Firewall Policy Firewall policy examples
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 341
http://docs.fortinet.com/ • Feedback
3 Select OK.
4 Select Create New and enter or select the following settings for Home_User_2:
5 Select OK.
Figure 203: SOHO network topology with FortiGate-100
The proposed network is based around a ForitGate 100A unit. The 15 internal computers
are behind the FortiGate unit. They now access the email and web servers in a DMZ,
which is also behind the FortiGate unit. All home-based employees now access the office
network through the FortiGate unit via VPN tunnels.
Outbound NAT no
Protection Profile Select the check mark and select standard_profile
Interface / Zone Source: internal Destination: wan1
Address Source:
CompanyA_network
Destination: All
Schedule Always
Service ANY
Action IPSEC
VPN Tunnel Home2_Tunnel
Allow Inbound yes
Allow outbound yes
Inbound NAT yes
Outbound NAT no
Protection Profile Select the check mark and select standard_profile
VPN Tunnel
Home User 2
172.25.106.99
Web Server
10.10.10.3
Internal
192.168.100.1
Finance Users
192.168.100.10-
192.168.100.20
Help Desk Users
192.168.100.21-
192.168.100.50
Engineering Users
192.168.100.51-
192.168.100.100
Email Server
10.10.10.2
DMZ
10.10.10.1
External
172.30.120.8
Internet
Home User 1
172.20.100.6
VPN Tunnel
FortiGate
100A
To Next Page
Loading...