Great explanation, so glad you use very specific details especially the external fortigate ip address and how to setup forti since this is exactly my scenario!!! The added virtual machine for testing was a huge bonus also. I can't thank you enough...
Great explanations about Site to Site VPN from On-premises to Azure. Thank you. one question why did you disable the NAT of On-prem firewall while creating the policy.
You will disable the NAT because you wish to keep the source IP of the traffic the exact same as the originating host. you do not want to change the source ip to that of the WAN interface, which is what will happen if you leave NAT enabled on the outbound firewall rule.
Amazing Video series my brother. I hope you have removed the S2S tunnel , the key is visible when you copy it from Azure VPN gateway to your fortigate appliance. Also, you should have ideally added the on prem DNS servers to the Azure VNET and rebooted your VM (Domain Controller) in Azure. It is not recommended to edit the network interface on Azure VMs. Just an advise , like i said i am following your playlist and it is super awesome !!
Excellent Video. Great job Niyas. I am looking for a use case with VPN Gateway + Az firewall rules config with On prem network. Do you have such scenario covered?
Could you please explain if we have scope of requirement as multiple VMs under different v-net group but need to allow under existing VPN tunnel to on premises ?
This helped me a lot. Can you tell me how to add VPN Its (example: a host outside on premise build connected to VPN to company onpremise, can't ping azure VM.) It seems a host connected to company VPN receives a different IP addresses range and this is been visible to azure VM. Thanks!
can you please tell, if one of the company users needs to manage on-prem server while in public network. How to connect that user to on-prem while authenticating by secondary domain in azure.????
when we create a secondary Domain Controller as shown , is there a recommended machine spec for this purpose , how do we ensure HA of this instance , is there a way to create AMI or something so we can automate and do this Confifuration once
HA can be achieved by choosing redundancy for zones or regions based upon the level of SLA you need. Otherwise as in onprem you can use multiple Number of dc. For windows server with dc , refer market place
PLEASE create zones on Fortigate and place interfaces within those zones then create zone to zone policies!!! Such bad practice doing interface to interface policies
Salam bhai, What should I do if I don't have a fortigate firewall network. Actually I am new and try to learn Azure. It'll be appreciated, if you can help me out. Thanks & waiting for your prompt reply.
Good afternoon, how are you ? I followed your video and the connection was successful, however, externally the ping responds to the azure network, when I ping from the fortigate console to the azure the network does not respond. Could you tell me why?
This has helped me setup azure connection to n-Prem, its working fine but i am not able to ping my vms from local network if i am try to ping from azure to local also not pinging vpn is connect and live only. do you have any trouble shoot ides it will grateful to me
It depends what you do in cloud, some applications need azure ad for director services....if your application require traditional AD only...then you can use it
Thanks man. Finally someone that shows every single detail I need to know.
Great explanation, so glad you use very specific details especially the external fortigate ip address and how to setup forti since this is exactly my scenario!!! The added virtual machine for testing was a huge bonus also. I can't thank you enough...
Thank you man.
Niyaz is an excellent trainer with lots of experience in many domain, thanks for sharing these videos help us to build the block
The content shows he knows what he is talking about ,highly recommended starting point .Great job
Thank you for your feedback
This has helped me setup our Azure connection to On-Prem. Highly recommended!
Great explanation niyas. Really I exited with this tutorial.🤙
Thanks man! Awesome walkthrough!
Great explanations about Site to Site VPN from On-premises to Azure. Thank you. one question why did you disable the NAT of On-prem firewall while creating the policy.
You will disable the NAT because you wish to keep the source IP of the traffic the exact same as the originating host. you do not want to change the source ip to that of the WAN interface, which is what will happen if you leave NAT enabled on the outbound firewall rule.
Excellent video. Thanks millions. Save my time. Really really helpful This is totally for me. Great work. Keep it up. :)
Thanks for your explanation! Great! In Fortigate's documentation, they don't explain the customization, phase and encryption steps! Thanks a lot!
6.49k congrats, keep it up
I was tasked to do this after a ransomware hit a client and we are rebuilding. Thanks enormeously for this, sir. I will subscribe.-
Amazing Video series my brother. I hope you have removed the S2S tunnel , the key is visible when you copy it from Azure VPN gateway to your fortigate appliance. Also, you should have ideally added the on prem DNS servers to the Azure VNET and rebooted your VM (Domain Controller) in Azure. It is not recommended to edit the network interface on Azure VMs. Just an advise , like i said i am following your playlist and it is super awesome !!
excellent video... i have now got a basic idea of how the s2s vpn works. thankyou!!
Great to hear!
Excellent Video. Great job Niyas. I am looking for a use case with VPN Gateway + Az firewall rules config with On prem network. Do you have such scenario covered?
Great explanation & I have executed the same
Could you please explain if we have scope of requirement as multiple VMs under different v-net group but need to allow under existing VPN tunnel to on premises ?
Good Video crystal and clear..,
If possible can you make a video on common issue will face while doing migrations and troubleshooting steps
This helped me a lot. Can you tell me how to add VPN Its (example: a host outside on premise build connected to VPN to company onpremise, can't ping azure VM.) It seems a host connected to company VPN receives a different IP addresses range and this is been visible to azure VM. Thanks!
Thanks for the detailed video, really helped me out !
Glad to hear it!
hi i have try same setup with same firewall but my PC not pinging .... can u help please
Can we still install and use ADDS service on the windows server when the server is a VM on Azure?
Good video great trainer
Greate explanation, Thank you!
can you please tell, if one of the company users needs to manage on-prem server while in public network. How to connect that user to on-prem while authenticating by secondary domain in azure.????
Awesome lesson Big Up
when we create a secondary Domain Controller as shown , is there a recommended machine spec for this purpose , how do we ensure HA of this instance , is there a way to create AMI or something so we can automate and do this Confifuration once
HA can be achieved by choosing redundancy for zones or regions based upon the level of SLA you need. Otherwise as in onprem you can use multiple Number of dc. For windows server with dc , refer market place
Superb video 👍👍👌
PLEASE create zones on Fortigate and place interfaces within those zones then create zone to zone policies!!! Such bad practice doing interface to interface policies
Salam bhai,
What should I do if I don't have a fortigate firewall network. Actually I am new and try to learn Azure. It'll be appreciated, if you can help me out. Thanks & waiting for your prompt reply.
you can create virtual pfsense router and config the VPN connection from this point.
Good afternoon, how are you ?
I followed your video and the connection was successful, however, externally the ping responds to the azure network, when I ping from the fortigate console to the azure the network does not respond. Could you tell me why?
Hi friend, I'm having the same problem. did you get a solution?
Outstanding!
Great tutorial. Thank you
This has helped me setup azure connection to n-Prem, its working fine but i am not able to ping my vms from local network if i am try to ping from azure to local also not pinging vpn is connect and live only. do you have any trouble shoot ides it will grateful to me
Hi friend, I'm having the same problem. did you get a solution?
What if i have multiple vlans on prem? What do fill in as on prem subnet?
hey,,,, version of fortigate?
Great explanations
If you use this solution can you retain the ip address of the on premise vm after migration in azure?
No, IP should be different if you are connected between onprem and cloud
Can we use nornal AD in azure ,Dont we require azure AAD ?
It depends what you do in cloud, some applications need azure ad for director services....if your application require traditional AD only...then you can use it
Awesome!
Thank you very much..
TKS!
The best
Video is very blurry
it dosent works , not coretly confgured