Firewall policy example

NAT/Route mode installation

 

 

Restricting access to a single Internet connection

In some cases you might want to limit some traffic to only being able to use one Internet connection. For example, in the topology shown in Figure 8 on page 50 the organization might want its mail server to only be able to connect to the SMTP mail server of ISP1. To do this, you add a single Int->Ext firewall policy for SMTP connections. Because redundant policies have not been added, SMTP traffic from the Internet network is always connected to ISP1. If the connection to ISP1 fails the SMTP connection is not available.

56

Fortinet Inc.

Page 56
Image 56
Fortinet 100 user manual Restricting access to a single Internet connection