Fortigate 200D - v5.0 - Disable VPN

Forum|Forum|10 years ago
November 26, 2015
3 replies
13101 views

Hi

We are running a couple of Fortigate 200Ds in a HA active passive cluster.

When i go to Features --> VPN and disable, it doesn't actually disable it, the web front end is still visible and users can still login.

Is this a bug, disabling or enabling doesnt seem to do anything, apart from when the VPN is disabled, the menu at the side bar is gone, but it is still active

Any help?

Thanks

Mike

mdmdAuthor

New Member

Figured it out with local- in policies,

Doing this for PCI DSS compliance, only thing flagging now is port 8009 on the wan interface, any way to disable that just for wan?

mdmdAuthor

New Member

seen 8009 in the local in polcies in "other" :

-TCPwan18009

Accept

How would i disable this?

mdmdAuthor

New Member

So im trying :

config firewall local-in-policy
     edit 1
         set intf " wan1" 
         set srcaddr " all" 
         set dstaddr " all" 
         set service " EndpointDownload" 
         set schedule " always" 
     next
end

And all i get is :

node_check_object fail! for intf  wan1

value parse error before ' wan1'

Command fail. Return code -651

after running :

set intf " wan1"

emnoc

New Member

Will don't apply the interface. It's not required.

Ken

mdmdAuthor

New Member

Thanks Ken...

But I only want to apply it to the wan1 interface (external facing) as its open by default?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded