Full Fortinet Setup & Walkthrough **For Beginners** | SD-WAN | VLAN | Wi-Fi | Testing & More
ฝัง
- เผยแพร่เมื่อ 5 พ.ค. 2024
- I'm Keith Barker, a 2x CCIE (Cisco Certified Internetwork Expert).
In this video you'll learn the entire first time setup of a Fortinet system. This is an in-depth overview of initial setup for beginners or anyone who is looking for a concise overview of the entire Fortinet stack. We will walk through each step individually including a factory reset of all the hardware. Then we will start the entire configuration from scratch by setting up IP Addresses, an SD-WAN zone, and configuring the FortiSwitches. We will also walk through setting up VLANs, FortiSwitches, FortiAPs (access points), Wi-Fi, permissions, NAT, and SD-Wan Rules ( and SLA targets). If you want to know the basics of setting up this whole system, you've come to the right place!
I'm am your guy if you are:
👉 New to IT and don't know where to start
👉Currently in IT, and want to learn more advanced ideas
👉 Anyone who wants to learn about the basics of technology in general
I believe that anyone can improve their situation by gaining new skills, especially in information technology.
🆓 Free Packet Tracer Labs download: thekeithbarker.com
🦘 Jump links:
00:00 ⏩ Intro
00:27 ⏩Topology
03:27 ⏩Game Plan and Overview
07:14 ⏩Factory Reset
07:43 ⏩IP Addresses
09:46 ⏩SD-WAN Zone
12:69 ⏩Add FortiSwitches
14:48 ⏩Creating VLANs
19:15 ⏩Access Points and Wifi Net
23:25 ⏩Permissions and NAT
26:48 ⏩SD-WAN Rules (SLA)
31:05 ⏩Testing and Verification
Enjoy, Like, and Subscribe. 😃
Free TH-cam Playlists from Keith:
▶ Cisco CCNA 200-301 ogit.online/sloth
🔐 Cisco CCNA 200-301 Security ogit.online/200-301_Security
💻 Cisco CCNA 200-301 IPv4 Subnetting ogit.online/subnet
💬 Join our Discord server (free) ogit.online/Join_OGIT_on_Discord
🏪 Keith Barker Amazon Affiliate Store www.amazon.com/shop/keithbarker
🏫 Keith’s Content at CBT Nuggets ogit.online/Keith-CBT
Without a doubt one of the best Teachers that has ever done it, period. I am so thankful
I second!
@@jonathanbanda3981 I third
Thank you, Keith. This is very informative and helpful. God bless you and increase you on every side (Amen)
I love how clean the Fortinet GUI looks, so easy to follow & it just flows properly !
Good to see you Keith! Thanks for sharing this Fortinet video. You did a fantastic job. Configuration of outgoing traffic through the Fortigate SD-WAN firewall is cool. Configuration of incoming traffic from the Internet through the Fortigate SD-WAN will be interesting to see.
This was awesome! Thank you, Keith!!!
Thanks, Keith, awesome video! love your Fortinet videos, please share more!
Thanks for sharing your knowledge Keith.
Greetings
Very informative. I wish had something like this when I first started managing fortigates.
Nice one Keith. Very informative. Cheers.
it's been really a long time since last time, good to hear you a gain
Keith, thank you for the very informative video! I have been learning Cisco from you before your CBT times ;)
Been waiting for someone who could explain fortigate better than all that I did scourging from youtube and google and this is the best tutorial. Thank you so much!
Where was Keith Barker when I first started managing Fortigates?
Thank you for this!
Always amazing content Keith!!! You the GOAT of IT 🐐🐐🐐
Great information and instruction, thank you!
Thank you @belikemike7646!
Oh wow, having the Cisco training by watching your training videos, I"m very impressed with what Fortigate can do thanks Keith from Australia.
I highly recommend any of Keith's videos and courses. He is a rare breed of trainer because he actually has a plan, builds a real usable scenario lab, configures it (hits the save button!), and then tests and verifies it. Hugely important for those trying to learn and practice anything. Unfortunately in my experience most IT training videos (and even the expensive official trainings provided by vendors) don't do this.
Most trainers (and even some others at CBT Nuggets - Meraki trainings - ahem) think it's good enough to walk through GUIs, point and talk about what does what, maybe punch in some bogus settings for on-the-spot hypothetical scenarios, and then not even save them! Or if they do, it's a trivial, silly example, and when you try it, you find out their descriptions were incomplete and insufficient.
That being said, now I have to figure out how the Fortigate 60F suddenly became virtual one in eve-ng at the end :)
Hey Keith, This is a great video since I use Fortinet with the MSP I’m with at most of clients.
I can definitely see where Fortinet's use of the term "Native VLAN" can trip people up.
This was a very helpful overview, Keith. Thank you!
Thank you, more videos on Fortigate fw please
This is very helpful. Still struggling with setting up sd-wan on my ipsec tunnels for reduandancy
looks younger than before thank you for showing up!!
Wow. I can't express enough how helpful this video was.
Happy to do it, thanks for the feedback Stefano Agrotis.
Simply amazing video! Thank you so much!
Thank you @TheElevenBravo!
he is a good teacher as i see as a begineer
You're really amazing Keith! Thanks for sharing this video.
My pleasure!
This video was so very helpful, as well as all of them. I am working on a project that’s related, and this may be the answers I needed.
Happy to do it, thanks for the feedback Chris Osborn.
Outstanding content. Thank you very much. Well done.
Thank you TastyChickenLegs!
I have done ccna and ccnp using your course on cbt then landed a job supporting fortinet devices, I am really lucky that you are also teaching fortinet courses, Thank you Keith!
Great walk through!
Just wanted you thank you mr. Barker. I have learned so much from your videos and I have finally broken into the IT sector. thanks
Glad to help
Hi Keith, very impressive video keep up the good work. i just wanted to ask about the EVE-NG is this the professional edition, it is the first time i see quality config, i realy learn new things each time i see your videos. thanks once more
Oh man I wish you could make this same video for Sophos or Mikrotik!
If I ever stuck on any topic Keith is my teacher and I am so thankful that we have you Boss
Thank you AZ Networks!
Keith, thank you for this amazing video. Question, I purchased a FortiGate 60F, FortiSwitch 108F POE and AP. Can I setup your lab without a Fortinet license or it's required?
Please Keith I need you to do more of this Fortigate tutorials please 🙏❤️.
You are the BEST.
Outstanding ! The best I’ve seen so far! Are the fortiswitches configured in eve-ng ?
Tons of value, thanks
Happy to do it, thanks for the feedback james s.
Awesome!
Thanks ^__^ The king of OG
This guy is a legend!
Thank you Mabrouk!
My favourite school teacher 😍
Hi Keith,
Could you please make a video showcasing the roadmap for someone who want to become an expert in cybersecurity by self learning using learning arsenal's like cbtnuggets, instead of enrolling in a university. Perhaps a roadmap of certificate's one should focus on step by step to become xyz in a cybersecurity niche.
I am currently doing the comptia A+ with you in cbtnuggets and I just love the way you teach, however, I am not sure which certificate to focus on after this since there's so many varieties and I am complete novice in this field (trying to change my career from nursing to cybersecurity).
Kind regards,
Jay
IT Original Gangster -Thanks Keith
Thank you Glenn Tembo!
Thanks Keith for mentioning that Fortinet Access Ports names it "Native Vlan" and Cisco uses it for untagged traffic between trunks. WTF with different vendor names and uses :D
Hello Sir,
When the rules processing is that processing based on # number not Policy ID number right?
can the HA port on a FortiGate firewall be use as WAN ports ???
Hi @fortinet guru, thanks for the brilliant explication, i have a question in my job we connect through forticlient app which point to a fqdn name instead to ip address,so how does is it configured that on the fortigate firewall?
Thanks in advance.
I like this guy and his brothers anthony S and kevin W., I have been out IT for about 3 years, I am back to continue my dreams to get a CCNP, please God, may You guide me
I like your tutorial. There is one question I want to ask, what is the usage of DHCP range in Vlan 5?
To provide an IP address to the APs. They get their IP address via DHCP.
Keith i need data center design and configuration videos. Can u help me where can i get them
👍
Keith, is there any possibility to see you creating video tutorials for Huawei equipment? I encounter this manufacturer in an increasing number of customers.
I don't know that product, sorry.
Hey Keith.. just wanted to check why did you stop weekend quize ?
Thank you for the question Muqthiar Ahmed. Yes, I have covered almost every single topic in the blueprint through both videos and quizzes, so I stopped as they would have become redundant.
@@KeithBarker thanks much Keith for your response ❤️ at least can we have discord session once in a while 🙂
Hey Keith, how do I allow inter VLAN traffic? So a printer on VLAN 10 can be seen by laptop in VLAN 20.
Thank you for the question @leejonscramstad3216.
Because the FortiGate is logically connected to all those VLANs (as the manager of the switch stack) it has routes to the subnets associated with the VLANs.
Is this going to be a complete series for fortinet NSE4?
Thank you for the question Joe Joe.
Not a full series, just a video or two to help people understand how to configure the gear from FortiNet.
im in the works right now on getting me a hwfirewall and im choosing f40 its only me on my network, ill be streaming my own plex server, nas, and cameras, I may have a few family members on it id say a max of 20 people with a few smart devices, tv, ipads, smart home appliances as well. Do you guys thing thats enough or should I should be looking at 40f ,80f or the 100f?
Thank you for the question @Photoshopuzr. As far a throughput goes, the lower models will be fine, based on your expected number of users and their traffic.
thanks for the reply I appreciate it.@@KeithBarker
so do you have a port channel going to each switch or is it a port channel going to one switch that is stacked with another switch? I am kind of confused
Thank you for the question Omar M..
For the connections between the FortiGate and the first switch, if FortiLink split interface is disabled, will automatically make a LAG.
For the connections between a switch and another switch (both FortiSwitch), they will also automatically make a LAG.
Hope that helps, and best wishes.
How would you setup 2 switch to connect to the FW, so that if one switch failed the other switch will allow the users to still have internet access ???
Use 2 physical Ethernet interfaces for the FortiLink interface. Connect 1 Ethernet to a switch on the top of the rack, connect the other Ethernet to the bottom switch, and that is how you can get fault tolerance.
Hi Keith, pls what type of Linux virtual machine were you using in ESXI in your fortinet firewall training? I don't mean tiny core but the one with the name "keith@virtual-machine"
Mint Linux
@@KeithBarker Thank Keith (The OG of IT)
You didn’t show us how you form a LAG between SW1 and SW2. Does Fortilink forms LAG automatically between switches and Fortigates?
Also what about SW1 side of LAG that is connected to upstream Fortigate?
Thank you for the question @danimoosakhan.
Yes, the LAG is automatically formed between the switches.
If you want to use LAG between the FGT and a single switch, disable the FortiLink split interface option. With that option on, it will only use 1 of the 2 interfaces to avoid a loop.
@31:57 - how to load balance the two wan ports or isp ??
As part of the SD-WAN zone configuration and rules, that will allow you to load balance.
Where can I get your full course on FortiGate?
CBTNuggets.com
@@KeithBarker Yessir - I just enrolled and I am on slate to take my CCNP ENCOR and NSE4/5 this year - super excited and your breakdown is amazing.
Hello, i am little bit confused about links between FG, SW1 and SW2....you put it to VLAN10, but this interfaces should be trunk or not? Maybe I am wrong, but for me is it little strange. Thank a lot for reply.
Thank you for the question Juraj Vantúch. I set up a few access ports on SW1, to support clients that will be connected to VLAN 10.
@@KeithBarker So link between switches and Fgate was trunk? :)
@@jurajvantuch9636 It absolutely is. The 802.1Q trunking is negotiated and setup automatically between the FortiGate as the controller and the FortiSwitch stack.
hey can i get fortinet switch vm images from somewhere?
Fortinet sells them
*The admin account has been deleted or renamed. I cannot reset the password because I do not know the name of the current account. how do i solve it.* ..i
Better off using HPE switches over the Fortinet switches
I switched from HPE to Fortinet just for ease of management through one interface. HPE switches are very good though. We ran HP ProCurve switches (then HP Aruba) for 13 years without problems. I do love HPE switches because the cost and stability. Also, I was very comfortable with their command line interface. I'm crossing my fingers that these FortiSwitches will be as good. I do admit, they are a breeze to manage through the FortiGate. That's how Fortinet gets you. The FortiGate is the gateway drug (no pun intended) to the rest of their eco-system.
aWSEOME
Cbt nuggets