Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
VladaFBiH
New Contributor II

Can I override my system inbound policy with a custom inbound policy?

Hi All, I've got a user recieving sensitive encrypted attachments that are being blocked by the attachment filter. As a solution Ive created a new content filter + a new inbound policy for the specific domain and address that share these attachments. My issue is that fortimal uses a system inbound policy and I can't set my custom policy above it in the order. Anything I can do here? 

5 REPLIES 5
srajeswaran
Staff
Staff

I believe you are referring to the default system-level recipient policy, if thats the case can you create a IP based policy and use "Take precedence over recipient based policy match" to skip the recipient policy action?

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
VladaFBiH

Thats correct its the default system level recipient policy which takes precedent over all the others. How would I create the IP based policy to work between an email and domain? Also I don't see this option you mentioned when creating a new IP based policy. 

srajeswaran

Can you disable the default policy and then create a custom policy match with the default policy and place it after your specific policy?

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
VladaFBiH

Yeah thats what I planned as option b, I didn't create the original one but I wanted to see if I could skip disabling that one and creating a new one. I'll try that and see if I can make it work.

Faiza_Emam_Delhi
Contributor II

Hi VladaFBiH

 

Yes, it is possible to override the system inbound policy with a custom inbound policy in Fortinet firewall. Here's how you can do it:

 

1. Go to the "Policy & Objects" menu in the Fortinet firewall GUI.

 

2. Click on "IPv4 Policy" or "IPv6 Policy" depending on your network setup.

 

3. Locate the system inbound policy that is causing the issue and click on the edit icon (pencil).

 

4. Under the "Policy" tab, scroll down to the "Security Profiles" section and disable the attachment filter for that policy.

 

5. Click on "OK" to save the changes to the system inbound policy.

 

6. Create a new custom inbound policy with a higher priority than the system inbound policy.

 

7. Under the "Policy" tab of the custom inbound policy, apply the content filter you created for the specific domain and address that share these attachments.

 

8. Ensure that the custom inbound policy is set to allow the traffic.

 

9. Click on "OK" to save the changes to the custom inbound policy.

 

This should allow the encrypted attachments to pass through the custom inbound policy without being blocked by the attachment filter in the system inbound policy.

 

I hope this helps! Let me know if you have any further questions or if there's anything else I can assist you with.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors