Configuring zones System Network
FortiGate Version 4.0 Administration Guide
138 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
See also
Configuring zones
Grouping interfaces and VLAN subinterfaces into zones simplifies policy creation. You can
configure policies for connections to and from a zone, but not between interfaces in a
zone.
You can add zones, rename and edit zones, and delete zones from the zone list. When
you add a zone, you select the names of the interfaces and VLAN subinterfaces to add to
the zone.
Zones are configured from virtual domains. If you have added multiple virtual domains to
your FortiGate configuration, make sure you are configuring the correct virtual domain
before adding or editing zones.
Figure 66: Zone list
To configure zone settings
1 Go to System > Network > Zone.
2 Select Create New or select the Edit icon for a zone.
3 Select name, and interfaces.
4 Select OK.
Access The administrative access methods for this address. They can be different
from the primary IP address.
Delete Icon Select to remove this secondary IP entry.
Note: It is recommended that after adding a secondary IP, you refresh the secondary IP
table and verify your new address is listed. If not, one of the restrictions (have a primary IP
address, use manual addressing mode, more than one IP on the same subnet, more than
32 IP addresses assigned to the interface, etc.) prevented the address from being added.
Create New Select to create a new zone.
Name Names of the zones.
Block intra-zone
traffic
Displays Yes if traffic between interfaces in the same zone is blocked and No
if traffic between interfaces in the same zone is not blocked.
Interface Members Names of the interfaces added to the zone. Interface names depend on the
FortiGate model.
Edit/View icons Edit or view a zone.
Delete icon Delete a zone.
To Next Page
Loading...