Software Defined Network with Fortigate

59
7 months ago
in
StemSocial

Software Defined Network with Fortigate

post0.png

Hello, people of Hive, today I will be showing a continuation of my last post, we will make an SDN or Software Defined Network we have this Topology, the IPs may vary you need to open the console of the firewall and with the command get system interface you can see the IPs.

post2.jpg

We need to edit the interfaces, first the port3, we will put an IP address and mask as we defined in the topology, and we will give the IP address 192.168.2.1 to the First Fortigate and 192.168.2.2 to the second Fortigate.

post3.jpg

In port 2 of each Fortigate, we define the LANs, we will give a Manual IP to each Client PC and we give the PING access so we can check connectivity between networks and to the Firewall.

post4.jpg

Now we go and edit the SD-WAN interface, we do this in each FortiGate of course, we select port3 the interface we are using to connect between Fortigates and we give the IP Gateway in each case the opposite Firewall port3 IP.

post6.jpg

Now we make a Static Route, the destination is 0.0.0.0/0 this allows access from any destination, and the interface is the SD-WAN we just configured previously, we enable, and we make this in each Firewall too.

post7.jpg

Now we have made a policy to give access to the PC Client to the internet, we select as the incoming Interface the LAN, and the outgoing interface the SD-WAN we just created, also we allow "all" in this case for the example, but we can control the type of traffic we want to allow.

post8.jpg

Finally, we go to the second firewall, and we allow the incoming interface as the SDN we created(port3), and the outgoing interface in this case is port1(internet/cloud), so now the LAN of the first firewall will have access to the internet but going first to the SDN and coming out to the Second FortiGate Cloud.

post9.jpg

Finally, we just test with a ping from the First firewall to the internet or the LAN 1 to the internet, and we can see the traffic going through port 3 and using the SDN we defined. we can see the Bandwidth, volume, and sessions, all going through port 3.

post10.jpg

You can leave any comment so we can keep expanding the knowledge about Firewalls and FortiGate, this is very useful, also can be painful to configure but using SDN is less stressful than a regular access list and other technologies, this applies more if the Network is bigger.

You can check my blog here: @taradraz1

Thanks for the time!!!

stemsocial
stem
tutorial
chessbrothers
development
programming
ocd
ocdb
stemgeeks
dev
7 months ago
taradraz159
via peakd
$ 4.058
389
6
H2
H3
H4
3 columns
2 columns
1 column
Join the conversation now