Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yaronbeny7
New Contributor

How Can i block Internal 4 (my wifi) to internal2 (my lan)

hello,

i want to block traffic between internal 4 and 2.

so created a rule incoming interface> internal 4

source address:all

outgoing interface:internal2 (my lan)

destination address:all

service:all

action:block

and its not working, i try ping and access to my shared on lan.

 

3 REPLIES 3
rwpatterson
Valued Contributor III

By default if you do not create any policies, there will be no traffic. If you do have other policies, they may be permitting the traffic you do not want. In each source=>destination pair, policies are executed in a top to bottom fashion, so make sure if you do have other policies from internal4 to internal2, they are in the right order to permit/deny the traffic you want.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

yaronbeny7

Please See My Rules On attached file.

 

rwpatterson
Valued Contributor III

The very first rule in the list list is allowing all services from any interface to any interface. This is going to let everything go everywhere. The other rules don't matter at this point.

 

Edit the column headers and add the "count" column. You will see that all the traffic is passing through the very first policy.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com