Interfaces, Vlan subinterfaces, Zones – Fortinet FortiGate-800 User Manual
Page 187: Interfaces vlan subinterfaces zones
Firewall configuration
Default firewall configuration
FortiGate-800 Installation and Configuration Guide
187
Interfaces
Add policies to control connections between FortiGate interfaces and between the
networks connected to these interfaces. By default, you can add policies for
connections that include the internal, external, and DMZ interfaces.
To add policies that include the port1 to port4 interfaces, you must use the following
steps to add these interfaces to the firewall policy grid:
1
If they are down, start the interfaces up.
See
“Changing the administrative status of an interface” on page 139
2
Add IP addresses to the interfaces.
See
“Configuring interfaces” on page 138
3
Add firewall addresses for these interfaces.
See
“Adding addresses” on page 197
.
VLAN subinterfaces
You can also add VLAN subinterfaces to the FortiGate configuration to control
connections between VLANs. For more information about VLANs, see
“Virtual domains in Transparent mode” on
To add policies that include VLAN subinterfaces, you must use the following steps to
add the VLAN subinterfaces to the firewall policy grid:
1
Add VLAN subinterfaces to the FortiGate configuration.
2
Add firewall addresses for the VLAN subinterface.
See
“Adding addresses” on page 197
.
Zones
You can add zones to the FortiGate configuration to group together related interfaces
and VLAN subinterfaces to simplify firewall policy creation. For more information
about zones, see
“Configuring zones” on page 137
.
To add policies for zones, you must use the following steps to add the zones to the
firewall policy grid:
1
Add zones to the FortiGate configuration.
See
.
2
Add interfaces and VLAN subinterfaces to the zone.
See
“Adding an interface to a zone” on page 139
.
3
Add firewall addresses for the zone.
See
“Adding addresses” on page 197
.