Firewall Policies and NAT (Policy vs Central NAT, SNAT, DNAT... ) on FortiGate | GNS3 Lab
Рет қаралды 6,406
Күн бұрынIn this live video, we are going to configure Firewall Policies and NAT (Policy vs Central NAT, SNAT, DNAT...) on FortiGate
===================
CCNA 200-301 COURSE
===================
Study for the CCNA and go from zero to engineer with this course:
kbtrainings.co...
============================
STAY IN TOUCH / BUSINESS
============================
Email: contact@kbtrainings.com
Instagram: / kbtrainings
Facebook: / kbtrainings-6855822152...
Twitter: / kbtrainings
============
KBTRAININGS
============
Website: www.kbtrainings.com
KBTrainings is an online training platform created to share my knowledge in the IT. In a world where technologies are radically changing the way we live and future economies, KBTrainings has set itself the goal of popularizing IT concepts and allowing many to start or boost their careers in IT.
The contents range from basic notions and introductions to advanced concepts for engineers. We will cover the following areas: applications, networking and security, web design & development, programming and automation.
In computer networks and security we will focus on Cisco, which is a benchmark in the industry, helping you to get Cisco CCNA and CCNP certificates. These certificates are highly respected in the industry and are a very practical way to prove your knowledge and start or advance your career.
@MrHCars Жыл бұрын
Best description difference I’ve seen between CNAT and Source NAT 👏🏼 Watching from UK 🇬🇧
@MrEstevezv Жыл бұрын
Thanks for this training Guy! I was able to get everything working thanks to you! This was very informative! But maybe next time stay more on topic and don't focus so much on distractions. Other than that it was perfect bro.
@gurpreetsinghghai6374 11 ай бұрын
amazing. great knowledge and labs !!
@roy5721 11 ай бұрын
very cool setup and great tutorial!
@benardkasait572 6 ай бұрын
Great Content. NSE 4 ?
@Blizard-yd2ke Жыл бұрын
Can you confirm what types of routing enabled on Fortigate and Cisco router?
@KBTrainings Жыл бұрын
Nothing special. Just connected links in the Cisco and default gateway on the FGTs.
@sanjedgaming8124 5 ай бұрын
do we still need default routing between firewall to R1 if NAT is enable ?
@adrianlamadrid5617 7 ай бұрын
I am from Cuba and working in Germany.
@KBTrainings 7 ай бұрын
Nice! How is it going over there?
@adrianlamadrid5617 6 ай бұрын
I have learned a lot from your Fortigate videos and have taken my career to another level. Thank you very much @@KBTrainings
@certified-master3986 8 ай бұрын
Hey KB, nice course man, I've been following your vidoes on KZbin. I wanted to ask man, How can I set up a virtual lab environment with GNS3? I appreicate your feedback.
@imanikabeya3542 Жыл бұрын
If i may ask. These two clouds are helping you to get access to your home network right? But all configurationsb will be done using the other ports connected to that router at the bottom right ? Also can all your devices communicate with your home network , like can the pc under a Lan ping your physical computer? And your Fortigate Firewalls got Ip adresses automatically i guess ?
@nassimelboutaibi4772 9 ай бұрын
I have a really hard time to understand those ports/interfaces in fortinet, i know what a NIC, Subnet and VNet are but i have nu clue about these other things.. do you have advice where i can look more at this?
@ibrahimadarijo2073 Жыл бұрын
Hi KB I noticed you only enabled HTTP and HTTPS as the services for security and you verified this from the client. My question is would you be able to ping the Web server from the client considering ICMP was not enabled as a service?
@KBTrainings Жыл бұрын
Hi I, No, you won't be able to ping the server.
@imanikabeya3542 Жыл бұрын
Also how do we use this web , like how do we import it in the lab
@KBTrainings Жыл бұрын
It's in the Guest GNS3 appliances
@imanikabeya3542 Жыл бұрын
Bonjour Guy. Pourquoi on me demande de mettre le login dans Fortigate pourtant je ne l'ai pas encore configurer ? Il y a-t-il un mot de passe par défaut svp ?
@KBTrainings Жыл бұрын
username: admin Pas de mot de passe.
@buttsaabgreat Жыл бұрын
At 45:25 when you ping/open google web server as DNAT used(NAT enabled on wan-lan policy on Google side office) so what will be shown on wireshark as source and dest and if we disable NAT on google side office then what will be shown on wireshark as source and dest
@KBTrainings Жыл бұрын
The Web response leaving the Google Firewall would have 30.0.0.2 as source and 20.0.0.2 as destination. If SNAT was not enabled on the Google FGT, the traffic would've had 192.168.0.5 as source and it wouldn't have made it to the office Web client. I hope that makes sense.
@buttsaabgreat Жыл бұрын
when you created VIP so why not you did port forwarding the required ports
@KBTrainings Жыл бұрын
Because I am forwarding all the traffic. In product, I'll have to select http and https only.
@buttsaabgreat Жыл бұрын
@@KBTrainings what you mean by product, secondly If I do port forwarding in VIP then create firewall rule so then it's fine or not or what consequences there
@KBTrainings Жыл бұрын
lol. I meant to say in production, on an enterprise network. Doing port forwarding in VIP and adding it to the firewall policy is the good way to do it. I am forwarding everything because it's just a lab environment and there is no risk.
@buttsaabgreat Жыл бұрын
@@KBTrainings thanks for your clarification and time actually I did once, port forwarding in VIP for remote connection then create rule. I think if we do the way you did then it's more secure as then we will control from rule everything but still there is more than one way to achieve something
@KBTrainings Жыл бұрын
Exactly, a result can be achieved in many ways. You're welcome.
KBTrainings
Рет қаралды 9 М.
KBTrainings
Рет қаралды 50 М.
SILAS INFOTECH
Рет қаралды 14 М.
Bikash's Tech
Рет қаралды 3,8 М.
Bikash's Tech
Рет қаралды 12 М.
Network for you
Рет қаралды 6 М.