Greetings, I' d like to correctly understand how traffic filtering
functions on a Fortigate 60C firewall. The specific matter I' d like to
discuss is how filtering by source/destination interfaces in firewall
policy influences security. Consider the ...
These are all good points, thank you. I' m aware of the dangers you' ve
mentioned. I' m still not following you with the rogue device example,
though. Naturally, I understand the danger of users plugging in their
own network devices into the infrastr...
Your answer hits the spot - it is exactly what I needed to know, thanks!
Though, ede_pfau, if you' d like to follow up on your rogue host example
(or any other, for that matter), I' ll be happy to discuss it further.
I think it' s also important to note that when you create and address
object and select " any" in the interface this doesn' t mean that your
policy is necessarily using the " any" interface. (...) Yes, all you' ve
written is perfectly clear to me. So...
In order for that rogue host to communicate with 192.168.0.0/16, it
would have to be connected to the network through the one and only
interface that the firewall uses to send traffic to 10.0.0.0/8
(interface A). Otherwise, RPF will block the traffic...
