Skip to main content
alexandre_allaire
alexandre_allaire
New Member
November 28, 2019
Question

NAT and UTM disabled by default

  • November 28, 2019
  • 1 reply
  • 3405 views

Hello,

 

Anybody know if it's possible to have NAT and UTM disabled by default when creating new IPV4 policy rules ?

Didn't found in documentation.

 

Thank you.

 

Alexandre.

    1 reply

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    November 28, 2019

    If CLI nothing should be on: no NAT, no UTM, nothing.

    If you create a new policy via GUI, it's probably depending on the version you're running. My 6.0.7 shows schedule=always, action=accept, NAT=on with interface IP, no security profiles, etc. Also some other GUI wizard automatically generates policies, like VPN wizard. Those would create them specifically match what needs to be created.

    You should test it yourself with your FGT.

     

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    November 28, 2019

    If you need to create a lot of policies with certain defaults, it's better to script it. Create the policies in text form and paste them into a SSH window, or submit as batch command.

    IMHO NAT is only active per default if the destination interface is of type WAN...but I might be wishing it was.

    emnoc
    emnoc
    New Member
    November 28, 2019

    I believe Ede  is right, any WAN interface or interface with a default-route can have NAT enabled when you create the policy from gui.

    Terms & ConditionsAccessibility statement