Hello to you
I want to set my WAN port to be accessible for the firewall management interface, so that I can access the firewall with its external address, but only from a specific external address. How can I do this?
I thought using acl but the rule there only says to block and not to open to a specific address
Thank you
Solved! Go to Solution.
Hello
First, use this command to configure which 2 policies.
config firewall local-in-policy
And then enable HTTPS access on your WAN interface.
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
PS: For security I prefer never do that. Instead I'd use VPN client then connect to FGT's management.
Hello
First, use this command to configure which 2 policies.
config firewall local-in-policy
And then enable HTTPS access on your WAN interface.
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy
PS: For security I prefer never do that. Instead I'd use VPN client then connect to FGT's management.
You are absolutely correct in your security thinking and I agree with that, but I am asking the question in general.
How do I define a block at the WAN level because in FIREWALL POLICY everything refers to an internal incoming interface...
In any case, I did not find how to edit the policy found in the local policy in the interface. can you help me with this
Local-in-policies are not editable from GUI. Only from CLI.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.