Adding firewall policies, Firewall policy options, Source – Fortinet FortiGate 50A User Manual
Page 140: Destination, Schedule, Service
140
Fortinet Inc.
Adding firewall policies
Firewall configuration
Adding firewall policies
Add Firewall policies to control connections and traffic between FortiGate interfaces.
To add a firewall policy
1
Go to Firewall > Policy.
2
Select the policy list to which you want to add the policy.
3
Select New to add a new policy.
You can also select Insert Policy before
on a policy in the list to add the new
policy above a specific policy.
4
Configure the policy:
For information about configuring the policy, see
“Firewall policy options” on page 140
.
5
Select OK to add the policy.
6
Arrange policies in the policy list so that they have the results that you expect.
For information about arranging policies in a policy list, see
.
Firewall policy options
This section describes the options that you can add to firewall policies.
Source
Select an address or address group that matches the source address of the packet.
Before you can add this address to a policy, you must add it to the source interface.
For information about adding an address, see
Destination
Select an address or address group that matches the destination address of the
packet. Before you can add this address to a policy, you must add it to the destination
interface. For information about adding an address, see
.
For NAT/Route mode policies where the address on the destination network is hidden
from the source network using NAT, the destination can also be a virtual IP that maps
the destination address of the packet to a hidden destination address. See
Schedule
Select a schedule that controls when the policy is available to be matched with
connections. See
.
Service
Select a service that matches the service (port number) of the packet. You can select
from a wide range of predefined services or add custom services and service groups.
See