Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Kaplan
Contributor

Create Policy over Fortimanager on TOP of

Dear People,

i will generate a policy to Deny with CLI but on TOP of all Policy and assign to all Firewalls.
Is that possible over Fortimanager.

For Example
config firewall policy
edit 1001
set name "Deny_Phishing_Link"
set srcintf "any"
set dstintf "any"
set srcaddr "all"
set dstaddr "deny_149.137.129.254" "deny_34.197.99.39" "deny_outlookdoc13.s3.us-west-004.backblazeb2.com"
set schedule "always"
set service "ALL"
set logtraffic all
next
end

1 REPLY 1
amouawad
Staff
Staff

Yes this is possible using the Global Database.

 

This will allow you to create header/footer policies that can be pushed to all policy packages.

 

More info here: https://docs.fortinet.com/document/fortimanager/7.0.3/administration-guide/312966/global-database

Labels
Top Kudoed Authors