Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable

Created on ‎12-01-2008 02:13 PM

Article Id 195459

FortiGate modem configuration: Dial-in and dial-out

Article
Description

This article describes how to configure a FortiGate unit to use an external modem (connected to the FortiGate unit USB port) or the internal modem (available on some FortiGate models) as a dial-in server or as a dial-out modem.

Components
  • FortiOS all versions.
Steps or Commands

Dial-in server configuration

Enter the following CLI command to configure a FortiGate unit to use an external or internal modem as a dial-in server. This configuration includes a user group. This user group should include the users who can log into the FortiGate unit using the dial-in server.

config system dialinsvr
    set status enable
    set server-ip 10.10.10.10
    set client-ip 10.10.10.20
    set usrgrp "dialin"
    set allowaccess ping https ssh snmp http telnet
    set modem-dev external
end

Where:

  • set server-ip 10.10.10.10 is the IP address to assign to the FortiGate units
  • set client-ip 10.10.10.20 is the IP address to assign to the client PCs
  • set usrgrp "dialin" is the user group that includes modem users.
  • set allowaccess ping https ssh snmp http telnet allows management access to the dial-in server.

Set modem-dev to external if the modem is an external modem. Set modem-dev to internal if the modem is an internal modem.

If auto answer mode is not enabled on the modem, the dial-in server will not work. Use the following diagonse command to enable auto answer mode for an internal modem:

diagnose sys modem cmd internal at&fs0=1&w0&w1

Use the following command to enable auto answer mode for an external modem:

diagnose sys modem cmd wireless at&fs0=1&w0&w1

You need to enter this command once only. The setting is written to the modem and the modem should keep the setting.

Dial-out modem configuration

Enter the following CLI command to configure a FortiGate unit to use a modem as a dial-out modem.

config system modem
    set status enable
    set account-relation fallback
    set mode standalone
    set auto-dial enable
    ...
end

If auto-dial is enabled, the FortiGate will dial out automatically.

If the modem interface is used for an IPSec VPN tunnel, the auto-dial option must be set to enable.


Labels:
2938
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.