Fortinet black logo

Cookbook

Home FortiGate / FortiOS 5.6.0 Cookbook

Creating a security policy

5.6.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:832175
Download PDF

Creating a security policy

The IPsec wizard automatically creates a security policy allowing IPsec VPN users to access the internal network. However, since split tunneling is disabled, you must create another policy to allow users to access the Internet through the FortiGate.

  1. Go to Policy & Objects > IPv4 Policy and select Create New.

    Enter a policy Name (in this example, IPsec-VPN-Internet).

    Set Incoming Interface to the tunnel interface.

    Set Outgoing Interface to wan1.

    Set Source to the IPsec client address range.

    Set Destination to all.

    Set Service to ALL.

    Enable NAT.

Previous
Next

Creating a security policy

The IPsec wizard automatically creates a security policy allowing IPsec VPN users to access the internal network. However, since split tunneling is disabled, you must create another policy to allow users to access the Internet through the FortiGate.

  1. Go to Policy & Objects > IPv4 Policy and select Create New.

    Enter a policy Name (in this example, IPsec-VPN-Internet).

    Set Incoming Interface to the tunnel interface.

    Set Outgoing Interface to wan1.

    Set Source to the IPsec client address range.

    Set Destination to all.

    Set Service to ALL.

    Enable NAT.

Previous
Next