Addresses; Services; Schedules - Fortinet FortiGate FortiGate-800 Installation And Configuration Manual
Fortinet network device installation and configuration guide
Hide thumbs
Also See for FortiGate FortiGate-800:
- Administration manual (392 pages) ,
- Install manual (64 pages) ,
- Technical note (12 pages)
Table of Contents
Advertisement
Default firewall configuration
Addresses
Services
Schedules
188
To add policies between interfaces, VLAN subinterfaces, and zones, the firewall
configuration must contain addresses for each interface, VLAN subinterface, or zone.
By default the firewall configuration includes the addresses listed in
Table 37: Default addresses
Interface
Address
Internal
Internal_All
External
External_All This address matches all addresses on the external network.
DMZ
DMZ_All
The firewall uses these addresses to match the source and destination addresses of
packets received by the firewall. The default policy matches all connections from the
internal network because it includes the Internal_All address. The default policy also
matches all connections to the Internet because it includes the External_All address.
You can add more addresses to each interface to improve the control you have over
connections through the firewall. For more information about addresses, see
"Addresses" on page
197.
You can also add firewall policies that perform network address translation (NAT). To
use NAT to translate destination addresses, you must add virtual IPs. Virtual IPs map
addresses on one network to a translated address on another network. For more
information about Virtual IPs, see
Policies can control connections based on the service or destination port number of
packets. The default policy accepts connections using any service or destination port
number. The firewall is configured with over 40 predefined services. You can add
these services to a policy for more control over the services that can be used by
connections through the firewall. You can also add user-defined services. For more
information about services, see
Policies can control connections based on the time of day or day of the week when the
firewall receives the connection. The default policy accepts connections at any time.
The firewall is configured with one schedule that accepts connections at any time. You
can add more schedules to control when policies are active. For more information
about schedules, see
Description
This address matches all addresses on the internal network.
This address matches all addresses on the DMZ network.
"Virtual IPs" on page
"Services" on page
"Schedules" on page
205.
Firewall configuration
Table
208.
200.
37.
Fortinet Inc.
- Quick Links:
- Connecting to the Web-Based Manager
Hide quick links:
Advertisement
Table of Contents
