FortiGate Version 3.0 MR4 Administration Guide
232 01-30004-0203-20070102
Firewall policy examples Firewall Policy
A few users may need special web and catalog server access to update
information on those servers, depending on how they’re configured. Special
access can be allowed based on IP address or user.
The proposed topography has the main branch staff and the catalog access
terminals going through a Fortigate HA cluster to the servers in a DMZ. The public
access terminals first go through a ForitWiFi unit, where additional policies can be
applied, to the HA Cluster and finally to the servers.
The branch office has all three users routed through a ForitWiFi unit to the main
branch via VPN tunnels.
Figure 130:Proposed library system network topology
Policies are configured in Firewall > Policy. Protection Profiles are configured in
Firewall > Protection Profile.
Main office ‘staff to Internet’ policy:
Source Interface Internal
Source Address All
Destination Interface External
Destination Address All
Schedule Always
Action Accept
To Next Page
Loading...
