Fortigate¶

tutorial akan dilakukan dengan GNS3, lihat proses instalasi GNS3 dan Fortigate

Basic Config¶

Setting IP static WAN¶

network > interface

Setting IP static LAN¶

network > interface

Setting IP static DMZ¶

network > interface

Setting DNS¶

network > DNS

Config Hostname¶

system > settings

Internet Access¶

Policy & Objects > Firewall Policy

Name
Incoming interface
Outgoing interface
Source
Destination
Service
Action
NAT

VLAN¶

Network > Interfaces

DMZ (Port 3) -> IP/Netmask = 0.0.0.0/0.0.0.0
Create new interface

Name = DMZ_VLAN-10
Alias = DMZ_VLAN-10
Type = VLAN
VLAN Protocol = 802.1Q
Interface = DMZ (Port 3)
VLAN ID = 10
Role = DMZ
IP/netmask = 172.16.10.1/24
Allow PING

(juga yang VLAN 20)

Create Policy

Policy & Objects > Firewall Policy

Name = VLAN to DMZ_VLAN-10
Incoming interface = LAN (Port 2)
Outgoing interface = DMZ_VLAN-10 (Port 3)
Source = LAN-10.10.10.0
Destination = DMZ_VLAN-10
Service = all
No NAT

(juga yang VLAN 20)