Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
alexandre_allaire
New Contributor

NAT and UTM disabled by default

Hello,

 

Anybody know if it's possible to have NAT and UTM disabled by default when creating new IPV4 policy rules ?

Didn't found in documentation.

 

Thank you.

 

Alexandre.

3 REPLIES 3
Toshi_Esumi
SuperUser
SuperUser

If CLI nothing should be on: no NAT, no UTM, nothing.

If you create a new policy via GUI, it's probably depending on the version you're running. My 6.0.7 shows schedule=always, action=accept, NAT=on with interface IP, no security profiles, etc. Also some other GUI wizard automatically generates policies, like VPN wizard. Those would create them specifically match what needs to be created.

You should test it yourself with your FGT.

 

ede_pfau

If you need to create a lot of policies with certain defaults, it's better to script it. Create the policies in text form and paste them into a SSH window, or submit as batch command.

IMHO NAT is only active per default if the destination interface is of type WAN...but I might be wishing it was.

Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
emnoc
Esteemed Contributor III

I believe Ede  is right, any WAN interface or interface with a default-route can have NAT enabled when you create the policy from gui.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors