Waiting for the next vid on the series on fortigate! Great vid! The past 2 vids got me everything I need!

Excellent videos! New to fortigate here.

Thank you for explaining it in a simple and effective way !! Also, please explain me the difference between H/W switch, S/W switch and VLAN switch in the Fortigate! Thank you!!

Thanks for your videos. Very helpful.

Watched this super tired didn't understand a thing... rested up watched again perfect sense you are a godsend! People who say Cisco cli is easier are nuts... Keep this going with these I'd request multi vlan network and dns most secure way

@doctor.networks

Жыл бұрын

Haha right, sleep is extremely important, need to have it to understand concepts 100% of the time.

Excellent work

great man! I need more of this!

@doctor.networks

2 жыл бұрын

More coming soon Man 🙂

Nice work, waiting for new videos..

thanks for sharing this VDO, this is really helpful Thanks❤❤

@doctor.networks

2 ай бұрын

You are welcome @netconfig999. Nice channel name by the way 😀

thanks pal great tutorial

Great! Thanks a lot, keep it up bro!

@doctor.networks

Жыл бұрын

Thanks, will do!

Well explained. Thanks for this vid man.

@doctor.networks

2 жыл бұрын

Glad that helped you brother.

Great video. There’s an easier way. Just add all your VLANS/Subnets into a Zone (for example, an inside or trust zone), and disable “Block intra-zone traffic”, and they will all be able to communicate with each other without having to add any policies. Cheers

@doctor.networks

Жыл бұрын

Thanks for the trick! haven't done that but will give that a try as well.

@10mashood

4 ай бұрын

Idea is good ..but all vlans in one zone is not recommended and is a security concern in real environment...

Great series so far. When will the next upload be?

@doctor.networks

2 жыл бұрын

Thank You for the appreciation! Coming Soon.

Thanks. You're awesome :)

@doctor.networks

2 жыл бұрын

Thanks for the super awesome comment man!

Thanks! really love your video's. When will you post a video about the SD-WAN?

@doctor.networks

Жыл бұрын

I really want to, but struggling a little with time, hopefully will get some time

Thx❤❤

Thank You for this video.

@doctor.networks

Жыл бұрын

you're welcome brother 😀

good explanation, thanks

@doctor.networks

Жыл бұрын

Glad it was helpful!

Thanks a lot. Could you tell me what kinds of tools you use to draw the diagram? Does it come with those cute icons?

@doctor.networks

Жыл бұрын

hhhh it's actually an animation software called Videoscribe, these icons are not buildin, I make them in Adobe illustrator & call them in videoscribe. Afterwards take a screenshot & paste in PowerPoint. That is what you see in the video

thanks for posting it. Is eve-ng running on your PC or on an EXSi ?

@doctor.networks

3 ай бұрын

Specifically for this video it's a physical ForiGate box. Normally for my videos I use Eve-ng on a Esxi server to offload resources

Thanks a lot,do I have to allow the vlan in the trunk linke or the native vlan is enough. I noticed in my Network the data vlan and voice are not mention in the trunk but sill pc can get an ip from the data vlan ,,How come don't I need to say switch port trunk allow vlan,x,y,z .

@doctor.networks

Жыл бұрын

That is because a cisco switch by default allows all vlans. You limit the vlans on a trunk by the command "Switchport trunk allow vlan x, y, z".

For a stateful firewall, I believe a single policy should be enough to facilitate to and fro traffic. Is it possible to do that in the FortiGate firewall as in Cisco ASA firewall?

@doctor.networks

Жыл бұрын

Bro at 11:14 you see that we pinged the server right, that happened because of stateful inspection.

I have all that setup with a Netgear smart managed switch. I can ping all vlans from a machine in VLan1 but I can't ping the machine on vlan 1 from the other vlans?

@doctor.networks

Жыл бұрын

Im not sure about netgear actually. Possibly a policy is blocking the traffic from other vlans to your target vlan 1

Will there be a loss of processing speed? Is it better to use a dedicated L3 Switch in this scenario?

@doctor.networks

10 ай бұрын

Well actually it depends, if you have a very small environment, then this approach is fine. If you're network is medium to large then YES, you need to separate via an L3 switch.

@psychoticapex

10 ай бұрын

@@doctor.networks got it, thanks!

Hello, Dr. Do you have any video related to ADVPN on Fortigate? It would be a great help, because of the amount of customers using this service nowadays. Regards.

@doctor.networks

Жыл бұрын

Let me note that down & I will surely make a video on it

Can I ping a printer in another VLAN, without disabling the firewall in the source laptop? assuming there is interVLAN policy between the 2 VLANs

@doctor.networks

9 ай бұрын

You should be able to ping it

Can the ip address of the SVI be completely different from the main interface ip? For example, the main would be 192.168.1.99/24, then can a I use 30.30.25.1/24 for one of my SVI?

@doctor.networks

2 жыл бұрын

Sorry Jim your comment was in the spam of KZread, KZread blocks comments containing IP addresses i guess. Yes you can, the main interface will be as a native vlan with no vlan tag of course & the other SVI can be any Ip you want

@jimchen4269

2 жыл бұрын

@@doctor.networks Thank you.

Is there a Lecture #6 ? Or the videos end here?

@doctor.networks

11 ай бұрын

Unfortunately My career took a huge turn here, couldn't continue. But now I'm thinking of resuming the series soon

Why need this much of policies for intervlan, i think just create a zone and add the vlan's to that zone, that's bettee to simplifying 😊

@doctor.networks

Ай бұрын

Yeah but but you may need different policies for a set of vlans, you can actually create multiple zones referencing multiple vlans. The video is to give a concept that's why kept it simple. Obviously zones will be a better approach in the long term.