Microsoft Azure, Fortinet Active-Passive Firewall, How to Deploy Step By Step ARM Template Link github.com/jvhoof/fortinet-az... github.com/fortinetsolutions/...
Пікірлер: 27
@johnt39333 жыл бұрын
Amazing, well done putting this together!
@MrArsalan19883 жыл бұрын
very helpful
@ee071683 жыл бұрын
Thanks
@EyeIn_The_Sky2 жыл бұрын
How about the UDR setup that needs to be done to forward traffic from all protected subnets to the FW and out to the internet? It is difficult to do as there are load balancers involved both internal and external...
@UnitGFC3 жыл бұрын
Do you recommend this deployment model or HA (active/passive) using the SDN connector and without any Azure LB? Can you also give the reasons for your preferred choice?
@ee071683 жыл бұрын
I would highly recommend to go with Load Balancer.
@josearmandotorres31182 жыл бұрын
I have a issue, with my Fortigates deploy with SDN connector, when I want to do a HA test, reboot the master firewall an them look the traffic in the slave firewall but the Azure UDRs routing tables don't update, in the SDN connector each firewall is well configured. Can you help me?
@mdabdulmoiz3 жыл бұрын
2:05 what is protected subnet its not clear, we can have VM on internal subnet right? then whats the point of protected subnet? 172.16.137.0/24 is protected subnet what will be default gateway for VM under this? how traffic from outside world reach protected subnet? can anyone please mention the concept of protected subnet, when I deployed FGT in azure as a single VM i had only external and internal subnet , VM's on internal subnet and Route table for internal subnet to go out.
@hello_i_am_rogue3 жыл бұрын
How does this handle IPsec tunnels, would they failover?
@ee071683 жыл бұрын
In front of fortigate there is Ext LB which is sending a Health probe. Only active firewall always send a probe response.
@patrickverora2 жыл бұрын
We have deployed Active passive using loadbalancer but when failover occur ip address of firewall don't switch and now VIP as well as static routes are getting sync . We are not able to access SSL VPN and IpSec tunnel due to this . Anyone has deployed it
@Rahimbhamani4 жыл бұрын
Please also share how UDR will be configured so that all the internet based traffic route towards Fortinet firewall. Also test HA. Secondly, if we want fortinet firewall as a gateway to both internal subnet
@ee071684 жыл бұрын
Hi thanks for the your acknowledgement i will share new video for fortigate api deployment and i will show the UDR as well
@ee071684 жыл бұрын
For UDR please watch this video as well it will help you kzbin.info/www/bejne/Zn_Pmn6Lp7yUr6c
@muhammadattaullah62363 жыл бұрын
@@ee07168 Dear Sajid I tried to send you an email to your mention Yahoo account but it's not working can you please send me an email on atta_fsd@hotmail.com, I want to talk with you.
@muhammadattaullah62363 жыл бұрын
Dear Sajid, Can you please take a look and let me know if possible for you. Thanks.
@Brahman000073 жыл бұрын
how to get license? plz guide. license for training purpose.
@sufyanahmed7054 жыл бұрын
i am looking for a video related to azure firewall, can you kindly explain that as well
@ee071684 жыл бұрын
will try to add IA
@dancorain48603 жыл бұрын
How can I make a VPN connection using the Public Load Balancers? Azure LB doesn't support ESP packets.
@ee071683 жыл бұрын
if your remote devices NAT traversal you can use it :)
@dancorain48603 жыл бұрын
@@ee07168 thank you so much . You were right . But also DSR needs to be enabled on the public AZ LB side . Thanks
@ee071683 жыл бұрын
@@dancorain4860 welcome Dear Dan
@zaid86273 жыл бұрын
i deployed standalone fortigate on azure everthing was fine i could login to fortigate gave BYOL license, did some setting on firewall and under interfaces wan side interface was set as dhcp i changed it to static and lost connectivity for both GUI and CLI is there a way i could change back from azure portal and get back the connectivity?
@ee071683 жыл бұрын
in azure there is an option serial connect connect through it