Table of Contents
Advertisement
Default firewall configuration
Default firewall configuration
Interfaces
192
•
IP/MAC binding
•
Content profiles
By default, the users on your internal network can connect through the FortiGate unit
to the Internet. The firewall blocks all other connections. The firewall is configured with
a default policy that matches any connection request received from the internal
network and instructs the firewall to forward the connection to the Internet.
The default policy also applies virus scanning to all HTTP, FTP, SMTP, POP3, and
IMAP traffic matched by the policy. The policy applies virus scanning because the
Antivirus & Web Filter option is selected and the Content profile is set to Scan. For
more information about content profiles, see
Figure 52: Default firewall policy
•
Interfaces
•
VLAN subinterfaces
•
Zones
•
Addresses
•
Services
•
Schedules
•
Content profiles
Add policies to control connections between FortiGate interfaces and between the
networks connected to these interfaces. By default, you can add policies for
connections that include the internal and external interfaces.
Use the following steps to add an interface to the firewall policy grid. You would have
to add an interface to the policy grid if you previously removed it from the policy grid to
add it to a zone.
1
If they are down, start the interfaces up.
See
"Changing the administrative status of an interface" on page
2
Add IP addresses to the interfaces.
See
"Configuring interfaces" on page
3
Add firewall addresses for these interfaces.
See
"Adding addresses" on page
"Content profiles" on page
142.
202.
Firewall configuration
223.
143.
Fortinet Inc.
Advertisement
Table of Contents
