I work at a small non profit in New York City. Our network administrator was in a bad accident. I have been asked to help out until a replacement can be found. I have no experience with firewall administration. I need to add IP addresses to the whitelist of a Fortigate 200D and a Fortigate 60D. Where on the interface do I add these IP addresses.
Thank you very much.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
There is no interface whitelist, It can be in security policy or your web filtering profiles. Are you trying to allow an internal IP bypass the filtering on the firewall?
Going to need more information.
- Does the Gate already exist in the environment?
- Are you trying to allow traffic outbound?
- Are you trying to allow traffic inbound?
- What services or type of traffic are you wanting to allow?
Mike Pruett
Take a backup of the configuration without encryption. In a text editor, look for an entry that you know is already whitelisted. In that section, the top will start with "config...." Get us that section (command), then we will be able to tell you more (if you cannot figure it out from there).
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
rwpatterson wrote:Unfortunately, I do not know how to do any of the things you are asking me to do. I will try to find out how to do these things from the manual.Take a backup of the configuration without encryption. In a text editor, look for an entry that you know is already whitelisted. In that section, the top will start with "config...." Get us that section (command), then we will be able to tell you more (if you cannot figure it out from there).
From the console, one of the widgets should have a link to back up the device.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Please follow the following Steps
1) you need to Create address for the IP address you wanted to Whitelisted , To do that please do the following
a) First go to policy & object
b) Click on addresses
c) Click Create new -> Address
d) Name the address like " google "
e) Under Subnet/ Ip range put the Ip address which you want to Whitelist
f) Save it
You can create group of address as well but first you need to create all the address you wanted to whitelist
Then follow all the steps till (b) and click group instead address
Add all the address you created for white list to that group
2) Secondly, Under Policy & Object
a) Right click on the first policy you see
b) Click on insert -> Above ( This will insert the new policy on top )
c) Click on the New policy and edit it.
d) Click on Incoming interface from where the traffic is coming ( In case if the traffic is going out it can be LAN or any internal port)
e) Click on outgoing interface ( It can be WAN interface )
d) Click on source ( you can put all if you are allowing Everyone)
e) Click on destination ( Use the address you created for whitelist or the whole group of address you created above)
Thanks
Amanjot Singh ( TAC )
Yes, if I understand this correctly, I have to allow two incoming IP addresses and one outgoing IP address. I see the list in web filtering. I have the manual and I will watch some videos. Thank You for your assistance.
Thank you for your assistance. As I said before, I'm just filling in until my organization hires someone that is qualified to administer this system. I have to allow two inbound IP addresses and allow one outbound IP address. I have included a screen shot of the web filter list of the 200D unit. What is it that determines if the IP address is inbound or outbound?
Thank you.
Thank you, Amanjot Singh. I will follow these instructions when I get to work on Tuesday. I still don't understand how to determine if an IP address is inbound, or outbound.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.