Server mode deployment Example 3: FortiMail unit in DMZ
FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide
Revision 2 153
http://docs.fortinet.com/ • Feedback
2 Select Create New.
3 Complete the following:
4 Select OK.
To add a firewall address for local email users
1 Go to Firewall > Address > Address.
2 Select Create New.
3 Complete the following:
4 Select OK.
Configuring the service groups
In order to create firewall policies that govern only FortiMail-related traffic, you must first
create groups of services that define protocols and port numbers used in that traffic.
Because FortiGuard-related services for FortiMail units are not predefined, you must
define them before you can create a service group that contains those services.
To add a custom service for FortiGuard Antivirus push updates
1 Go to Firewall > Service > Custom.
2 Select Create New.
3 Configure the following:
4 Select OK.
Name Enter a name to identify the firewall address entry, such as
FortiMail_address.
Type Select Subnet/IP Range.
Subnet /IP Range Enter 192.168.1.5.
Interface Select dmz.
Name Enter a name to identify the firewall address entry, such as
local_email_users_address.
Type Select Subnet/IP Range.
Subnet /IP Range Enter 172.168.1.0/24.
Interface Select internal.
Note: For more information on protocols and port numbers used by FortiMail units, see the
Fortinet Knowledge Center article FortiMail Traffic Types and TCP/UDP Ports.
Name Enter a name to identify the custom service entry,
such as
FortiMail_antivirus_push_updates.
Protocol Type Select TCP/UDP.
Protocol Select UDP.
Destination Port
Low Enter 9443.
High Enter 9443.
To Next Page
Loading...
