Dear all,
I have some computer were set on different IP type that are :
- 10.10.2.xx with 10.10.2.1 for the gateway
- 10.10.1.xx with 10.10.1.1 for the gateway
For the IP 10.10.2.2 until 10.10.2.10 computer will have internet connection, but from 10.10.2.11 until 10.10.2.254 the internet connection only determine by admin, for example only 10.10.2.20 can do internet but 10.10.2.21 cannot and so on.
This is also happened on the 10.10.1.xx
Please tell me if there were any tutorial to configure those..or please tell me any information to do it..
My firewall is fortinet c110..
thanks,
Joe
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
If I understand you correctly, you want to allow or prevent internet access for certain addresses.
If so, create an address as a range (192.168.1.[2-10]) for those addresses which you want to block (e.g. "no-internet-hosts"). Then create 2 policies:
- first (top-most!) policy from internal to wan, src adr "no-internet-hosts", action deny
- second, from internal to wan, src "all_LAN", dest "all", NAT enable, action accept
This will block some addresses from reaching the internet. The admin can put addresses into the group or remove some at will, not touching the policies anymore.
Of course, it would take an average schoolkid 10 minutes to figure out which IP address to use to bypass this filter. So better not grant Admin rights to anyone on the PCs, and don't allow BYOD.
Dear Ede,
Thanks a lot for the information, but do you have any complete tutorial of doing that? like video or manual book so I can read it step by step...
thanks,
Joe
I'm not a video guy, sorry. You may search von http://video.fortinet.com if you find this basic stuff. Written documentation is found on http://docs.fortinet.com You would like to read the relevant parts in the Admin Guide which not only explains the various options and settings but the basic principles as well. The chapter on "Firewalling" and "Policies" are suitable.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.