Firewall Policy Configuration for Internal Network Access Fortigate

On the previous article, we have to discuss about basic configuration fortigate firewall. And in this article we want continue to discuss about Firewall policy to permit access from LAN segment to SERVER segment.

First Select on Policy & Objects à Firewall Policy à Then Create New

Configure Name for the Policy Name. Incoming interface: LAN (port2) and Outgoing Interface: SERVER (port3).

Source and Destination configure with the LAN & SERVER network segment. Add Source/Destination, on the Select Entries if there are no Segments will select, Click + Create to add new segment.

Select + Address -> then add new Address -> OK

Address for LAN-Segment

Address for SERVER-Segment

Select Source: LAN-Segment

Destination: SERVER-Segment

Servcie: ALL

NAT: Disable

Enable This Policy: Yes

Then select OK

Create two Rules for the LAN to Server and Server to LAN as shown bellow :

After that test ping again from PC to Server and Server to PC. As the shown bellow connection test is successful and on the Firewall Policy you can see the Bytes that indicates there are Packet Hits from those rules.

PC> ping 172.16.100.1
84 bytes from 172.16.100.1 icmp_seq=1 ttl=255 time=3.463 ms
84 bytes from 172.16.100.1 icmp_seq=2 ttl=255 time=2.447 ms
84 bytes from 172.16.100.1 icmp_seq=3 ttl=255 time=3.352 ms

SERVER> ping 10.0.1.2
84 bytes from 10.0.1.2 icmp_seq=1 ttl=63 time=6.291 ms
84 bytes from 10.0.1.2 icmp_seq=2 ttl=63 time=2.081 ms
84 bytes from 10.0.1.2 icmp_seq=3 ttl=63 time=1.770 ms

BASIC CONFIGURATION FORTIGATE FIREWALL

How to Configure NAT in FortiGate Firewall: A Quick Guide

Sharing Ilmu

Firewall Policy Configuration for Internal Network Access Fortigate

Previous Article

Next Article

Leave a Reply Cancel reply