Remote connection policy for FG-60E

Forum|Forum|1 year ago
December 29, 2024
3 replies
1232 views

Please help me configure a policy for one connection. FG-60E (firmware v.7.2.10) works in transparent mode between optical modem (also in transparent mode) and main router for LAN. External IP address is on router, not on modem. When Inspection Mode works in Proxy-based (Firewall Policy), one of the devices in LAN cannot communicate with its server where it sends measurement data (blitzortung.org). Policy in Flow-base mode does not block the connection. It blocks only in Proxy-base. Is it possible to set Flow-based policy for selected remote server? Or add some exclusion in current policy? I know the addresses of servers to which data is sent.

Best answer by kriu

It worked.
I created a new policy, I had to enter the server addresses only in Destination.

ebilcari

Staff

You can create a dedicated policy specific for only this host to server traffic and position it above the existing policy.

Emirjon

kriuAuthor

New Member

Yes, but how to do it? - I have no experience with FG

ebilcari

Staff

It should be simple from the GUI, in Firewall Policy, copy the existing policy and paste 'Above'. Set a new policy name, select the Source and create an Address for the interested device and do the same in Destination for the server. Change the inspection to 'Flow-based' and enable the policy (toggle at the bottom).

Emirjon

kriuAuthorAnswer

New Member

It worked.
I created a new policy, I had to enter the server addresses only in Destination.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded