Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
RBA
Staff
Staff

Created on ‎09-19-2024 10:26 AM

Article Id 342525

Technical Tip: How to bypass FortiSASE when the endpoint is on-net using Public IP

Description This article describes how to bypass FortiSASE based on an On-Fabric detection rule based on the Public IP.
Scope FortiSASE.
Solution

Endpoints which are behind these public IPs should have a standard level of on-premise security and therefore may not need to automatically connect to FortiSASE for security inspection.

 

Go to Configuration -> Endpoints -> Profiles.
Select On-Fabric rule sets.
Select Create New and configure the On-Fabric detection rule.

 

Screenshot-1.png


Add the Public IP of the user. The IP added in screenshot is just for illustration.


Navigate to the endpoint profile and enable 'Bypass FortiSASE when endpoint is on-net'. Select the On-Fabric detection Rule which is configured with the Public IP.

 

Screenshot-2.png

 
238
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.