Firewall Policies and NAT (Policy vs Central NAT, SNAT, DNAT... ) on FortiGate | GNS3 Lab
Рет қаралды 5,683
10 ай бұрынIn this live video, we are going to configure Firewall Policies and NAT (Policy vs Central NAT, SNAT, DNAT...) on FortiGate
===================
CCNA 200-301 COURSE
===================
Study for the CCNA and go from zero to engineer with this course:
kbtrainings.com/ccna
============================
STAY IN TOUCH / BUSINESS
============================
Email: contact@kbtrainings.com
Instagram: / kbtrainings
Facebook: / kbtrainings-6855822152...
Twitter: / kbtrainings
============
KBTRAININGS
============
Website: www.kbtrainings.com
KBTrainings is an online training platform created to share my knowledge in the IT. In a world where technologies are radically changing the way we live and future economies, KBTrainings has set itself the goal of popularizing IT concepts and allowing many to start or boost their careers in IT.
The contents range from basic notions and introductions to advanced concepts for engineers. We will cover the following areas: applications, networking and security, web design & development, programming and automation.
In computer networks and security we will focus on Cisco, which is a benchmark in the industry, helping you to get Cisco CCNA and CCNP certificates. These certificates are highly respected in the industry and are a very practical way to prove your knowledge and start or advance your career.
@MrHCars 9 ай бұрын
Best description difference I’ve seen between CNAT and Source NAT 👏🏼 Watching from UK 🇬🇧
@gurpreetsinghghai6374 8 ай бұрын
amazing. great knowledge and labs !!
@roy5721 8 ай бұрын
very cool setup and great tutorial!
@MrEstevezv 9 ай бұрын
Thanks for this training Guy! I was able to get everything working thanks to you! This was very informative! But maybe next time stay more on topic and don't focus so much on distractions. Other than that it was perfect bro.
@buttsaabgreat 10 ай бұрын
At 45:25 when you ping/open google web server as DNAT used(NAT enabled on wan-lan policy on Google side office) so what will be shown on wireshark as source and dest and if we disable NAT on google side office then what will be shown on wireshark as source and dest
@KBTrainings 10 ай бұрын
The Web response leaving the Google Firewall would have 30.0.0.2 as source and 20.0.0.2 as destination. If SNAT was not enabled on the Google FGT, the traffic would've had 192.168.0.5 as source and it wouldn't have made it to the office Web client. I hope that makes sense.
@benardkasait572 3 ай бұрын
Great Content. NSE 4 ?
@certified-master3986 5 ай бұрын
Hey KB, nice course man, I've been following your vidoes on KZbin. I wanted to ask man, How can I set up a virtual lab environment with GNS3? I appreicate your feedback.
@nassimelboutaibi4772 6 ай бұрын
I have a really hard time to understand those ports/interfaces in fortinet, i know what a NIC, Subnet and VNet are but i have nu clue about these other things.. do you have advice where i can look more at this?
@imanikabeya3542 10 ай бұрын
If i may ask. These two clouds are helping you to get access to your home network right? But all configurationsb will be done using the other ports connected to that router at the bottom right ? Also can all your devices communicate with your home network , like can the pc under a Lan ping your physical computer? And your Fortigate Firewalls got Ip adresses automatically i guess ?
@adrianlamadrid5617 4 ай бұрын
I am from Cuba and working in Germany.
@KBTrainings 4 ай бұрын
Nice! How is it going over there?
@adrianlamadrid5617 3 ай бұрын
I have learned a lot from your Fortigate videos and have taken my career to another level. Thank you very much @@KBTrainings
@sanjedgaming8124 2 ай бұрын
do we still need default routing between firewall to R1 if NAT is enable ?
@Blizard-yd2ke 10 ай бұрын
Can you confirm what types of routing enabled on Fortigate and Cisco router?
@KBTrainings 10 ай бұрын
Nothing special. Just connected links in the Cisco and default gateway on the FGTs.
@ibrahimadarijo2073 10 ай бұрын
Hi KB I noticed you only enabled HTTP and HTTPS as the services for security and you verified this from the client. My question is would you be able to ping the Web server from the client considering ICMP was not enabled as a service?
@KBTrainings 10 ай бұрын
Hi I, No, you won't be able to ping the server.
@imanikabeya3542 10 ай бұрын
Also how do we use this web , like how do we import it in the lab
@KBTrainings 10 ай бұрын
It's in the Guest GNS3 appliances
@imanikabeya3542 10 ай бұрын
Bonjour Guy. Pourquoi on me demande de mettre le login dans Fortigate pourtant je ne l'ai pas encore configurer ? Il y a-t-il un mot de passe par défaut svp ?
@KBTrainings 10 ай бұрын
username: admin Pas de mot de passe.
@buttsaabgreat 10 ай бұрын
when you created VIP so why not you did port forwarding the required ports
@KBTrainings 10 ай бұрын
Because I am forwarding all the traffic. In product, I'll have to select http and https only.
@buttsaabgreat 10 ай бұрын
@@KBTrainings what you mean by product, secondly If I do port forwarding in VIP then create firewall rule so then it's fine or not or what consequences there
@KBTrainings 10 ай бұрын
lol. I meant to say in production, on an enterprise network. Doing port forwarding in VIP and adding it to the firewall policy is the good way to do it. I am forwarding everything because it's just a lab environment and there is no risk.
@buttsaabgreat 10 ай бұрын
@@KBTrainings thanks for your clarification and time actually I did once, port forwarding in VIP for remote connection then create rule. I think if we do the way you did then it's more secure as then we will control from rule everything but still there is more than one way to achieve something
@KBTrainings 10 ай бұрын
Exactly, a result can be achieved in many ways. You're welcome.
KBTrainings
Рет қаралды 9 М.
Bikash's Tech
Рет қаралды 3 М.
KBTrainings
Рет қаралды 1,8 М.
KBTrainings
Рет қаралды 48 М.
Bikash's Tech
Рет қаралды 10 М.
KBTrainings
Рет қаралды 1,8 М.
Fresh Developer
Рет қаралды 8 М.