1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Firewall
  5. FortiGate FortiGate-60R
  6. Installation and configuration manual

Firewall Policy Example - Fortinet FortiGate FortiGate-60R Installation And Configuration Manual

Antivirus firewall
Hide thumbs
Table of Contents

Advertisement

NAT/Route mode installation

Firewall policy example

FortiGate-60R Installation and Configuration Guide
Firewall policies control how traffic flows through the FortiGate unit. Once routing for
multiple internet connections has been configured you must create firewall policies to
control which traffic is allowed through the FortiGate unit and the interfaces through
which this traffic can connect.
For traffic originating on the Internal network to be able to connect to the Internet
through both Internet connections, you must add redundant policies from the internal
interface to each interface that connects to the Internet. Once these policies have
been added, the routing configuration controls which internet connection is actually
used.
Adding a redundant default policy
Figure 7 on page 52
and DMZ interfaces. The default policy allows all traffic from the internal network to
connect to the Internet through the WAN1 interface. If you add a similar policy to the
internal to WAN2 policy list, this policy will allow all traffic from the internal network to
connect to the Internet through the WAN2 interface. With both of these policies added
to the firewall configuration, the routing configuration will determine which Internet
connection the traffic from the internal network actually uses. For more information
about the default policy, see
To add a redundant default policy
1
Go to Firewall > Policy > Int->WAN2.
2
Select New.
3
Configure the policy to match the default policy.
Source
Internal_All
Destination
WAN2_All
Schedule
Always
Service
ANY
Action
Accept
NAT
Select NAT.
4
Select OK to save your changes.
Adding more firewall policies
In most cases your firewall configuration includes more than just the default policy.
However, the basic premise of creating redundant policies applies even as the firewall
configuration becomes more complex. To configure the FortiGate unit to use multiple
Internet connections you must add duplicate policies for connections between the
internal network and both interfaces connected to the Internet. As well, as you add
redundant policies, you must arrange them in both policy lists in the same order.
Configuration example: Multiple connections to the Internet
shows a FortiGate unit connected to the Internet using its internal
"Default firewall configuration" on page
140.
57

Advertisement

Table of Contents
loading

Related Manuals for Fortinet FortiGate FortiGate-60R

Related Content for Fortinet FortiGate FortiGate-60R

This manual is also suitable for:

Fortigate 60r

Table of Contents