In a previous post, I have created a sample of FortiGate config with Terraform. This was all performed locally from a Windows machine. While this is good in a lab environment, the major problem with it is that the management doesn’t scale. If there is more than a single network engineer, they need to share […]
FortiGate Terraform with GitLab CI/CD Pipeline Read More »
This lab takes the initial config from the post, Creating FortiGate Config with Terraform, and adds in the IPS config to the firewall rule that permits all traffic between INSIDE and DMZ. The IPS policy is the default from FortiNet that blocks critical attacks. The attack that I will demonstrate is the ever popular vsftpd
Enabling FortiGate IPS with Terraform – Metasploit Test Read More »
For this lab I have created a small topology with a FortiGate which will be configured with Terraform. There are two networks INSIDE 192.168.10.0/24 and DMZ 192.168.20.0/24. The other interface is for OUTSIDE this is connected into my home lab network and has an IP of 10.10.30.215. Terraform is used to configure the FortiGate firewall,
Creating FortiGate Config with Terraform Read More »
Terraform can be downloaded from here, Select the OS (Windows, in this case) and CPU type ADM64 is most likely. Once downloaded, extract the executable and move it somewhere. I have moved it to C:\Terraform Then add it to the path environment variable under: system >>> settings >>> Advanced system settings >>> environment variables Once
Terraform Installation – Windows Read More »
I am going to demonstrate two different FortiGate versions. 6.2.3 and 7.2.4. The major differences for a lab are in regards to the trial licencing and the limitations each has. The FortiGate trial licencing has some limitations that should be understood. Pre 7.2.1 the images had limited encryption usage quite heavily. For me this was
Adding FortiGate to GNS3 Read More »