Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
alexandre_allaire
New Contributor

NAT and UTM disabled by default

Hello,

 

Anybody know if it's possible to have NAT and UTM disabled by default when creating new IPV4 policy rules ?

Didn't found in documentation.

 

Thank you.

 

Alexandre.

3 REPLIES 3
Toshi_Esumi
Esteemed Contributor II

If CLI nothing should be on: no NAT, no UTM, nothing.

If you create a new policy via GUI, it's probably depending on the version you're running. My 6.0.7 shows schedule=always, action=accept, NAT=on with interface IP, no security profiles, etc. Also some other GUI wizard automatically generates policies, like VPN wizard. Those would create them specifically match what needs to be created.

You should test it yourself with your FGT.

 

ede_pfau
Esteemed Contributor III

If you need to create a lot of policies with certain defaults, it's better to script it. Create the policies in text form and paste them into a SSH window, or submit as batch command.

IMHO NAT is only active per default if the destination interface is of type WAN...but I might be wishing it was.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
emnoc
Esteemed Contributor III

I believe Ede  is right, any WAN interface or interface with a default-route can have NAT enabled when you create the policy from gui.

PCNSE 

NSE 

StrongSwan