![Techy-World](/img/default-banner.jpg)
- Видео 24
- Просмотров 89 659
Techy-World
США
Добавлен 25 сен 2022
My goal with Techy-World is to share my IT knowledge, experience, passion, and stay up to date with current IT technologies. Techy-World aims to help people with no IT background gain basic to advanced IT experience by showing the things needed to secure an IT position with little or no experience.
Creating A Secure Ipsec Vpn Tunnel With Cradlepoint And Fortigate
IPSec VPN tunnel between a Cradlepoint and a FortiGate firewall.
Просмотров: 100
Видео
Steps to Hardening FortiGate SSL VPN
Просмотров 5336 месяцев назад
This video go over the steps to Hardening FortiGate SSL VPN 1. Changing default ports or popular ports 2. Using MFA for Local user account 3. Limiting access to specific geography 4. Limit concurrent connection 5. Create NoAccess Portal 6. Block access to/from Tor Exit Node and Relays
FortiGate Mobile FortiToken Two Factor Authentication
Просмотров 2726 месяцев назад
FortiGate Mobile FortiToken Two Factor Authentication
FortiGate Mobile FortiToken Two-Factor Authentication
Просмотров 666 месяцев назад
How to Setup FortiGate Mobile FortiToken Two-Factor Authentication
FortiGate email based Two Factor Authentication
Просмотров 2,7 тыс.6 месяцев назад
How to setup email two factor authentication on FortiGate firewall.
Getting Started with FortiGate HA Setup on GCP using SDN Connector Everything You Need to Know
Просмотров 6928 месяцев назад
Getting Started with FortiGate HA Setup on GCP using SDN-Connector. In this comprehensive guide, we will walk you through everything you need to know to set up High Availability (HA) with FortiGate on Google Cloud Platform (GCP) using SDN-Connector. High Availability ensures your network is always up and running, even in the face of hardware or software failures. We'll cover the essential conce...
FortiGate on GCP Tutorial A Beginner's Guide to Securing Your Cloud Infrastructure
Просмотров 3408 месяцев назад
Learn How to Secure Your Cloud Infrastructure with FortiGate on Google Cloud Platform (GCP)! Welcome to this educational tutorial that will provide you with a comprehensive beginner's guide on securing your cloud infrastructure using FortiGate on GCP. Whether you're an individual looking to enhance your cloud security skills or a business owner wanting to protect valuable data, this tutorial is...
FortiGate SSL VPN Realms
Просмотров 74410 месяцев назад
How To Securely Connect To Your Office Network From Anywhere - Fortigate SSL VPN
FortiGate SSL VPN for Remote Users
Просмотров 39410 месяцев назад
How To Securely Connect To Your Office Network From Anywhere - Fortigate SSL VPN
Publishing HTTPS Web App using FortiWeb Part III
Просмотров 2,7 тыс.11 месяцев назад
Publish HTTPS Web Application using FortiWeb. FortiWeb Web Application Firewall.
Installing IIS & Publishing Web Servers on FortiWeb - Part II
Просмотров 2,6 тыс.11 месяцев назад
This is a series video, am going to show you how to setup and manage webservers using FortiWeb and FortiGate. This will show you different ways to manage web server and prevent attacks on your web applications. I will demonstrate how to install IIS web server and publish web applications on FortiWeb.
Installing FortiGate & FortiWeb - Part I
Просмотров 4,7 тыс.Год назад
This is a series video, am going to show you how to setup and manage webservers using FortiWeb and FortiGate. This will show you different ways to manage web server and prevent attacks on your web applications.
Configuring ISP failover using SD WAN
Просмотров 3,6 тыс.Год назад
Configuring ISP failover using SD-WAN
Cisco Firepower 1120 DHCP Reservation
Просмотров 991Год назад
Configure DHCP Reservation on Cisco Firepower 1120 using FlexConfig Cisco Firepower Device Manager 1120 DHCP Reservation Syntax Template clear dhcpd binding all dhcpd reserve-address 172.16.19.200 93ab.00af.fc3d data-network dhcpd reserve-address 192.168.100.199 03cd.acd5.46b2 LAN Negate Template no dhcpd reserve-address 172.16.19.200 93ab.00af.fc3d data-network no dhcpd reserve-address 192.168...
FortiGate HA Setup
Просмотров 2,8 тыс.Год назад
FortiGate HA Cluster Configuration FortiGate HA Active/Passive configuration FortiGate High Availability Setup Watch Previous Videos How to Configure Site-to-Site VPN - ruclips.net/video/KK66ctBTxOY/видео.html FortiGate HA out-of-sync Troubleshooting - ruclips.net/video/bOoXN7f4mGk/видео.html Configuring VLAN Fortigate firewall - ruclips.net/video/2T8PPVAu1nM/видео.html FortiGate Firewall from ...
How to Configure Fortigate Site-to-Site VPN on gns3
Просмотров 10 тыс.Год назад
How to Configure Fortigate Site-to-Site VPN on gns3
Configuring VLAN and Inter-vlan routing on Fortigate firewall
Просмотров 27 тыс.Год назад
Configuring VLAN and Inter-vlan routing on Fortigate firewall
Installing FortiGate Firewall on ESXi Host from Scratch for Home Network
Просмотров 8 тыс.Год назад
Installing FortiGate Firewall on ESXi Host from Scratch for Home Network
FortiGate HA out of sync troubleshooting
Просмотров 9 тыс.Год назад
FortiGate HA out of sync troubleshooting
Home Assistant Text-to-Speech TTS using Random messages using Alexa
Просмотров 1,1 тыс.Год назад
Home Assistant Text-to-Speech TTS using Random messages using Alexa
Debian and Home Assistant Supervised Installation
Просмотров 2,7 тыс.Год назад
Debian and Home Assistant Supervised Installation
HOW TO INSTALL HOME ASSISTANT SUPERVISED - OFFICIALLY
Просмотров 6 тыс.Год назад
HOW TO INSTALL HOME ASSISTANT SUPERVISED - OFFICIALLY
Thank you for sharing. what is the possibility of using both links at the same time. or combining both links to increase the bandwidth size
@victorjames6242 You can balance the traffic across both link, you can select both outgoing interface as your interface preferences. The short answer is YES you can use both link simultaneously
best practice is to change the FGT management port also, not just the SSLVPN. Also hotels, motels and other such sites will probably block SSLVPN on a port other than 443.
tks a loot !!!!
HI what is the default gateway of the Winserver 2016 ? plase it is 192.168.177.3? or 192.168.177.1/24 and what happen if i put the server behind the Fortiwe which will be the default gateway?
thanks for this man.
No need to setup smtp server and port first in settings?
Yes, there is no need to setup smtp server and port.
@@techy-world3716 Thanks
@@techy-world3716 But if I have my smtp server in cloud or local, how to specify?
tkns
the LAN 2 network is basically the management,right?Great video
LAN 2 network has some management features, such as HTTPS or FMG. Once any of the Administrative Access is enabled on that interface that makes it a management interface.
First of all, thank you for a very useful video. But how can you access GUI interfaces from your own Windows Machine by saying 192.168.177.3 or 192.168.177.1? There must be a setting here. In addition, how is it that you can ping 192.168.177.54 ip address from your own machine again? I think there is a configuration here that we have not seen in the previous video before?
Please watch the Part I of this Video ruclips.net/video/aNHIQdwXbas/видео.htmlsi=0OUvlJpzNP0zxui3
Hello, help, the token code does not arrive in my Gmail inbox, my question is if something additional has to be done in Gmail so that it receives the Fortigate token messages
Check your SPAM inbox, FortiToken can be sent into your GMAIL inbox without issue.
Very informative , I've just solve my ticket with this knowledge , thank you
Oh cool. What program did you use to draw the Topology?
GNS3 is the application used to draw the topology
I have a questions. Is there a difference between enabling NAT on the Policy? What does it do?
When NAT is enabled on a policy you are stating that you need the private IP translated to the public and vice versa. This is mostly used when you intend for that policy to go to the internet. If the traffic is going to the LAN or VLANs only there is no need to enabled the NAT option on the policy.
This is great. The only improvement I see is to setup the actual outgoing Destination in the Firewall policy rather then just selecting "ALL". This is a best practice so that the SDwan service is only dedicated to that one remote network. If you have two or 3 then maybe selecting ALL makes more sense. Right?
I am not too sure I fully understand your point. Here is a pointer, if the traffic is destined for the internet selecting all as the destination is best since you don't want to create different policy for traffic going to teams, zoom, Facebook, outlook etc. But if you the destination is local, then selecting a single remote network is best practices.
Can I configure IP addresses on both the physical interface and VLAN interface as router on a stick. And reach the physical interface on a switch that has a port in Access mode???
The answer is Yes. You can configure multiple physical and Virtual interfaces and even route between them. What you need is policy. To answer your question YES it is possible
Thanks man! it was helpful
Amazing video, thank you for the explanation. Would you please create a video on how to setup True Transparent Proxy mode?
Great suggestion!
Great video. Thanks man
Glad you liked it!
Hi can i add multiple public ip to fortigate interface in GCP. So that i can bind them with different Internal IP in VIP.
Yes the fortigate can use multiple public IP
sometime i'm having problem cannot connect to the vpn after received token code "Credential or SSLVPN configuration is wrong.(-7200)" any advise?
Try input the token faster. If you get the token via email it may sometime be delayed. Try to see if you get it faster on mobile phone or on desktop app.
How did you configurate ISP 1 and 2? Because I have 2 clouds connected to the same bridge adapter and in order to give internet access to both Firewalls I need to configure both with the same static route.
This article will help on how to configure ISP1 and ISP2 docs.gns3.com/docs/using-gns3/advanced/connect-gns3-internet/
@@techy-world3716 I manage to have internet with one cloud using NAT and the other with a bridge adapter, so both have different IP's and static routes. The problem right now It's that the phase 1 is down and the troubleshooting of fortigate are not very helpfull.
My eve-ng lab FortiGate vm firewall limit with 3 interface. It says trail vm license support 3 interface. How to use more interface.
I didn’t know you could set SMS for two-factor. Not great, but better than nothing.
Hi, is it possible to use a different alternative SSL certificate for each realm?
It maybe possible, I haven't had reason to use that myself. This article might help. docs.fortinet.com/document/fortigate/7.4.3/administration-guide/724772/ssl-vpn-multi-realm
thanks bro
Nice tutorials! Foreach public facing service do I need to have a public IP? Or it can be redirected in any way directly from de FortiGate?
No, you don't need a single public for each services, you could have multiple services on a single public IP
@@techy-world3716 When I try to create a second policy i always get the error "The same service port cannot be used for one Virtual IP twice." and I'm stuck with it :(
i didn't know that we can add email address under the user from the CLI. That's new to me. Thanks
Thanks for your video, this was very helpful.
Glad it was helpful!
Hi @Tech-World, Thanks for this video. It was really helpful.
Do you intend to take a course or publish a download link for this entire laboratory? that would be very useful
I will consider that
Awesome! Thank you for the video!
Am happy it was helpful
After doing this i am not able to access the firewall from lan zone. So how to get access it.
The access will be applied to the LAN interface e.g port 1 if you are using physical port or the VLAN interface e.g Data VLAN. You can also apply it to multiple interface but not on the zone.
Yes, I have created a data vlan 10 under port 1 and i am trying to access it from vlan 10 interface also https is enabled on that interface.
Have you lost all access to the device or can you get in via console or ssh?
The device you are accessing it from must be in VLAN 10 subnet as well. That is very important
If you are still having issue, I can look at in over a remote session if you want.
is there any need to have policy between one vlan in firewall?
No there is no need to have policy between VLAN but there are reasons to why you may want someone to have access to a specific VLAN other than where they belong. For example if you have a Camera VLAN and you belong to Data VLAN you won't be able to view the camera from your network device in Data VLAN without having a policy to allow your device or the entire Data VLAN. I hope this helps
Hello with this fortigate firewall deployment in VMware if we want to block any of the social sites on our home network does it will work or not plz reply
Yes, it works perfectly. You have same functionality as what comes from a box. The VM version is very similar to the hardware.
@@techy-world3716 thankyou so much But I have missed 1 questions which I have not mentioned if I don't have VMware hardware but I have installed VMware software in our computer does it work ? Plz reply
It will work on your VMware without any problem.
@@techy-world3716thankyou so much for helping us😊
Thank you for this playlist, really help me to understand FG and FWB appliances. I have one question, can I set a transparent mode Fortiweb on this FWB VM?
Yes, the VM version has transparent mode. The VM version has 4 modes: Reverse Proxy Mode, Offline Protection Mode, True Transparent Proxy Mode and Transparent Inspection mode
Great work, please prepare a complete fortiweb configuration tutorial
I will work on that soon. Watch out for new videos
Fantastic! Thanks so much. I have a question, If I use a real ip of server Is it a problem?
No!, using the server's real IP address shouldn't be an issue, but following the steps in this video is recommended.
Very insightful. When the part 4 coming along? Can you please cover how to configure FortiWeb for multiple server hosting public-facing services?
Very soon, I will be making that video
Very good video and deployment. We are waiting to see this solution with load balancer sandwich!
Good video!!!
where is the live testing you did not connect anything and test anything or live anything
Point taken, I will ensure that I show more testing in my next videos. But be assured that these steps are what is required on the FortiGate.
Great video!
how the internal networks reached to each others while no routing between them??
Internal network can reach each other using the layer 2 switch, it doesn't get to the firewall. Once the data frame is sent to the switch the switch will forward the data frame to the other device using the MAC address table.
Great video. I'm New with Fortinet and in my new job I have to manage several branch offices with Forti 40F. today I performed the firmware upgrade from 7.2.2 to 7.2.4 and lost the HA sync (out of sync). so, with the diag sys ha checksum recalculate command it should bring back up the HA? I already check the checksum and is different in both the FW. Thanks in advance. Regards
Yes that should fix it, but ensure that the firmware is same on both device. The most common issue is when there is a different configuration on the firewall that is not configured on the other that will cause the out-of-sync issue not to be resolved.
@@techy-world3716 thanks. Righ now the secundary is with the 7.2.4 and the primary with the 7.2.2. Should I upgrade the primary first? Regards
As long as both of them are on same version you should be fine, it doesn't matter which is upgrade first. But I will upgrade the lower version first to match the higher version. Either way it should work once they are on same version.
I'm doing the same steps at Cisco Firepower 1010 Threat Defense (FTD) using Firepower Device Manager (FDM) but I'm having the same type of errors. This is the 1st one: "Blacklisted cli error: clear dhcpd binding all". Any ideas?
I like your videos and I need a mentor to configure the FortiGate/nse4 part (if you have any other contact, I would appreciate it if you share ). I am already using GNS3 to learn.
Am glad you love them, I can be of help with your NSE4. Here is my email accessteckworld@gmail.com
Thanks buddy
This video is a continuation of the previous video. Fortigate SSL VPN for Remote User ruclips.net/video/j8kiN2tvp0M/видео.htmlsi=w1aFwH_k76cioiec
Thanks boetie