Hi
I would need some help on this configuration, previously the system administrator configured the FD 100D to be accessible by 1 assigned laptop only ( not sure what type of the configuration) and other unassigned machines (pc/laptop) when entering the FD100D's IP, its returned with error and "Not found". That's also meaning only "assigned" laptops are allowed to access the gateway.
May I know what type of configuration was configured, also I have checked the entry for access list but couldn't find anything neither the Mac address for "assigned" laptop
many thanks in advance
The first option to limit admin access is "trusthost" config in "config sys admin".
The second option would be "local-in policy" under "config firewall local-in-policy".
Check those places.
toshiesumi wrote:The first option to limit admin access is "trusthost" config in "config sys admin".
The second option would be "local-in policy" under "config firewall local-in-policy".
Check those places.
Hi Toshi san,
As I check on both trust host and local in policy basically I cannot find any settings have configured to blocked the "assigned" machines.
For trusthost -> Under System -> admin -> administrators -> username ( double click ) -> no check on Restrict this administrator login from trusted Hosts only
For local-in policy, maybe can you elaborate more on as I don't find any signification settings on these issues or maybe I might be overlooked. Hope you can give me some guidelines.
GUI would probably confuse you to look at local-in policy because those pre-defined ones are all "accept" except for the default one.
Go to CLI, then use "show firewall local-in-policy". If nothing specifically configured, it doesn't show anything. Only additionally configured ones would show up.
toshiesumi wrote:GUI would probably confuse you to look at local-in policy because those pre-defined ones are all "accept" except for the default one.
Go to CLI, then use "show firewall local-in-policy". If nothing specifically configured, it doesn't show anything. Only additionally configured ones would show up.
Hi Toshi San,
I tried the Command line - "show firewall local-in-policy", it doesn't show anything and with a single word of "end".
Apart from using trust host and local-in-policy are there any other ways configuring "assigned" laptop to connect to Gateway
As long as both two machines are connected through the same interface, those are the only options I know of to block one of them while accept the other.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.