Note : This is my current setting
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If you do that than you can manage with IP ranges, e.g.:
But this is not good for security. You should change it.
Hi,
- If you have configured different IP segments to guest users and internal/office users then you can just create 2 separate policy. In these policy you can define the correct source IP segment as per the need. You can also use the correct Application profile, Web filter profile etc as per the requirement you have.
Regards,
Shiva
Hi @smaruvala ,
If I create a different FortiGate policy, will it affect or conflict with existing policies?
Hi,
Firewall policy lookup happens from top to bottom. Depending on the parameters of policy such as source interface, destination interface, Source IP, destination IP, Service the firewall will select the policy. The order in which you configure the policy is important along with the parameters used to match the policy.
Regards,
Shiva
Hi @isec46
The first good practice is to put the guest devices on a separate interface, e.g.: if they use WiFi they should have a dedicated separate SSID.
After that it's simple, you add a guest-dedicated firewall rule like this:
Hi @AEK ,
What if I use the same interface ? can I running the policy with this setup ?
If you do that than you can manage with IP ranges, e.g.:
But this is not good for security. You should change it.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1088 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.