Hi Team,
Here are some best steps:
*Document your firewall policies, including the reasoning behind each rule. This documentation is valuable for troubleshooting and auditing purposes.
*Clearly define the objectives of your policy. Understand the types of traffic you want to allow and those you want to deny.
*Be specific about the source and destination addresses. Avoid using broad ranges when possible. Specify the IP addresses, subnets, or FQDNs (Fully Qualified Domain Names) that are relevant to your organization.
You can refer to the below document:
Usually the host in the LAN will be behind NAT. The access from WAN to LAN will be limited to the VIP and port forwarding configurations unless the hosts have public IPs and are directly routed through the WAN.
Hi
It depends on what you are publishing, e.g.: Web server, email server, DNS server, ...
And whether you have dedicated protection or not, e.g.: WAF, SMTP gateway and so...
Hi @rezafathi,
In addition to previous reply, you may want to take a look at virtual server if it is for server load balance https://docs.fortinet.com/document/fortigate/7.4.2/administration-guide/713497/virtual-server-load-b...
Regards,
Minh
Hi @rezafathi
If this is a limited access for certain of your known users or client, you can consider to allow only certain public IP address to access from WAN to LAN.
VIP configuration will also help you to map a certain custom port if needed.
regards.
Hi Team,
Here are some best steps:
*Document your firewall policies, including the reasoning behind each rule. This documentation is valuable for troubleshooting and auditing purposes.
*Clearly define the objectives of your policy. Understand the types of traffic you want to allow and those you want to deny.
*Be specific about the source and destination addresses. Avoid using broad ranges when possible. Specify the IP addresses, subnets, or FQDNs (Fully Qualified Domain Names) that are relevant to your organization.
You can refer to the below document:
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.