Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mkhabbazi
Staff
Staff

Created on ‎09-05-2024 10:10 PM

Article Id 339394

Technical Tip: Firewall policy order changed after integrating interface to a zone

Description

This article outlines a known issue that users might encounter when using the ‘Integrate Interface’ function.
Scope

FortiGate v7.4.x, v7.2.x and v7.6.x.
Solution

Consider the below scenario:

FortiGate has the firewall policies as shown in the screenshot below:

 

1.png

The policy orders are as follows:


Policy ID 1: internal1 > internal3.
Policy ID 2: internal3> internal1.
Policy ID 3: internal4 > internal1.

 

Add internal3 into a zone using the ‘Integrate Interface’ function as shown in the below screenshot:

 

2.png

 

The policy order has changed as shown in the screenshot below:

 

3.png

Policy ID 3: internal4 > internal1.
Policy ID 2: internal3 (testzone) > internal1.
Policy ID 1: internal1 > internal3 (testzone).

 

A temporary workaround exists to correct the policy order manually. This is a known issue, and it is under investigation.
151
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.