Hi we have Fortigate 61E (OS version 7.0.7 build0367 feature ) in our organization. At a time we can only allow or deny a port in the firewall policies for a server but can not specify both at a time (Example - allow 80 and deny 1433/1434).
Solved! Go to Solution.
Hi,
When you allow 80, only that port is allowed right and rest is already denied by implicit deny rule.
best regards,
Jin
Hello,
No, FortiGate allows you only one action in firewall policy. So you would need to have 2 firewall policies, first that allows ports, second that denies ports. FortiGate always evaluates policies from top to bottom so order is important.
Yes, you will be able to monitor traffic after your subscription expires, at least you will be able to log traffic locally (you have disk) and even send them to syslog. Fortiview will also work.
Hi,
When you allow 80, only that port is allowed right and rest is already denied by implicit deny rule.
best regards,
Jin
yes that is right but i want to do that for more security. Is there any options to do that like other vendor firewall. Also i want to know that may i monitor traffic when the bundle subscription will be expired.
Hello,
No, FortiGate allows you only one action in firewall policy. So you would need to have 2 firewall policies, first that allows ports, second that denies ports. FortiGate always evaluates policies from top to bottom so order is important.
Yes, you will be able to monitor traffic after your subscription expires, at least you will be able to log traffic locally (you have disk) and even send them to syslog. Fortiview will also work.
Ok thanks for support
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.