FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Nivedha
Staff
Staff
Article Id 341811
Description This article describes how to allow inbound and outbound ports for the FortiGate  in Azure
Scope FortiGate deployed in Azure.
Solution

While deploying FortiGate in Azure, the Network Security Group creates AllowAllInbound and allow AllOutbound rules in Azure.
This is shown under Azure Portal -> Resource group -> VM -> Networking (left pane) -> Network Settings.

NSG.png

 

These AllowAllInbound and AllowAllOutbound rules can be customized to allow only certain ports to and from FortiGate. The Priority of NSG rules shows the order in which the rules are applied.

 

  • NSG rules if customized should be in line with FortiGate firewall policies.
  • NSG are also required to allow traffic between Virtual Networks in Azure

 

Related documents:
Network Security Group
Allow traffic between VNET using NSG
NSG -How it works

Contributors