Solved

Configure FortiGate 60D to Allow ALL traffic to a specific destination

Posted on 2016-08-23
6
48 Views
Last Modified: 2016-09-05
Hi,

I have a fortinet firewall device which Ive inherited which needs a firewall added so all traffic from a specific address as full access in and out. Does anyone on EE have any experience with this firewall?

Thanks in advance
SycamoreIT
0
Comment
Question by:SycamoreIT
  • 3
  • 3
6 Comments
 
LVL 20

Accepted Solution

by:
Jakob Digranes earned 500 total points
ID: 41767468
should be fairly easy. Log in - go to policy and object. create an address object for the IP-address. Choose interface any and subnet mask 255.255.255.255

then go to policy - choose NEW and create and from INTERFACE (which is the interface where the specific address is located, like for instance LAN) - and address object as FROM address. Then choose DESTINATION interface and address ANY. Service choose ANY and schedule - ANY
If needed, add NAT to rule. If you need traffic to go to internet or simply needs NATing
0
 

Author Comment

by:SycamoreIT
ID: 41770159
Hi Jakob,

This is what I have so far. Not sure if the Incoming interface is correct? Im setting up a rule for our IP phones which are on our local lan so will "any" do for this option? In source Address, Ive select a predefined group which covers our local lan, outgoing interface, Ive selected our Virgin Line, Destination ive inserted the IP address we want our phones to connect to and thats as far as I got.

Can you advise please?
experts.png
0
 
LVL 20

Expert Comment

by:Jakob Digranes
ID: 41776112
You need to Enable NAT
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:SycamoreIT
ID: 41777885
Hi Jakob,

I have implented the above, how can I test if its working?

Ta
SycamoreIT
0
 
LVL 20

Expert Comment

by:Jakob Digranes
ID: 41777913
you could perhaps connect a computer within that address range, and do a telnet to servers you want to reach
0
 

Author Closing Comment

by:SycamoreIT
ID: 41784316
Thanks
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now