Time
1 hour 35 minutes
Difficulty
Beginner

Video Description

In this video, you'll learn how to create and order multiple IPv4 policies in the policy table. In this example, three policies will be configured: PolicyA allows Internet access to the local area network, PolicyB allows Internet access to mobile devices connecting while applying additional security features and Policy C: allows the system administrator's PC to have full access. In this example, a wireless network has already been configured that is in the same subnet as the wired LAN. Visit Fortinet's documentation library at http://docs.fortinet.com.

Video Transcription

00:00
In this video, you'll learn how to create an order multiple. I pee before policies in the policy table.
00:07
In this example, three policies will be configured Policy A allows Internet access to the local area. Network
00:15
policy be allows Internet access to mobile devices while applying additional security features and policy see allows the system administrators PC to have full access.
00:25
In this example, Ah, wireless network has already been configured that is on the same sub net as the wired land
00:36
configure policy. A. By going to policy and objects policy, I pee before and editing the default policy, allowing outgoing traffic
00:46
set service to a seedy P h, g, d, p s and D M s to restrict access to Internet browsing.
00:54
And sure that you've enabled that
00:56
in order to view the results later, enable log allowed traffic and select all sessions.
01:11
Create policy. Be
01:12
set incoming interface, outgoing interface and service to be identical to policy. A allowing land to Internet traffic
01:22
set source of ice type to mobile devices, a default device group that includes tablets and mobile phones.
01:30
Please note that using a device group will automatically enabled device identification on the land interviewees
01:36
enabled that
01:38
under security Profile's enable Web filter and set it to use the default profile during this will also enable proxy options and SSL inspection. Use the default profile for proxy and set SSL inspection to certificate inspection, which will allow https traffic to be inspected, enabled log allowed traffic
01:57
and select all sessions.
02:08
Go to use during device device device definitions To create a definition for the system. Administrators PC
02:16
Set the MAC address of the PC and choose the appropriate device type.
02:30
Go to policy and objects palsy. I pee before and create policy, See
02:36
said. Incoming interface to land
02:38
source device Tired to system in PC
02:40
outgoing interface. Your Internet facing interface and service to all
02:46
enable both Matt and Log allowed traffic selecting all sessions
02:59
view the policy table. Currently, the policies are arranged in the order they were created to ensure that the correct traffic is flowing through each policy. They must be re arranged so that the more specific policies are located at the top of the list.
03:14
To reorder the policies, select any area in the far left column for policy, Be and drag the Paul's you to the top of the list.
03:23
Repeat this for policy. See so that the order is now policy. See policy. Be policy A with the default Deny policy at the bottom.
03:38
Browse the Internet using the system administrators PC, a different PC located on land and a mobile device to generate traffic. Then goto log and report traffic. Lug forward traffic.
03:51
You can see the traffic from the three devices flows through different policies.
04:01
Thank you for watching.
04:02
For further details, please go to Dock Stat ford net dot com to access port nets. Complete documentation library.

Up Next