FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 222790


Description The article describes how to configure schedule firewall policy expiration.
Scope FortiGate.

The feature will allow to schedule a firewall policy to expire after a certain period of time for special event on the network.

To configure the firewall policy expiration on the GUI.

Go to Policy&Objects -> Firewall and select 'Create New'.




After configuring the required source and destination interface/IP address it is possible to see an section workflow Management with Policy expiration with Default and Specify.

In Default, the policy would expire in 30 minutes where as in Specific to configure the date and time for the expiration.




To configure the same on the CLI, follow the below command. 

# config firewall policy
    edit <Policy ID>
        set policy-expiry enable
        set policy-expiry-date 2022-10-03 15:45:12     

The Date and time format to be followed on the CLI would be YYY-MM-DD HH:MM:SS

Related document:
Add Policy change summary and Policy expiration to Workflow Management