Scribd
Upload
55 views8 pages

20-Redundant Interfaces

The document discusses configuring a redundant interface on a FortiGate firewall to combine port 3 and port 4 to provide failover. The summary describes testing connectivity by pinging from a remote PC through the firewall when individual ports are shut down and brought back up.

Uploaded by

Tio Ramadhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
55 views8 pages

20-Redundant Interfaces

The document discusses configuring a redundant interface on a FortiGate firewall to combine port 3 and port 4 to provide failover. The summary describes testing connectivity by pinging from a remote PC through the firewall when individual ports are shut down and brought back up.

Uploaded by

Tio Ramadhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 8

Redundant Interfaces Lab:

Switch Configuration
Switch(config)#hostname Remote-SW
Remote-SW(config)#interface range ethernet 0/0,e0/3
Remote-SW(config-if-range)#switchport trunk encapsulation dot1q
Remote-SW(config-if-range)#switchport mode trunk

Firewall initial Configuration


FortiGate-VM64-KVM # config system global
FortiGate-VM64-KVM (global) # set hostname FW4
FortiGate-VM64-KVM (global) # end
FW4 # config system interface
FW4 (interface) # edit port5
FW4 (port5) # set mode static
FW4 (port5) # set ip 192.168.100.240/24
FW4 (port5) # set allowaccess https http ping ssh telnet
FW4 (port5) # end

1 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Login to FortiGate Firewall type http://192.168.100.240 in any browser.

To configure an interface, go to Network > Interfaces Click Create New > Interface.

2 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Type the name, Alias, select Interface type Redundant interface, Assign the Gateway IP address.

Finally, Redundant interface has been configured combine Port3 and Port4.

3 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Go to Network > DNS Set DNS Servers to Specify, Configure the primary and secondary DNS
servers as needed. Configure additional DNS settings as needed Click Apply.

Create a new default route, go to Network > Static Routes.

4 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Create a firewall policy, go to Policy & Objects > Firewall Policy, and click Create New. Type the
name of the Policy, choose incoming Interface Redundant-IF, outgoing Interface ISP-1 click OK.

5 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Assign IP address to Remote-PC1 10.0.6.1 with subnet mask 255.255.255.0.

Test and Verification:


Let’s try continue ping from Remote-PC1 to google DNS 8.8.8.8

6 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Shutdown FW interface
FW4 # config system interface
FW4 (interface) # edit port3
FW4 (port3) # set status down
FW4 (port3) # end

After shutdown the interface there is one drop the interface switchover.

Shutdown FW interface
FW4 # config system interface
FW4 (interface) # edit port3
FW4 (port3) # set status up
FW4 (port3) # end

After bring up the interface there is one drop the interface switchover.

7 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


Down and UP port3 and port4 of Fortigate Firewall to see the traffic switchover to other port.

Priority-Override is enable when port3 is back it will be used again.

8 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717

You might also like