Hi Fortinet Guru, it's nice to see some hints and tips from you, I'm mainly working on the bigger devices in an enterprise environment. (FG1100, FG1800 and upwards) It's sometimes very helpful to see some ideas from a different side of view, it's helps in daily work. Thanks for sharing !

There were a lot of helpful tidbits of knowledge in here! I really appreciate it, especially since I'll be deploying stacks just like what you have shown.

Thanks for the impressive and simple introduction! Great stuff. Makes a lot of sense in that "Forti-Universe". Thanks!

Thanks! That was a great brief description of getting the stack up and running.

Giving this a go tomorrow, can't wait makes a lot of sense Thank you

I love your videos. The one brilliant source of fortiknowledge.

I have a Fortinet Full Stack at my house, and it's pretty cool.

Just what I needed. Thank you so much.

Brief introduction. Thanks a lot.

As always, great videos!

The way you explain things succinctly needs to be studied! For real thank you Mikey!

Have been following your blog and videos. Excellent walk through! Deployed my first full Fortinet Stack (101F configured in a ring mode on the 10G interfaces 2x FS148F-PoE w/10x FortiAP-231E) All i can say is that the video doesn't do justice what the whole solution can actually do. For my client's request, i got to see first hand how powerful the whole integration is. Being able to see devices is one thing, the FortiAP is pretty decent, as its able to also monitor the air in real time for the 231E (yes they even have the meraki spectrum analysis!). Roaming wasn't a problem and didn't require much configuration which i'm quite surprised coming from deploying Ubiquiti/Ruckus/Aruba. I just hope Fortinet has better QC on their Fortigate's firmware.

First time watching you video; love it. Now a subscriber

This was a great video! Thank you so much!!

Thanks for this great teaser of fortinet full stack 👍 I don't know if you already have this video but if you have time can you also discuss multi tenancy capabilities of fortinet firewall, like vdoms/vrf. I'm just collecting use cases that may help us build a network as service provider, currently reviewing fortinet as firewall for this project.. Hope to hear some inputs..🙂 cheers 👍👏 keep it up

Dziękujemy.

That is really helpful. Thank you so much!

That was a great explanation of all of that. I have the 60F, 124PoE, 221E, and a 222E and have just started working at dialing all of this stuff in on my home network. My 60F uploads to my office Fortianalyzer. I can police the kids and keep them off youtube and stuff, and shut off the netflix at night so they actually go to bed. I'd like to see some policy building, as I had a hard time getting the chromebooks locked down.

Thank you!

Great content learned plenty.

Thanks for sharing sir!

So great video!

Great Video!

Hey long time no see a new video...! Missed your excellent videos!!!

it is really nice and helpful

Great video!! You make it easier to understand. Hey, do you know how to split an SD-WAN to share WAN1 through LAN port 2? Just a thought.

Thanks a lot for sharing your knowledge. I have been watching your videos for weeks/month now. And thanks to you I decided to buy a full stack (FG/FS/AP - Book) a week ago for myself and it seems this video came at the perfect moment. Since you mention other brand at the start of your video, I was wondering, even tho Fortinet seems way more advanced and reliable than many brand atm do you think installing Unifi or Edge for very small office is a good idea ? Anyway thanks again for sharing !!!!

Love the content!! What issues have you run into if you don't daisy-chain the switches, but connect them all directly to the firewall and "trunk" them from there?

Love the shirt bro.

Great video! Do you have any FortiNAC demo and/review videos?

Can you please explore more of the lldp med thing and the logic of the allowed / native thing? How do you decide which port is a trunk port? Or basically it does dot1q and you just decide the native

Hey man, you are pretty good at explaining things. Ever thought of doing a NS course? Heaps of CCNA YT focused channels around. Just a thought.

Hello Mike, I have watched a lot of your videos! You are doing a great job, thanks for that! I have a similar setup at home right now, unfortunately without multiple internet connections. Is there a possibility that you created a video regarding FortiSwitch NAC Policies and FortiSwitch Security Policies within this setup? Thank you! Keep up the good work! Regards!

Hey Mike, have you completed your NSE 8 exam? Your content is very helpful.

Alright mate are you still going to do the video of cisco vs fortinet like you did with checkpoint and palo alto that was really good stuff 👍

Any chance on a FortiEDR review? in light of all the latest outbreaks, would be a good time to talk about Fortinets offering compared to crowdstrike, S1, etc

Great

We just upgraded from a Juniper To Fortigate 100e..we are now going waiting to receive 4 FORTINET POE switches

Fortinet are awesome. Beats the like of Sophos, Juniper, barracuda and Watchguard. I want this technology and its a solutions will help ALL the small and mid size now and the future. Where can i learn more.

I love security fabric . Well done Fortinet, the best environnement ! ❤

Great video and just on time as I am preparing to deploy full stack. Video proposal: Trusted CA certificate for deep SSL inspection. Can you recommend any commercial SSL certificate? First certificate I bought has CA:FALSE parameter and I am having problems finding certificate provider that will work for deep inspection and does not cost 200$. Is there any 20$ certificate on the market that will do the job?

Nice video! One question though: As I understand from the example in the video, the fortiswitch is handling the L3. But is the Fortigate then still able to check traffic between l3 vlans?

WOW, Amazing!I work an LAB with 2 FortiGate 60F and 2 FortiSwitch 124F and 4 AP231F What ist the best prec. for 100% HA Stack? Would you pleae so kind and give me a view hints?

Hello! Great video! One question though: I am testing out a similar setup with a FG-40F and have some issues in that the VLANs created on the FortiSwtich are not "easily" used on the FortiGate, meaning that I can not use a FortiSwitch VLAN on the FortiGate internal ports...seems like the two devices can't use the same VLANs? Any thoughts / feedback on that and how to use the some VLANs on both devices and possible to configure FortiGate with VLANs from Fortiswitch?

I want to buy that t-shirt!!!! Where can I get it? Thankfully same applies here in Panama, Central America

Hi Fortinet Guru, can toy stack fortinet switches with DAC cabels? if so, can you advertise a short brief of how to. thanks in advance. Tomer

Great video! I am currently running a 60f and a 231f at home in a home lab. I have been thinking about adding a switch. I have a small network with only 5 wired devices (including the AP) so I was thinking the 108e PoE would be fine, but do you think the 124e PoE is worth the extra cost for future proofing?

I loved your T-shirt 😂❤

Am I right that if I use tunnel mode SSIDs then I will not be able to see Wi-Fi clients from FortiSwitch Ports view, as it is on 23:24?

This pairs perfectly with Microsoft 365 services, two exceptionally seamless technologies.

Great video, just curious why would you use the 3rd octet as your site identifier instead of the 2nd octet which makes alot more sense.

I have 100f , and need to switch over from the wan interface port to an sfp port. How would you proceed?

I would like to know how to configure FWF -> FAP in a mesh environment wireless mesh with VLAN

Do you have url to the compatibility matrix regarding upgrade? I have also run into issues when upgrading fortigate with fortiswitch via fortilink

How would you do your vlans if you have your fw interfaces configured to handle the DHCP?

Mike, if you don't mind answering a dumb question for me. My internal LAN is 192.168.70.x. I have a gateway to gateway VPN to 192.168.1.x. My Data vlan is 10.70.10.x and is part of my INSIDE zone. Firewall policy for INSIDE>VPN is set to allow traffic. I am assuming my static route need to also be set for the 10.70.10.0/24 network, but how? Following this video, I have my VLANs working like yours (Data and Guest, I have no voice) but computers on my Data vlan can't reach the remote end of the VPN.

Great Video......followed your video but noticed with my FortiAP 231F I’m not getting anything faster then 100MB download. I do have a 1gig connection. Wired connections I have no issues. Any thoughts?

how can you add fortigate hardware switch ports to the fortiswitch vlan after the fortilink is up and running ?

Hello. I have a question for you: Is it possible in Fortigate to implement ADVPN using IPsec aggregate tunnels both on HUB and Spoke? Thank you.

I've wanted to try a Fortinet firewall, but the licenses are expensive for a home lab :(

Can someone help with fqdn as I need to learn to to acess PCs with host name instead of IP when using Vpn

I noticed the warning "Security Fabric Connection is disabled" but obviously you are running security fabric? I seem to recall full fabric needs a FortiAnalyzer, is that so and why if so?

The last ports on all switches LAN devices should always be your uplink ports it is best practice really

in FortiSwitch how to set port to accept ip phone with VOICE vlan40 and DATA in vlan30 because switch port > ip phone > pc all connected to switch using 1 ethernet port

Is 6.4.6 considered stable now? I was considering upgrading from 6.2.1 to 6.2.8 on my 301E and 501E.

what is a perimeter firewall ? please can someone answer me ! I have been hearing this word from so long, but still dont have a clue , whats a "perimeter" firewall

The AP on the FortiWiFi only has one radio, so can only run either 2.4ghz or 5ghz.

How can I contact you so I can ask for some advice? I’m in CA

I challenge your subnet and vlan design. The second octet should be the site identifier while the 3rd is for the VLAN ID. Maybe you said it wrong @ 12:20

Any ideas on the fortiextenders?

how to get a tshit like that ?

Hi any spare REG REF you could borrow me ? thanks

I currently have this... [FGT-61F]──(LAN-AGG (Fortilink))──(Ports 2+3+4+5Ports 25+26+27+28)──[FSW-124E-FPOE]──(Ports 23+24Ports 9+10)──[FSW-108E-FPOE] I want to do this... ┌──(Ports A+BPorts 9+10)─────[FSW-108E-FPOE] [FGT-61F]──(LAN-AGG (Fortilink))─┤ └──(Ports 2+3+4+5Ports 25+26+27+28)──[FSW-124E-FPOE] Is this possible with FortiLink split interface? Per the research I have done, things keep pointing to MCLAG but I don't want to complicate things. Any advice?

The UTP cable that's comes with the fortiSwitsh or FortiGate esa WHITE, NOT yellow

Do you work for fortinet?

Did you have a problem where Access Points Randomly disconnect from Controller? we have 2 networks of about 150 APs each and it happens all the time. Every week there is at least 5 Disconnected AP.

The vedio is not clear my friend

you missed mikrotik!

First 😂

Mikrotik works better than fortinet)

Palo is better

That thing is junk and nothing but problems. I went back to Cisco stuff

What a shitty products. It is probably great for SOHO, but Fortinet has really weak IPS.

I have the same Fortinet stack connecting my Fortigate to FortiSwtich via FortiLink Interface A and from FortiSwitch PoE connection to FortiAP 221E. Using the 7.2.4 firmware on FG & FS. But I am getting rid of FortiSwitch and ForiAP as the switch is highly unreliable when connecting via FortiLink. The Fortilink between the Fortigate and FortiSwitch will drop to 100mbps despite replacing with brand new Cat 6E cables. And the only way to resolve the issue was to hard reset the switch. After reset and re-established the FortiLink, the same cable that was reporting 100mbps suddenly becomes 1Gbps. But on and off the Fortigate will report the authorized FortiSwitch is Offline. And I had to hard reset, authorized the switch and everything become normal again. The FortiAP wifi performance also sucks as my client will complain about the slow speed when connected to it. I had checked all the configs and the thing is a Asus home AP is more reliable then the more expensive FAP. I am keeping the Fortigate as it's very reliable in my opinion. Already ordered Unifi switch and U6E AP to replace my FortiSwitch and FortiAP. Will be testing them together with Fortigate before deploying them to Production sites. Give up hopes for FortiSwitch and FortiAP. Sad.