FortiGate v7.2 IPSEC Basic Configuration & Troubleshooting
Рет қаралды 16,983
Күн бұрын👊Thanks for taking time to watch my video. If you could, pressing LIKE and SUBSCRIBING helps with KZbin's algorithm so that more people can discover my videos. Feel free to leave a comment for any other topics you would like to see me cover or what your general opinion is of the video.
This video will be looking at how to configure IPSEC tunnels on a FortiGate firewall using v7.2, we will talk about tunnel templates and configuring a custom tunnel. Phase 1 & Phase 2 configuration, required firewall policies and routing to make a tunnel work. Then we will also be looking at how to troubleshoot IPSEC tunnel issues. Hope you enjoy!
Timestamps:
📕00:00 - Introduction
📕01:03 - Topology Overview
📕02:27 - IPSEC Configuration
📕19:56 - IPSEC Troubleshooting
Support the Channel:
⭐Become a Patreon: / thenetworkberg
⭐Become a KZbin Member: / @thenetworkberg
Social Media:
🌏 / thenetworkberg
🌏 / bergnetwork
🌏 / the-network-berg-39451...
MTCRE Playlist:
• Free MTCRE RoSv6
MTCNA Playlist:
• Free MTCNA RoSv6
Airport Lounge - Disco Ultralounge by Kevin MacLeod is licensed under a Creative Commons Attribution 4.0 license. creativecommons.org/licenses/...
Source: incompetech.com/music/royalty-...
Artist: incompetech.com/
Thanks again for watching
@TheNetworkBerg Жыл бұрын
FortiGate IPSEC Docs: docs.fortinet.com/document/fortigate/7.2.0/administration-guide/520377/ipsec-vpns
@user-jr3io1qw4p 4 ай бұрын
THANK YOU! I spent 5 hours troubleshooting a site-to-site VPN between two Fortigates and had almost given up. The Phase 1 would come up but Phase 2 would not. I paused your video at the 9 minute mark when you suggested using IKE v2. My tunnel was on IKE v1 but I never considered this in my troubleshooting because I thought it was a Phase 1 setting. I switched the IKE version and everything came up! Now to watch the rest of your video :)
@TheJinuk 3 ай бұрын
Thank you...Very Informative!! Looking forward to watch more of your videos.. :)
@DG-if3gs 2 ай бұрын
Thanks mate. I have watched a couple videos and your explanation is better.
@catlmarc9618 Жыл бұрын
Great video as always
@conorpodonoghue 4 ай бұрын
Many thanks - excellent video. 👏
@byronpretorius1042 8 ай бұрын
Your amazing thank you for this!!!
@reanitkhmer3325 Жыл бұрын
Thanks
@Alex-un5tl Жыл бұрын
great video, thank you! can you please create one with setting ipsec tunnel between a FortiGate and mikrotik? thanks
@goveaernesto Жыл бұрын
Can you please upload about the security basic configuration for fortinet devices? Something like the policy that all the router at least should be use. Thanks a lot for all your videos
@user-gf6jn5ny1t 10 ай бұрын
thank you so much for helping, could you pleases show us how to config IPsec tunnel between cisco ASA and the FortiGate ,
@geoDunkleAura Жыл бұрын
Hiho, nice video, sad is Fortigate out of my budget. But you know what could be a "fun" video when you have this nice Lab anyways? Push OSPF to a different area over the IPSEC tunnel just because you can and it's fun. :D
@tchvakishore1 4 ай бұрын
Good Stuff.. pls let me know which open source software you used for network diagram..?
@bobbygopal341 4 ай бұрын
what is meaning of minus one in command "diagnose debug app ike -1"
@sohaiblodhi Жыл бұрын
Tell me as a professional what we should use fortigate for? I am a person who likes to do everything with mikrotik and I don't like UTMs. I want to know your opinion on this.
@TheNetworkBerg Жыл бұрын
Hi Sohaib, from a professional stance FortiGate allows you to integrate firewall policy rules with user groups, besides being able to do stuff like UTM. You also have added security of MFA when it comes to accessing the network via a VPN. What makes FortiGate also very useful is the fact that you can create VDOMs and VRFs within VDOMs. In a nutshell a VDOM is just another instance of of the firewall so you can think of it as a virtual firewall running inside your actual firewall. This allows for great expansion especially in the ISP space where you may not want all policies to reside on a single plane. Last thing that makes it VERY good is true SD-WAN functionality when used with a FortiManager product as you can orchestrate SD-WAN configurations and policies from a single point separating the management plane from a single device. Which is a lot more scalable than traditional networking. MikroTik is an AWESOME router, but it does not do these functions a FortiGate firewall can do. I will still prefer using a MikroTik as my actual router though :) And if it comes to firewalling and SD-WAN then I will prefer putting down a FortiGate.
@sohaiblodhi Жыл бұрын
It really pisses me off when I see a workstation is blocked by fortigate when an important conference call is going on.
@user-gf6jn5ny1t 9 ай бұрын
Is it even possible to add in the local LAN a single host subnet /32 rather than the whole subnet ?
@TheNetworkBerg 9 ай бұрын
Yes it is possible to just setup encryption and routing for a single host as /32. You can also use natted addresses if that is some security requirement for your company. Usually done in instances with a subnet is potentially shared on both ends.
@anonymoususer6786 9 ай бұрын
Very poorly done. Never enable bar traversal across private networks.
ToThePoint Fortinet
Рет қаралды 33 М.
Alex Pavlock
Рет қаралды 4,3 М.
Rakshit Vidyarthi
Рет қаралды 6 М.
TechNet Guide
Рет қаралды 561
Skilled Inspirational Academy(www.sianets.com)
Рет қаралды 9 М.