Adding A Policy Route - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Policy Route
Adding a policy route
352
Edit icon
Edit a policy route.
Move To icon
After selecting this icon, enter the destination position in the window that
appears, and select OK.
For more information, see
To add a policy route, go to Router > Static > Policy Route and select Create New.
For more information on Type of Service, see
Figure 184
shows the New Routing Policy dialog box belonging to a FortiGate unit that
has interfaces named "external" and "internal". The names of the interfaces on your
FortiGate unit may be different.
Figure 184: Example policy route to route all HTTP traffic received at port5 to port4
Protocol
To perform policy routing based on the value in the protocol field of the
packet, enter the protocol number to match. The Internet Protocol Number is
found in the IP packet header.
you can find a list of the assigned protocol numbers here. The range is from 0
to 255. A value of 0 disables the feature.
Tip: Commonly used Protocol settings include 6 to route TCP sessions, 17
for UDP sessions, 1 for ICMP sessions, 47 for GRE sessions, and 92 for
multicast sessions.
Incoming Interface Select the name of the interface through which incoming packets subjected to
the policy are received.
Source Address /
To perform policy routing based on the IP source address of the packet, type
the source address and network mask to match. A value of
Mask
0.0.0.0/0.0.0.0 disables the feature.
Destination
To perform policy routing based on the IP destination address of the packet,
type the destination address and network mask to match. A value of
Address / Mask
0.0.0.0/0.0.0.0 disables the feature.
Destination Ports
To perform policy routing based on the port on which the packet is received,
type the same port number in the From and To fields. To apply policy routing
to a range of ports, type the starting port number in the From field and the
ending port number in the To field. A value of 0 disables this feature.
The Destination Ports fields are only used for TCP and UDP protocols. The
ports are skipped over for all other protocols.
Type of Service
Use a two digit hexadecimal bit pattern to match the service, or use a two digit
hexadecimal bit mask to mask out. For more information, see
Service" on page
"Moving a policy route" on page
"Type of Service" on page
RFC 5237
describes protocol numbers and
353.
FortiGate Version 4.0 MR1 Administration Guide
Router Static
354.
353.
"Type of
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
Advertisement
Table of Contents
