Adding firewall policies for virtual domains, Adding addresses for virtual domains – Fortinet FortiGate-800 User Manual

152

Fortinet Inc.

Virtual domains in Transparent mode

Network configuration

Adding firewall policies for virtual domains

Once the network configuration for the virtual domain is complete, you must create
firewall policies for the virtual domain to allow packets to flow through the firewall
between VLAN subinterfaces.

•

Adding addresses for virtual domains

•

Adding firewall policies for virtual domains

Adding addresses for virtual domains

Before you can create firewall policies for a virtual domain, you must add source and
destination addresses for the VLAN subinterfaces and zones added to the virtual
domain.

1

Go to Firewall > Address.

2

Select the VLAN subinterface or zone to which to add the address.

3

Select New to add a new address.

4

Enter an Address Name to identify the address.

5

Enter the IP Address.

6

Enter the NetMask.

7

Select OK to add the address.

Adding firewall policies for virtual domains

Add Firewall policies to control connections and traffic between FortiGate VLAN
subinterfaces and zones in a virtual domain.

1

Go to Firewall > Policy.

2

Select the Virtual Domain to which you want to add the policy.

3

Select a source VLAN subinterface or zone.

4

Select a destination VLAN subinterface or zone.
VLAN subinterfaces or zones only appear in the source and destination lists if they
have been added to the selected virtual domain and if you have added firewall
addresses for them.
The source and destination cannot be the same VLAN subinterface or zone.

5

Select New to add a new policy.

6

Configure the policy.

7

Select OK to add the policy.