Fortinet Firewall Live!
Fortinet Firewall Live!
Starts 20th SEP @9 AM IST | Hands-On Lab Access | By Amar
Day
Hr
Min
Sec
Register for Free!
USD ($)
$
United States Dollar
India Rupee
Your cart is empty
Empty notifications

Configuring Default Route

Lesson 4/25 | Study Time: 60 Min
Course: Fortinet Firewall Fundamental Lab
Configuring Default Route

Objective

Enable Inside and DMZ devices to reach the internet by configuring a static default route on the Fortinet firewall that points to the ISP router.

Prerequisites

On Fortinet Firewall

port1 (Untrust Zone): 192.168.100.1/24 → connected to Internet Router (192.168.100.254/24)

Inside PC: IP: 192.168.1.10/24 → Gateway: 192.168.1.1

DMZ Server: IP: 192.168.2.10/24 → Gateway: 192.168.2.1

Step 1: Configure Static Default Route

From CLI:

!

config router static

    edit 1

        set dst 0.0.0.0 0.0.0.0         # Default route (all traffic)

        set gateway 192.168.100.254     # Internet Router's IP address

        set device port1

    next

end

!

From the GUI:

1. Navigate to Network > Static Routes

2. Click Create New

● Destination IP/Mask: 0.0.0.0/0

● Gateway: 192.168.100.254

● Interface: port1

3. Click OK

Step 2: Configure DNS Settings on FortiGate

This is essential for name resolution.

From CLI:

!

config system dns

    set primary 8.8.8.8

    set secondary 4.2.2.2

end

!

Or from the GUI:

1. Go to Network > DNS

2. Select specify, and set:

● Primary DNS: 8.8.8.8

● Secondary DNS: 1.1.1.1

3. Click on Apply

Step 3: Verification

1. Test from Fortinet CLI:

execute ping 8.8.8.8             # Should succeed if route is correct

execute ping www.uninets.com     # Should succeed if DNS is working

2. Test from Inside PC:

Set DNS as 8.8.8.8 and 4.2.2.2 on the PC.

Use the command prompt:

ping 8.8.8.8

nslookup google.com

If ping to 8.8.8.8 fails from the PC, NAT or security policies may be missing (which we'll configure in Lab 4).

Previous Lesson Next Lesson
Deepak Sharma

Deepak Sharma

Product Designer
★★★★★ 4.92
Faithful User
Expert Vendor
Golden Classes
King Seller
Fantastic Support
Loyal Writer
Profile Book a Meeting

Class Sessions

1- test lesson 2- Initial Setup Configurations 3- Creating Zones and Assigning Ports 4- Configuring Default Route 5- Security Policy and Nat For Inside 6- Security Policy and NAT for DMZ 7- Restrict Internet Access for DMZ 8- Configure Static NAT 9- Configuring Fortinet Access 10- Configuring Central NAT Table 11- Configure Security Policy 12- Logging & Monitoring Fortinet​ 13- Lab 1: Initial Setup Configurations 14- Lab 2: Creating Zones and Assigning Ports 15- Lab 3: Configuring Default Route 16- Lab 4: Security Policy and Nat For Inside 17- Lab 5: Security Policy and NAT for DMZ 18- Lab 6: Restrict Internet Access for DMZ 19- Lab 7: Configure Static NAT (VIP) 20- Lab 8: Configuring Fortinet Access 21- Lab 9: Configuring Central NAT Table 22- Lab 10: Configure Security Policy 23- Lab 11: Logging and Monitoring Fortinet 24- Topology Diagram 25- Lab Details and Table Of Content