|
To fetch updates from FortiGuard servers in transparent mode, the FortiGate should have Internet access.
A management IP is assigned to FortiGate in transparent mode.
config system settings
set opmode transparent
set manageip <IP Address/Mask>
end
Any interface on the FortiGate can be used for management access. As an example:
config system interface
edit "wan1"
set vdom "root"
set allowaccess https ping http ssh snmp telnet
set type physical
set role wan
set snmp-index 1
next
end
A static route needs to be defined pointing towards the next-hop device.
config router static
edit 1
set gateway <next-hop IP> (no option to define interface in transparent mode).
next
end
Internet access in transparent mode is needed to allow communication with FortiGuard servers and to fetch automatic updates for different services (such as FortiCare, Antivirus, IPS, Web Filter, etc.).
Related article:
Technical Tip: Change from NAT to transparent mode when FortiLink is enabled
|
