Forgive my ignorance, but can someone explain the purpose of specifying an IP/FQDN in a FortiOS service? If I create a service and specify the relevant ports (or port range) and also an IP/FQDN address will the service only apply if I’m accessing that particular IP/FQDN address. If so, do I still need to specifically allow access to the destination IP address separately when I actually use the service in a policy?
In the IP/FQDN field, an IP address or Fully Qualified Domain name can be entered if there is to be a specific destination for the service
I think it's meant to be narrow down the service to only specific devices/IPs, like TCP 5000 only on 192.168.1.129, and TCP 5001 on 192.168.1.130, ... while in the destination field of the policy you specify 192.168.1.128/29.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.