Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

IP/FQDN in a Service

Forgive my ignorance, but can someone explain the purpose of specifying an IP/FQDN in a FortiOS service?  If I create a service and specify the relevant ports (or port range) and also an IP/FQDN address will the service only apply if I’m accessing that particular IP/FQDN address.  If so, do I still need to specifically allow access to the destination IP address separately when I actually use the service in a policy?


Esteemed Contributor III

Your assumption is same as mine. The manual [] says

In the IP/FQDN field, an IP address or Fully Qualified Domain name can be entered if there is to be a specific destination for the service

I think it's meant to be narrow down the service to only specific devices/IPs, like TCP 5000 only on, and TCP 5001 on, ... while in the destination field of the policy you specify