Skip to main content
Hermine
Hermine
Explorer
May 31, 2022
Solved

Audit

  • May 31, 2022
  • 2 replies
  • 2804 views

Hello, how to configure anti spoofing and statefull ??

Best answer by Toshi_Esumi

Opposite. If you enabled it, it wouldn't be "anti-spoofing" and most of (stateful) FW features wouldn't work.

2 replies

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
May 31, 2022

It's generally considered "anti-spoofing = block asymmetric routing". And statefull is any firewall that inspects the state of connections between a particular set of source and desition, i.e. session in FortiGate case. Layer3 is always state-less.  So unless you disabled this base feature of FortiGate under global config (enabled asymmetric routing), you can check it off from the audit list.

 

Toshi

    Hermine
    HermineAuthor
    Explorer
    May 31, 2022

    meaning if "set asymroute enable" then statefull and anti spoofing are active?

    Toshi_Esumi
    SuperUser
    Toshi_EsumiAnswer
    SuperUser
    May 31, 2022

    Opposite. If you enabled it, it wouldn't be "anti-spoofing" and most of (stateful) FW features wouldn't work.

    Hermine
    HermineAuthor
    Explorer
    June 1, 2022

    Ah ok. Thanks 

    Terms & ConditionsAccessibility statement