Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

possible policy creation in this device 60D

Hai,      I want some technical information about this device. and what are the possible policy we can apply to this fortigate 60D.

  Regards, vidhyasankar






Kindly let us know what exactly you are looking, you can create firewall policies.




EMEA Technical Support

hai good morning,

            I am very new to firewall, now i am using fortigate firewall 60 d in my office. i need to reduce the mobile users traffic. how can i reduce. in policy router i configured for 30 users. but it shows old records upto 70 users, by that its totally confused.






In your policy with the reduced traffic (with traffic shapers or however you'd like to reduce it) simply select:

Source Device Type: Mobile Devices


All mobile devices should automatically get classified into that category and the policy should apply to them. No need to specify all devices individually



    here i am enabled DHCP in firewall, due to some reasons i have configured as static ip in client machines which was taken from dhcp. Is there any possibilities of conflict in future.

I need to set traffic for all the mobiles except some 4 mobiles.pls suggest for his too.





I'd recommend setting static IPs outside the DHCP range so there is no possible way for the DHCP to assign those addresses else where and risk an IP conflict.


You can adjust the DHCP range on the interface at System > Network > Interfaces. Double click the interface in question.

Below the "DHCP Server" checkbox you can adjust the DHCP Ranges as needed. If you need to skip some in the middle (let's say simply edit your existing DHCP range to (assuming .1 is the interface itself)

and create a new one (as an example)


You can check for IP address conflicts here System > Monitor > DHCP Monitor

You can also reserve a DHCP IP address for a certain MAC Address (device) by right clicking it in this list and select Create/edit IP Reservation


Thanks a lot,

              Some times a client machines have possible in changing new ip from dhcp. we configured policy for that old ip address. i cant able to find which i configured is dead.policy routes stores old data also. i cant find which is dead and which is alive. suggest me.





There is an easy option to see which policies are still in use and which are not:

Go to Policy & Objects > Policy > IPv4

Make sure the column Count is enabled

if not, right click the bar, check Count and hit apply


Now right click the Count fields of the policies you want to check and select Clear Counters (they should show 0 Packets / 0 MB)

Now wait a day or two

If the counters are still at 0 Packets / 0 MB they didn't get used, if they show Packets and Traffic they were used.


You might also check the Policy & Objects > Monitor > Policy Monitor but the one above is my favorite way since you get an overview

Check out our Community Chatter Blog! Click here to get involved
Top Kudoed Authors