This post is about the configuration of IPsec VPN between Azure and Fortinet Fortigate firewall, as part 2 of the post “How to Configure Azure Hub and Spoke Topology” Overall Topology Environment *On-prem Environment has a pair of Fortinet Fortigate firewalls with a public IP of 4.4.4.4 *Virtual Network Gateway (with local gateway and connection …
How to Configure IPsec VPN between Azure and Fortigate Firewall Read More »
This post is to document the process of configuring dynamic IPsec VPN from Juniper SRX to FortiGate Firewall, then configure OSPF over IPsec tunnel interfaces with a bit of OSPF route filtering. Environment 1 x Fortinet FortiGate Firewall with dynamic WAN IP address 1 x Juniper SRX firewall with Static WAN IP address Requirement is …
How to Configure Dial-up IPsec VPN from Fortinet FortiGate to Juniper SRX Read More »
This post is about configuring IPsec VPN between Cisco FTD/FMC Firepower and Fortinet FortiGate firewall Environment Cisco FTD firewall on routed mode and managed by FMC Fortinet FortiGate Firewall Note: Feel free to modify the Phase1 and Phase2 settings based on your security requirements Fortinet FortiGate Firewall Configuration Go to “VPN – IPsec Tunnels – …
How to Configure IPsec VPN between Cisco FTD/FMC and Fortinet Firewall Read More »
This post is to demonstrate the process to Configure FileZilla FTP Server with Fortigate Firewall. FileZilla Server configuration Connection configuration Auto-ban configuration Passive mode port range FTP user configuration Fortinet FortiGate Firewall configuration In virtual IP configuration, we have dedicated public IP, hence 1 to 1 Static NAT is used Firewall Policy configuration Common Error …
How to Configure FileZilla FTP Server with FortiGate Firewall Read More »
This post is to demonstrate the quick steps to configure port forwarding / Destination NAT on the Fortinet Fortigate firewall. Environment Fortinet Fortigate firewall. ISP has provided a /29 range of the public IP addresses. The requirement is to open port 443 from specific public IP addresses, not the whole internet. Configure Virtual IP or …
How to Configure Port Forwarding Destination NAT on Fortinet Firewall Read More »
This post is to document the process to manage the secondary Fortigate firewall in a HA firewall cluster, as well as the process to shut down the Fortigate firewall using CLI. This process comes in handy if you are using the same interface for both data and management traffic for the HA pair. Manage the …
How to Manage the Fortigate Secondary/Passive Firewall and Shutdown the HA Pair Read More »
This post is to document the process to configure static IPsec VPN between Fortinet and Sophos Firewall. Environment 1x Fortinet Fortigate Firewall cluster running at active-passive mode 1x Sophos UTM Firewall Both sides have static public IP assigned Phase 1 and Phase 2 use the same encryption (AES256) and authentication (SHA256) algorithm, Group 14 or …
How to configure IPsec VPN between Fortinet and Sophos Firewall Read More »
When Internet Service Providers (ISP) have a new internet link provisioned, very often they have shaping rules on their NTU to regulate internet traffic at promised rate. If your firewall/router/switch is sending excessive traffic than promised rate, the packet will be dropped, then ends up with suboptimal performance and slow internet speed. This post is …
How to Configure Basic Bandwidth Shaping Policing on Cisco Fortigate for ISP Connection Read More »
Eve-NG is the most used network emulation software for network professionals. Similar to Webiou or Unetlab in the older days, you can create virtual network devices for the majority of the IT networking vendors in a simple web GUI. This post is to demonstrate how to simulate or configure the Internet in the EVE-NG lab …
When network professionals handle changes remotely, it is always good to have a safety net available. If you are familiar with Juniper Junos, you would love the “commit confirmed” command very much, as it will revert the config back to the previous config after 10 minutes automatically, in the event of you screwed up the …
