Fortinet 100 8

Contents

8 Fortinet Inc.

Configuring policy lists....... ............................................................................................. 149

Policy matching in detail ............................................................................................. 149

Changing the order of policies in a policy list........................................................... ... 149

Enabling and disabling policies............................................................. ...................... 150

Addresses.......................................... ............................................................................. 150

Adding addresses ....................................................................................................... 151

Editing addresses ....................................................................................................... 152

Deleting addresses ..................................................................................................... 152

Organizing addresses into address groups ................................................................ 152

Services............ .............................................................................................. ................ 153

Predefined services .................................................................................................... 153

Providing access to custom services...... .................................................................... 156

Grouping services.......................... ............................................................................. 156

Schedules................ ................................................................................................. ...... 157

Creating one-time schedules ...................................................................................... 158

Creating recurring schedules............................ .......................................................... 158

Adding a schedule to a policy. .................................................................................... 159

Virtual IPs..................................................................................................... ................... 160

Adding static NAT virtual IPs ...................................................................................... 160

Adding port forwarding virtual IPs............... ................................................................ 161

Adding policies with virtual IPs................................................................................. ... 163

IP pools........................................... ................................................................................ 164

Adding an IP pool........................................................................................ ................ 164

IP Pools for firewall policies that use fixed ports......................... ................................ 165

IP pools and dynamic NAT ......................................................................................... 165

IP/MAC binding..................................... .......................................................................... 166

Configuring IP/MAC binding for packets going through the firewall............................ 166

Configuring IP/MAC binding for packets going to the firewall..... ................................ 167

Adding IP/MAC addresses............................................................. ............................. 167

Viewing the dynamic IP/MAC list ................................................................................ 168

Enabling IP/MAC binding..................... ....................................................................... 168

Content profiles..................................................................... .......................................... 169

Default content profiles ............................................................................................... 170

Adding a content profile .............................................................................................. 170

Adding a content profile to a policy...................... ....................................................... 171

Users and authentication.................................................................................. 173

Setting authentication timeout......................................................................................... 174

Adding user names and configuring authentication..................................... ................... 174

Adding user names and configuring authentication.............. ...................................... 174

Deleting user names from the internal database ........................................................ 175

Configuring RADIUS support....................................... ................................................... 176

Adding RADIUS servers ............................................................................................. 176

Deleting RADIUS servers ........................................................................................... 176