Sample Route-Mode ESI Topology

This section introduces the configuration for a sample route-mode topology using the managed device and Fortinet Anti-Virus gateways Gateway is a network node that allows traffic to flow in and out of the network.. In route mode, the trusted and untrusted interfaces between the managed device and the Fortinet gateways Gateway is a network node that allows traffic to flow in and out of the network. are on different subnets Subnet is the logical division of an IP network.. The following figure shows an example route-mode topology.

 

ESI External Services Interface. ESI provides an open interface for integrating security solutions that solve interior network problems such as viruses, worms, spyware, and corporate compliance. with Fortinet Anti-Virus gateways Gateway is a network node that allows traffic to flow in and out of the network. is supported only in route mode.

Figure 1   Example Route-Mode Topology

Click to view a larger size.

In the topology shown, the following configurations are entered on the managed device and Fortinet gateway Gateway is a network node that allows traffic to flow in and out of the network.:

ESI server configuration on the managed device

Trusted IP address = 10.168.172.3 (syslog source)

Untrusted IP address = 10.168.171.3

Mode = route

IP routing configuration on the Fortinet gateway

Default gateway Gateway is a network node that allows traffic to flow in and out of the network. (core router) = 10.168.172.1

Static route for wireless user subnet Subnet is the logical division of an IP network. (10.168.173.0/24) through the managed device (10.168.171.2)