Firewall 101: FortiGate Labs

-
FortiGate labs 

   

1- Initial Configuration:
Create Two Zone (INTERNAL (Port2) - OUTPUT (Port1))





2- Create default route (static) between INTERNAL to WAN:




3-Rule Allow INTERNAL ZONE [PING & DNS] Services:





4- Rule Allow INTERNAL ZONE [http-https- DNS] Services and Deny [ping ]








5- Allow Security Profiles Anti-Virus profile:
This EICAR and test download virus (.txt)




## Apply AV Profile:






Result:





6- Apply Application Control for Block facebook.com & facebook services  for LAN Zone



Edit Policy:





7- Block Facebook chat only for LAN Zone:


--------------------------------------------------------------------------------------------------------------------

Good Luck https://www.linkedin.com/in/ahmedms/

Comments

Post a Comment

Popular posts from this blog

Kubernetes 104: Create a 2-node k3s cluster with k3sup

-
Image
Create a 2-node k3s cluster with k3sup Kubenetes-Master   = 192.168.17.5 Kubenetes-Worker  = 192.168.17.6 k3sup machine        = 192.168.1.131 !!!  Allow ssh access between k3sup  & two nodes of kubernetes       and between two nodes of kubernetes. !!!  Install K3SUP: [root@devops ~]# curl -sLSf https://get.k3sup.dev | sh which: no k3sup in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin) x86_64 Downloading package https://github.com/alexellis/k3sup/releases/download/0.3.0/k3sup as /tmp/k3sup Download complete. Running as root - Attempting to move k3sup to /usr/local/bin New version of k3sup installed to /usr/local/bin _ _____ | | _|___ / ___ _ _ _ __ | |/ / |_ \/ __| | | | '_ \ | < ___) \__ \ |_| | |_) | |_|\_\____/|___/\__,_| .__/ |_| Version: 0.3.0 Git Commit: 7d954414def98c52ae1f6de08ac5317e4260e673 [root@devops ~]# !!! Install kubernetes master: [root@devops ~]# export SERVE
Read more

Cisco Nexus: Configuration VXLAN.

-
Image
Configuration VXLAN on Cisco Nexus !!! First: Legacy Method: Connect between two servers by Trunk VLAN: Second: VXLAN Method: Connect between two servers by VXLAN Tunnel. First Method:          NXOS-L:  vlan 2  interface Ethernet1/2     switchport access vlan 2     spanning-tree port type edge     no shutdown interface Ethernet1/1    switchport mode trunk    spanning-tree port type network    no shutdown NXOS-R: vlan 2 interface Ethernet1/2    switchport access vlan 2    spanning-tree port type edge    no shutdown interface Ethernet1/1    switchport mode trunk    spanning-tree port type network    no shutdown  Result: ------------------------------------------------------------------------------------------------- Second Method: VXLAN !! NXOS-L: feature ospf  interface Ethernet1/1     no switchport     ip address 10.3.4.3/24     ip router ospf 1 area 0.0.0.0     ip ospf network point-to
Read more

How to configure OSPF on Palo Alto Networks Firewall?

-
Image
How to configure OSPF on Palo Alto Networks Firewall !! Steps: 1- Create Virtual Router. 2- Create three Zones (Site A – Site B – Site C). 3- Create security rule allow (ping) between Site A & Site C. 4- Create OSPF routing protocol on two firewalls. -------------------------------------------------------------------------------------------                                                                     PaloAlto - 1 1- Create Virtual Router (VR-1) PaloAlto-1 2- Create Zones PaloAlto-1: 3- Assign Interfaces PaloAlto-1: 4- Create rule allow (ping) and deny other 5- Apply OSPF between two interfaces (eth ½ - eth 1/1) Show routing table on Palo-Alto-1: ====================================================================                                                                PaloAlto - 2 1- Create Virtual Router (VR-1) PaloAlto-2 2- Create Zones PaloAlto-2: 3- Assign Interfac
Read more