FortiGate/FortiWiFi 70D/90D

Performance
Consolidation
Protection

February 19, 2014

01-500-199105-20140219
Copyright 2014 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and FortiGuard, are registered trademarks of Fortinet, Inc., and other Fortinet
names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics
contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments
and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties,
whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinets General Counsel, with a purchaser that
to performance in the same ideal conditions as in Fortinets internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change,
modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.

Register for Support

Register your Fortinet product to receive:
Technical Support
New product features
Protection from new threats

Debe registrar el producto para recibir:

Apoyo tcnico
Nuevas funcionalidades del producto
Proteccin contra ataques

Vous devez enregistrer le produit pour

recevoir:
Support technique
Nouvelles fonctionnalites du produit
Protection contre de nouvelles menaces

La reistrazione ti permette di usufruire di:

Supporto Tecnico
Nuove funzionalita
Proteezione dalle ultime minaccce

FortiGate/FortiWiFi 70D/90D
QuickStart Guide

http://forti.net/support
Toll free: 1 866 648 4638
Phone: 1 408 486 7899
Fax: 1 408 235 7737
Email: register@fortinet.com

Box Includes

Before You Begin

Performance
Consolidation
Protection

W AN 1

11

13

W AN 2

10

12

14

Write down details that you may need from your network administrator or ISP.

CONSOLE

POWER STATUS ALARM

HA

WIFI

FortiGate/FortiWiFi 70D/90D

USB Cable

DSL PPPoE

Cable Modem DHCP

Username

It is normal to not require a hostname

but your ISP may require it.

Password

Hostname

Ethernet Cable

T1/E1, Static broadband, Cable, or DSL with a static IP

Power Cable

2 Wireless Antennae
(Wireless models only)
4

Power Adapter
(Ground lug on PoE models only)

IP Address

Subnet Mask

Default Gateway

Primary/Secondary DNS

QuickStart Guide Video

http://forti.net/vqsg
5

WAN1

A
Internet

LAN port 1
Power Connection

https://

Ground Screw

Basic Connections
1. Connect your device to a power outlet and an Internet connection. This is usually a
modem, but could also be another device on your network.
2. PoE models only: connect the ground lug to the device ground screw.

FortiGate Setup Options

Web Browser

Setup Wizard (p.7)

Terminal Emulation

OS X
With FortiExplorer (pp.8-9)

(p.10-11)
(pp.12-13)
6

Web Browser with Ethernet cable

Web-based Manager
1. Connect the Ethernet cable.
2. Visit 192.168.1.99 in your web browser.
3. Login using username admin and no password.
4. Click Wizard in the top right corner.
5.
and save your settings.
6. Register your device from the dashboard page.
7

USB MGMT

Windows/OS X with USB

1. Download FortiExplorer from http://forti.net/fexp.

Microsoft Windows Install

Mac OS X Install

FortiExplorer Setup Wizard

2. Connect the USB cable and launch

FortiExplorer if it does not appear
automatically.

2. Double-Click the
and drag the
FortiExplorer icon to the Applications
folder.
3. Connect the USB cable.
4. Click the FortiExplorer icon to launch
the application.

1. Follow prompts or click Register to register your device with FortiCare.

2. Click Setup Wizard.
3. Login using username admin and no password.
4. Follow Setup Wizard steps.
5. Click
to complete the setup of your device.
9

Terminal Emulation with Console Cable

To Connect to the CLI (Console Models Only)

1. Connect the FortiGate unit console port to the management computer using a standard
console cable (not provided).
2. Start a terminal emulation program on the management computer. Select the COM port
and use the following settings:

Baud Rate: 9600

Data bits: 8
Parity: None
Stop bits: 1
Flow Control: None
3. Press Enter on your keyboard to connect to the CLI.
4. Login using username admin and no password. You can now proceed with

A list of commands can be found at http://forti.net/cli.

Get started by typing ? for a list of available commands.
Begin typing a command and type ? for a list of available ways to complete.
For example
A comprehensive reference guide with all commands can be found at http://forti.net/cli.

10

11

USB Port

iPhone/iPad/iPod Touch with Apple to

USB cable

http://forti.net/fexp-ios

FortiExplorer App
1. Download the iOS FortiExplorer App to your device from http://forti.net/fexp-ios.
2. Use your Apple USB cable to connect to the USB port.
3. Launch the FortiExplorer App and select the device model.
4. Login using username admin and no password.
12

13

Device Guide

Wireless models only

FortiGate/FortiWiFi 70D/90D Non-PoE Models Only

WiFi (Wireless models only)
Connected
No connection

Alarm
Major
Minor
None
Status
Booting up
Normal

USB MGMT
(USB mini-B)

W AN 1

11

USB
(USB A)

LAN Ports 1 - 14 (RJ-45)

Gigabit Ethernet 14-port switch
connection for the internal network

13

11

WAN1

14

12

10

WAN2

13

USB
CONSOLE

POWER STATUS ALARM

PWR
On
Off

WIFI

HA
Operating
Disabled

Console (Console models only)

Optional connection to the
management computer.
Provides access to the CLI
14

HA

W AN 2

10

12

14

WAN 1 & 2, LAN Ports 1 - 14

Connected at 1Gbps
Transmitting & receiving data at 1Gbps
Connected at 10/100Mbps
Transmitting & receiving data at 10/100Mbps
No link established

DC+12V

USB
MG MT

Power Connection
12V DC, 2.5A
100-240V AC, 50-60Hz adapter

WAN 1 & 2 (RJ-45)

Internet

15

Device Guide

Wireless models only

FortiGate/FortiWiFi 90D PoE Models Only

WiFi (Wireless models only)
Connected
No connection

HA
Operating
Disabled

PoE Status
Power delivered
Error/fault
No power delivered

Status
Booting up
Normal

Power Connection
48V DC, 2.5A
100-240V AC, 50-60Hz adapter
Attention: The power adapter ground lug must
be connected to the device ground screw.
USB MGMT
(USB mini-B)

W AN 1

HA

WIFI

W AN 2

10

PoE

WAN 1 & 2 (RJ-45)

USB
(USB A)

CONSOLE

POWER STATUS ALARM

Internet

WAN1

10

WAN2

USB

PWR
On
Off

Alarm
Major
Minor
None

Console (Console models only)

Optional connection to the
management computer. Provides
access to the CLI.
16

WAN 1 & 2, LAN Ports 1 - 10 & A - D

Connected at 1Gbps
Transmitting & receiving data at 1Gbps
Connected at 10/100Mbps
Transmitting & receiving data at 10/100Mbps
No link established

DC+48V

USB
MGMT

PoE

LAN Ports 1 - 10 (RJ-45)

Gigabit Ethernet 14-port switch connection for the internal network
LAN Ports A - D (RJ-45)
Gigabit Ethernet ports with Power over Ethernet (PoE) up to a
maximum 15.4W for each port
17

More Information
FortiGate Cookbook
Advanced installing and setup, networking, security policies

Training Services
Cours

About Fortinet
CLI Reference
li

FortiOS Handbook

18

FortiAnalyzer

ger

tiC

lie

nt

For

or
at

tic
en

ail

An
Viru ti
s

t i We b

a
ew

uth

tiM

n
Applicatio
Control

Fir

i
iF er
W roll
nt
o
C

DLP

ll

FortiA

For

or

Fo

M
rti

a
an

al ancer

Web
Filtering

Fo

A
Sp nti
am

rti

oS

Fo

N
WA ation
Traffic
z
Optimizat
imi
ion Opt

ti

tc

Sw

dge

rtiB

IPS

FortiBri

VP

h
Fo

rti

To k

en

FortiWiFi

For

tiA

Fo

Cautions and Warnings

Operating Temperature

For products with power over Ethernet (PoE):

Power over Ethernet (PoE) Do not connect this device to PoE networks with routing to the outside plant. Use this equipment in a Network Environment 0 per IECTR
62101. Do not use PoE injectors that are not IEEE 802.3af compliant. They may damage your device.
Alimentation par Ethernet Ce matriel doit tre utilis dans un Environnement Rseau 0 par IECTR 62101. Ce matriel est uniquement connect aux rseaux PoE

Temprature ambiante leve 0 40 C (32 104 F) Si cet appareil est install dans un cabinet ferm, la temprature ambiante du cabinet peut tre suprieure
Storage temperature -35 to 70C (-31 to 158F)
35 70 C (-31 158 F)
Humidity 20 to 95% non-condensing
Humidit 20 95% sans condensation
Operating altitude < 2250 m (7380 ft)
Altitude oprationnelle <2250 m (7380 pi)

Ventilation
refroidissement adquat.
Circuit overloading
might have on current protection and supply wiring.
For redundant power sources, connect each to an IEC/UL Listed power source whose output rating is greater than or equal to the equipment.
Surtension

Regulatory Compliance
Federal Communication Commission (FCC) USA
This device complies with Part 15 of FCC Rules. Operation is subject to the following two conditions:
(1) this device may not cause harmful interference, and
(2) this device must accept any interference received; including interference that may cause undesired operation.
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference in residential installation. This equipment generates, uses, and can radiate radio frequency energy, and if
it is not installed and used in accordance with the instruction manual, it may cause harmful interference to radio communications. However, there is no guarantee that
interference will not occur in a particular installation.
If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to
try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.

Reliable earthing Make sure all rack-mounted equipment is grounded. This includes supply connections (e .g . power strips), not only direct connections to the branch
circuit.
Mise la terre
des connexions directes au circuit de drivation.
Interference If possible, use Shielded Twisted Pair (STP) Ethernet cables instead of Unshielded Twisted Pair (UTP) .
Interfrence

WARNING:
equipment

Safety

For FWF product model:

Mechanical loading To avoid personal injury or damage to the appliance, Fortinet recommends that 2 or more people together install the appliance into the rack.
Balance the equipment to avoid uneven mechanical loading and tipping. Do not place heavy objects on the appliance.
Installation

Caution: Operations in the 5.15-5.25GHz band are restricted to indoor usage only.

Radiation Exposure Statement:

This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum
distance 20cm between the radiator and your body. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.

Industry Canada Equipment Standard for Digital Equipment (ICES) Canada

CAN ICES-3 (B) / NMB-3 (B)

To avoid risk of damage to your equipment, personal injury, or death, disconnect cables while servicing. Do not connect or disconnect cables
during lightning. Do not use this product near water for example, near a bathtub, washbowl, kitchen sink or laundry tub, in a wet basement or near a swimming pool. Do
not install this equipment in a home or public area accessible to the general population. When installed in schools, this equipment must be installed in a location where
access is restricted to trained personnel.
Battery
your local regulations. IMPORTANT: Switzerland: Annex 4.10 of SR814.013 applies to batteries.
Batterie
IMPORTANT:

This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference,
and (2) this device must accept any interference received, including interference that may cause undesired operation.

suivantes: (1) le dispositif ne doit pas produire de brouillage prjudiciable, et (2) ce dispositif doit accepter tout brouillage reu, y compris un brouillage susceptible de
provoquer un fonctionnement indsirable.
Radiation Exposure Statement:
This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum
distance 20cm between the radiator & your body.

Grounding To prevent damage to your equipment, connections that enter from outside the building should pass through a lightning / surge protector, and be properly
grounded. Use an electrostatic discharge workstation (ESD) and/or wear an anti-static wrist strap while you work. In addition to the grounding terminal of the plug, on the
back panel, there is another, separate terminal for earthing.
Mise la terre
/ parasurtenseur et sont correctement mis la terre. Utilisez un poste de travail de dcharge lectrostatique (ESD) et / ou portez un bracelet anti-statique lorsque vous

un minimum de 20 cm de distance entre la source de rayonnement et votre corps.

For FWF product model:
Caution: The device for the band 5150-5250 MHz is only for indoor usage to reduce potential for harmful interference to co-channel mobile satellite systems. High-power
radars are allocated as primary users (i.e. priority users) of the bands 5250-5350 MHz and 5650-5850 MHz and that these radars could cause interference and/or
damage to LE-LAN devices.

Avertissement:
brouillage prjudiciable aux systmes de satellites mobiles utilisant les mmes canaux. De plus, les utilisateurs devraient aussi tre aviss que les utilisateurs de radars
causer du brouillage et/
ou des dommages aux dispositifs LAN-EL.
This device has been designed to operate with an antenna having a maximum gain of 2dBi for 2.4GHz and 3dBi for 5GHz. Antenna having a higher gain is strictly
prohibited per regulations of Industry Canada. The required antenna impedance is 50 ohms.
Under Industry Canada regulations, this radio transmitter may only operate using an antenna of a type and maximum (or lesser) gain approved for the transmitter by
Industry Canada. To reduce potential radio interference to other users, the antenna type and its gain should be so chosen that the equivalent isotropically radiated power
(e.i.r.p.) is not more than that necessary for successful communication.
Ce dispositif a t conu pour fonctionner avec une antenne ayant un gain maximal de 2dBi pour 2,4 GHz et 3dBi pour 5GHz. Une antenne gain plus lev est

satisfaisante.

European Conformity (CE) - EU

This is a Class B product. In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures.
For FG product models:

For FWF product model:

National Communications Commission (NCC) Taiwan

For FWF product model:

Fortinet Product License Agreement / EULA and Warranty Terms

Trademarks and Copyright Statement

Product License Agreement

The parties to this agreement are you, the end customer, and either (i) where you have purchased your Product within the Americas, Fortinet, Inc., or (ii) where you have

from you but does not agree to the terms contained in this Agreement and therefore wishes to return the Product(s) as provided for in this Agreement. Further, if you
are a non-authorized reseller of Products, you are not authorized to sell Product(s) or Software, but, regardless, by selling Product(s) or Software, you hereby agree
you are bound by the restrictions and obligations herein and are bound to: (i) ensure that your customer and the end user receive a copy of this Agreement and are
bound in full by all restrictions and obligations herein (ii) enforce the restrictions and obligations in this Agreement against such customer and/or end user, (iii) comply
with all applicable United States export control laws and regulations and all other applicable laws, and (iv) refund any fees paid to you by a customer and/or end user
who purchased Product(s) from you but does not agree to the restrictions and obligations contained in this Agreement and therefore wishes to return the Product(s) as

6. Limited Warranty.
Fortinet provides this limited warranty for its product only to the single end-user person or entity that originally purchased the Product from Fortinet or its authorized
reseller or distributor and paid for such Product. The warranty is only valid for Products which are registered on Fortinets Support Website: https://support.fortinet.com;
or on the TalkSwitch support website: http://global.talkswitch.com; or such other website as provided by Fortinet. For the below software warranty to start, registration
will not be honored. For the hardware warranty, such warranty starts on the earlier of the date of Product registration on Fortinets Support Website or ninety (90) days
from the date that the Product was originally shipped from Fortinets facilities. It is the Fortinet distributors and resellers responsibility to make clear to the end user the
date the product was originally shipped from Fortinet, and it is the end users responsibility to understand the original ship date from the party from which the end user
purchased the product. All warranty claims must be submitted in writing to Fortinet before the expiration of the warranty term or such claims are waived in full, i.e. ninety

parts not purchased directly from Fortinet by the end-user, for any accessories, or for any stand-alone software.
Fortinet warrants that the hardware portion of the Products, including spare parts unless noted otherwise (Hardware) will be free from material defects in workmanship
1. License Grant.
This is a license, not a sales agreement, between you and Fortinet. The term Software, as used throughout this Agreement, includes all Fortinet and third party

or in the event Fortinet is not properly paid for the applicable Product) license to use the Software solely for your internal business purposes (provided, if a substantial

database on which Fortinet installed the Software or, for stand-alone Software, solely on a single computer running a validly licensed copy of the operating system

2. Limitation on Use.
engineer, decompile, disassemble, create derivative works based on, sublicense, or distribute the Software; (b) rent or lease any rights in the Software in any form to
to any other person or entity, or (d) remove any proprietary notice, labels, or marks on the Software, Products, and containers.

end-of-life date), and, for spare parts, power supplies, and accessories, solely a ninety (90) days limited warranty. Fortinets sole obligation shall be to repair or replace
the defective Hardware at no charge to the original owner. This obligation is exclusive of transport fees, labor or installation costs, and any other cost which are not
directly associated to the Product. Such repair or replacement will be rendered by Fortinet at an authorized Fortinet service facility as determined by Fortinet. The
replacement Hardware need not be new or of an identical make, model, or part; Fortinet may, in its discretion, replace the defective Hardware (or any part thereof)
with any reconditioned Product that Fortinet reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware. The
Hardware Warranty Period for the repaired or replacement Hardware shall be for the greater of the remaining Hardware Warranty Period or ninety days from the delivery
of the repaired or replacement Hardware. If Fortinet determines in its reasonable discretion that a material defect is incapable of correction or that it is not practical
to repair or replace defective Hardware, the price paid by the original purchaser for the defective Hardware will be refunded by Fortinet upon return to Fortinet of the
defective Hardware. All Hardware (or part thereof) that is replaced by Fortinet, or for which the purchase price is refunded, shall become the property of Fortinet upon
replacement or refund.
in the applicable documentation for a period of ninety (90) days (Software Warranty Period), if the Software is properly installed on approved Hardware and operated
as contemplated in its documentation. Fortinets sole obligation shall be to repair or replace the non-conforming Software with software that substantially conforms to
to the terms and conditions of the license granted by Fortinet for the Software. The Software Warranty Period shall extend for an additional ninety (90) days after any
replacement software is delivered. If Fortinet determines in its reasonable discretion that a material non-conformance is incapable of correction or that it is not practical
to repair or replace the non-conforming Software, the price paid by the original licensee for the non-conforming Software will be refunded by Fortinet; provided that

3. Proprietary Rights.
to the intellectual property in the Software or other Products is transferred to you and you will not acquire any rights to the Software or other Products except for the
7. Disclaimer of Other Warranties and Restrictions.
4. Term and Termination.
documents, the term of the license is for the duration of Fortinets copyright in the Software. Fortinet may terminate this Agreement, and the licenses and other rights
cease using the Software and any Product and either destroy all copies of the Fortinet documentation or return all materials to Fortinet. The provisions of this Agreement,

5. Transfer.
the Software to one end user on a permanent basis, provided that: (i) you ensure that your customer and the end user receives a copy of this Agreement, is bound by
its terms and conditions, and, by selling the Product or Software, you hereby agree to enforce the terms in this Agreement against such end user, (ii) you at all times
comply with all applicable United States export control laws and regulations, and (iii) you agree to refund any fees paid to you by an end user who purchased Product(s)

except by Fortinet or its authorized representative, (b) has not been installed, operated, repaired, or maintained in accordance with instructions supplied by Fortinet, (c)

share personal information with such subcontractors in order to perform these and other functions, but such subcontractors may not use your personal information

8. Governing Law.
15. Open Source Software.

9. Limitation of Liability.

event will the copyright holder for the open source software be liable to you for damages, including any special, incidental or consequential damages arising out of the
10. Import / Export Requirements; FCPA Compliance.

11. U.S. Government End Users.

12. Tax Liability.

13. General Provisions.

14. Privacy.

b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial

(compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of

A library means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions
and data) to form executables.

it.

offer warranty protection in exchange for a fee.

Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through
If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a
whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the
contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he
or she is willing to distribute software through any other system and a licensee cannot impose that choice.

passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility
still operates, and performs whatever part of its purpose remains meaningful.

permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim
rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on

the Free Software Foundation.

guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.
on a medium customarily used for software interchange.

though the source code is not.

than the cost of performing this distribution.

place.

it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the
It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a

and provided that you do these two things:

terms of the Sections above.
form of the same work.

If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a
whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the
contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if
he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is

Software Foundation.

decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.