Installing FortiGate & FortiWeb - Part I

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello everyone in this video I'm going to show you how to set up a follow-up lab using gns3 um my genius 3 is actually one of the one of the path most powerful tool I mean I've seen when it comes to uh simulator networking environment so we're going to be using um 40 Gates uh not enough for the web images so um image so basically I want to show you how to um download the 40-gate or the for the web image so here once you have a GS3 set up um we're gonna go to templates or we're gonna install an appliance from the GS3 server I'm going to go to firewall and then I'm gonna scroll down just for the gates now this is for 40 gigs but we're doing 40 web so this is for the web so click install I will now install on uh S3 Appliance so I do have my gns3 running on these appliances here so um I could choose any of them but for now I'm not really worried about which side that you're going to be running on click next now the current version on this for the web um and I want js3 um lab it's actually 7.01 however there is a 7.2 as you can see here it's a 7.2 so which means that this particular version here is not the most recent one let me see if I scroll down I don't have any several problem to here but I can show you I'm going to show you how to actually get um what's it called the higher version so the first one to do is to go to um support of 40 minutes .com will get subscriber foreigner.com the login using your credential uh you can create an account by registering um then once you're done registering you're gonna log in what I'm actually interested in basically here is actually downloading um VM images so I'm gonna click on downloads VM images now I'm going to scroll to for the web that's the project that we've done now you can see there's a much monitor as a much more uh in latest version of 7.3 as of this time of this recording um I actually using it on my gns3 uh if I'm doing it on my ethernet side hose which I'm going to create a video for the exercise also I'm just going to click on this and download the exactos version but for now I'm actually more interested in the one for my gns3 so I'm going to download it to KVM so I'm going to be downloading this 7.2.3 version so here this is for the new deployments and now this is 7.2.3 so um yeah I'm gonna download the KVM version so this is what I'm going to use click download now once the download is um Dawn I am going to then um show you how to move that over into um gns3 so once you download the notice I I'm downloading the one that has a KVM um version this is actually in a zip file which you're basically I'm going to zip when once I've done and then um I'm gonna actually install it on my js3 notice that the format it's using is kvm.q cal2 so the first I'm gonna do here while the my download is running is I'm going to create a new version I'm actually going to choose unlock custom files um and encrypts the new version the current version is 7.2.3 and this is how the founding is what I like to do most of the time when I when I'm creating the phone number I like to make sure that the build number matches the build number that I have on the files other than that band magical downloading so let me um open back my download page uh almost done about 30 seconds so once my download is ready I'm going to open the file so as you can see I do have [Music] two different Q card files here and normally I I've never seen one of the two different cubicle five one time I'm going to use this particular one here I'm going to extract this um the build number that I was talking about here is this one here this is a viewed number uh the build number is zero three six five so uh what I can do is when I extract this and extract this out into like one of my folder I'm going to rename the file to look like the format of my gns3 which is uh more like this so I'm just going to go back to my download page and then copy this will make sure that you end up doing KVM because we're gonna have its um renamed with the Q cow so I'm basically we're going to replace the file with the name boots with the um with the full file name with the builder version so this is the name I'm basically going to copy um coincident um go to my gns3 and then replace this because not just the build version is different so replace this with the correct build version which is zero three six and matches of n dot Q card 2 click ok I'm Gonna Leave the image as uh anything.q.2 um then um scroll down it will be at the bottom notice automatically kind of like found my file we found the file locally if this doesn't find your file locally what you can just do is just go to report here and then browse the location of your file which is that and then click open that will basically still had it onto your gnf3 applies so the next I'm going to do is already found it locally I'm going to click next it says would you like to install the 7.2.3 version of foil web you're saying yes it tells you that you default username and submin and you've got no password is set so basically what is currently doing at this point is uploading and everything is successful so notice the reason for username is admin and there is no password you click finish [Music] now let's try and download 40 games um I just wanted to show you these steps again so that you'll know how to get all the stuff all this done yourself in the link for the gates um don't forget using gns3 you're using KVM if you're using the exercise also choose that if it is not that platform they're all there so I probably on the rest so here in this case I'm using js3 KVM I'm gonna make 7.4 and um not upgrading not just that by doing it basically a new deployment of a KVM and that's actually my build number only just click on download now once the download is done I'm going to install this 7.4.0 on my gms3 notice my um is version 87.2.4 so I'm going to create a 40 gig Appliance for 7.4.0 click here 40 hits next and then uh we're gonna create this 7.4.0 notice there's no 7.4.0 here we don't like custom files yes to that it's new uh it's going to be [Music] 7.4.0 but okay notice the build number here is saying 1262 which is matching this current build number that's not a good number so the build number of what I'm doing currently is basically two three six zero so what I can do is just copy this name here or option KVM copy and then go back to your gns3 um then I left from the qvm and then I'll paste that make sure that it animates dots Hue color too so that is start then I'm going to make sure that once my download is done which is currently done I extract the file out open that notice that came with this this is another file name that I want but I'm going to extract it anyway foreign [Music] name and then here once you rename it most of the time is visible to find it locally so I'm going to close this go back and then click OK and then leave that as a default disk so we'll scroll down to 7.4 let's see what happens basically it's a lot easier to do this way it will be easy to find it um that that will normally I do like my firewall to be able to see let me see what I downloaded actually just to be sure on the right one um I should have ordered this particular one so I'm going to make a correction to that I mean redownload the file I haven't used the image called ffw I don't know the difference between FM code name fjx but I do like when to just be mqt so I'm just going down and make sure that it's a KVM so I'm going to download that again and uh let me go back to my gnf story um much difference in the mobile [Music] so I want the one with the app can see I I don't know why I just don't know like the FLW here I don't know why I don't know what it stands for so um I'm just going to stay with my yeah you can see if I refresh this notice that it's missing because I already removed it so um my download should be done now yeah it is done so I'm gonna open my download which is this one here is [Music] I'm gonna go back to my download folder and then look for the for the OS okay then rename it this time I need to make sure that I have the right name mqt more like that for 40 gigs uh copied up to KVM and then um go back to the folder rename that by leaving the docq cartoon so that is actually the file name this is what I need good so now I'm going to go back to my Google history and um actually able to um Imports um I'm going to find a file that you can see yeah that's the mission two three six zero um I can make sure that I'm verifying the version but making sure that the build version matches two three six zero so that is the right one so I'm going to go back to my channels three let me choose the file yes of course it's so that is basically replacing that image file um another instrument is the name fmw what I can do is I can basically just do away with this particular version I'm going to cancel this and then try that video um just like the names just might show the appliance that I'm projecting um of clothing Max Dynamics next uh let's say we need 7.4 now we do not have a seven by four we don't know another custom file and then we're gonna create a symbol for 4.0 um again paste the file name is LG GT yeah then scroll down and find it there turn around the farming was between Deputy okay that's good that's what I want that's how I want it click Max install the username is admin there's no password as well [Music] it's fully and then this is my 7.4 for the games so we do have a 40 gigs and a 401. now this is how to get the 40 Gates and the photo web installed on gns3 now the next thing I'm going to do is to actually connect this um for the web to the internet to my network um which connected to the internet online Network yeah that should be fine so this is going to be my speed so here I want to do it this way um no I'm going to bring this switch in um that's fine choose that one as well I'm gonna call this My Lan I'm gonna put my 41 in my lap I could actually put it by this side or this side doesn't really matter why I don't but so I'm just going to name this for the web and then I'm going to just name this for the gates okay now the next I'm going to use I'm going to need the server now the same way we will install this gns3 the same way you install it so I'll just go to add Appliance and go next and then got some guests I'm going to scroll down you will find a Windows server and then you follow the step to install that so I do have a Windows server 2016. so what what I'm going to do is to then connect all this um connecting this to micro one connecting my 40 gate support one to my land I'm connecting my switch to for the web on board one and then um connecting this to myself this is just a very simplified setup um of course you in your network you can have multiple servers but we'll be just gonna stimulus and simulate this environment to make it a simple one now what you didn't do but I'm gonna break this video into series what you then need to do is to set up the 40 Gates so you set the foot again you need to restart that you also need to do the same thing for the for the web now the 401 battery comes with the 15 days license after 15 days it basically expires um the 14th however you basically need to register that so what I'm going to do here is uh open the console of the 40 Gates once you click Start open the console remember the username is admin and there is no password so once you open the 40 date when you see is basically this now in my case here connecting this to my eyes and I'm actually going to be um he is a public IP address so I'm going to be getting a DC IP address from this Cloud here which is basically connected um through my network to my land Network so that's why that's why that's what it's already confident here you can actually watch some videos on how to set up the cloud to get uh internet connection into your gns3 [Music] I'll show you how to set this up so once my footing it is fully booted I'm going to then um check the IP address that I'm getting from this um Cloud link here now notice this has to be registered uh with 40 gigs remember we actually uh came to this page and yeah this is the 40 gigs uh page uh I'm gonna go back to Asset Management so what you will need to do is not just this is one of my 40 gig firewall what you need to do is you will need to create an account and then once you create an accounts then you will then register your Appliance so I'm probably just going to do that um so that I don't have to or I could just show you the steps so you know how to get that done so um but you definitely will need an email address that is already not new so of course I'm going to create a new email we're going to use the email to register the 40 date so while this is restarting and now I'm getting ready I'm going to um wait for the all process to come back online once it's fully online I'm going to log in and then I'm going to check if there isn't any IP address and then we're gonna access this using the IP address that could actually access it from this server here as well so while this is coming with also put up the server that's that's what I mean input ideas okay um let me open the console for the Windows Server the Windows 7 is correctly built in um the username and password for the Windows server is admin admin um you'll see that also when you install that so once this is up um we can access the footage using this so I can access it on my land in that way whichever one works best it's fine with me so I'm just going to um verify before you get this online it's still starting so I'm gonna wait for you to fully come back online which is almost always now showing me the serial number um I'm going to just give it a moment what's up great my 40 web I'm sorry my phone engage and my Windows Server I bought online so I'm going to log in to my Windows 7 notice the password is basically admin I'm going to come here and I'll enter username I've made no password now I'm going to set the password this is the password you're gonna be using thank you now the first thing you do on your photo unit is to verify the IP address on it so what do you do is I do conflict system interface and then I do edit with the question mark that will tell me okay I can see that I got this IP address using DHCP on my phone one and now of course I connect it for one and four two and I put two quarantine it has no IP address so I could set MacBook 2 which is basically where my alarm is connected to my lab exactly on my port two you can verify that by expanding you can say Portugues to my land so I can actually configure uh the port 2 address on the footage so I just say edits Port two and I can say set IP and then question mark is also a very useful thing that you can actually use to set up the device oh sorry let's sing my IP address is 192.168.177.1 [Music] slash 24 . now that set the IP address let me see if we can say show now notice this IPS are set to this the next thing you need to do is you need to allow um access via HTTP so we're going to say set allow access we're going to allow it to Ping we're going to allow HTTP and https we're going to allow FG uh fgfm so basically what we're basically saying is we want to be able to manage um the portion via web we want to also be able to Ping it as well now this is the IP address that I'm using if I set a Sim id address on my um server I should be able to Ping this so let's go to the Windows server the network and close this so I'm going to set my Windows server to have an IP address of 177.2 practice so my default gateway will be my firewall I could just use a does DNS at this point in this is not my main concern let's see if it's receiving anything for now nothing is coming through so let's see if we can actually ping the firewall because we did the name of ping on it so I'm gonna go back to my command prompts and then I'm going to Ping now at this point I'm still not able to Ping this it's currently timing out um that's because let me see oh yeah now one thing I've noticed about 40 games is once you type end or next the configuration you've applied doesn't really apply I don't know why not just that so I don't know why but that's a very common thing so here you can see it's receiving now and I have the IP so basically I can actually open the web browser I'm going to close this minimize and close this uh it came with Google Chrome which I don't like so much um because I don't bother about Internet Explorer which is uh exceptions that I have to have so now I'm going to open the web interface on the 40 gate https the reason is because I already enabled both these different https here if it's just https that I enable I need to make sure I put https there they also will not open so let's note that notice this it's basically open the four digits so while this is coming up I'm just going to start my 40 web stocks I'm also going to do the same thing for the for the web as well foreign address now and the password that I specified and then it's going to ask you to actually register the device I'm waiting for the page to open it's basically just going to ask you to register the device so I'm going to register this device already explained this uh the process as a very simple process just create an account on support.foreigner.com and then register the license using the same account and now once you do that um it should just be fought from there um now let's see for some reason I'm having issue viewing this page on my Windows Server it's not an issue um notice that my port wouldn't happen to get an automatic IP address so I can actually use my own web browser on my computer which literally in that same subnet67.239 and then I'll type in my username on my password and now I'm still going to open the same page not just this is what it's ready to load on that page so here is saying I need the evolution license so here you just put your username on a password I explained that you will need to create an account uh on for the web so I'm going to do that just so once you do that once you create an account you just put that username here and the password here and then you click OK that's all you need to do it will give you um the evaluation license so once you have your concrete then what you can just do is click on register here put your email address and then click register uh verify the accounts can't see that clearly okay then get the verification code I will send you a verification email so you go to your email and wait for the verification code once it comes in you put the verification code that you received and then you put that here um waiting for the code to come in there it is so the verification code this is in here let's copy this and then pull it here next then you set the password and then click next once you've done this this is basically how to register for the net website once you created an account then you can actually come here and then um add the email in the past what I used on your for the web website put in all this information and then once you're done with this information then you can actually click ok so I'm just gonna do that so as you've put in your information your created a license you read your license agreements and then you click register so once that is registered that's completed so you can complete and that's all you need to do there so you can basically just log in for the email and then click login so once that is logged in um notice that I'm already starting with any products I'm going to come here and then click ok now click OK and then what you see is that this will basically register automatically to this account not just that that's for button at this point so once that is fully rebooted you're gonna have the assets automatically here there you go see very simple very straightforward so once this is reboot uh fully rebooted um you basically will be able to manage your footage this is the the length of the cereal that I have specifically try out one so I'm not really bothered about it so now this is the notice there's a trial it tells you when it was registered which is currently to this state um then um I'm waiting for it to reboot now while this is actually working his own magic let me go back to the um what's it called for the web is the same step open the console um once you open the console this is how the console looks the username is admin there is no password then you type in your password after you put a blank password then the next thing is to go from the password that you want to be using now we've been able to log in so here is also the same command config system interface sets so right now I I am actually expecting uh a DCP IP address from this interface here so I'm going to show you how to set up a DCP id address here so that disconnected all best thing I can do is I can set the manual IP address so let me set the manual IP address here so I can say set Mode start and then yeah I'll change it to static say yes to that the sets ID 190.168.177. and here's the three and then say this so if I say show again notice that my ID is already set up three and notice that I have ping enable I have HTTP https also enable so if I go back to this browser or my um server I can actually type in dot three uh the same rule applies if I come back here and I try to paint the three remember when I said about how this thing is something you type in or next it doesn't really apply so notice that so that's very important you remember so wow um new configuring make sure that you make sure uh make sure that you ensure that you end the configuration before um you're expecting that to open https let's let's write down with https um 177 is that the icon user yeah okay so I'm waiting for that to we'll call you there we go so I think my 40 Gates it's also online as well I believe I should be able to log in now without issue on my server there we go oh no I'm gonna say with that then um the same thing with the photograph I should be able to just log in thank you there we go so the photo web is opening um let's set it for the gates let's still kind of like the install one um if you have an issue with chrome just download the edge um that would also work so while my 40 gig is trying to be stubborn I'll still open my 40 minutes on my PC here and um you can actually set up everything by clicking on the game or just choose later I'm just going to choose the data like click ok um I'm just going to do a basic um setup for my network before this um video gets too long so here is my one or one so I'm gonna name this one the Alias I'm going to call this ISP um I'm gonna leave it on this by the way it is everything Remains the Same um click ok to that then I'm going to go watch it for two and then I'm going to name this my land and then I'm going to call this line as well um then I'm gonna turn on the super server um let's just say from don't 200. to let's say 205. just have IP address and six so here you could just set the DMS of your ones you could do a list time but I'm just going to leave everything this way click OK that's fine with me it's not gonna make any change or anything so I have my land I have my high speed the next thing I'm gonna do is set up your static routes and this will allow traffic to go to the Internet um using my ISP and then um you could choose a dynamic IP or only because specify what you get with design in my case I'm just going to use Dynamic down just that automatically take my Gateway if you don't know it begins we can also specify it as well so my case that's fine um now this device should be able to get to the internet desktop by saying exact thing now we have internet access there uh also we need to have a firewall policy um for now I'm just going to stick with the hold one put layouts creates a policy to allow the land to the internet so I'm gonna say everything coming from the land that is going to the one we're gonna say uh all the Lan ID which is for two address and then going anywhere and then using any Services we're gonna have nuts enabled make sure the action is accepts for now we're not going to use any of the security profile I'm going to try and Logo the session so we can see from logs and then enable this policy click ok so that policy this policy here basically would allow this device here to actually browse the internet let me show you so let's say google.com so now traffic we should be able to move from my line here let's go to pingin now let's see yep there we go shopping Goku not just a simple Japan the reason that is because of this firewall policy not just earlier it's still observed if I refresh that page um expand that let's see there's traffic and if we check the kind of traffic that is going through that the car traffic is basically this traffic it's my policy coincidence this is the one that goes to Google so this is whole line um this was going on here that's why I put all the logs there okay so while that is working on the background the next thing I want to do is to quickly jump over to my 40 web because um where is it for the web I did open it here so here is my 40 web I'm also going to notice at this point here uh my 40 web let's say cannot get to the internet access that it can get there so I'm gonna do here is go to network on the interface here um we only have point one which is basically this so what's what is missing is the static route we're going to click static routes uh and then we're going to point this to go through the 40 Gates the 40 gate IP is 180 168 177.1 and it's actually going to be going through the port one and I'm going anywhere because there will be any which is zero to zero to zero slot zero click OK and that already is the static word I need here so if I go back to my console and put the same command now oh voila so you can see that I have internet access on my 40 web so this point here I've been able to configure uh internet access on my 40 gigs I've been able to configure access to my 40 web so my photo web app access to the internet I might putting it have access to the internet so I'm going to stop this video at this point um so the video doesn't get too too long and too boring so this is basically how you need to set up your 40 gigs and your 401 on gms3 please put in the um your comments if you have any questions if you have any difficulty setting up your own let me know I will actually be happy to help uh what or one of well this is going to be a serious video so I'm actually going to show you how to create an is server you can use for the web to manage your server and so on like that thank you so much for viewing and please share this video those likes and then thumbs up for the video if you do like it if you find it very interesting

Info

Channel: Techy-World

Views: 4,621

Rating: undefined out of 5

Keywords: fortigate gns3, fortigate firewall, fortigate lab setup, fortigate firewall configuration, fortigate firewall policy configuration, gns3 fortigate gui, fortigate firewall configuration step by step, fortigate firewall policy, fortigate firewall configuration tutorial, fortigate gns3 appliance, fortigate gns3 vm

Id: aNHIQdwXbas

Channel Id: undefined

Length: 44min 44sec (2684 seconds)

Published: Thu Jun 22 2023