How to configure VPN site to site Fortigate with Mikrotik router

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone welcome back to my video so in  this video we will learn together how to   configure on mikrotik router with a fortigate firewall we do the site to site vpn configuration   okay for example you have a mikrotik site here and then you have many   vlan network in magnetic side and this side also  you have a for the get 5 volt actually this is the   tp-link router but in our lab we will do the  ford get five volt and this is a i just uh take   example uh for the get we have for the get five  wall we have microtech data and then we do the   side to side vpn configuration and this  side and the microtech site can communicate   with each other and then we can exchange the  results and exchange the data with both sides   okay so if you are new here watching my  video please subscribe to my channel and   if you like my video please give the thumbs  up and comment below if you have any question   okay so you already watched my previous video  that side to side with unconfiguration between   for the get and cisco for the get n40 get  cisco router with cisco router so today we will   configure the microtech router with  fordigate fiverr okay so let's go to the   lab together and we will see the step-by-step  configuration okay everyone this is our genes3   i already prepared this topology  in order to save our time so   as you can see this side the for the  get side we have a three vlan we land   40 50 and 60 and this is the ip  address for those vlan we have a   call switch and then this is our access  suite for our client here for each vlan   for microsite also we have three vlan we land at  10 20 30 we have one call switch and then we have   a two access switch in this lab and to share  the vlan for each client here yeah i have this   client vlan 1020 30 and this is also vlan  10. okay so this is our topology we have a   microtech site for the get site and this is our  when ip address for microtech and this is our   ip address for when for the get and this is our  isp gateway actually it is my wi-fi router okay so   we will configure the vpn tunnel side to  side between for the get and migrate so   let's start with our for the get side first  okay so we for the first time we log in admin   no password enter and then new  password admin confirm admin okay   okay so now we configure the  van pod in order to access   our for the get firewall using web browser so you  will configure through a web interface yeah okay   if you are an expert you can configure through  command line but for me i'm not an expert i prefer   user interface so it is easy to configure and  manage okay so config system interface it did   port number one okay uh okay everyone about  when part is part number one let me show okay okay so part number one we set those parts to static okay okay so now we have part  one ip address 192.168.1.2 slash 24 and we set the a low access ping http so  now we can uh uh log in our microtech uh sorry log   in our ford get five while using web browser let's  end this one and then we go to our web browser okay uh 1.2 okay okay now username admin password admin okay okay so here our interface of for the get  firewall you can see some information the the serial number from where and everything so this one also have some mistake  here the high memory you say but   uh please ignore it because uh actually  we use the trio version that's why uh   uh no problem for this one okay as you can see my  my trail version it will expire on 14 of i guess   okay anyway so we just ignore it and we go  straight to our lab okay we want to configure 3b   land here in our for the get site so we land 40 50  60. i will do it fast because uh i think everyone   understand and know already with my previous  video for vlan configuration so i will go it fast okay okay so okay now we have a line particularly as uh you can  see here i get this for our vlan this is the dsp   yes okay i will create one so i will okay hello okay now then for the firewall policy to access  the internet for our client and we go back to this topology we continue to our course which we   need to create the vlan for our suite  here coursework access switch and then and then our client can  access to the internet okay so start from our core switch here okay car number two okay now we have our lamp we have transport okay so for the cost switch we create transport and three  we land here now we continue to switch a okay okay we have a million portivity okay we are in design we land 4050   so we continue to switch me okay our pawn okay correct so for this side  we already configured for the get five wall   call switch and access switch  here so we try to test our client   to get the ip address from forty get five  wall for hp land and we try to print test together with our client okay so pc5 here we land 50 uh  sorry if we land 40 ipd dhcp okay now we can get ip address we go to pc6 okay let's try ping vlan 40 okay can this one pc eh you can get ip ip dhcp okay let's try pinkvillain40 can ping so let's try ping to google okay also we can so we've done our  configuration for for the getside we go to our   migrating site so we start from our  magnetic router the first time log in   username admin password no  password okay okay new password we put admin confirm admin okay okay so  now we go to our micro update and then we want to assign this ip address to   port internet ethernet one for our van  pawn so we go to ip address and then add and two one six six one four twenty four the first is okay so now we have the ip address  this is the dhcp ip that ford get   get from my wifi router anyway we don't want to  use this one we use our ip here okay so now we   assign this ip to microtech router  we go to our win box and connect   our microtech router using wind block  ip4 login as admin okay connect okay okay same thing for microtech router we  have a 3v lan so is a net 2 is our transport so now we go to our interface here okay our interface here uh  i want to eat some this one we can say when and this one land okay okay so we go to vlan  and then we create our vlan we land 10 we land at e10 okay on lan apply okay then 20. billion id 20 on interface is net 2 okay you can add valencia t set t on interface okay so now we have uh our vlan and then  we go back to create our address here   okay so our address this one we can remove we  create our ip address for hvlan we lent him okay copy and then this one it will we will 10 okay 20 20. okay now we have our ip address for  our vlan network we land 10 20 30 so we configured the acp for our client here  okay we got ip and then the hp server   okay everyone i go it fast  because you can watch my video   for my router vlan configuration okay so we  want to configure the hp server for vlan 10 okay we lend 20 okay vlan 30. okay okay and then we go to route we  add the full route our gateway okay okay so now we already have  a ip address for hp lan we have we learned here we have a ip address  here for hplan and then we have the acp server   for each vlan okay so we we continue to our car switch here okay okay i will cut switch here same thing i will okay we have we land 10 20 30   our part configure strength part okay so finish for our car switch we go to our  access suite tool here okay accessory two   okay correct so we finished for this switch to  continue to this switch switch one okay switch one this one would be valencia okay okay now we have a transport vlan  city and vlan 10 correct so we   try to test with our client here pc1 ip dhcp okay vlan 10 correct so we test with vlan 20. okay also correct and we try to ping vlan 10 off oh okay we cannot ping so why we cannot ping because because because what we'll antenna campaign okay oh all right okay 10 20. then 10 20 set t okay we try again okay okay now camping okay so sweet   this is we tried to wear the fireball villain  10 okay we add one more we land vlan 20.   pc2 pc1 try to ping okay so now can ping ping work like n okay okay can so  now we go to pc3 client and try to request ip from microtech router okay ping vlan 10 okay ping vlan 20 okay pc4 okay okay our client can communicate with each other so let's try to bring to google okay so we cannot access to  the internet because we go back to our for the get and then we need to configure   the firewall here and then we go to net okay  so we add one rule source net okay action   you choose masquerade okay apply okay this rule it  will allow the client to access to the internet so   we go back our client okay now can also  pc3 we try to print to google okay now can okay everyone so this is just the basic  step for vlan configuration for each   side for the gate size and  magnetic side so now we continue to our configuration on vpn okay so  we go back to our for the get and log in again admin admin okay so we go to vpn ip62 now creator now i will say for the get to my growth okay next remote ip address 192.168.1.4 okay please say okay one two three four five six okay look call interface it will be  our local lan the consump net we have three local subnet  for the for the guest side okay this one 50 this one 16 remote subnet 10 20 and then 30 okay so create okay so now we have our uh our tunnel here side to  side vpn here we go to it   in order to it did some [ __ ] thing we convert  it to custom tunnel okay so it is custom tunnel i want to it needs some thing okay okay okay so md5 okay the car okay i'm defined this one auto negotiate okay so after we create this our forget  firewall will automatically create the the routing here yes as you can see it  will uh automatically add a routing here   and then for the firewall yes this one also automatically in the firewall policy here  yes and the address you also can see some   address here okay so just uh want to let you know  that uh the wizard configuration default for get   five wall will automatically create all this  for us so you no need to create manually okay   so our vpn from for the get  is like this so we go to our we go to our microtech okay you go to ip and then ip6 okay ip6 you will configure the vpn here ip6 so you  go to okay this is our default default default so you can add your profile for example let's say   profile here okay profile here  i i say uh for the get okay so for the get i uh this one we go  back we check our forget here we use   the s md5 okay the smd phi so this one it will be des d e s m d phi okay des md5 mode 14 and 5 actually we can use  only one okay you can use on only one so the   the group here uh this one it will match  with the 40k firewall group fine okay okay so now we create our  profile here we continue to create our peer so we can say peer one and  then our our address is our forget firewall   and this from for the get 5 wall to  the micro tape so this one it will be okay and then profile here use like this  one that we just created at the moment   okay we have here and this is the default group okay proposal proposal this is the default  proposal also you can create your own proposal   as well okay for example it just right here our  proposal this is d e s cell one okay so one d e s   so this one will not use okay and  the group here will not use group 14 we use group 5 okay fine here okay so now we have our proposal i'll appear our profile and then we need to create our identifier this is the password  one two three four five six okay okay so apply okay okay so we have three network p1 to now our microtech is this is from our sauce to our destination 40 okay our sauce to our destination 50 our sauce to our destination 60 okay our sauce from vlan 20 to our  destination we have three we land okay so you add all the vlan okay we have vlan 16 and then the last one will answer to okay so now we have uh create our policy here for h vlan so  now it will send the mistake like this so we can check our hair   now it will uh respond our vpn so let's go  to our 40 get and try to check not yet up we try to ping this one pc3 okay pc3 from vlan 30 to let's say we land 40 ping we still cannot ping so let's go back okay no face to no face tool okay so let's let's check okay everyone so one more step one more step we need  to allow the five volt as well so okay   now we go back okay our source  here we start from vlan 10 again to destination elen 40 okay oh sorry x up here okay we add one more destination we land 50 except okay apply from vlan 20 okay okay so now we already allow  the firewall fiber rule here okay so so we go back to our vpn still not yet it should be up let me check we go to okay this one we just okay okay okay so let's try to delete this one this one before okay so i want to delete okay so i choose default md5 ds okay apply okay so one the s okay why okay so i want to reboot okay i want to reboot my router everyone so okay so let me try okay so now we go back okay everyone now we can see that our our vpn is established okay everyone so what we have done is uh correct  our vpn is up as you can see so   let's try to print this from our client here pc4  okay pc4 pc for this pc vlan 10 we try to ping to okay we land 50 here we land  50 okay okay we can ping we try to ping vlan 6t also we can ping we try to think we land 40 also  we can pin so let's go back to our   pc file pc5 here pc5 pc 5v14  okay so let's try to ping vlan 10 okay we can ping vlan 10 here let's try to pin we land 20. okay we learn city okay everyone so now our vpn is up   at the moment that we cannot see  this one established it means that it means that   we need to restart our microtech router in order  to refresh everything okay also we can see our tunnel is up here we try from pch vlan 50 ping 2 vlan 10 ok ping 2 we land 20 okay so this is all our configuration for  vpn side to side between for the get 51 and   microtech router we have three  different vlan here so i think this is   all for our lab today if you  have any other question please   comment below in my video thank you for  watching and i see you with my next video okay
Info
Channel: TAN Kirivann
Views: 7,964
Rating: undefined out of 5
Keywords: Tan Kirivann, fortinet, fortigate, fortinet firewall, fortiget site to site vpn, fortigate vpn site to site mikrotik, How to configure vpn site to site fortigate with Mikrotik, Mikrotik router, mikrotik router vlan configuration, how to create sub interface mikrotik router, how to configure router on a stick, inter vlan mikrotik, GNS3, how to configure DHCP Server for vlan, routing, Networking, ccna, cisco, gns3 vm, interface vlan routing, switching, mikrotik, ipsec vpn, vpn tunel
Id: 3GCR-ni-qEA
Channel Id: undefined
Length: 56min 28sec (3388 seconds)
Published: Sun Aug 14 2022
Related Videos
how to configure wan load balancing in mikrotik
TAN Kirivann
2K
How to configure VPN site to site on Fortigate
TAN Kirivann
26K
Mastering VLAN Configuration on MikroTik, Step-by-Step Guide
The Network Berg
47K
☁️Easy IPSEC Site-To-Site VPN Guide, MikroTik ROSv7☁️
The Network Berg
63K
Mikrotik Router VLAN Configuration step by step
TAN Kirivann
563
Fortigate Firewall Integrate with CISCO Switch
TAN Kirivann
33K
FortiGate MikroTik IPsec site to site VPN configuration - Step by step.
Getlabsdone
483
NEW to UNIFI VLANs?? START HERE!!!
Ethernet Blueprint
48K
ospf configuration step by step
TAN Kirivann
2.6K
fortigate security profiles
TAN Kirivann
705
Mikrotik Router VLAN configuration with Cisco Switch
TAN Kirivann
11K
Connect Cisco Router and Switch to ISP Home Router and Access Internet
Cisco Config
278K
How to configure GNS3 access to Internet
TAN Kirivann
20K
site-to-site IPsec VPN Tunnel between Fortigate and Mikrotik .
Mirhosein Garakouei
11K
How to Configure IPsec VPN Remote Access on FortiGate Firewall FortiOS 7
IgoroTech Official
78K
zabbix server add host
TAN Kirivann
981
Fortigate Firewall Traffic shaping configuration
TAN Kirivann
16K
mikrotik firewall rules best practices
TAN Kirivann
4.5K
How-to Design and Configure a Home or Small Office Network
PE4Doers
254K
Full Fortinet Setup & Walkthrough **For Beginners** | SD-WAN | VLAN | Wi-Fi | Testing & More
Keith Barker - The OG of IT
66K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.