NAT and UTM disabled by default

alexandre_allaire · ‎11-28-2019

Hello,

Anybody know if it's possible to have NAT and UTM disabled by default when creating new IPV4 policy rules ?

Didn't found in documentation.

Thank you.

Alexandre.

Toshi_Esumi · ‎11-28-2019

If CLI nothing should be on: no NAT, no UTM, nothing.

If you create a new policy via GUI, it's probably depending on the version you're running. My 6.0.7 shows schedule=always, action=accept, NAT=on with interface IP, no security profiles, etc. Also some other GUI wizard automatically generates policies, like VPN wizard. Those would create them specifically match what needs to be created.

You should test it yourself with your FGT.

ede_pfau · ‎11-28-2019

If you need to create a lot of policies with certain defaults, it's better to script it. Create the policies in text form and paste them into a SSH window, or submit as batch command.

IMHO NAT is only active per default if the destination interface is of type WAN...but I might be wishing it was.

Ede Kernel panic: Aiee, killing interrupt handler!

emnoc · ‎11-28-2019

I believe Ede is right, any WAN interface or interface with a default-route can have NAT enabled when you create the policy from gui.

PCNSE

NSE

StrongSwan

NAT and UTM disabled by default

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website