Hello All,
I Created a Virtual IP and Group for RDP access, then created the Firewall policy. I am unable to move the Virtual IP Group Policy to the top in Interface Pair View but I can in By Sequence. is that the way its supposed to be done? The external connection using RDP does work.
Hey Josiah,
That IS the top of the effective policies for that traffic. That's what so beautiful about interface pair view - you only have to look at the relevant policies.
If the traffic you're concerned about is coming FROM wan1, the policies affecting traffic FROM lan have no effect. You could build thousands of LAN -> WAN policies and none of them would prevent this WAN -> LAN policy from being the first one considered for traffic from the WAN.
Hope that helps! Welcome to FortiGates... :)
- Daniel
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
