When every second counts in defending against cyber threats, your firewall should work fast—not just in throughput, but in deployment too. The FortiGate 60F, one of Fortinet’s most powerful compact firewalls, allows small to medium-sized businesses to achieve enterprise-grade security in just minutes—if configured correctly.
In this guide, we’ll show you how to set up the FortiGate-60F for maximum protection, without the complexity. Whether you’re a seasoned network admin or handling IT for your business, these steps will get you secured and running efficiently in record time.
FortiGate-60F: Quick Overview
The FortiGate-60F is a next-generation firewall (NGFW) designed for speed, flexibility, and full-spectrum protection—perfect for branch offices, small businesses, and hybrid work environments.
|
Feature |
Specification |
|
Firewall Throughput |
10 Gbps |
|
Threat Protection Throughput |
700 Mbps |
|
VPN Support |
SSL & IPsec VPN |
|
SD-WAN |
Built-in |
|
SSL Inspection |
750 Mbps |
|
Interfaces |
10x GE RJ45 |
|
Form Factor |
Desktop / Rack-Mountable |
Step 1: Power Up and Access the GUI
Start by physically setting up your FortiGate-60F.
|
Action |
Details |
|
Connect WAN to Port1 |
From your ISP/modem |
|
Connect LAN to Port2 |
To switch or local devices |
|
Access GUI |
Browser: https://192.168.1.99 |
|
Default Login |
Username: admin, Password: (leave blank) |
????️ You’ll be prompted to create a secure password immediately.
Step 2: Update Firmware
Before configuration, update to the latest FortiOS firmware to patch vulnerabilities and gain access to new features.
|
Task |
How-To |
|
Check current version |
System → Firmware |
|
Download update |
From Fortinet Support |
|
Apply firmware |
Upload and reboot |
|
Backup config first |
System → Configuration → Backup |
✅ Keeping firmware updated is critical for ongoing protection.
Step 3: Configure Interfaces & IP Settings
Assign WAN and LAN ports to the appropriate zones and define your internal network range.
|
Interface |
Role |
Example IP |
|
Port1 |
WAN (DHCP/static) |
From ISP (e.g., 192.0.2.2) |
|
Port2 |
LAN |
192.168.10.1/24 |
???? Enable DHCP on LAN to automatically assign IPs to users.
Step 4: Create Firewall Policies
Apply the principle of least privilege to control traffic between zones.
|
Policy |
Source |
Destination |
Action |
Logging |
|
LAN → WAN |
LAN zone |
All |
Allow |
Enable |
|
WAN → LAN |
All |
LAN zone |
Deny |
Enable |
|
DMZ → LAN |
DMZ |
LAN zone |
Allow specific |
Enable |
???? Every rule should include logging for visibility and auditing.
Step 5: Attach Security Profiles to Policies
Security profiles provide deep inspection of traffic beyond basic firewall rules.
|
Security Profile |
Function |
|
Antivirus |
Scans for malware in real time |
|
Intrusion Prevention |
Blocks known vulnerabilities/exploits |
|
Web Filtering |
Prevents access to malicious sites |
|
Application Control |
Blocks risky or non-business apps |
|
SSL Inspection |
Inspects HTTPS traffic for hidden threats |
???? Apply these profiles to LAN-to-WAN and VPN policies for comprehensive protection.
Step 6: Enable SSL Inspection
Threats often hide in encrypted traffic. Enable SSL inspection to catch hidden malware and phishing attacks.
|
SSL Mode |
Best Use Case |
|
Certificate Inspection |
General internet access |
|
Full SSL Inspection |
High-risk traffic & unknown sources |
???? Remember to install the Fortinet CA certificate on user devices to avoid browser warnings.
Step 7: Set Up VPN for Remote Access
Enable remote connectivity while maintaining strict security standards.
|
VPN Type |
Use Case |
Tool |
|
SSL VPN |
Remote users (browser/client) |
VPN → SSL-VPN Settings |
|
IPsec VPN |
Site-to-site tunnels |
VPN → IPsec Wizard |
|
FortiClient |
Endpoint security + VPN integration |
Fortinet’s official app |
???? Ensure policies allow VPN traffic and attach security profiles.
Step 8: Secure Administrative Access
Limit access to the FortiGate interface to trusted IPs and users only.
|
Access Control Task |
Best Practice |
|
Change admin port |
Use a non-default port like 10443 |
|
Limit management access |
Restrict by IP address or subnet |
|
Enable 2FA |
Use FortiToken or email for added security |
???????? Configure under System → Administrators and System → Settings.
Step 9: Monitor with FortiView & Logging
Enable full visibility to understand network behavior and threats.
|
Monitoring Tool |
What It Shows |
|
FortiView |
Live bandwidth, threats, top users/apps |
|
Log & Report |
Security events, access logs, blocked traffic |
|
FortiAnalyzer (opt.) |
Centralized long-term analytics |
???? Analyze trends to tune policies and detect anomalies early.
Step 10: Schedule Automatic Backups
Set up regular configuration backups to prevent data loss or downtime.
|
Backup Option |
How-To |
|
Manual Backup |
System → Configuration → Backup |
|
Cloud Backup |
FortiCloud integration |
|
USB Export (Optional) |
Use for air-gapped recovery plans |
???? Always keep a backup before major changes or firmware upgrades.
Summary: 10-Minute Setup Checklist
|
✅ Task |
Status |
|
Access GUI and change credentials |
|
|
Update to latest firmware |
|
|
Configure WAN/LAN interfaces |
|
|
Create basic firewall policies |
|
|
Apply security profiles |
|
|
Enable SSL inspection |
|
|
Set up remote access VPN |
|
|
Lock down admin access |
|
|
Enable FortiView and logging |
|
|
Schedule automatic backups |
Conclusion
With just a few minutes of smart setup, your FortiGate-60F can go from a blank slate to a hardened security gateway that defends your business 24/7. Its powerful features—when properly activated—offer more than just protection; they enable better performance, smarter networking, and total control over your digital environment.
So, don’t just install it—configure it right.
And you’ll have a firewall that’s ready to stand guard from minute one.
Need expert help configuring your FortiGate-60F?
Partner with a certified Fortinet technician to unlock the full power of your security investment.
It hardware Solution is an international provider of IT solutions for businesses and public sectors. Purchase Cisco routers, Cisco switches, and other IT products from our services.