146
Fortinet Inc.
Addresses
Firewall configuration
Enabling and disabling policies
You can enable and disable policies in the policy list to control whether the policy is
active or not. The FortiGate unit matches enabled policies but does not match
disabled policies.
Disabling policies
Disable a policy to temporarily prevent the firewall from selecting the policy. Disabling
a policy does not stop active communications sessions that have been allowed by the
policy. For information about stopping active communication sessions, see
“System
status” on page 67
.
To disable a policy
1
Go to
Firewall > Policy
.
2
Select the policy list that contains the policy that you want to disable.
3
Clear the check box of the policy to disable it.
Enabling policies
Enable a policy that has been disabled so that the firewall can match connections with
the policy.
To enable a policy
1
Go to
Firewall > Policy
.
2
Select the policy list that contains the policy that you want to enable.
3
Select the check box of the policy to enable it.
Addresses
All policies require source and destination addresses. To add addresses to a policy
between two interfaces, you must first add addresses to the address list for each
interface.
You can add, edit, and delete all firewall addresses as required. You can also organize
related addresses into address groups to simplify policy creation.
A firewall address consists of an IP address and a netmask. This information can
represent:
• The address of a subnet (for example, for a class C subnet,
IP address: 192.168.20.0 and Netmask: 255.255.255.0).
• A single IP address (for example, IP Address: 192.168.20.1 and
Netmask: 255.255.255.255)
• All possible IP addresses (represented by IP Address: 0.0.0.0 and Netmask:
0.0.0.0)
Note:
IP address: 0.0.0.0 and Netmask: 255.255.255.255 is not a valid firewall address.
Содержание FortiGate 50A
Страница 12: ...Contents 12 Fortinet Inc ...
Страница 32: ...32 Fortinet Inc Next steps Getting started ...
Страница 40: ...40 Fortinet Inc Completing the configuration NAT Route mode installation ...
Страница 72: ...72 Fortinet Inc Session list System status ...
Страница 112: ...112 Fortinet Inc Configuring the modem interface Network configuration ...
Страница 120: ...120 Fortinet Inc Adding RIP filters RIP configuration ...
Страница 170: ...170 Fortinet Inc Content profiles Firewall configuration ...
Страница 224: ...224 Fortinet Inc Logging attacks Network Intrusion Detection System NIDS ...
Страница 230: ...230 Fortinet Inc Viewing the virus list Antivirus protection ...
Страница 244: ...244 Fortinet Inc Exempt URL list Web filtering ...
Страница 262: ...262 Fortinet Inc Glossary ...
Страница 272: ...272 Fortinet Inc Index ...