Hi all,
is it possible to apply application control policy to all inbound traffic without an IPV4 policy set to any any accept which is obviously not desirable.
Cheers
Spence
Hi,
you can do this using an "Interface Policy".
If you are only using a fortigate you need to go to the cli and do it like in this example:
config firewall interface-policy edit 1 set interface "wan1" set application-list-status enable set application-list "default" set av-profile-status enable set av-profile "default" next end
If you have an fortimanager you can also do this using the manager gui, you just need to enable the interface policy in the display options.
You should know that every traffic to this interface will go to the ips engine, as an result you can get an negative performance impact.
Regards
bommi
NSE 4/5/7
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.