Configuring firewall policies Firewall Policy
FortiGate Version 4.0 Administration Guide
332 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
Figure 196: Configuring a new SSL VPN firewall policy
Source Interface/Zone Select the name of the FortiGate network interface, virtual domain
(VDOM) link, or zone on which IP packets are received.
Source Address Select the name of a firewall address to associate with the Source
Interface/Zone. Only packets whose header contains an IP address
matching the selected firewall address will be subject to this policy.
You can also create firewall addresses by selecting Create New from
this list. For more information, see “Configuring addresses” on
page 347.
If Action is set to SSL-VPN and the policy is for web-only mode clients,
select all.
If Action is set to SSL-VPN and the policy is for tunnel mode clients,
select the name of the address that you reserved for tunnel mode
clients.
Destination Interface/Zone Select the name of the FortiGate network interface, virtual domain
(VDOM) link, or zone to which IP packets are forwarded. If Action is
set to SSL-VPN, the interface is associated with the local private
network.
To Next Page
Loading...