We have AD FSSO with fortinet-200E and groups are retrieved from Active Directory. I am admin with some roles assigned to my account in AD and based on that Fortinet select policy and then web filter and App filter. I have to test some app filter and created policy for my IP only , and trying to avoid AD rules, but so far can't. So, Is it possible to create policy with web and app filters so it will not read what is assigned in AD roles?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @bfakhriddi,
Please correct me if I am wrong but are you looking to exclude an IP from FSSO to do some web and app filters? If yes, then you can refer to this document to exclude IP from FSSO logon event "https://community.fortinet.com/t5/FortiGate/Technical-Tip-Excluding-IP-addresses-from-FSSO-logon-eve...
Regards,
Minh
In this case, you might need to add a rule that includes only your IP address. So it is possible to create this following these steps:
- Create an Address object using your IP Address (e.g. 192.168.1.1/32).
- Create a policy using said object as source only without selecting any user or user group.
- In the firewall policy view, make sure you select the "By sequence" view and place the new policy on top.
If this doesn't work, go to Dashboard>Fortiview Sessions, add a "Source IP" filter using your IP, end all the sessions and try again. It is important to clear the sessions so they can match the new policy created.
Good luck.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.