Fortinet black logo

Set up the Monitored Network

Copy Link
Copy Doc ID e09daf98-5af9-11e9-81a4-00505692583a:314840
Download PDF

Set up the Monitored Network

The Monitored Network page allows administrators to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Monitored Network.
  2. Select Auto VLAN Detection to automatically detect the VLANs on your network.
  3. Select the Detection Interface. You can select multiple ports from Port 2 to Port 8. Click OK.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet to FortiDeceptor. Configure the following settings:

    Interface

    The port that will connect to the VLAN or subnet.

    VLAN ID

    Specify an integer to assign a unique ID to the VLAN.

    Deception Monitor IP/Mask

    Specify an IP address to monitor. This is useful to mask the actual IP address.

    Ref

    Shows the number of objects referring to this object.

    Status Shows if the IP address is initialized.

    Action

    Click Edit to edit the VLAN or Subnet entry. The Edit button is visible only after the entry is saved.

  5. Click Save.

The Monitor IP/Mask must be set as an IP address and not as a subnet.

You must use the following guidelines to set the Monitored IP/Mask:

  • Interface name and VLAN ID is unique among all Monitored IP/Mask.
  • If VLAN ID is 0, the Monitored IP/Mask is unique among all the Monitored IP/Mask without VLAN and all system interfaces.
  • If VLAN is not 0, the Monitored IP/Mask is unique among all subnets in the same VLAN.

Set up the Monitored Network

The Monitored Network page allows administrators to set up a monitoring interface into a VLAN or a subnet.

To add a VLAN or subnet to FortiDeceptor:
  1. Go to Deception > Monitored Network.
  2. Select Auto VLAN Detection to automatically detect the VLANs on your network.
  3. Select the Detection Interface. You can select multiple ports from Port 2 to Port 8. Click OK.
  4. Click Add New VLAN/Subnet to manually add a VLAN or a subnet to FortiDeceptor. Configure the following settings:

    Interface

    The port that will connect to the VLAN or subnet.

    VLAN ID

    Specify an integer to assign a unique ID to the VLAN.

    Deception Monitor IP/Mask

    Specify an IP address to monitor. This is useful to mask the actual IP address.

    Ref

    Shows the number of objects referring to this object.

    Status Shows if the IP address is initialized.

    Action

    Click Edit to edit the VLAN or Subnet entry. The Edit button is visible only after the entry is saved.

  5. Click Save.

The Monitor IP/Mask must be set as an IP address and not as a subnet.

You must use the following guidelines to set the Monitored IP/Mask:

  • Interface name and VLAN ID is unique among all Monitored IP/Mask.
  • If VLAN ID is 0, the Monitored IP/Mask is unique among all the Monitored IP/Mask without VLAN and all system interfaces.
  • If VLAN is not 0, the Monitored IP/Mask is unique among all subnets in the same VLAN.