FortiGate FW policy (.conf)

3/31/2014 - 3:13 PM

FortiGate FW policy (.conf)

config firewall policy
    edit 13
        set srcintf "VLAN-200"
        set dstintf "wan1"
            set srcaddr "192.168.200.0/24"             
            set dstaddr "all"             
        set action accept
        set utm-status enable
        set identity-based enable
        set nat enable
            config identity-based-policy
                edit 1
                    set schedule "always"
                    set logtraffic enable
                    set utm-status enable
                        set groups "FSSO_Guest_Users"                         
                        set service "ANY"                         
                    set av-profile "default"
                    set profile-protocol-options "default"
                next
                edit 2
                    set schedule "always"
                    set logtraffic enable
                        set groups "ssllocal_group"                         
                        set service "ANY"                         
                next
            end
    next
    edit 14
        set srcintf "VLAN-2"
        set dstintf "wan1"
            set srcaddr "192.168.2.0/24" "192.168.1.0/24"             
            set dstaddr "all"             
        set action accept
        set schedule "always"
            set service "ANY"             
        set utm-status enable
        set logtraffic enable
        set profile-protocol-options "default"
        set nat enable
    next
end

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

FortiGate FW policy (.conf)