How to set up a FortiGate firewall (latest models), follow these steps:

1. Initial Hardware Setup

• Unbox and Connect: Unbox the FortiGate device, and connect the power cable to the device.
• Console Access: Connect to the FortiGate unit via the console port using a serial cable (RS232) and a terminal program (e.g., PuTTY or Tera Term). Alternatively, you can access the device via its web-based management interface if it’s already connected to a network.

2. Accessing the Device

• Default IP Address: FortiGate firewalls typically have a default management IP of 192.168.1.99 for the internal interface (LAN).
• Login via Web GUI:
  • Connect a PC to the internal port using an Ethernet cable.
  • Set your PC’s IP address to 192.168.1.X (where X is any number between 2 and 254, excluding 99).
  • Open a web browser and go to https://192.168.1.99.
  • Login using default credentials:
    • Username: admin
    • Password: (leave it blank)
• Login via CLI (Optional):
  • Open a terminal program (e.g., PuTTY) and connect to the console port (19200 baud, no parity, 8 data bits, 1 stop bit).
  • The login username is admin, and the password field is blank by default.

3. Configure Basic Settings

• Change Password:
  • First, change the default admin password for security purposes by entering the following command via CLI:

    config system admin
    edit admin
    set password <new_password>
    next
    end
    

• Set Time Zone:
  • From the CLI:

    config system global
    set timezone <timezone>
    end
    

• Configure Interfaces:
  • In the GUI, go to Network > Interfaces.
  • Edit each interface (e.g., WAN, LAN) to set IP addresses, DHCP options, etc.
  • For example, set the internal (LAN) IP as 192.168.1.1 if needed.
• Configure WAN IP: If you’re connecting the FortiGate to an internet source, configure the WAN interface with the appropriate IP (either static or DHCP).

4. Configure Routing

• Configure Static Routes: To allow the firewall to route traffic between different networks.
  • Go to Network > Static Routes and configure the destination network and gateway for outbound traffic.

5. Set Up Security Policies

• Go to Policy & Objects > IPv4 Policy to configure security policies for the firewall.
• Create rules to control traffic between different interfaces (e.g., allowing traffic from LAN to WAN).

6. Configure NAT (Network Address Translation)

• Outbound NAT: Enable NAT on the WAN interface to allow LAN users to access the internet.
  • Under Policy & Objects > IPv4 Policy, ensure NAT is enabled on policies allowing internal to external traffic.

7. Configure VPN (Optional)

• FortiGate supports various VPN options (e.g., SSL VPN, IPSec VPN).
• To set up an SSL VPN:
  • Go to VPN > SSL-VPN Settings.
  • Configure the SSL VPN interface, user authentication, and SSL VPN portal.

8. Create User Accounts and Authentication

• You can create local user accounts for remote access, or integrate with an external authentication server like LDAP.
• Go to User & Device > User Definition to create users.

9. Enable Logging and Monitoring

• Go to Log & Report > Log Settings to enable logging for traffic, events, and security incidents.
• FortiGate firewalls provide local or remote log storage options (e.g., FortiAnalyzer).

10. Test Connectivity

• Use Diagnostics > Ping or Diagnostics > Traceroute from the GUI or CLI to test connectivity to remote devices.

11. Backup Configuration

• Once your basic configuration is done, make sure to back up the configuration:
  • Go to System > Dashboard > System Information.
  • Under Backup, choose Local PC to download the backup file.

12. Apply Advanced Security Features (Optional)

• Enable additional security features like Intrusion Prevention System (IPS), Antivirus, Web Filtering, and Application Control based on your network security requirements.

Final Notes:

• Always ensure that firmware is up to date. You can check for firmware updates under System > Firmware.
• Customize your firewall policies based on your security needs, such as setting up traffic shaping, bandwidth limits, or more advanced features like SD-WAN.

If you need more specific guidance for a particular FortiGate model or network scenario, feel free to provide details.