Рет қаралды 9,799
AWS Gateway Loadbalancer East West inspection using Fortigate Firewall and Transit gateway hands on demo
This is a step by step configuration of the following components:
1. Fortigate firewall to represent any virtual appliance of your choice behind a gateway loadbalancer
b) Enabling Geneve on the fortigate appliance
2. AWS Gateway loadbalancer and service endpoint setup
3. Transit gateway attachments and routing tables
4. Testing and troubleshooting traffic flow via the central security VPC
Although the demo shows only a single appliance ,a robust production environment will have more than one which might even be in an auto-scaling group.
Below is the debug command i used on the Fortigate :
That my is my favorite command for this device as it call tell you almost anything in relation to traffic flow be it routing or access issues.
Simply paste all lines on your cli
##########################
diagnose debug flow trace stop
diagnose debug enable
diagnose debug flow filter addr 172.31.100.15
diagnose debug flow show function-name enable
diagnose debug flow trace start 10
###############
and to stop the debug : diagnose debug flow trace stop
or If you do not specify a number 10 in the last line for packets to be captured, the command will continue to capture packets until you press Control + C
You may check for more options that you may use with it in Fortigate documentation.
For the above you only need to replace 172.31.100.15 with the ip address that you need to track.
If my video helps you ,show with that subscribe TAB and many more will come