Hi everyone,
I'm planning to setup a FG-80C in transparent mode behind two routers on my network.
I just want to know what are the features of fortigate that will not work in transparent mode setup compared to NAT mode?
And what should be the best practice in transparent mode? My purpose is just blocking prohibited sites on my network and control the bandwidth usage on particular users. Is single sign on and traffic shapping works in transparent mode? Can I also access the firewall outside my network while in transparent mode?
Any help, tips, suggestions, reactions will be much appreciated. Thank you.
Regards,
Jam
Solved! Go to Solution.
Here's some differences that are NOT in transparent mode
no sslvpn
no dhcp services
no vip or loadbalancing supportno routing to include multicast or unicast or pbr
no dns server
Now to answer the others, yes you can managed the unit if you apply an address on a management interface?
BCPs, will you have to deploy all reasonable firewall security practices, ideally in your case. I would deploy the unit with allow and then tighten things down after you step thru and understand the unit. This will apply the least interruptions.
TS, I never heard of anyone using TS in L2-mode, but yes you could rate limit users access.
ALL UTMs features that I'm aware of, should be available in L2-mode.
PCNSE
NSE
StrongSwan
Here's some differences that are NOT in transparent mode
no sslvpn
no dhcp services
no vip or loadbalancing supportno routing to include multicast or unicast or pbr
no dns server
Now to answer the others, yes you can managed the unit if you apply an address on a management interface?
BCPs, will you have to deploy all reasonable firewall security practices, ideally in your case. I would deploy the unit with allow and then tighten things down after you step thru and understand the unit. This will apply the least interruptions.
TS, I never heard of anyone using TS in L2-mode, but yes you could rate limit users access.
ALL UTMs features that I'm aware of, should be available in L2-mode.
PCNSE
NSE
StrongSwan
Hi Sir Ken,
Good day, thank you for your information regarding transparent mode. I'm not that familiar in this mode of setup because I usually use NAT mode. Although I read already some cookbooks regarding transparent mode but most are just basic guide.
Noted this!
Regards,
Jam
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.