Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
marypoppins
New Contributor II

Created on ‎08-17-2021 01:19 AM

local-in-policy and management interface relation

Dear All,

 

I would like to ask what is the relationship between the local-in-policy and the dedicated management interface? For example if my mgmt interface has allowaccess ssh, https for a trusted host, is a "deny src_ip=all dst_ip=mgmt_ip (or just dst_if=any) dst_port=ssh,https" will block also the access to the mgmt interface and lock out the trusted host from access the ssh https on that mgmt port? Or the mgmt port and its configured access in the network/interfaces is above all? Thank you

1494
0 Kudos
1 REPLY 1
pbangari
Staff
Staff

Created on ‎07-17-2023 11:35 PM

Hi, yes, the above local-in policy will block the access to FGT even from a trusted host as the local-in policy check happens first.

660
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.