Services While there are a number of services already configured within FortiOS, the firmware allows for administrators to configure there own. The reasons for doing this usually fall into one or more of the following categories: The service is not common enough to have a standard configuration The service is not established enough to have […]

Virtual IPs

Virtual IPs The mapping of a specific IP address to another specific IP address is usually referred to as Destination NAT. FortiOS has a component that is a bit more specialized along this line called a Virtual IP Address, sometimes referred to as a VIP. FortiOS uses a Virtual IP address to map an External […]

Address Groups

Address Groups Address groups are designed for ease of use in the administration of the device. If you have a number of addresses or address ranges that will commonly be treated the same or require the same security policies, you can put them into address groups, rather than entering multiple individual addresses in each policy […]

IPv6 Addresses

IPv6 Addresses When creating an IPv6 address there are a number of different types of addresses that can be specified. These include: Subnet IP Range – the details of this type of address are the same as the IPv4 version of this type The IPv6 addresses don’t yet have the versatility of the IPv4 address […]

IPv4 Addresses

IPv4 Addresses   When creating an IPv4 address there are a number of different types of addresses that can be specified. These include: FQDN Geography IP Range IP/Netmask Wildcard FQDN   Which one chosen will depend on which method most easily yet accurately describes the addresses that you are trying to include with as few […]

Service Groups

Service Groups Just like some of the other firewall components, services can also be bundled into groups for ease of administration.   Creating a ServiceGroup 1. Go to Policy & Objects > Services. 2. Select Create New. A drop down menu is displayed. Select Service Group 3. Input a Group Name to describe the services […]

UUID Support

UUID Support A Universally Unique Identified (UUID) attribute has been added to some firewall objects, so that the logs can record these UUID to be used by a FortiManager or FortiAnalyzer unit. The objects currently include: Addresses, both IPv4 and IPv6 Address Groups, both IPv4 and IPv6 Virtual IPs, both IPv4 and IPv6 Virtual IP […]