FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
manasac
Staff
Staff
Description
This article describes howto map FortiLink (dedicated to FortiSwitch) interface to incoming or outgoing interface in firewall policy.

Solution
In some scenarios like configuring syslog or snmp on a managed FortiSwitch, it is required to create a policy to allow snmp or syslog traffic between FortiSwitch and snmp/syslog server.
In such cases, create a firewall policy with FortiLink interface as source and destination interface where snmp/syslog server is located.
Note that FortiLink interface will not be a visible option from GUI while creating firewall policy, so it is required to use FortiGate CLI to create policy.

For example.
Command to configure policy using FortiGate CLI.
(root) # config firewall policy
(policy) edit 80 (New policy ID)
(80) set srcintf <fortilink>
(80) set dstintf wan1 (Select respective interface from where you require access)
(80) set service ALL (You can select any particular service as per requirement)
(80) set dstaddr all
(80) set srcaddr all
(80) set schedule always
(80) end

Related Articles

Troubleshooting Tip: Configure SNMP for Managed FortiSwitch using custom-command

Technical Tip: Configure syslog logging for managed FortiSwitch to send FortiSwitch logs to syslog s...

Contributors