Hello,
I'm using a Fortinet 60D 5.4.1 and I have the following Rule Policy Rule:
Internal to WAN all allow.
Implicit Deny an any ALL
Using these peoples from others countries are able to access the router interface. Then, I created a rule WAN to Internal from GEO-CHINA to Internal ALL Deny but People from China are still able to access our router.
Any Suggestions of what is wrong?
Thanks,
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
If you created your geo rule to your internal nic, wan will continue to accept connections from anywhere. Try to create a local-in policy using CLI to protect access to your WAN interface.
config firewall local-in-policy edit <name_str> set policyid <integer> set ha-mgmt-intf-only {enable | disable} set intf <string> config srcaddr edit <name_str> set name <string> end config dstaddr edit <name_str> set name <string> end set action {accept | deny} config service edit <name_str> set name <string> end set schedule <string> set status {enable | disable} end
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1666 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.