Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Per-device/per-user Policy

Hi, Is there a way to apply a policies on a per-device per user basis? Something like: - Users of group VIP can access everything from iPad, but only HTTP from Android. - All other users are bound to per device rules (ex.: Android and Ipad can only access HTTP). Unfortunately if I set a Identity or Device Policy, it catches all the traffic to the internet and does not continue with the next rules even if no match is available on the Identity/Device Policy internal rules. Thanks
New Contributor

Same issue with the policies... any update for this? If i put device identity policies up to the user policies, it blocks everything!!
-- Jesús Ramírez Security & Data Integrity Systems Engineer Afina Sistemas

Device policies have to go last as there is no way to skip them afaik. You can use the Identity Based policy on top and enable " Skip this policy for unauthenticated user" this way unauthenticated users will go to the per device policy. As a side note, combining user and device policies does not work in all situations. You might have to chose one or the other or find a clever way to implement both.