Fortinet black logo

Administration Guide

Control administrative access with a local-in policy

Control administrative access with a local-in policy

Administrative access to FortiAnalyzer can be controlled by a IPv4/IPv6 local-in policy. This feature can only be configured using the FortiAnalyzer CLI.

For more information, see the FortiAnalyzer CLI Reference Guide on the Fortinet Docs Library.

To create an IPv4 local-in policy to control administrator access to FortiAnalyzer:
  1. Access the FortiAnalyzer CLI.
  2. Enter the following command to create the IPv4 local-in policy:

    config system local-in-policy

    (local-in-policy)# edit <policy ID>

    new entry '<Policy ID>' added

  3. Configure additional settings for the local-in policy using the set command.
    For example:

set

action Action performed on traffic matching this policy.

dport Destination port number (0 for all).

dst Destination IP and mask.

intf Incoming interface name.

protocal Traffic protocal.

src Source IP and mask.

To create an IPv6 local-in policy to control administrator access to FortiAnalyzer:
  1. Access the FortiAnalyzer CLI.
  2. Enter the following command to create the IPv6 local-in policy:

    config system local-in-policy6

    (local-in-policy6)# edit <policy ID>

    new entry '<Policy ID>' added

  3. Configure additional settings for the local-in policy using the set command.
    For example:

set

action Action performed on traffic matching this policy.

dport Destination port number (0 for all).

dst Destination IP and mask.

intf Incoming interface name.

protocal Traffic protocal.

src Source IP and mask.

Control administrative access with a local-in policy

Administrative access to FortiAnalyzer can be controlled by a IPv4/IPv6 local-in policy. This feature can only be configured using the FortiAnalyzer CLI.

For more information, see the FortiAnalyzer CLI Reference Guide on the Fortinet Docs Library.

To create an IPv4 local-in policy to control administrator access to FortiAnalyzer:
  1. Access the FortiAnalyzer CLI.
  2. Enter the following command to create the IPv4 local-in policy:

    config system local-in-policy

    (local-in-policy)# edit <policy ID>

    new entry '<Policy ID>' added

  3. Configure additional settings for the local-in policy using the set command.
    For example:

set

action Action performed on traffic matching this policy.

dport Destination port number (0 for all).

dst Destination IP and mask.

intf Incoming interface name.

protocal Traffic protocal.

src Source IP and mask.

To create an IPv6 local-in policy to control administrator access to FortiAnalyzer:
  1. Access the FortiAnalyzer CLI.
  2. Enter the following command to create the IPv6 local-in policy:

    config system local-in-policy6

    (local-in-policy6)# edit <policy ID>

    new entry '<Policy ID>' added

  3. Configure additional settings for the local-in policy using the set command.
    For example:

set

action Action performed on traffic matching this policy.

dport Destination port number (0 for all).

dst Destination IP and mask.

intf Incoming interface name.

protocal Traffic protocal.

src Source IP and mask.