FortiGate Knowledge Base¶
Task-oriented reference for FortiGate routers on FortiOS 7.2 (LTS). Useful for first-time admins and experienced techs alike — each page explains what the feature is and why you'd use it before the step-by-step.
If you're brand new to FortiGate, start with First Login and the Dashboard, then Navigate the GUI. After that, jump to whatever you need to do.
Sections¶
- Getting Started — login, dashboard, CLI, console cable, factory reset
- Network Interfaces & Routing — interfaces, VLANs, static routes, IP forwarding, OSPF, BGP
- Firewall Policies — policies, address/service objects, NAT, port forwarding (VIP), IPv6
- VPN — IPsec site-to-site and dialup, SSL VPN portal and tunnel, MFA, troubleshooting
- Security Profiles — antivirus, IPS, web filter, DNS filter, app control, SSL inspection
- User Authentication — local users, LDAP/AD, RADIUS, FSSO, FortiToken MFA
- System Admin — admin accounts, firmware upgrades, backups, certs, HA, SNMP, fabric
- Switching & FortiSwitch — FortiLink, VLANs, port mirroring, STP, LAG, PoE
- Wireless / FortiAP — SSIDs, security, captive portal, guest Wi-Fi
- SD-WAN — multi-WAN setup, SLAs, rules, monitoring, failover
- Logging & Reporting — traffic logs, log storage, FortiAnalyzer, syslog, alerts, reports
- Troubleshooting — common symptoms with diagnostic commands and fixes
FortiOS Version Notes¶
These pages target FortiOS 7.2 (Long-Term Support release). Most steps work identically on 7.0 and 7.4 — where they differ, the difference is called out inline.
Conventions¶
- Example IPs use RFC 5737 ranges:
203.0.113.x(public examples),198.51.100.x(more public), and RFC 1918 (10.0.0.0/8,172.16.0.0/12,192.168.0.0/16) for private LANs. - Generic interface names:
wan1for the internet-facing port,internal(orport2/lan) for the LAN port. - Generic object names:
Sales-LAN,Office-Subnet,WebServer-01. - CLI commands are shown in
monospace; GUI menu paths use bold arrows, e.g. Policy & Objects → Firewall Policy.