Services While there are a number of services already configured within FortiOS, the firmware allows for administrators to configure there own. The reasons for doing this usually fall into one or more of the following categories: The service is not common enough to have a standard configuration l The service is not established enough to […]

Configuring IP pools

Configuring IP pools An IP pool is essentially one in which the IP address that is assigned to the sending computer is not known until the session is created, therefore at the very least it will have to be a pool of at least 2 potential addresses. A quick example would be an IP pool […]

Virtual IPs

Virtual IPs The mapping of a specific IP address to another specific IP address is usually referred to as Destination NAT. When the Central NAT Table is not being used, FortiOS calls this a Virtual IP Address, sometimes referred to as a VIP. FortiOS uses a DNAT or Virtual IP address to map an External […]

Address Groups

Address Groups Address groups are designed for ease of use in the administration of the device. If you have a number of addresses or address ranges that will commonly be treated the same or require the same security policies, you can put them into address groups, rather than entering multiple individual addresses in each policy […]

Object Configuration

Object Configuration As was mentioned earlier, the components of the FortiGate firewall go together like interlocking building blocks. The Firewall objects are a prime example of those building blocks. They are something that can be configured once and then used over and over again to build what you need. They can assist in making the […]

Multicast Policy

Multicast Policy The Multicast Policy GUI page has been updated from previous versions of the firmware to the new GUI look and feel. Some functionality has also been changed. The DNAT option has been removed from the GUI but is still in the CLI. To create/edit a multicast policy go to Policy & Objects > […]