Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RichardKo
New Contributor

What setting can let splashtop go through

Does anyone know how to set up a policy that Splashtop can go through?

I try to create a wildcard address and use Internet Service in Destination, but none of those works.

 

Product: Fortigate 100E

Firmware: v7.2.2 build1255

FortiGate 

RichardKo_1-1673288515962.png

 

 

RichardKo_2-1673288634957.png

 

 

RichardKo_0-1673288430653.png

 

10 REPLIES 10
AlexC-FTNT
Staff
Staff

Does it work when you allow all the traffic out? (without filtering by application/ISDB,etc? )

What protocol/ports does this app uses/needs? Did you disable SIP-ALG (by mistake or for some other reason)? What does the logs or debug flow tells you?


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
RichardKo

Because I have more than one subnet that, I need to set a specific policy for it.
It works if I allow all traffic, but that's not what I need.

The protocol is Internet Service.

RichardKo_0-1673379520843.png

 

RichardKo_1-1673379575747.png

 

 

gfleming
Staff
Staff

What are you trying to accomplish? By default all applications / web sites will be allowed through a firewall policy (assuming all ports and all IP addresses are allowed).

 

So, what is your end goal here in terms of "letting Splashtop through"?

Cheers,
Graham
RichardKo

I need to set up a specific policy for one subnet that only Splashtop can pass through.

gfleming

OK so create a policy for that one subnet that allows all traffic (including Splashtop). Then below it create another policy for all other networks that allows all traffic but blocks Splashtop.

Cheers,
Graham
RichardKo

What I mean is I want to create a policy that blocks all traffic except Splashtop.

Because this subnet need to be secure.

gfleming

OK then create a policy for that subnet that allows access to Splashtop *only*  using ISDB entry for that service.

Then create a policy below that for that subnet that blocks everything.

Cheers,
Graham
RichardKo

I did, but not working. I can't use Splashtop to remote.

 

gfleming

OK what do your logs show? What is the destination IP address that is being blocked?

Cheers,
Graham
Labels
Top Kudoed Authors