Default value of firewall policy for DENY/ACCEPT created on fortimanager

scheuri · ‎10-03-2023

Hi all

This might be a silly question: Is there an option in FortiMANAGER where I can change the default value of "Action" in a newly created firewall policy.?

When creating a new firewall policy in a policy package on fortimanager, the default value of "Action" is "DENY". I would like to set it on "ACCEPT" - Is there a way to do this?

Yes, I am aware that this is potentially a risk - however, we have tons of SLAs breached monthly, because we forget to set it from DENY to ACCEPT (as we have nearly zero DENY-Rules).

Thanks a lot.

Anthony_E · ‎10-05-2023

Hello scheuri,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Anthony-Fortinet Community Team.

mgoswami · ‎10-05-2023

Hi Scheuri,

You may refer to this link to set the action while creating the new policy:

https://docs.fortinet.com/document/fortimanager/7.4.1/administration-guide/663598/create-a-new-firew...

BR,
Manosh

esalija · ‎10-06-2023

Hi,

The default action when you create a new firewall policy is "DENY". The same is also when you create a new policy directly to the FortiGate.

Action

Select an action for the policy to take: DENY, ACCEPT, or IPSEC.

Best regards,

Erlin

Default value of firewall policy for DENY/ACCEPT created on fortimanager

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website