Router objects, Access list, New access list – Fortinet 100A User Manual
Page 154: Access list new access list
154
01-28007-0068-20041203
Fortinet Inc.
Access list
Router
3
Set Direction to In or Out.
4
Enter the offset number.
5
Select the interface to match for this offset list.
6
Check or clear the Enable check box to enable or disable this offset list.
7
Select OK.
Router objects
Router objects are a set of tools used by routing protocols and features.
Access list
Access lists are filters used by FortiGate routing features.
Each rule in an access list consists of a prefix (IP address and netmask), the action to
take for this prefix (permit or deny), and whether to match the prefix exactly or to
match the prefix and any more specific prefix.
The FortiGate unit attempts to match a packet against the rules in an access list
starting at the top of the list. If it finds a match for the prefix it takes the action specified
for that prefix. If no match is found the default action is deny.
For an access list to take effect it must be called by another FortiGate routing feature
such as RIP or OSPF.
Figure 66: Access list
New access list
Figure 67: Access list name configuration
Create New
Add a new access list name. An access list and a prefix list cannot have
the same name.
Name
The access list name.
Action
The action to take for the prefix in an access list entry.
Prefix
The prefix in an access list entry.
The Delete, Add access-list entry, and Edit icons.