Routing Information Protocol (RIP)

RIP example network topology

 

Network Router Interface & Alias IP address
 

Sales

 

Router1

 

port1 (internal)

 

10.11.101.101

     

port2 (router2)

 

10.11.201.101

     

port3 (router3)

 

10.11.202.101

 

Network                           Router                              Interface & Alias             IP address
 

 

 

 

 

 

 

 

 

R&D

 

 

 

 

 

 

 

 

 

 

 

 

 

Accounting

 

 

 

 

 

Router2

 

 

 

 

 

 

 

 

 

Router3

 

 

 

 

 

 

 

 

Router4

 

port1 (internal)                    10.12.101.102

 

port2 (router1)                     10.11.201.102

 

port3 (router4)                     10.14.201.102

 

port4 (ISP)                          172.20.120.102

 

port1 (internal)                    10.12.101.103

 

port2 (router1)                     10.11.201.103

 

port3 (router4)                     10.14.202.103

 

port4 (ISP)                          172.20.120.103

 

port1 (internal)                    10.14.101.104

 

port2 (router2)                     10.14.201.104

 

port3 (router3)                     10.14.202.104

 

Network topology for the simple RIP example

Assumptions

The following assumptions have been made concerning this example.

  • All FortiGate units have 5.0 firmware, and are running factory default settings.
  • All CLI and web-based manager navigation assumes the unit is running in NAT/Route operating mode, with VDOMs disabled.
  • All FortiGate units have interfaces labelled port1 through port4 as required.
  • All firewalls have been configured for each FortiGate unit to allow the required traffic to flow across interfaces.
  • Only FortiGate units are running RIP on the internal networks.
  • Router2 and Router3 are connected through the internal network for R&D.
  • Router2 and Router3 each have their own connection to the Internet, indicated in black in the diagram above.

 

General configuration steps

This example is very straight forward. The only steps involved are:

  • Configuring the FortiGate units system information
  • Configuring FortiGate unit RIP router information
  • Configuring other networking devices
  • Testing network configuration

 

Configuring the FortiGate units system information

Each FortiGate unit needs their hostname, and interfaces configured.

For IP numbering, Router2 and Router3 use the other routers numbering where needed.

Router2 and Router3 have dead gateway detection enabled on the ISP interfaces using Ping. Remember to contact the ISP and confirm their server has ping enabled.

Configure the hostname, interfaces, and default route

To configure Router1 system information – web-based manager

1. Go to System > Dashboard > Status > System Information.

2. Next to Host Name select Change, and enter “Router1”.

3. Go to Router > Static > Static Routes.

4. Edit the default route and enter the following information:

Destination IP/Mask                 0.0.0.0/0.0.0.0

Device                                         port2 (router2)

Gateway                                     172.20.120.5/255.255.255.0

Distance                                     40

5. Enter a second default route and enter the following information:

Destination IP/Mask                 0.0.0.0/0.0.0.0

Device                                         port3 (router3)

Gateway                                     172.20.120.5/255.255.255.0

Distance                                     40

6. Go to System > Network > Interfaces.

7. Edit port1 (internal) interface.

8. Set the following information, and select OK.

Alias                                           internal

IP/Network Mask                       10.11.101.101/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                Internal sales network

Administrative Status               Up

9. Edit port2 (router2) interface.

10. Set the following information, and select OK.

Alias                                           router2

IP/Network Mask                       10.11.201.101/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                Link to R&D network & Internet through Router2

Administrative Status               Up

11. Edit port3 (router3) interface.

12. Set the following information, and select OK.

Alias                                           router3

IP/Network Mask                       10.11.202.101/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                Link to R&D network and Internet through Router3

Administrative Status               Up

 

To configure Router1 system information – CLI

config system global set hostname Router1

end

config router static edit 1

set device “port2” set distance 45

set gateway 10.11.201.102 next

edit 2

set device “port3” set distance 45

set gateway 10.11.202.103 end

end

 

config system interface edit port1

set alias internal

set ip 10.11.101.101/255.255.255.0 set allowaccess https ssh ping

set description “Internal sales network” next

edit port2

set alias ISP

set allowaccess https ssh ping

set ip 10.11.201.101/255.255.255.0

set description “Link to R&D network & Internet through Router2” next

edit port3

set alias router3

set ip 10.11.202.101/255.255.255.0 set allowaccess https ssh ping

set description “Link to R&D network & Internet through Router2” end

end

 

To configure Router2 system information – web-based manager

1. Go to System > Dashboard > Status > System Information.

2. Next to Host Name select Change, and enter “Router2”.

3. Go to Router > Static > Static Routes.

4. Edit the default route and enter the following information:

Destination IP/Mask                 0.0.0.0/0.0.0.0

Device                                         port4 (ISP)

Gateway                                     172.20.120.5/255.255.255.0

Distance                                     5

5. Go to System > Network > Interfaces.

6. Edit port1 (internal) interface.

7. Set the following information, and select OK.

Alias                                           internal

IP/Network Mask                       10.12.101.102/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                R&D internal network and Router3

Administrative Status               Up

8. Edit port2 (router1) interface.

9. Set the following information, and select OK.

Alias                                           router1

IP/Network Mask                       10.12.201.102/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                Link to Router1 and the Sales network

Administrative Status               Up

10. Edit port3 (router4) interface.

11. Set the following information, and select OK.

Alias                                           router4

IP/Network Mask                       10.12.301.102/255.255.255.0

Administrative Access             HTTPS SSH PING

Description                                Link to Router4 and the accounting network

Administrative Status               Up

12. Edit port4 (ISP) interface.

13. Set the following information, and select OK.

Alias                                           ISP

IP/Network Mask                       172.20.120.102/255.255.255.0

Administrative Access             HTTPS SSH PING

Detect and Identify Devices     enable

Description                                Internet through ISP

Administrative Status               Up

To configure Router2 system information – CLI

config system global

set hostname Router2 end

config router static edit 1

set device “port4” set distance 5

set gateway 172.20.130.5 end

end

config system interface edit port1

set alias internal

set ip 10.11.101.102/255.255.255.0 set allowaccess https ssh ping

set description “Internal RnD network and Router3” next

edit port2

set alias router1

set allowaccess https ssh ping

set ip 10.11.201.102/255.255.255.0 set description “Link to Router1”

next

edit port3

set alias router3

set ip 10.14.202.102/255.255.255.0 set allowaccess https ssh ping

set description “Link to Router4” next

edit port4

set alias ISP

set ip 172.20.120.102/255.255.255.0 set allowaccess https ssh ping

set description “ISP and Internet” end

end


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.