Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Special Request

Dear All, I have here my Fortigate 800F Configured as NAT . All of my users are configured to connect to Fortigate as there default gateway to access the Internet . i have the following rules created on the fortigate :- ======================================================================= A. Route. # IP Mask Gateway Device Distance 1 0.0.0.0 0.0.0.0 213.255.237.113 port2 10 ====================================================================== B.Firewall Policy From Port 1 - to - Port 2 :- ID Source Dest Schedule Service Action Enable 1 all all always ANY ACCEPT Yes From port2 -> port1 :- 2 all all always Incoming ACCEPT Yes ======================================================================== C. the Configuration of Fortigate Ports as follwoing :- port1 192.168.1.100 /255.255.255.0 port2 213.255.237.116 /255.255.255.248 and i am using only Port 1 & 2. and here is a complete information regarding the Ports. internal 190.168.1.99 255.255.255.0 HTTPS,PING external 190.168.100.99 255.255.255.0 PING dmz 10.10.10.1 255.255.255.0 HTTPS,PING ha 10.10.20.1 255.255.255.0 HTTPS,PING port1 192.168.1.100 255.255.255.0 HTTPS,PING port2 213.255.237.116 255.255.255.248 port3 HTTPS,PING port4 HTTPS,PING ======================================================================== Now i have 2 Question & I want your Help Please . 1-As you can see all of my users are able to access Internet without any Problem & without any restrictions at all . due to that i want to see if i can make the following on the Fortigate:- 1- I want to create a rule " Firewall Policy " to only Open the Ports SMTP & POP3 only for Sending E-mails & Receving E-mails,for a group of users which they have the IP address start from 192.168.1.20-192.168.1.25 , and disable the browse internet completely as HTTP & HTTPS on those Group of Users . So, Can you Please Guide me To How to do That . 2-I have here a nother Network " Segment " Starting with this IP-Address 10.1.8.X / 24 i want to configure this Network to connect to the same MY Fortigate UNIT but with the diffrent IP Address as Default gateway. for example, i have my users here in the Head Office configured to use the Fortigate as Default Gateway ( 192.168.1.100 ) and they able to access Internet. i want to create / configure another Port on the Fortigate to be in this IP-address 10.1.8.100 and the users on the Network 10.1.8.X will connect to the Fortigate as there default gateway but with this IP 10.1.8.100. so, can i make this? if so, please tell me how can i do it.
1 REPLY 1
Not applicable

i wrote you an answer at the anti virus section
Labels
Top Kudoed Authors