Installing Sales
-
To edit the interface on Marketing that connects to Sales (in the example, port12), go to Network > Interfaces.
-
Set an IP/Network Mask for the interface (in the example, 192.168.135.2/255.255.255.0).
-
Set Administrative Access to allow FortiTelemetry.
-
To create a policy for traffic from Sales to Edge, go to Policy & Objects > IPv4 Policy.
-
Enable NAT.
-
To edit wan2 on Sales, go to Network > Interfaces.
-
Set an IP/Network Mask for the interface that’s on the same subnet as the internal 14 interface on Marketing (in the example, 192.168.135.10/255.255.255.0).
-
Under Administrative Access, select HTTPS and SSH.
-
Edit the lan interface.
-
Set Addressing Mode to Manual, and set the IP/Network Mask to a private IP address (in the example, 10.10.135.1/255.255.255.0).
-
Set Administrative Access to allow FortiTelemetry.
-
If you require the FortiGate to provide IP addresses, using DHCP, to devices that connect to this interface, enable DHCP Server.
-
Under Networked Devices, enable Device Detection.
-
To add a default route, go to Network > Static Routes and select Create New. Set Gateway to the IP address of the internal 14 interface on Marketing.
-
To create a policy that allow users on the Sales network to access Marketing, go to Policy & Objects > IPv4 Policy.
-
To add Sales to the Security Fabric, go to Security Fabric > Settings. Enable FortiGate Telemetry, then enter the same Group name and Group password that you set previously..
-
Enable Connect to upstream FortiGate and enter the IP address of the internal 14 interface on Marketing.
-
FortiAnalyzer Logging is enabled by default. Settings for the FortiAnalyzer are retrieved when Sales connects to Edge.
-
Connect WAN 2 on Sales to internal 14 on Marketing.
-
If you’re using FortiOS 6.0.3 and later, connect to Edge and go to Security Fabric > Settings. Authorize Sales to join the Security Fabric.