1 00:00:06,330 --> 00:00:11,720 Hello and welcome to this lecture in this lecture we're going to talk about the management of the four 2 00:00:11,720 --> 00:00:18,150 legged firewalls as you have seen up to this point we can access and manage the floodgates through the 3 00:00:18,160 --> 00:00:20,680 CLIA so through the castle. 4 00:00:20,940 --> 00:00:24,650 But there is also another option which I'm sure you would enjoy. 5 00:00:25,140 --> 00:00:28,720 And this one is the graphical user interface. 6 00:00:28,740 --> 00:00:35,500 Well in order to access the the 48 firewalls through the gate we will use H2 to be protocol. 7 00:00:35,550 --> 00:00:40,920 And again we have to make sure that we have access to these 48 firewalls. 8 00:00:40,920 --> 00:00:42,740 So two five three. 9 00:00:42,840 --> 00:00:46,220 It's the it's the second for the gate. 10 00:00:46,260 --> 00:00:49,630 And let's test again 2 5 4. 11 00:00:49,920 --> 00:00:52,290 And this one responds to ICMP. 12 00:00:52,290 --> 00:00:52,710 Perfect. 13 00:00:53,400 --> 00:00:58,320 Now what we have to do is go on to a browser. 14 00:00:58,380 --> 00:01:02,520 I am now opening Microsoft Edge. 15 00:01:02,520 --> 00:01:07,500 And here is 1 9 2 1 6 8 100 a dash. 16 00:01:07,680 --> 00:01:08,160 Sorry. 17 00:01:09,210 --> 00:01:11,640 So 1 9 2 1 6 8. 18 00:01:11,760 --> 00:01:13,310 One hundred two five four. 19 00:01:14,820 --> 00:01:17,670 And we have another one for the second. 20 00:01:18,240 --> 00:01:21,170 So 2 5 3. 21 00:01:21,270 --> 00:01:25,480 So I am now opening two ATP sessions to them. 22 00:01:25,860 --> 00:01:28,390 So I want to manage them through HDP. 23 00:01:28,410 --> 00:01:33,200 It's easier in graphical user interface than just typing on the CLIA. 24 00:01:34,080 --> 00:01:36,360 But it seems that it's not working. 25 00:01:36,360 --> 00:01:44,430 So we can really this page but at the same time we have seen that ICMP connectivity is working. 26 00:01:44,430 --> 00:01:46,770 So again what could be the issue. 27 00:01:46,770 --> 00:01:54,720 Well remember we have talked up to this point about some some protocols being allowed or added to the 28 00:01:54,720 --> 00:01:58,990 list so that in that case ICMP to work. 29 00:01:59,010 --> 00:01:59,900 Right. 30 00:01:59,940 --> 00:02:02,900 So this time it's basically the same thing. 31 00:02:02,910 --> 00:02:09,600 So we have connectivity to both of the firewalls but ATP sessions or H2 sessions are not permitted to 32 00:02:09,600 --> 00:02:11,920 these machines. 33 00:02:11,970 --> 00:02:14,910 So let's go to the CLIA. 34 00:02:15,330 --> 00:02:16,900 This one is 48 1. 35 00:02:16,980 --> 00:02:18,130 I will now log in. 36 00:02:18,600 --> 00:02:27,110 So admin no password just hit enter and let's check the configuration for Port 2. 37 00:02:27,120 --> 00:02:32,240 So show system interface port to. 38 00:02:32,560 --> 00:02:38,660 I'm not using question mark because I want to see exactly the running configuration so I now hit enter 39 00:02:39,900 --> 00:02:46,050 and we can see that in the allow access list we have now ping which we have added earlier in order to 40 00:02:46,050 --> 00:02:53,040 have connectivity ICMP connectivity between the land P.C. and this specific firewall. 41 00:02:53,040 --> 00:03:02,190 Now let's also add HDP HDP us so that we can manage the 48 firewall through on ETP session. 42 00:03:02,190 --> 00:03:16,500 Let's go on and say config sys interface and I will edit port 2 instead of saying Sep allow access it 43 00:03:16,500 --> 00:03:23,310 will override the existing configuration if you do that I would say append so add something else to 44 00:03:23,310 --> 00:03:31,870 the allow access list and if I hit now question mark you can see here HDP H2 G.P.S. access. 45 00:03:31,920 --> 00:03:41,750 So let's add this ETP and if GDP is 80 percent GDP and and this should work now. 46 00:03:41,760 --> 00:03:42,140 Right. 47 00:03:42,810 --> 00:03:47,010 So let's try and refresh the page so refresh 48 00:03:51,240 --> 00:03:52,350 and here it is. 49 00:03:52,350 --> 00:03:56,120 So now I'm being asked for username and password credentials. 50 00:03:56,370 --> 00:04:00,870 I will do an admin on the user nothing for the password click log in 51 00:04:05,600 --> 00:04:06,740 and here it is. 52 00:04:06,740 --> 00:04:16,040 So I am now able to log in to the graphical user interface in order to manage this 48 firewall let us 53 00:04:16,040 --> 00:04:17,750 do the same for the second one. 54 00:04:18,800 --> 00:04:24,270 So again go to the gate 2. 55 00:04:24,480 --> 00:04:27,810 I will now log in with admin and no password. 56 00:04:28,740 --> 00:04:38,180 Let's show system interface port 2 This is facing the lamb we have only ping we should add something 57 00:04:38,180 --> 00:04:38,690 else right. 58 00:04:38,720 --> 00:04:52,820 So HDP so config sys interface and let's say edit port to to edit port 2 again I will not say set allow 59 00:04:52,820 --> 00:04:54,000 access in order. 60 00:04:54,140 --> 00:04:55,450 Well let's do it. 61 00:04:55,460 --> 00:04:59,210 So set allow access HDP and H2 G.P.S.. 62 00:04:59,570 --> 00:05:08,630 I'll now say and and say show sys interface port to in order to see the current applied configuration. 63 00:05:09,740 --> 00:05:16,550 So now you see that when doing only when doing said allow access only those specific options that you 64 00:05:16,550 --> 00:05:20,900 will put there will be added and old ones will be overridden. 65 00:05:20,900 --> 00:05:25,980 So now if you go and try to ping again. 66 00:05:26,690 --> 00:05:28,070 So 2 5 3. 67 00:05:28,070 --> 00:05:31,050 So the second 48 it will not work anymore. 68 00:05:31,280 --> 00:05:33,110 So let's debate the proper way now. 69 00:05:34,890 --> 00:05:49,930 For you to configure system interface edit port 2 and append allow access also ping and end 70 00:05:54,120 --> 00:05:56,520 going back to the command prompt 71 00:05:59,730 --> 00:06:03,290 I will be able to issue another ping. 72 00:06:04,050 --> 00:06:10,650 So let's say 2 5 3 and now the ping is successful. 73 00:06:10,920 --> 00:06:19,850 Let's get back to Microsoft Edge and try also to connect to the HDP through HDP to the second 48. 74 00:06:19,860 --> 00:06:30,090 So now one into wanting say 100 die and that 2 5 3 log in credentials admin no password hit enter and 75 00:06:30,090 --> 00:06:39,750 I shouldn't be provided graphical user interface in order to configure the firewall so 48 1 one it's 76 00:06:41,120 --> 00:06:41,840 okay. 77 00:06:43,280 --> 00:06:43,670 Yes. 78 00:06:43,670 --> 00:06:47,640 Here is the hostname that we have defined previously 48 1. 79 00:06:47,720 --> 00:06:49,230 Let's go to 48 to now. 80 00:06:50,180 --> 00:06:53,010 So it's now loading the page. 81 00:06:53,150 --> 00:06:53,900 So here it is. 82 00:06:53,900 --> 00:07:00,900 Now we have gained access in order to configure or verify and manage both of the 48. 83 00:07:01,070 --> 00:07:02,060 And guess what. 84 00:07:02,060 --> 00:07:07,730 Because now we have access to this to this interface. 85 00:07:07,820 --> 00:07:14,600 If you go to whatever 48 you want and if you're running if you're running the graphical user interface 86 00:07:14,630 --> 00:07:21,520 but at any point you need because there are some some of the cases like this you need to go to the CLIA. 87 00:07:21,620 --> 00:07:23,690 Here is the magic button to do it. 88 00:07:23,690 --> 00:07:31,310 So if I click this one it will open a CLIA console so that I can access through the site through the 89 00:07:31,310 --> 00:07:36,130 console the following 48 from the Web from the web interface. 90 00:07:36,140 --> 00:07:37,930 So this is it. 91 00:07:37,940 --> 00:07:40,610 So show what. 92 00:07:41,400 --> 00:07:42,530 Let's show an interface. 93 00:07:42,540 --> 00:07:42,930 I don't know. 94 00:07:42,930 --> 00:07:49,850 Show system interface port to the one that we have configured. 95 00:07:50,170 --> 00:07:55,110 Here is the configuration the IP and the allowed access protocol list. 96 00:07:55,110 --> 00:07:58,200 So thank you for viewing and see you in the next lecture.