FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Vichu_94
Staff
Staff
Article Id 222790

 

Description The article describes how to configure schedule firewall policy expiration.
Scope FortiGate.
Solution

The feature will allow to schedule a firewall policy to expire after a certain period of time for special event on the network.


To configure the firewall policy expiration on the GUI.

Go to Policy&Objects -> Firewall and select 'Create New'.

 

Vichu_94_0-1662212992895.png

 

After configuring the required source and destination interface/IP address it is possible to see an section workflow Management with Policy expiration with Default and Specify.

In Default, the policy would expire in 30 minutes where as in Specific to configure the date and time for the expiration.

 

Vichu_94_1-1662213123386.png

 

To configure the same on the CLI, follow the below command. 

# config firewall policy
    edit <Policy ID>
        set policy-expiry enable
        set policy-expiry-date 2022-10-03 15:45:12     
    end


The Date and time format to be followed on the CLI would be YYY-MM-DD HH:MM:SS

Related document:
Add Policy change summary and Policy expiration to Workflow Management