Network Interface* | IP Address | Netmask |
port1 | 192.168.1.99 | 255.255.255.0 |
port2 | 192.168.2.99 | 255.255.255.0 |
port3 | 192.168.3.99 | 255.255.255.0 |
port4 | 192.168.4.99 | 255.255.255.0 |
* The number of network interfaces may vary by model. |
If you use DHCP on an interface and there are cameras connected to the interface, you must make sure the IP address will not change on that interface because the cameras need to communicate with the NVR and thus need to be aware of the IP address of the NVR. |
Retrieve default gateway and DNS from server will overwrite the existing DNS and default route, if any. |
Setting name | Description | |
Discover cameras on this port | Enable to send multicast camera discovery traffic from this network interface. For more information, see “Connecting FortiRecorder to the cameras” on page 41. | |
Access | Enable the types of administrative access that you want to permit to this interface. Caution: Enable administrative access only on network interfaces connected to trusted private networks or directly to your management computer. If possible, enable only secure administrative access protocols such as HTTPS or SSH. Failure to restrict administrative access could compromise the security of your FortiRecorder appliance. | |
HTTPS | Enable to allow secure HTTPS connections to the web UI through this network interface. To configure the listening port number, see “Configuring system timeout, ports, and public access”. To upload a certificate, see “Replacing the default certificate for the web UI”. | |
PING | Enable to allow: • ICMP type 8 (ECHO_REQUEST) • UDP ports 33434 to 33534 for ping and traceroute to be received on this network interface. When it receives an ECHO_REQUEST, FortiRecorder will reply with ICMP type 0 (ECHO_RESPONSE). Note: Disabling PING only prevents FortiRecorder from receiving ICMP type 8 (ECHO_REQUEST) and traceroute-related UDP. It does not disable FortiRecorder CLI commands such as execute ping or execute traceroute that send such traffic. | |
HTTP | Enable to allow HTTP connections to the web UI through this network interface. To configure the listening port number, see “Configuring system timeout, ports, and public access”. Caution: HTTP connections are not secure, and can be intercepted by a third party. If possible, enable this option only for network interfaces connected to a trusted private network, or directly to your management computer. Failure to restrict administrative access through this protocol could compromise the security of your FortiRecorder appliance. | |
SSH | Enable to allow SSH connections to the CLI through this network interface. | |
SNMP | Enable to allow SNMP queries to this network interface, if queries have been configured and the sender is a configured SNMP manager. To configure the listening port number and configure queries and traps, see “SNMP traps & queries”. | |
TELNET | Enable to allow Telnet connections to the CLI through this network interface. Caution: Telnet connections are not secure, and can be intercepted by a third party. If possible, enable this option only for network interfaces connected to a trusted private network, or directly to your management computer. Failure to restrict administrative access through this protocol could compromise the security of your FortiRecorder appliance. | |
FRC- Central | Enable to allow access from FortiRecorder Central. | |
MTU | Enable to change the maximum transmission unit (MTU) value, then enter the maximum packet or Ethernet frame size in bytes. If network devices between the FortiRecorder unit and its traffic destinations require smaller or larger units of traffic, packets may require additional processing at each node in the network to fragment or defragment the units, resulting in reduced network performance. Adjusting the MTU to match your network can improve network performance. The default value is 1500 bytes. The MTU size must be between 576 and 1500 bytes. Change this if you need a lower value. For example, RFC 2516 prescribes a value of 1492 for PPPoE. | |
Administrative status | Select either: • Up — Enable (that is, bring up) the network interface so that it can send and receive traffic. • Down — Disable (that is, bring down) the network interface so that it cannot send or receive traffic. |
If you used DHCP and Retrieve default gateway and DNS from server when configuring your network interfaces, skip this step — the default route was configured automatically. |
Setting name | Description |
Destination IP/netmask | Type the destination IP address and network mask of packets that will be subject to this static route, separated by a slash ( / ). The value 0.0.0.0/0 results in a default route, which matches all packets. |
Gateway | Type the IP address of the next-hop router where the FortiRecorder appliance will forward packets subject to this static route. This router must know how to route packets to the destination IP addresses that you have specified in Destination IP/netmask, or forward packets to another router with this information. For a direct Internet connection, this will be the router that forwards traffic towards the Internet, and could belong to your ISP. Note: The gateway IP address must be in the same subnet as a network interface’s IP address. |
For small networks with only a few devices, often you will only need to configure one route: a default route that forwards packets to your router that is the gateway to the Internet. If you have redundant gateway routers (e.g. dual Internet/ISP links), or a larger network with multiple routers (e.g. each of which should receive packets destined for a different subset of IP addresses), you may need to configure multiple static routes. |
If you will use the settings DHCP and Retrieve default gateway and DNS from server when you configure your network interfaces, skip this — DNS is configured automatically. |
Incorrect DNS settings or unreliable DNS connectivity can cause issues with other features, including the NTP system time. For improved performance, use DNS servers on your local network. |
DNS tests may not succeed if you have not yet completed “To add a static route”. |