Configure Admin PC and Dentist PCs
With the router configured, next we need to configure the computers that need Internet access. These computers need routing to be configured on them. As the other computers do not require routing, they are not included here.
The procedure to configure these computers is the same. Repeat the following procedure for the corresponding PCs.
The Windows CLI procedure does not configure the DNS entries. It just adds the static routes.
To configure routing and DNS on Admin and Dentist PCs – Windows GUI
1. On PC, select Start > Control Panel > Network Connections.
2. Right click on the network connection to your local network that has a status of Connected, and select Properties.
3. Under the General tab, from the list select TCP/IP, and Properties.
4. Under Gateway, enter the FortiGate unit address (192.168.10.1).
5. Enter the primary and secondary DNS server addresses from your ISP (172.11.22.33 and 172.11.22.34).
6. Select OK.
To configure routing on Admin and Dentist PCs – Windows CLI
1. On PC, select Start > Run, enter “cmd”, and select OK.
2. At the command prompt, type
route ADD 0.0.0.0 MASK 0.0.0.0 172.100.20.5 METRIC 10
route ADD 192.168.10.0 MASK 255.255.255.0 192.168.10.1 METRIC 5
3. Confirm these routes have been added. Type:
route PRINT
If you do not see the two routes you added, try adding them again paying attention to avoid spelling mistakes.
4. Test that you can communicate with other computers on the local network, and with the Internet. If there are no other computers on the local network, connect to the FortiGate unit.
Configure other PCs on the local network
The PCs on the local network without Internet access (the exam room PCs) can be configured now. As this step does not require any routing, details have not been included.
Testing network configuration
There are three tests to run on the network to ensure proper connectivity.
- To test that PCs on the local network can communicate
- Test that Internet_PCs on the local network can access the Internet
- Test that non-Internet_PCs can not access the Internet
Test that PCs on the local network can communicate
1. Select any two PCs on the local network, such as Exam4 and Dentist3.
2. On the Exam4 PC, at the command prompt enter ping 168.10.23.
The output from this command should appear similar to the following.
Pinging 192.168.10.23 with 32 bytes of data:
Reply from 192.168.10.23: bytes=32 time<1m TTL=255
Reply from 192.168.10.23: bytes=32 time<1m TTL=255
Reply from 192.168.10.23: bytes=32 time<1m TTL=255
3. At the command prompt enter exit to close the window.
4. On the Dentist3 PC, at the command prompt enter ping 168.10.34.
The output from this command should appear similar to the following.
Pinging 192.168.10.34 with 32 bytes of data:
Reply from 192.168.10.34: bytes=32 time<1m TTL=255
Reply from 192.168.10.34: bytes=32 time<1m TTL=255
Reply from 192.168.10.34: bytes=32 time<1m TTL=255
5. At the command prompt enter exit to close the window.
6. Repeat these steps for all PCs on the local network.
If the output does not appear similar to above, there is a problem with the network configuration between these two PCs.
To test that Internet_PCs on the local network can access the Internet
The easiest way to access the Internet is with an Internet browser. However, if that doesn’t work its best to do a traceroute to see at what point the problem is. This can help determine if it is a networking problem such as cabling, or if its an access problem such as this PC not having Internet access.
1. Select any PC on the local network that is supposed to have Internet access, such as Admin.
2. On the Admin PC, open an Internet browser and attempt to access a website on the Internet such as
If this is successful, this PC has Internet access.
3. If step2 was not successful, at the command prompt on the PC enter traceroute 11.22.33.
The output from this command should appear similar to:
Pinging 22.11.22.33 with 32 bytes of data:
Reply from 22.11.22.33: bytes=32 time<1m TTL=255
Reply from 22.11.22.33: bytes=32 time<1m TTL=255
Reply from 22.11.22.33: bytes=32 time<1m TTL=255
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!