Scribd Logo
Upload

Welcome to Scribd!

  • Fortinet LAB - Securing Enterprise Network v2 - Pub

    Uploaded by

    António Kiavoloca Júnior
    3 views7 pages

    Original Title

    Fortinet LAB – Securing Enterprise Network v2 -Pub

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views7 pages

    Fortinet LAB - Securing Enterprise Network v2 - Pub

    Uploaded by

    António Kiavoloca Júnior

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    DHCP Server

    Fortinet LAB – Securing Enterprise Network v2 172.16.10.2/29


    192.168.120.X/24
    WAN Link
    DHCP Address
    DHCP Address
    20.20.20.20/32
    DHCP Server 172.16.15.1/24
    192.168.120.X/24 172.16.15.X/24
    OAM-VLAN 172.16.55.1/24

    Test scenario-1
    VPC13 ping to RTA-16 (172.16.20.1) – Access, NAT Policy at Fortinet1 172.16.30.2/30
    DATA-VLAN 172.16.40.2/30
    Test scenario-2 172.16.25.1/29
    172.16.55.X/24
    Ping betwen VPC13 – VPC18, LAN to DMZ (No-NAT) – Access, NAT Policy at Fortinet1 18.18.18.18/32

    Test scenario-3 DATA-VLAN OAM-VLAN


    VPC18 ping to VPC12 (IP Mapping + NAT Policy at Fortinet1) 172.16.10.1/29
    172.16.20.1/30
    Test scenario-4 DHCP Address 172.16.30.1/30
    VPC12 ping to VPC18 (IP Mapping + NAT Policy at Fortinet1) 172.16.35.1/24 172.16.40.1/30 10.10.10.10/32
    172.16.33.1/24 172.16.20.2/30
    1
    In this LAB, we implemented the 172.16.25.2/29 172.16.44.1/24
    172.16.28.1/29 172.16.20.0/29
    feature to hide the server IP and block 172.16.28.2/29
    12.12.12.12/32 2
    19.19.19.19/32
    from external access. External users
    have to point to a different IP DHCP Server 172.16.28.0/29
    (172.16.28.3) to reach the server 2 1
    172.16.35.X/24 DHCP Server
    at DMZ-1. The Server can establish 172.16.33.1/24 172.16.44.X/24
    connections to external hosts
    through the NAT (172.16.28.3).

    172.16.44.51
    172.16.35.50

    Copyright@2024
    172.16.33.10 By Eng. Antonio Kiavoloca
    VPC18
    DHCP Server

    Fortinet LAB – Securing Enterprise Network v2 172.16.10.2/29


    192.168.120.X/24
    WAN Link
    DHCP Address
    DHCP Address
    20.20.20.20/32
    DHCP Server 172.16.15.1/24
    192.168.120.X/24 172.16.15.X/24
    OAM-VLAN 172.16.55.1/24

    172.16.30.2/30
    DATA-VLAN 172.16.40.2/30
    172.16.25.1/29
    172.16.55.X/24
    18.18.18.18/32

    DATA-VLAN OAM-VLAN
    172.16.10.1/29
    172.16.20.1/30
    DHCP Address 172.16.30.1/30
    172.16.35.1/24 172.16.40.1/30 10.10.10.10/32
    172.16.33.1/24 172.16.20.2/30
    Test scenario-1 172.16.44.1/24 1
    172.16.25.2/29
    172.16.28.1/29 2 172.16.20.0/29
    VPC13 ping to RTA-16 (172.16.20.1) – 172.16.28.2/29
    19.19.19.19/32 12.12.12.12/32
    Access, NAT Policy at Fortinet1
    DHCP Server 172.16.28.0/29
    2 1
    172.16.35.X/24 DHCP Server
    172.16.33.1/24 172.16.44.X/24

    172.16.35.50

    172.16.44.51

    Copyright@2024
    172.16.33.10 By Eng. Antonio Kiavoloca
    VPC18
    DHCP Server

    Fortinet LAB – Securing Enterprise Network v2 172.16.10.2/29


    192.168.120.X/24
    WAN Link
    DHCP Address
    DHCP Address
    20.20.20.20/32
    DHCP Server 172.16.15.1/24
    192.168.120.X/24 172.16.15.X/24
    OAM-VLAN 172.16.55.1/24

    172.16.30.2/30
    DATA-VLAN 172.16.40.2/30
    172.16.25.1/29
    172.16.55.X/24
    18.18.18.18/32

    DATA-VLAN OAM-VLAN
    172.16.10.1/29
    172.16.20.1/30
    DHCP Address 172.16.30.1/30
    172.16.35.1/24 172.16.40.1/30 10.10.10.10/32
    Test scenario-2 172.16.20.2/30
    172.16.33.1/24 1
    Ping betwen VPC13 – VPC18, LAN to DMZ 172.16.25.2/29 172.16.44.1/24
    172.16.20.0/29
    (No-NAT) – Access Policy at Fortinet1 172.16.28.2/29 172.16.28.1/29
    12.12.12.12/32 2
    19.19.19.19/32

    DHCP Server 172.16.28.0/29


    2 1
    172.16.35.X/24 DHCP Server
    172.16.44.X/24
    172.16.33.1/24

    172.16.44.51
    172.16.35.50

    Copyright@2024
    172.16.33.10 By Eng. Antonio Kiavoloca
    VPC18
    DHCP Server

    Fortinet LAB – Securing Enterprise Network v2 172.16.10.2/29


    192.168.120.X/24
    WAN Link
    DHCP Address
    DHCP Address
    20.20.20.20/32
    DHCP Server 172.16.15.1/24
    192.168.120.X/24 172.16.15.X/24
    OAM-VLAN 172.16.55.1/24

    172.16.30.2/30
    DATA-VLAN 172.16.40.2/30
    172.16.25.1/29
    172.16.55.X/24
    18.18.18.18/32

    DATA-VLAN OAM-VLAN
    172.16.10.1/29
    172.16.20.1/30
    DHCP Address NAT to 28.3 172.16.30.1/30
    172.16.35.1/24 172.16.40.1/30 10.10.10.10/32
    172.16.33.1/24 172.16.20.2/30
    Test scenario-3 1
    172.16.25.2/29 172.16.44.1/24
    VPC18 ping to VPC12 (IP Mapping + NAT 172.16.28.1/29 172.16.20.0/29
    172.16.28.2/29
    Policy at Fortinet1) 12.12.12.12/32 2
    19.19.19.19/32

    DHCP Server 172.16.28.0/29


    2 1
    172.16.35.X/24 DHCP Server
    172.16.33.1/24 172.16.44.X/24 Copyright@2024
    By Eng. Antonio Kiavoloca

    172.16.44.51
    172.16.35.50

    172.16.33.10
    VPC18
    DHCP Server

    Fortinet LAB – Securing Enterprise Network v2 172.16.10.2/29


    192.168.120.X/24
    WAN Link
    DHCP Address
    DHCP Address
    20.20.20.20/32
    DHCP Server 172.16.15.1/24
    192.168.120.X/24 172.16.15.X/24
    OAM-VLAN 172.16.55.1/24

    172.16.30.2/30
    DATA-VLAN 172.16.40.2/30
    172.16.25.1/29
    172.16.55.X/24
    18.18.18.18/32

    DATA-VLAN OAM-VLAN
    172.16.10.1/29
    172.16.20.1/30
    DHCP Address 172.16.30.1/30
    172.16.35.1/24 172.16.40.1/30 10.10.10.10/32
    Test scenario-4 172.16.33.1/24 172.16.20.2/30
    1
    172.16.25.2/29
    NAT to 33.10 172.16.44.1/24
    VPC12 ping to VPC18 (IP Mapping + NAT 172.16.28.1/29 172.16.20.0/29
    172.16.28.2/29
    Policy at Fortinet1) 12.12.12.12/32 2
    19.19.19.19/32

    DHCP Server 172.16.28.0/29


    2 1
    172.16.35.X/24 DHCP Server
    172.16.33.1/24 172.16.44.X/24
    Copyright@2024
    By Eng. Antonio Kiavoloca

    172.16.44.51

    172.16.35.50

    172.16.33.10
    VPC18
    Copyright@2024
    By Eng. Antonio Kiavoloca

    Fortinet LAB
    Securing Enterprise Network v2
    About the author
    António Kiavoloca is a professional with more than 9 years of
    The way to get
    experience in networks, computing systems and telecommunications,
    having designed, implemented network services, and integrated
    started is to quit
    multivendor devices, subsea interconnection projects. Holding a
    senior level in project management, having led wholesales and talking and begin
    corporate implementations (Data, VPN, Voice, and Interconnection).
    Skilled to design and implement ICT ecosystems and network for
    enterprise and service providers.
    doing.
    Coordinated network projects for national backbone
    via IPMPLS over DWDM; Implementation of Walt Disney
    transmission network via IPMPLS for Mobile Operator
    (access, aggregation and core network layer); Got
    involved in project of BSS and OSS systems as a BPM
    analyst, designing the process workflow for the Pre-
    sales modules.

    by Antonio Kiavoloca
    https://www.linkedin.com/in/antoniokiavoloca
    mutuangola@gmail.com
    +244 943 583 882
    Eng. Antonio Kiavoloca
    Fortinet LAB – Securing Enterprise Network v2 copyright@2024

    You might also like