ports will not have any settings, even no default IP address. Use the same CLI to configure IP and allow http or https access to a particular network port so that can be accessed via network.
Nenhum comentário:
Postar um comentário