Staff

Technical Tip: How to configure multiple interfaces on a firewall policy (GUI)

Forum|Forum|8 years ago
September 5, 2017
0 replies
22775 views

Description

By default on the firewall policy GUI, multiple interfaces can not be set. This article describes how to enable this feature.

Scope

FortiGate.

Solution

Enable the Multiple Interface Policies under System -> Feature on GUI.
Once this option has been enabled in the GUI, enable it in the CLI.

config system settings

set gui-multiple-interface-policy enable

end

Once enabled, refresh the firewall page. Then, go to the firewall policy and add multiple interfaces as required.

Note:

On versions before 7.4, using multiple incoming/outgoing interfaces in the firewall policy will cause the 'Interface Pair View' to be greyed out as shown below. Starting from FortiOS 7.4, 'Interface Pair View' will not be greyed out.

policy view.PNG

Related articles:

Technical Tip: Firewall policy views
Technical Tip: How to allow the configuration of policies with multiple source/destination interfaces or 'any'
Technical Tip: Cannot create firewall policies with interface 'any'

FortiGate
firewall policy

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded