Gateway mode deployment Example 1: FortiMail unit behind a firewall
FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide
Revision 2 103
http://docs.fortinet.com/ • Feedback
Second, create a firewall policy that allows outgoing email and other FortiMail connections
from the FortiMail unit to the Internet.
Last, create a firewall policy that allows incoming POP3 and IMAP traffic that is received at
the virtual IP address, then applies a static NAT when forwarding the traffic to the private
network IP address of the protected email server.
To add the Internet-to-FortiMail policy
1 Go to Firewall > Policy > Policy.
2 Select Create New.
3 Complete the following:
4 Select NAT.
5 Select OK.
To add the FortiMail-to-Internet policy
1 Go to Firewall > Policy > Policy.
2 Select Create New.
3 Complete the following:
4 Select NAT.
5 Select OK.
To add the Internet-to-email-server policy
1 Go to Firewall > Policy > Policy.
2 Select Create New.
3 Complete the following:
Source Interface/zone Select wan1.
Source Address Name Select all.
Destination
Interface/zone
Select internal.
Destination Address
Name
Select FortiMail_VIP.
Schedule Select ALWAYS.
Service Select FortiMail_incoming_services.
Action Select ACCEPT.
Source Interface/zone Select internal.
Source Address Name Select FortiMail_address.
Destination
Interface/zone
Select wan1.
Destination Address
Name
Select all.
Schedule Select ALWAYS.
Service Select FortiMail_outgoing_services.
Action Select ACCEPT.
To Next Page
Loading...
