Posts

Showing posts from August, 2023

How to create DHCP server and a policy in the Fortigate

-
Here is an example script that demonstrates how to use the  fortigate-api  package to create a DHCP server and a policy in the Fortigate   from fortigate_api import FortigateAPI # Create a FortigateAPI object fgt = FortigateAPI(host="host", username="username", password="password") # Create a DHCP server data = {     "default-gateway": "192.168.255.1",     "netmask": "255.255.255.0",     "interface": "vlan.123",     "ip-range": [         {"start-ip": "192.168.255.2", "end-ip": "192.168.255.254",}     ], } fgt.dhcp_server.create(data) # Create a policy in the Fortigate data = dict(     name="POLICY",     status="enable",     action="accept",     srcintf=[{"name": "any"}],     dstintf=[{"name": "any"}],     srcaddr=[{"name": "all"}],     dstaddr=[{"name&quo
Post a Comment
Read more

IPsec Tunnel Between FortiGate Firewall and Cisco Router

-
Image
  IPsec Tunnel Between FortiGate Firewall and Cisco Router Cisco IPsec Tunnel Configuration: - hostname WAN_ROUTER   Phase-1 crypto isakmp policy 2   hash md5   authentication pre-share   group 2 crypto isakmp key Admin@123 address 172.16.1.1   Phase-2 crypto ipsec transform-set Cisco_to_Fortinet esp-des esp-md5-hmac   mode tunnel     crypto map Cisco_to_Fortinet 2 ipsec-isakmp   set peer 172.16.1.1   set transform-set Cisco_to_Fortinet   match address vpn-traffic   ip dhcp pool LAN   network 10.1.1.0 255.255.255.0   default-router 10.1.1.254     interface GigabitEthernet0/0   ip address 172.16.1.2 255.255.255.252   duplex auto   speed auto   media-type rj45   crypto map Cisco_to_Fortinet   ip access-list extended vpn-traffic   permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255   permit ip 10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255   access-list 100 permit ip 192.168.1.0 0.0.0.255 any  
Post a Comment
Read more