- 39
- 814 792
ToThePoint Fortinet
Приєднався 22 січ 2022
Common FortiSwitch Topologies: Ring and MCLAG
In this video we will cover two common FortiSwitch topologies when managed by FortiGate firewall.
0:00 Topology #1 - Ring Topology
1:55 Topology #2 - MCLAG
4:54 Considerations
6:13 Topology #1 Configuration + testing
11:39 Topology #2 Configuration + testing
0:00 Topology #1 - Ring Topology
1:55 Topology #2 - MCLAG
4:54 Considerations
6:13 Topology #1 Configuration + testing
11:39 Topology #2 Configuration + testing
Переглядів: 14 694
Відео
Fortinet Video Surveillance - FortiCamera, FortiRecorder
Переглядів 2,5 тис.Рік тому
In this video we cover: - 3 different network configurations for FortiCameras: 1) FortiCameras on same network as FortiRecorder(wired) 2) FortiCameras on different network than FortiRecorder(wired) 3) FortiCameras connected to WiFi - FortiRecorder NVR setup - How to view video feeds in FortiCentral 0:00 Overview 0:15 Initial VM Configuration/Licensing 1:28 Third Party Cameras (ONVIF) 1:40 Add r...
2FA with FortiToken 400(FIDO) and FortiAuthenticator SAML IdP
Переглядів 6 тис.Рік тому
We will cover 2FA with FortiToken 400 using FortiAuthenticator as a SAML IdP and FortiGate firewalls as SP's. 0:00 Overview 0:37 FortiToken 400 (FIDO) 2:47 FortiAuthenticator SAML Configuration 5:15 Self Service Portal FIDO Key 9:48 Results: FortiToken 400 with SAML authentication 10:28 Another test scenario with FortiClient SSL VPN
FortiGate Firewall Initial Config(QuickStart)
Переглядів 9 тис.Рік тому
Fortinet - FortiGate quickstart guide which covers basic configuration Firmware version 7.0.9 used for this video 0:00 Accessing FortiGate 0:45 Network Configuration 2:56 Firewall Policy 4:02 Registration
FortiAuthenticator as a SAML IdP
Переглядів 8 тис.Рік тому
This video covers an introduction to SAML and how to configure a FortiAuthenticator as an IdP and FortiGate as SP's SP entity ID field for FortiGate admin GUI: x.x.x.x/metadata/ SP Login URL for FortiGate admin GUI x.x.x.x/saml/?acs SP Logout URL for FortiGate admin GUI x.x.x.x/saml/?sls 0:00 - SAML Overview 2:52 - FortiGates as SP, and SAML Flow 5:16 - Topology 5:53 - FortiAuthenticator iDP Co...
Auto VLAN and QoS for VOIP Phones (FortiSwitch managed by FortiGate)
Переглядів 10 тис.2 роки тому
In this video we cover VLAN assignment and QoS using LLDP-MED enabled phones and FortiSwitch github link: github.com/ttpfortinet/Configurations/blob/0fd47326fc7d957f5fd58438ff7a3803081248a2/FortiSwitch auto VLAN and QoS for VOIP Phones.txt Firmware used in this video: - FortiGate 7.0.6 - FortiSwitch 7.0.5 - FortiFone 3.0 build 234 0:00 Overview 2:38 Interface DHCP Option 66 Configuration 3:23 F...
FortiGate/FortiSwitch 802.1x port authentication (and MAB) with Windows RADIUS
Переглядів 15 тис.2 роки тому
We cover two 802.1x scenarios with Windows Server NPS: 1) 802.1x authentication with user/password authentication 2) 802.1x Mac Authentication Bypass (MAB) 0:00 Overview 1:27 FortiGate RADIUS Client Configuration Testing 2:07 FortiSwitch to RADIUS Server firewall policy 3:28 RADIUS Policy Configuration Testing 4:33 802.1X Policy Configuration 6:03 Switchport Diagnostics 6:47 Win7 client/supplic...
NAC Control with FortiGate + FortiSwitch
Переглядів 10 тис.2 роки тому
Basic NAC (Network Access Control) with FortiGate FortiSwitch. 0:00 Example1: NAC based on MAC Address 3:35 Example2: NAC based on Operating System
Manage FortiSwitch with FortiGate, FortiOS 7.0
Переглядів 31 тис.2 роки тому
We will cover how to manage a FortiSwitch via the FortiGate - currently (as of 7.0 firmware) Some commands used in the video: exec switch-controller get-conn-status exec switch-controller get-sync-status all diagnose switch-controller switch-info ? diagnose switch-controller switch-info port-stats diagnose switch-controller switch-info mac-table exec switch-controller get-physical-conn dot diag...
Fortinet Automation: High CPU + Quarantine Example
Переглядів 3,1 тис.2 роки тому
How to use automation stitches and if/then (or Trigger/Action) logic to automate responses/alerts. Two example use cases are: 1) High CPU Email Alert 2) MAC quarantine based on Virus detection MAC Quarantine CLI Action config user quarantine config targets edit "mac_quarantine" config macs edit %%log.epmac%% end end end 0:00 Overview of FortiGate Automation 2:10 Example1: FortiGate High CPU 4:0...
FortiGate: Reset Administrator Password
Переглядів 33 тис.2 роки тому
How to Reset the FortiGate Administrator password if it has been lost/forgotten. Console access is required, I'm using the following two cables to obtain this access: 1) USB to Serial Adapter 2) R232 to Ethernet cable
FortiGate: 5 Tips That You (Probably!) Didn't Know
Переглядів 11 тис.2 роки тому
0:04: #1 Multiple Interface Policies 0:41: #2 Policy Lookup 1:33: #3 GUI to CLI Commands 2:30: #4 References/Dependencies 3:33: #5 Searching via the CLI
EVE-NG and FortiGate Installation
Переглядів 13 тис.2 роки тому
We cover BOTH eve-ng and FortiGate installation so you can create a quick lab environment for testing/troubleshooting FortiGate's 0:00 Overview 0:10 Evaluation FortiGate VM's 1:04 Download Install EVE-NG 3:40 Download Install FortiGate
Windows Login with 2FA - FortiAuthenticator
Переглядів 12 тис.2 роки тому
In this video, we go over how to configure FortiAuthenticator Windows Agent with FortiAuthenticator to enable 2FA on a Windows login prompt 0:00 FAC Agent Install/Initial Config/Testing 3:14 Simulation/Testing 5:45 Exempt users/Testing 7:42 Change Title Image 8:52 Default Domain 9:05 Login Prompt Testing 9:57 Disable Built-In Password Providers
FortiGate: Configure IPSec with FortiClient using Certificate authentication/local CA
Переглядів 10 тис.2 роки тому
Configure IPSec with FortiClient using Certificate authentication/local CA 0:00 Overview 1:08 2 Implementation Comparisons 1:28 Implementation #1 - Certificate creation 3:12 Implementation #1 - FortiGate Configuration 7:32 Implementation #1 - FortiClient Configuration/Testing 9:17 Implementation #1 - Explanation of Certificate Placement/Testing 11:31 Implementation #2 - Certificate creation 12:...
FortiAnalyzer Initial Configuration/Usage
Переглядів 12 тис.2 роки тому
FortiAnalyzer Initial Configuration/Usage
FortiGate: Factory Reset (CLI and Pinhole Method)
Переглядів 174 тис.2 роки тому
FortiGate: Factory Reset (CLI and Pinhole Method)
FortiGate Troubleshooting - Debug Flow with Examples
Переглядів 11 тис.2 роки тому
FortiGate Troubleshooting - Debug Flow with Examples
Fortinet: FSSO with TSAgent, FortiGate, FortiAuthenticator
Переглядів 3,5 тис.2 роки тому
Fortinet: FSSO with TSAgent, FortiGate, FortiAuthenticator
Fortinet: FSSO with DCAgent, FortiGate, FortiAuthenticator
Переглядів 12 тис.2 роки тому
Fortinet: FSSO with DCAgent, FortiGate, FortiAuthenticator
Fortinet: Upgrading and Downgrading FortiGate Firmware
Переглядів 13 тис.2 роки тому
Fortinet: Upgrading and Downgrading FortiGate Firmware
Fortinet: Configuring HA on FortiGate firewalls
Переглядів 35 тис.2 роки тому
Fortinet: Configuring HA on FortiGate firewalls
Fortinet: Packet Capture on FortiGate firewall - 8 Examples
Переглядів 8 тис.2 роки тому
Fortinet: Packet Capture on FortiGate firewall - 8 Examples
Remote Worker FortiAP (Wireless Controller)
Переглядів 4,6 тис.2 роки тому
Remote Worker FortiAP (Wireless Controller)
Manage FortiAP with FortiGate (Wireless Controller)
Переглядів 34 тис.2 роки тому
Manage FortiAP with FortiGate (Wireless Controller)
FortiGate: Inbound Deep Inspection/TLS Offloading
Переглядів 8 тис.2 роки тому
FortiGate: Inbound Deep Inspection/TLS Offloading
Deep Inspection on FortiGate firewall with 5 Examples
Переглядів 23 тис.2 роки тому
Deep Inspection on FortiGate firewall with 5 Examples
Fortinet: Hairpin NAT (or NAT loopback) with FortiGate
Переглядів 14 тис.2 роки тому
Fortinet: Hairpin NAT (or NAT loopback) with FortiGate
Fortinet: Port Forwarding(Virtual IP) with FortiGate firewall
Переглядів 30 тис.2 роки тому
Fortinet: Port Forwarding(Virtual IP) with FortiGate firewall
great tutorial, but what if I don't have a static ip, how do I configure ipsec site to site?
gracias mi wey
Hello, its possible to do a nac policie for voice and data trafic on same port ? same configuration on your videos but with nac policie ?
Thanks...
When you create a tunnel in Fortigate, do you have to explicitly create a firewall rule to say allow traffic (port 500, 4500) from remote gateway IP to your firewall's Public IP ?
No you do not need a rule for port 500 or 4500(this is traffic to/from the actual fortigate itself which is implicitly allowed by default via local in policy) . What is required is a firewall policy referencing the ipsec tunnel interface (if that's missing then fortigate won't establish a tunnel)
@@tothepointfortinet3823 tnx
It will help to solve S2S issues thank you
Thank you so very much. You just made my day :) PS: Whats your opinion on Forti-Stuff? The more I work with it, the more I despise it, besides the FortiGates
good job
Good 🎉
Thanks
very good explanation
I tried to run it here in the laboratory and it didn't work! How do I do and integrate this policy within AD with FSSO, in which I create a group ex: "youtube" and the user will only access the site if it is included in this youtube group, if I delete it he will lose access!! I've tried everything here and it doesn't work!
hey mate, thanks for this. Will it work if the top switches are 2x 148F and is connected to a 2x mc lag HA 1024E switch?
do you suggest the use of google and cloudflare DNS ?
Thank you for the video on point!! I did not know of the existence of Forti tester VM cool!
newbie to fortigate, this video resolved my site-to-site vpn issue
Good job
AP1's client can see AP2's client, could you please help?
Can this be pushed via GPO, so that hands on each device is not required?
can you create the video for the configuration between FortiEMS and FAC?
Hi @#ToThePoint Fortinet I noticed my onboarding VLAN has captive portal enabled by default for the VLAN, would that be necessary?
Whether it's necessary would probably depend on the security that the customer expects, and the access that the firewall policy is providing.
What happens in a scenario where you have multiple internet gateways in a sdwan
regarding which IP should you use for ftm-push server? I suppose you'd pick one IP from an interface that you're using in SDWAN, or you could try hostname (where you'd change hostname if one SDWAN link goes down, maybe a DNS based failover service could make it more automated)
love this
Tried on 60F, but after 1 minute status LED becomes solid. It doesn't blink, and pressing/holding the reset button doesn't do anything.
does fortinet log if files are deleted on network shares from a vpn session ?
Instructions method 2 not clear
plz how you get the ip public address in the port wan
thanks for sharing.
just great. thanks for sharing.
Tried this so many times and changed options, my tunnel always shows inactive
THANK YOU THANK YOU THANK YOU. I had everything correct - except setting the VIP as the destination. I had the VLAN set as the destination. Thank you!
Straight forward and time saving :) thumbs up!!
Hi is it possible to revert downgrade the HA Cluster on the method2?
Interesting video, well done ! Thanks
Gracias me fue muy util, tu informacion
thanks for sharing
Mine does not let me type my serial number 😢
Reset button doesnt work?
Good stuff.
Do we have to have a windows server to do do MFA with a Fortinet VPN?
mine turns down after 4 seconds
Hello, how do you backup and restore on different Fortigate types, for example from Fortigate 60D to Fortigate 61f.
can i use different /30 subnets in port1 and port3 of active & passive firewall? and if i configure eBGP neighbor using port1 and port3, then what attribute will differentiate routes published from active & passive firewalls?
Any benefit of using IPsec vs just SSL VPN?
Many Tanks, you save my ass :)
Very useful. Thanks mate!
Very well explained. Thank you!
Great job! it worked smoothly, could you do one for the SMS gateway (hopefully Free service LOL)
thank you, this video was super helpful
Great video, all the info a person would need and none you don't. Thanks so much! :)