Glad it was helpful!

Thanks and welcome

hi there, 192.168.1.99 is the gateway while 192.168.1.0/24 is the network address. For the interface, you need to enter the IP/netmask (gateway). If your question is about the NAT policy, the network address should be the source.

hi, if your question is the inter VLAN (Guest VLAN to access Server VLAN vv) then you just need to create a firewall policy, source is the guest VLAN interface and destination is the server VLAN interface

hi there; 1. You can enable HTTPS and ping only on the internet facing interface (WAN Interface). Best practice not to enable/allow SSH & Telnet on WAN Interfaces. HTTPS for management and ping for troubleshooting purposes. 2. For better security, you can disable HTTPS on WAN Interfaces and if you want to access the device from the internet then use SSL VPN. You want more security? enable 2FA (two factor authentication), by default, each FortiGate have 2 free Forti tokens. 3. For LAN interfaces, you can enable HTTPS & SSH if you prefer but don't ever enable telnet or HTTP.

@@IgoroTech-Official thank you but can you explain it to me with simple word? its still not clear to me

HTTPS is for you to manage the FortiGate through web/browser. If you have no plan to access the fortigate from the internet then no need for you to enable the HTTPS. SSH is for you to manage the FortiGate through CLI using putty or other terminal emulator, its not recommended to enable on WAN interfaces for security purposes. For you to manage the Fortigate you need to enable SSH or HTTPS. you can enable it on LAN interface but not on WAN interfaces for better security.

My pleasure!

hi there, yes you can use VMware, you can follow this video if you're interested. kzbin.info/www/bejne/mKunhXl3rpKHl8U

hi there, in that case, you need to configure the IP address statically but make sure to use an unused IP address and remember to configure the default static route as well.

@@IgoroTech-Official thank you by the way what should I aggregated or lan then will add the vlan

@@norbertopadiernos8240 it depends on the requirements or what you want to achieve. If you are planning to configure multiple LANs and as long as you have enough LAN ports then no need to configure VLANS, you can simply configure different subnets for each port (diff port = diff switch) and then manage it thru the policies. In this way, you can have 1GB output for each network. However, if you plan to connect to 1 switch (distri/CS) then you need to configure the VLAN's. Additionally, you can configure link aggregate, or 1 port for each VLAN. Again, it depends on the requirements and each net admin has each different technique.

hi, for the versions 7.2 and above yes, but for the older versions you can. however, the older versions only valid for 30 days.

yeah same problem here. it sucks to work on evaluation license and its hard to learn anything.