#4: FortiGate: Basic Config of the firewall | VLAN, WAN, DHCP, IPv4 Policies | My Home Network
HTML-код
- Опубликовано: 15 окт 2024
- This video is the number 4 of of our series in which I share with you the installation my new home network. I push basic configurations in the FortiGate which will be my main firewall. These configurations include VLANs, WAN port, DHCP servers, and IPV4 Rules.
Here are the previous videos:
Introduction and equipment: • Installing a Home Netw...
Cabling: • Installing a Home Netw...
UPS: • I Protect My Network D...
Here are the links to all the devices used in this project (some links are affiliate links):
Ubiquiti UniFi Switch 24 PoE (USW-24-POE): amzn.to/3gdUeGU
Ubiquiti Unifi Ap-AC (UAPACLITEUS): amzn.to/317w8qY
Ubiquiti UniFi AP AC In Wall: amzn.to/311vpYl
Ubiquiti Unify Switch Flex Mini: store.ui.com/c...
Ubiquiti UniFi Video G3 Flex (UVC-G3-FLEX): amzn.to/3fgXhNp
Ubiquiti Unifi Bullet Camera (UVC-G3-Bullet): amzn.to/314l6CT
Ubiquiti UniFi Cloud Key Gen2 Plus (UCK-G2-PLUS): amzn.to/30cqYe0
Cat6 Ethernet Cable 1 ft (5 pack): amzn.to/31i5Pib
Cat6 Ethernet Cable 0.5 ft (10 pack): amzn.to/2Pemb5q
CyberPower UPS System: amzn.to/39Ic5TW
DYMO Label Maker: amzn.to/2Xf3vah
NavePoint 9U Server Equipment Rack: amzn.to/30cgag1
Wire Punch Down Impact Tool: amzn.to/30f2npa
Wall Mount 24 Port Cat6 Patch Panel: amzn.to/2Xd8YhK
Check out my CCNA course: kbtrainings.co...
KBTrainings is an online training platform created to share my knowledge in the IT.
In a world where technologies are radically changing the way we live and future economies, KBTrainings has set itself the goal of popularizing IT concepts and allowing many to start or boost their careers in IT.
The contents range from basic notions and introductions to advanced concepts for engineers. We will cover the following areas: applications, networking and security, web design & development, programming and automation.
In computer networks and security we will focus on Cisco, which is a benchmark in the industry, helping you to get Cisco CCNA and CCNP certificates. These certificates are highly respected in the industry and are a very practical way to prove your knowledge and start or advance your career.
Visit KBTrainings at: www.kbtrainings.com
Follow us on the following platforms:
RUclips: / kbtrainings
Facebook: / kbtrainings
Instagram: / kbtrainings
Twitter: / kbtrainings
Thank you for watching.
Please Like and Share.
And Subscribe for more config videos.
Leave a comment if you have any questions.
Guy
I tried the same thing with my Fortigate to establish the public connection and it did not work. I want my home network like I do it at work all inbound traffic comes through the firewall. So maybe I will need to call Verizon.
Guy.. I sent you an email... If you can assist, pls let me know.
love this dude for showing actual installs
I appreciate it! Thank you🙏
You are one of the best youtubers I've seen when it comes to networking tutorials. Very clear, real world examples, showing both gui and cli!
This video is going to help me a ton when my 60F comes in this week. Thanks for all your great work!
I appreciate that!
Thank you and good luck with your FortiGate!
R Prasadgl.gi9
Thank you, I've just started a new job, I am used to working with Juniper and Cisco, this video helped me to have a better understanding of the Fortigate CLI and GUI.
Will definately be back for more, like the HA configuration. But thought it would be better to just watch some basics first.
Love your pace oof explaining, at my new job it all goes so fast, it's nice RUclipsrs like yourself exist to help make more sense of it all after working hours, much appreciated !
I just got a fortigate to install in our office (RDC Primature), thanks to your fortigate video series I was able to configure it perfectly, I really thank you from the bottom of my heart for your effort you put in so to deliver good quality videos among thousand other videos in youtube.
I hope to continue with your tutorial to enable me enhance my skills in System Admin. from Liberia 🇱🇷
Hey Guy, Thank you for your video. You have a really great presentation, makes configuring the Fortigate a pleasure
I usually am never able to stick around on lengthy videos, but man, you're just a natural at teaching and keep it fresh & interesting. I love how you use real life examples, that's extremely helpful and you have a badass home setup! Where is your accent from? DR Congo?
Glad to read this Scott! Thank you.
Yes, I am from DR Congo 😀
It is a great presentation - detailed, clear with a real home plan. I like your voice and the way of explanation. Everything is clear. Goog job, do it further, please.
Thank you Mr Sam!
Encouraging.
Thank you, that was INCREDIBLY informative. I can use this going into future jobs!
Okay. Thank you for the physical setup, and what are you are using. I did not want to spend crazy money on a Fortiswitch, so I ordered a Netgear managed POE switch.
That works too.
I had UniFi switches and now I have FortiSwitches.
One of the best training video i have ever seen.
Hi Brother,
I'm Akhilesh from India
I like your videos plz continue uploaded more videos on practical Lab for CCNA and CCNP Firewall Router and switches.
Thanks 🙏🏼
Hi Akhilesh,
Glad to read you.
Sure, I'll upload more.
All the best in India!
nice setup of monitors in the background
Thank you 🙏
This is a very good practical setup. But keep in your DHCP, main interface, and Vlan addressing subnet ranges are fairly large. Which is best with a very large amount of users and appliances. Most users will be operating in a smaller environment so keeping those ranges low would be best.
You're right.
I actually changed the subnet to /24 on all VLANs.
Thank you Justin!
@@KBTrainings Keep it up!
Will try 🙂!
Thanks
Great Job and awesome contain. im looking forward for the upcomming videos. You're strong mannnnn
Thank you Madara.
More coming soon!
Thank you so much for the videos. Please put more of fortinet videos.
One of the best training video i have ever seen. Thank You very much. Can you please upload the full course training video of NSE4 and PCNSE.....
Glad to hear that.
Will look into adding structured videos on FGT once I am done with the Cisco series.
@@KBTrainings Thank You Very Much.....
Hi, Thank you for this amazing video. Could you please tell me where did you exactly set the taggings for tagged VLANs?
At the min @17:14 VLAN ID refers to the tag of the VLAN Interface.
You're welcome.
This is as practical as it goes! Thank you!
That's a great video man thanks a lot, I was just tryna your next video where you introduce the switch to the network and adding VLANS to the switch. May I please see that.
Awesome Presentation !!!
the explanation is very clear...kudos
Great tutorial, however. I must have missed a step cause, what VLAN does the computer you were using automatically fall into if port 2 was carrying multiple VLANs and the computer is set to DHCP. How did it know which VLAN to go into. It would have been helpful to see the DHCP address that was handed to the computer
VERY NICE CLEAN & EXCITING 🥰🥰🥰🥰
THANK YOU A LOT ...
You're welcome!
@@KBTrainingscan I have your email?
contact@kbtrainings.com
@@KBTrainings thanks
Anytime!
comprehensive tutorial. i like it very much !
Hello,
Thank you for the great video! I have a question though, I am a beginner into the Cyber Security field and trying to get familiar with VLANs configuration. For port3 you created 3 different VLANs and assigned each of them a different ip address with DHCP on, now let's say you connected an Access Point to port3 and wirless device is connected to the network through this AP, what IP address could this device have? In other words, how to determine which device belongs to which VLAN since all of them are connected to the same port?
Thanks again..
Too good. very detailed. Thanks
Hi G, hope your doing great? Great work with the networking videos, just to let you know that it seems you swap the #4: Fortigate video in English in the wrong playlist under the French videos
Hi,
Merci pour la remarque. Je viens de faire le changement.
Nice..im looking to potentially switch to the 100 model in our business environment and I was curious about the setup process..
Hello ...First of all thanks for nice turorial. Question: How one port from Fortigate like 3 in here could be used for 3 VLAN? I did'nt get it...tx
You need to create a VLAN Interface and assign it to the port number 3, Just like I do at 17:03
@@KBTrainings got it tx a lot
You're welcome
I see you configure VLANs on fortigate after the fortigate you have switch? Do you configure trunks between switch and fortigate and how do you do that? Do you also have to configure something in the IPv4 policy if you want traffic from 1 vlan to the other vlan?
Amazing stuff. Would love to see how the wifi is configured.
Thank you Ali!
More coming soon.
super bro ..keep it up .. god bless you
Thank you so much @Techmate!
did you end configuring a public IP on the Fortigate device? I am a Cisco network enthusiast and learning firewall. Did you end up adding anymore policies on the Fortigate? What's the current setup on the Fortigate today? Are you still double routing?
Hey Tommy,
Yes, I configured PPPoE on WAN1 and was able to connect fine.
Also added some more policies for internal traffic and so one.
Check out my SDWAN video as well as the new FortiGate video.
Great stuff. Can you show how you configured the vlans?
Hi Muhammad,
I just did, I guess 🙂
Excellent, thank you !!
Good contents 👌
Thank you for sharing 😊
Thank you for watching!
Helo KBTraining I'm a news System And Network Engeneer. I notify just that i take pleasure to watch your videos. Thanks you
Glad to read this.
Thank you, enjoy and good luck!
Very informative video. Thanks Brother
So nice of you.
Thank you!
Great vdeo dear
Good video. Thanks
Glad you liked it!
Guy, I'm setting my home lab (noobie) up and I want your advice. I will be running a DIY router/firewall with Sophos-XG but I also have a Cisco sg300 28-port POE switch and a couple of Unifi AC Pro APs. When it comes to inter-VLAN routing, would you recommend the "router on a stick" method or Cisco L3 switch to do all VLAN routing? I have a couple of VLANs I want to make for my home Lab and want the best performance. I currently subscribe to ATT Fiber (1gB). Keep rolling out the videos. Thanks!
I usually Like to do all routing on the firewall. Depending on the capacity and total throughput of your firewall, it may ot may not cause a slight performance decrease, but I still prefer that method.
Hi, one question. I have my ISP modem 1 connected to the Forti then from forti to 2nd router with WiFi. Can this example VLAN's also work in my Topology? Or do you have any other advice? I also want to seperate IoT devices, Home networkand Work network. My ISP Modem is direct connected to the Forti to WAN 1. SO the 2nd router should be connected to forti with port 1-4 right as AP mode right? With or without DHCP on the 2nd router?
Were y7ou able to get a public ip address on your WAN interface?
How did you get all these devices images and lines in the network diagram to Visio?
As you shown in your diagram that your fortiget firewall ports will be connected to only a single switch and all the devices like IOT, PCs and server will be connected to that switch.So, how your switch will decide that to which device it has to assign VLA15 or VLAN25 or MAIN subnet. Please explain more means how your port 3 will be used by a single switch.
? Please reply.
Nice explanation,
is it possible to access VPN Tunnel from inside the network when Wifi is on different VLAN
I purchased a used 100D firewall.. The firmware needs to be reloaded.. Fortigate Customer Service is not able to help, unless I purchase a newer Fortinet device & a Support Plan. Can anyone help me pull down the firmware for the FortiGate 100D ??
Email me at contact@kbtrainings.com
@@KBTrainings I've emailed.. Barrington
Got it!
wow...50 cent is teaching us FORTIGATE
What do you mean?
does port3 vlans will get internet ? pl do reply
What exactly will you ask to your provider? what is the technical concept behind this?
I assume you're asking about the VLAN tag and the PPPoE credentials.
good morning, one question, we work with the tplink TL-ER6020 router (VPN WAN Dual Gigabit SafeStream Router) but to connect with that router we do not need licenses as they tell us in fortinet that the license is annual; Yes Or if we need that fortinet software to connect to that vpn or we can do it via windows so that the license is free. because we only need vpn.
Nice one. Thanks.
Why my putty when console to Fortigate 201e the keyboard is not working properly?
Not sure. It might be a lof of things...
Maybe change the keyboard settings or the whole keyboard.
Thanks a lot!
You're welcome!
Studying for my CCNA, i was trying to figure out why you have separate cables in different vlans running to the switch instead of just one that can just be a trunk then it hit me, was it for load balancing? Or there is a reason why you designed it that way? Would be great hearing from you or anyone reading this to remove my curiosity
Yep. Multiple links to balance VLANs across many links (trunks).
Also the design shows the logical aspect of things, so I had to include all the L3 links.
I WAS GIVEN A fwf-80cm what is it and what do/can I do with it? I have no idea what the connections are for in the back, please help or I'm shipping you this thing!
Hello, I've tried several times to register from your website but still have error. could you help?
Sorry to hear that.
What kind of error do you have? Please send me screens captures to contact@kbtrainings.com or on instagram.
What software did uou use to build the network?
Most of your stuff is beyond me; however, I am interested in your modem, it appears to be the C3ntury L!nk Gr33nwave C40OO. Is it possible to replace that with your own equipment. I have searched high and low and nobody knows. All I need is a simple powerful network. I would like 8 Lan Ports and be able to put a VPN on the router. Any recommendations are appreciated. Thanks
Hi Jeremy,
Yes, this is the C4000.
You can get rid of it if you have a router in which you can have PPPoE and tag the WAN port (201 in my case).
I use a FortiGate. You can use a cisco router or the UDM Pro.
Thanks
Awesome video! Do you think Fortinet will make it’s way into homes more in the future? I find myself limited with Ubiquiti gear a lot and want something beefier without going all the way to Cisco... seems like a good middle ground. Keep up the awesome work!
Thank you Evan.
Fortinet in home...? 🧐 I don't see it coming per se. But for some of us can,
They will probably just focus on businesses, but some odd people, like us will use it in their homes 😀😀.
An affordable FortiGate is still a better option than any home router out there, I think.
Hi, so I will soon replace my Router with a Fortigate. What would you recommend to use for a connection to the ISP since i cant directly connect the Fortigate to the ISP. Thanks in advance
Hi John,
It all depends on how the ISP drops the connection.
The FortiGate takes ethernet or PPPoE, you may need to get a device in the middle or not.
Thanks man, what software did you use the create that network diagram?
Looks like Visio
How much budget you spent
Hi, how do you configure the various VLAN to be able to talk to each other? I have a client that wanted to configure 2 VLAN for normal plugin PC and those using WIFI. They a have a layer-2 switch which can configure vlan as well, which I am confuse now. How should it be done? Appreciate help. I'm new to this
I have a public IP but when i connect my fortigate it takes the private ip from the modem , i need to configure SSl VPn but i need to take a public ip fro the wan port but it doesn't work. can you help me please ?
You need to set the modem to be transparent and not do any routing. You can check with your ISP or consult your modem documentation online.
@@KBTrainings I'll contact my ISP thank you very much
Anytime, no stress at all. 🙂
I'd remove the modem and cable direct to the FortiGate and let the FortiGate manage the wan itself.
No need to port forward or DMZ host required.
thanks for sharing
what is the /16 after IP Addresses plz?
It's the subnet mask.
In the fortigate firewall one ip need to block the internet remaining ips need to access the internet
Is this a question...? I don't get it.
you can put de isp router into bridge mode, so you can get a public ip, no real but...
I actually did it few days later.
Thanks Jorge!
hi bro .could you make the Fortigate VDOM video?
very nice
thank you!!
why are you creating the IOT vlans on the firewall? can't you create the vlans on the switch? Can't you just do port 2 lan to wan.
The VLANs are created on the switch as well as the firewall.
Layer 2 switching happens on the switch while Inter-VLAN switching happens on the firewall.
Thank you!
@@KBTrainings that makes your firewall work harder no? just like enabling dhcp on the firewall. Can you just do DHCP and vland on the switch and not on the firewall? Let the switch do most of the work.
Want more videos
20
À partir de 2 bières ça devient vraiment difficile à suivre tout ce bordel. 😅
😀😀
I need any contact with you
I am reachable at contact@kbtrainings.com or on social media.
question: why fortigate and not something like pfsense where you have no licensing?
There are many options but I just chose the Fortigate for now.
I don't need much from licenses.
Hello Bro
could you make the Fortigate VDOM video?
Hello sir!
Yes, I can. Will have this on my list.
Thank yoou!