Appendix A: Default Values
In console, enter the command ‘resetconfig’, or on the Web UI select “Factory Default” to do a hard reset and restore all settings to factory default.
When restored to factory default, accounts and passwords for access of CLI, Web UI and SSH login will also be reset to:
| FortiWAN Log-ins | ||
| < V4.0.x | V4.1.0 | |
| Web-based Manager Default | Adminstrator/1234 | Adminstrator/1234 |
| Monitor/5678 (read-only) | Monitor/5678 (read-only) | |
| admin/null (Fortinet default) | ||
| CLI Default | Adminstrator/fortiwan | Adminstrator/1234 |
| admin/null (Fortinet default) |
The Web UI login port will be restored to the default port 443.
FortiWAN also supports SSH logins. The interface for SSH login is the same as the console with identical username and password.
WAN Link Health Detection Default Values
l System default values contain 13 fixed servers IPs for health detection. l Values for all Port Speed and Duplex Settings will also be reset. l All ports are restored back to AUTO state.
Network default Values (FortiWAN 200B) Port 1: WAN
- WAN Link: 1
- IP: 192.168.1.1 l Netmask : 255.255.255.0 l IP in DMZ 192.168.1.2~192.168.1.253 l Default Gateway 192.168.1.254 l DMZ at Port 5 Port 2: WAN
- WAN Link: 2 l IP: 192.168.2.1 Appendix A: Default
- Netmask: 255.255.255.0 l IP in DMZ 192.168.2.2~192.168.2.253 l Default Gateway 192.168.2.254 l DMZ at Port 5 Port 3: WAN
- WAN Link: 3
- IP: 192.168.3.1 l Netmask: 255.255.255.0 l IP in DMZ 192.168.3.2~192.168.3.253 l Default Gateway: 192.168.3.254 l DMZ at Port 5 Port 4: LAN
- IP: 192.168.0.1 l Netmask: 255.255.255.0 l DHCP Server Disabled
Port 5: DMZ
Fields such as Domain Name Server, VLAN and Port Mapping, WAN/DMZ Subnet Settings are all cleared Service Category Default Values
l Firewall: default security rules apply l Persistent Routing: Enabled l Auto Routing: By Downstream Traffic as default l Virtual Server: Disabled l Bandwidth Managemet: Disabled l Cache Redirection: Disabled l Multihoming: Disabled l All fields in the Log/Control Category are cleared
Appendix B: Suggested Maximum Configuration Values
FortiWAN’s Web UI does not set maximum limitations to numbers of most services rules and policies, but as the configured rules and policies increase interminably, performance of both FortiWAN and its Web UI decrease, especially for FortiWAN’s critical services, such as Bandwidth Management, Multihoming and Tunnel Routing. Not only FortiWAN appliances use more and more hardware resources to run and handle traffic with a large number of configurations, but also your local computer spends more time to run the Web UI pages. The following table shows the suggested maximum configuration values to FortiWAN’s services. Remember that FortiWAN
Web UI allows you to create configurations more than the value, but the performance may not be guaranteed.
| FWN-200B | FWN-1000B | FWN-3000B | |
| WAN link health detection | |||
| Ping lists | 1024 | 1024 | 1024 |
| Optimum route detection | |||
| Static IP-ISP tables | 1024 | 1024 | 1024 |
| Total rules of static IP-ISP tables | 1024 | 1024 | 1024 |
| Backup line setting | |||
| Backup line rules | 1024 | 1024 | 1024 |
| IP grouping | |||
| IP groups | 300 | 300 | 300 |
| IPv4 rules of an IP group | 1024 | 1024 | 1024 |
| IPv6 rules of an IP group | 1024 | 1024 | 1024 |
| Service grouping | |||
| Service group | 300 | 300 | 300 |
| IPv4 rules of a service group | 1024 | 1024 | 1024 |
| IPv6 rules of a service group | 1024 | 1024 | 1024 |
| Busyhour setting | |||
| Busyhour rules | 1024 | 1024 | 1024 |
| Date/Time |
Appendix B: Suggested Maximum Configuration
| FWN-200B | FWN-1000B | FWN-3000B | |
| Time servers | 4 | 4 | 4 |
| Administration | |||
| Administrator accounts | 1000 | 1000 | 1000 |
| Monitor accounts | 1000 | 1000 | 1000 |
| Firewall | |||
| IPv4 rules | 1024 | 1024 | 1024 |
| IPv6 rules | 1024 | 1024 | 1024 |
| NAT | |||
| 1-to-1 NAT rules | 1024 | 1024 | 1024 |
| NAT rules | 1024 | 1024 | 1024 |
| IPv6 NAT rules | 1024 | 1024 | 1024 |
| Persistent routing | |||
| IPv4 web service rules | 1024 | 1024 | 1024 |
| IPv4 IP pair rules | 1024 | 1024 | 1024 |
| IPv6 web service rules | 1024 | 1024 | 1024 |
| IPv6 IP pair rules | 1024 | 1024 | 1024 |
| Auto routing | |||
| Policies | 1024 | 1024 | 1024 |
| IPv4 filters | 1024 | 1024 | 1024 |
| IPv6 filters | 1024 | 1024 | 1024 |
| Virtual Server | |||
| IPv4 virtual servers | 1024 | 1024 | 1024 |
| Server IPs of an IPv4 virtual server | 50 | 50 | 50 |
| Total server IPs of enabled IPv4 virtual servers | 512 | 512 | 512 |
| FWN-200B | FWN-1000B | FWN-3000B | |
| IPv6 virtual servers | 1024 | 1024 | 1024 |
| Bandwidth management | |||
| Inbound classes | 99 | 99 | 99 |
| Inbound IPv4 filters | 299 | 299 | 299 |
| Inbound IPv6 filters | 1024 | 1024 | 1024 |
| Outbound classes | 99 | 99 | 99 |
| Outbound IPv4 filters | 299 | 299 | 299 |
| Outbound IPv6 filters | 1024 | 1024 | 1024 |
| Connection limit | |||
| Count limit rules | 1024 | 1024 | 1024 |
| Rate limit rules | 512 | 512 | 512 |
| Cache redirect | |||
| Cache groups | 1024 | 1024 | 1024 |
| Group servers of a cache group | 1024 | 1024 | 1024 |
| Redirect rules | 1024 | 1024 | 1024 |
| Multihoming | |||
| Global setting | |||
| IPv4 PTR records | 1024 | 1024 | 1024 |
| PTR entries of an IPv4 PTR record | 1024 | 1024 | 1024 |
| IPv6 PTR records | 1024 | 1024 | 1024 |
| PTR entries of an IPv6 PTR record | 1024 | 1024 | 1024 |
| A record policy | |||
| A record policies | 1024 | 1024 | 1024 |
| Total WAN links of A record policies | 1024 | 1024 | 1024 |
Appendix B: Suggested Maximum Configuration
| FWN-200B | FWN-1000B | FWN-3000B | |
| AAAA record policy | |||
| AAAA record policies | 1024 | 1024 | 1024 |
| Total WAN links of AAAA record policies | 1024 | 1024 | 1024 |
| Domain setting | |||
| Domains | 1024 | 1024 | 1024 |
| DNSSEC private keys of a domain | 100 | 100 | 100 |
| NS records of a domain | 1024 | 1024 | 1024 |
| A records of a domain | 1024 | 1024 | 1024 |
| AAAA records of a domain | 1024 | 1024 | 1024 |
| CName records of a domain | 1024 | 1024 | 1024 |
| DName records of a domain | 1024 | 1024 | 1024 |
| SRV records of a domain | 1024 | 1024 | 1024 |
| MX records of a domain | 1024 | 1024 | 1024 |
| TXT records of a domain | 1024 | 1024 | 1024 |
| External subdomains of a domain | 1024 | 1024 | 1024 |
| NS records of an external subdomain of a domain | 1024 | 1024 | 1024 |
| Multihoming – Backup | |||
| Remote master servers | 100 | 100 | 100 |
| Internal DNS | |||
| Global setting | |||
| IPv4 PTR records | 1024 | 1024 | 1024 |
| IPv6 PTR records | 1024 | 1024 | 1024 |
| Domain setting | |||
| Domains | 1024 | 1024 | 1024 |
| FWN-200B | FWN-1000B | FWN-3000B | |
| NS records of a domain | 1024 | 1024 | 1024 |
| A records of a domain | 1024 | 1024 | 1024 |
| AAAA records of a domain | 1024 | 1024 | 1024 |
| CName records of a domain | 1024 | 1024 | 1024 |
| SRV records of a domain | 1024 | 1024 | 1024 |
| MX records of a domain | 1024 | 1024 | 1024 |
| External subdomains of a domain | 1024 | 1024 | 1024 |
| NS records of an external subdomain of a domain | 1024 | 1024 | 1024 |
| DNS proxy | |||
| Intranet source rules | 1024 | 1024 | 1024 |
| Proxy domain rules | 1024 | 1024 | 1024 |
| IP-MAC mapping | |||
| Mapping rules | 1024 | 1024 | 1024 |
| Tunnel Routing | |||
| Tunnel groups | 100 | 400 | 1000 |
| Tunnels of a tunnel group | 16 | 16 | 16 |
| Total enabled tunnels | 2500 | 2500 | 2500 |
| Default rules of a tunnel group | 1024 | 1024 | 1024 |
| Routing rules | 1024 | 1024 | 1024 |
| Persistent rules | 1024 | 1024 | 1024 |
| Reports | |||
| IP annotations | 1024 | 1024 | 1024 |
| Scheduled emails | 20 | 20 | 20 |