Fortinet 100A User Manual

192

01-28007-0068-20041203

Fortinet Inc.

Policy options

Firewall

Figure 81: Standard policy options

Policy has the following standard options:

Interface / Zone

Source
Select the source interface name to which the policy will apply.
Destination
Select the destination interface name to which the policy will apply.
Interfaces and zones are listed and configured in System > Network.

See

“System network” on page 47

.

Address Name

Source
Select a source address or address group to which the policy will

apply.
Destination
Select a destination address or address group to which the policy will

apply.
Before you can add this address to a policy, you must add it to the

destination interface, VLAN subinterface, or zone. For information

about adding an address, see

“Addresses” on page x

.

For NAT/Route mode policies where the address on the destination

network is hidden from the source network using NAT, the destination

can also be a virtual IP that maps the destination address of the

packet to a hidden destination address. See

“Virtual IP” on page 214

.

Before you can use an address in a policy, you must add it to the

source interface. See

“Address” on page 198

.

Schedule

Select a schedule that controls when the policy is available to be

matched with connections. See

“Schedule” on page 211

.

Service

Select a service or protocol to which the policy will apply.
You can select from a wide range of predefined services or add

custom services and service groups. See

“Service” on page 203

.