No doubt I' ll be swamping this board with noob posts as I am attempting to install a FG-50B at my company. Please be patient with me as these devices seem very complex to me! :(
The firewall I am replacing is a ZyXEL 10W (installed by a third party long before I started the company) and I am attempting to imitate the rules on the new FG-50B.
But not without problems... (don' t suppose anyone has experience translating the rules from a ZyXEL at all?!).
The FG-50B seems far more sophisticated, but with the trade-off of being more complex (at least to me).
Some of the port-forwarding I have attempted to re-create just doesn' t seem to work. One being with my OpenVPN users, which require port 1194 opening up and forwarded to my OpenVPN server.
It seems no matter what I tried yesterday, my server just didn' t see any 1194 traffic.
One thing to note is that on the ZyXEL I have the following settings (enabled setting is surrounded with asterisks:
MAIN MENU -> WAN -> WAN IP -> Network Address Translation
I don' t know exactly what SUA is, and there appears to be no reference to it in the FG-50B. Is the fact that the ZyXEL used this feature anything I need to be concerned with when configuring the FG-50B for compatibility?
Thanks in advance for any help or advice.
Thank you very much for the replies, it' s great to see an active, helpful forum - fills me with much more confidence :o)
Using these tips I have now successfully created some rules for OpenVPN, mail servers, HTTP ports etc. It' s looking very ' ZyXEL-like' now!
I had consulted the online docs, but the examples I' d come across seemed to go into great detail for creating advanced VPNs or using DMZ' s etc. For my first step of creating a straight-forward port opening/forwarding, the docs left me a little intimidated and confused!
Thanks to you guys though, I am making great progress
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.