Day 03 | Configure VLAN Sub-Interfaces in Fortigate Firewall | Fortigate Firewall for Beginners

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Hello friends welcome to my YouTube channel tech net guide friends in this video I am going to tell you how to configure sub interface villain in portuguet firewall so friends you can see this is my land Zone and this is my DMG down here okay so friends in dmj Dune we have a villain 10 and villain 20 villain 10 IP 172 16 10.0 170 to 16 20.0 okay so friends you can see uh for villain 10 our Gateway will be 10.1 and 20.1 so on Port 3 so you can see friends on Port 3 we will configure sub interface as a villain 10 and villain 20. okay so Port 3 villain 10 interface one so after configuration we will test our configuration and will initiate traffic from here to here okay for both villain let's start to configure it okay so friends you can see this is my interfaces here so we will configure sub interface on DMZ port 3 okay you can see port 3. so just double click here and now we have to remove IP from here okay just say remove IP and put it default IP like 10 node 0.0 .0.0 okay okay now click on OK now click on create new interface now here we will create like a DMZ vln 10 DMG billion 10 now LH will be DMZ 10 so now we you can we have to select here VLAN okay now interface will be Port 3 dmz43 okay now billion ID should be 10 year okay now we have to select role here role DMZ okay now we have to provide IP for Valentine well in 10 IPS 172 16. 10.1 4 okay now we can allow ping here now click on OK now we have created you can see we have created interface for villain 10 okay now we have to create interface for villain 20. interface DMG interface villain 20 okay and we have to select interface mj43 now billion ID will be 20 now select here role DMZ now we have to provide blend 20 IP address 172 16 .1 slash 24 okay now select ping no okay so friends in Port 3 we have created sub interface Valentine and villain 20. so you can see villain 10 and villain 20 here okay now we will create policy for both villain okay now go to policy and objects parallel policy so friend this policy for line to internet so no need to do anything here now we'll create for DMZ villain 10 okay so our Inland to DMZ DMZ will enter okay now incoming interface will be port to LAN outgoing interface will be DMG building 10 okay now source source will be your length 10 year length 10 this one okay and destination will be 10 okay will intend address okay standard 0 okay now we have to allow service all now no need to net now select ok now we have to create for villain 20 now we have to create policy for building 20 select here land to 2 billion 20 incoming interface Lan Port 2 outgoing dmz120 source is 10 destination will be our billion 20 address okay service all except no need to net now click on OK now friends we have configured here both policy now we can test our traffic here initiate trapping from just enable it and try to initiate traffic here ping first will ping 172.16.10.10 this IP okay now press enter so you can see able to Ping now check here just debug run debug here never debug IP icmp okay just debug it one will check here will verify here okay now just ping so you can see traffic is coming in outgoing okay now we will just run debug on this router enable debug IP icmp now will initiate review for villain 20 20 to 10 okay now ping so now you will see traffic is coming and are going from here okay now friends so friend let me show you we can block how to block this traffic from like uh land to DMZ villain 20 we can block this let me show you just select and deny apply and now let me check here so now now again try now now friends we have blocked now let's try tuping so you can see it's not able to Ping here okay so we can allow this traffic accept apply now you can see we are able to internet update ping or not ping 8.8.8 rotate so you can see we are able to Ping into that let's try to print the Gmail actually Gmail Dot let's try to Ping Google .com so not able to Ping Google because we don't have any DNS okay configuration here so configure ipname server now print we can configure DNS ipname server 182 168 1.1 okay now let's try to Ping here Gmail now let's try to Ping Gmail Google Now you can see we are able to Ping Google here okay so friends in this video we have seen how to configure sub interface VLAN in portuguet firewall and friends in next coming video we will see how to configure Knight in photograph okay so thanks for watching this video have a nice day

Info

Channel: TechNet Guide

Views: 8,342

Rating: undefined out of 5

Keywords: how to, technet guide, fortigate firewall, fortigate firewall tutorial, fortigate firewall for beginners, fortinet firewall full course, vlan configuration in fortigate firewall, create vlan in fortigate, sub interface configuration in fortigate, sub-interfaces, sub interface, fortigate vlan multiple interfaces, fortigate vlan configuration cli, fortigate 60e vlan configuration, how to create vlan in fortigate firewall, fortigate subinterface configuration

Id: 90LbOCiCZUQ

Channel Id: undefined

Length: 8min 42sec (522 seconds)

Published: Wed Dec 28 2022