Fortinet black logo

User Guide

Home FortiPortal 7.0.0 User Guide
7.0.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.3.8
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.0
5.2.0
4.1.0

Configuring policies

Configuring policies

Go to Policy to create and edit policies.

Your service provider can grant write access to your policies. If so, you are enabled to create/edit/delete, enable/disable, and change the order of the policies.

If not, FortiPortal displays a warning message and restricts the data in the Policy page to read-only.

Adding a new firewall policy

  1. Go to Policy.
  2. Select a policy package where this policy is created and Firewall Policy in Policy type.
  3. Select Create to create a new policy.

    The Create Firewall Policy window opens.

  4. In the Create Firewall Policy window, enter the following information:

    Settings

    Guidelines

    Name

    Name for the policy.

    Incoming Interface

    From the dropdown, select one or more incoming interfaces.

    Outgoing Interface

    From the dropdown, select one or more outgoing interfaces.

    Source Internet Service

    Enable/disable the source internet service, then select services.

    This option is only available for IPv4 policies.

    IPv4 Source Address

    Select the IPv4 source addresses.

    This option is only available when Source Internet Service is disabled.

    Source User

    Select source users.

    Source User Group

    Select source user groups.

    FSSO Groups

    Select the FSSO groups added via Fortinet Single Sign-On.

    Destination Internet Service

    Enable/disable the destination internet service, then select services.

    This option is only available for IPv4 policies.

    IPv4 Destination Address

    Select to add one or more address objects.

    This option is only available when Destination Internet Service is disabled.

    Service

    Select services and service groups.

    This option is only available when Destination Internet Service is disabled.

    Schedule

    Select one entry from the dropdown.

    Action

    Accept or deny.

    Disclaimer Options

    Display Disclaimer

    Enable disclaimer for this type of traffic.

    Customize Message

    From the dropdown, select a customized message.

    This option is only available if Display Disclaimer is enabled.

    Logging Options

    Log Violation Traffic

    Enable to create a log for each denied packet.

    Generate Logs when Session Starts

    Enable to generate logs when the session starts.

    Advanced

    WCCP

    Enable Web Cache Communication Protocol (WCCP).

    Exempt from Captive Portal

    Select to exempt from the captive portal.

    Comments

    Optionally, enter a comment for the policy.
  5. Click Save.

Updating a policy

To update a policy:
  1. Select a policy and then select Edit.
  2. Modify the relevant fields and select Save.

Deleting a policy

To delete a policy:
  1. Select policies in the list and then select Delete.

Re-installing the policy

To reinstall the policy:
  1. After you create or edit a policy, select Install to view the installation targets.
  2. Select the device and then select Install to install the policy packages to the assigned device.
Previous
Next

Configuring policies

Go to Policy to create and edit policies.

Your service provider can grant write access to your policies. If so, you are enabled to create/edit/delete, enable/disable, and change the order of the policies.

If not, FortiPortal displays a warning message and restricts the data in the Policy page to read-only.

Adding a new firewall policy

  1. Go to Policy.
  2. Select a policy package where this policy is created and Firewall Policy in Policy type.
  3. Select Create to create a new policy.

    The Create Firewall Policy window opens.

  4. In the Create Firewall Policy window, enter the following information:

    Settings

    Guidelines

    Name

    Name for the policy.

    Incoming Interface

    From the dropdown, select one or more incoming interfaces.

    Outgoing Interface

    From the dropdown, select one or more outgoing interfaces.

    Source Internet Service

    Enable/disable the source internet service, then select services.

    This option is only available for IPv4 policies.

    IPv4 Source Address

    Select the IPv4 source addresses.

    This option is only available when Source Internet Service is disabled.

    Source User

    Select source users.

    Source User Group

    Select source user groups.

    FSSO Groups

    Select the FSSO groups added via Fortinet Single Sign-On.

    Destination Internet Service

    Enable/disable the destination internet service, then select services.

    This option is only available for IPv4 policies.

    IPv4 Destination Address

    Select to add one or more address objects.

    This option is only available when Destination Internet Service is disabled.

    Service

    Select services and service groups.

    This option is only available when Destination Internet Service is disabled.

    Schedule

    Select one entry from the dropdown.

    Action

    Accept or deny.

    Disclaimer Options

    Display Disclaimer

    Enable disclaimer for this type of traffic.

    Customize Message

    From the dropdown, select a customized message.

    This option is only available if Display Disclaimer is enabled.

    Logging Options

    Log Violation Traffic

    Enable to create a log for each denied packet.

    Generate Logs when Session Starts

    Enable to generate logs when the session starts.

    Advanced

    WCCP

    Enable Web Cache Communication Protocol (WCCP).

    Exempt from Captive Portal

    Select to exempt from the captive portal.

    Comments

    Optionally, enter a comment for the policy.
  5. Click Save.

Updating a policy

To update a policy:
  1. Select a policy and then select Edit.
  2. Modify the relevant fields and select Save.

Deleting a policy

To delete a policy:
  1. Select policies in the list and then select Delete.

Re-installing the policy

To reinstall the policy:
  1. After you create or edit a policy, select Install to view the installation targets.
  2. Select the device and then select Install to install the policy packages to the assigned device.
Previous
Next