"All other than" in Fortigate ?

Forum|Forum|5 years ago
October 14, 2020
1 reply
4657 views

Hi,

Mikrotik have special exclamation mark in policy or firewall settings, If I put it before port number 80 it means NOT 80

so configured rule would be applyed to ALL ports but 80 Lets say I should blocking p2p, but want p2p to be available on computer 192.168.0.3 so I can configure it like src address = !192.168.0.3 so it would apply to ALL but 192.168.0.3

do Fortios/Fortigate have something similar?

thanks.

Toshi_Esumi

SuperUser

I think this is what you're looking for.

https://kb.fortinet.com/kb/documentLink.do?externalID=FD33959

But I never used it because without negate enabled, you can easily do the same thing with two policies; the first one to allow 192.168.0.3/32 then the second one to block "all" sources.

Tutek_OLDAuthor

New Member

Indeed similar option but very limited.

Doing your way I need to double policy to configure one thing, so it not help to keep all policies clean and simple.

emnoc

New Member

I all most never seen negate used for src or destinations in policyid.You allow what you want and deny what you need imho

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded