Skip to main content
Kilgore
Kilgore
New Member
July 6, 2015
Question

Moving security polices within Fortigate 500D

  • July 6, 2015
  • 3 replies
  • 4171 views

Hi,

 

We have recently upgraded to a Fortinet 500D Firewall. Anyone have any idea how you can move security policies within their particular sections? Basically want to group Ipsec policies, deny policies ect together in their particular sections. In our previous Fortinet you had the option to move polices within the hierarchy but this option doesn't seem to exist anymore and is not one of the unticked options on the tools.

 

Thanks in Advance.

    3 replies

    gschmitt
    gschmitt
    New Member
    July 6, 2015

    Kilgore wrote:

    In our previous Fortinet you had the option to move polices within the hierarchy but this option doesn't seem to exist anymore and is not one of the unticked options on the tools.

    In Policy & Objects > Policy > IPv4 you can still move the order around. You just have to click-Drag and Drop the Policy at the Seq.# Field

    If you do not have a Seq.# column, right click the bar at the top and select Reset All Columns OR make sure Seq.# is checked and select Apply

     

    Please keep in mind that this is not supposed to be a "grouping" tool but determins in which order the security policies are applied to traffic

    emnoc
    emnoc
    New Member
    July 6, 2015

    Agreed, it should not be grouping but policy matching based on your traffic flow. Also you can move policy-id very easily from the  cmd line;

     

    e.g

     

    show firewall policy

    ( to get the ordering )

     

    config firewall policy

      move xxx before yyy

        or

      move  xxx after  yyy

    end

     

     

     

    Kilgore
    KilgoreAuthor
    New Member
    July 6, 2015

    That did the trick . Many thanks people

    Terms & ConditionsAccessibility statement