- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Performing a company split and need to move a fortigate off our network
I am a new systems admin for my company and am tasked with the project of splitting a sister company from our network. The sister company has a fortigate directed to our network and need to make adjustments to take it off our network and allow it to work independently/ for their own network. Is there a previous post on the subject or can someone point me in the right direction for the steps involved in taking that fortigate off our network? Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Easiest way to achieve that, is to find the cable/fiber that connects the remote device to your device and unplug it.
Second easiest way, find on the local router/firewall which is the interface that leads to the remote networks and disable/shut it down.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @BsuarezQTStools ,
I guess what "taking that fortigate off our network" means for you is to deny the traffic from the FortiGate to access your network directly.
If so, you may apply or modify a policy or access rule on the edge router/firewall device in your network to deny the traffic from the sister company.
Jerry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm still new to administrating our Fortigates. Can you direct me to any documentation that may cover this task?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @BsuarezQTStools ,
Let's say, your sister company is connected to port1 on your FGT, you may create firewall policies from port1 to any possible interfaces with action Deny.
Please check the FortiGate Admin Guide for instructions on creating a firewall policy.
https://docs.fortinet.com/document/fortigate/7.4.7/administration-guide/656084/firewall-policy
You did not share your FGT firmware version, so I use the latest 7.4.7 Admin Guide.
Jerry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
but yes. the sister company needs to communicate on it's own and not reach back to the main company network.
