Tuesday, July 24, 2018

Make a LAN IP, policy free in FortiGate 100E Firewall

Steps to make a Static LAN IP, exempted from any kind of policies in FortiGate Firewall; following steps are required:-

1. Login to firewall and goto Policy and Objects > Addresses menu.

2. Now Create a new Address. Not Address Group.

3. Fill the name Field in my case it is LINAC_Server; a server for  linear accelerator.
4Type is IP/Netmask. In Subnet/ IP Range add your static LAN ip. Then keep the Interface Any 
5. Keep the rest of the options at default level and press OK.

6. Now create a new IPv4 policy. For this goto Policy and Objects > IPv4 Policy. Then press                Create New button on the same page. 
7. Write any name in name field. In in coming interface field select internal interface (in my case it is       lan).
8. In outgoing interface select your WAN connection. Here it is NKN(Wan1).
9. Now in source field, select the newly created Address, in above steps. i.e. LINAC_Server.
10. Now keeping rest of the fields on default mode press ok.

11. Now, you can see your newly created policy.

12. Just drag and drop this policy at the top of others and you are done. You may open all blocked            websites in your firewall; using this IP.
   

No comments:

Post a Comment