Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Online Help

    6.2.0
    7.2.0
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.2
    6.2.1
    6.2.0
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Juniper Conversions

    Juniper Conversions

    Juniper ScreenOS or Junos OS differences

    VLAN logical interfaces

    FortiConverter recognizes interface names starting with "vlan" as logical interfaces.

    Service objects

    Junos OS service objects support MS-RPS and SUN-RPC, where program-numbers (SUN) and UUID (MS) are used instead of ports.

    FortiOS supports this configuration using Application Control with an application override.

    Example of Junos service object conversion

    config application list

    edit "MS-ActiveDirectory"

    config entries

    edit 1

    set application 152305667

    config parameters

    edit 1

    set value "45f52c28-7f9f-101a-b52b-08002b2efabe"

    next

    edit 2

    set value "811109bf-a4e1-11d1-ab54-00a0c91e9b45"

    next

    end

    set action pass

    next

    end

    next

    end

    edit 10012

    set srcintf "trust"

    set dstintf "mgn"

    set srcaddr "MEI-Novi-172.24.81.0-24" "MEI-Novi-172.24.80.0-24" "MEI-Novi-172.24.252.112-28"

    set dstaddr "MEI-WAN"

    set service "MS-ActiveDirectory"

    set schedule "always"

    set logtraffic all

    set status enable

    set action accept

    set comments "95"

    set application-list "MS-ActiveDirectory"

    next

    NAT support

    For SRX Series gateways, supports the FortiConverter conversion of the following NAT types:

    • Destination NAT
    • Source NAT
    • Static NAT

    In ScreenOS, source NAT is implicitly enabled when: the destination zone is in the untrust-vr, the source zone is trust zone and the destination zone is untrust zone, and both belong to the trust-vr.

    Previous
    Next

    Juniper Conversions

    Juniper Conversions

    Juniper ScreenOS or Junos OS differences

    VLAN logical interfaces

    FortiConverter recognizes interface names starting with "vlan" as logical interfaces.

    Service objects

    Junos OS service objects support MS-RPS and SUN-RPC, where program-numbers (SUN) and UUID (MS) are used instead of ports.

    FortiOS supports this configuration using Application Control with an application override.

    Example of Junos service object conversion

    config application list

    edit "MS-ActiveDirectory"

    config entries

    edit 1

    set application 152305667

    config parameters

    edit 1

    set value "45f52c28-7f9f-101a-b52b-08002b2efabe"

    next

    edit 2

    set value "811109bf-a4e1-11d1-ab54-00a0c91e9b45"

    next

    end

    set action pass

    next

    end

    next

    end

    edit 10012

    set srcintf "trust"

    set dstintf "mgn"

    set srcaddr "MEI-Novi-172.24.81.0-24" "MEI-Novi-172.24.80.0-24" "MEI-Novi-172.24.252.112-28"

    set dstaddr "MEI-WAN"

    set service "MS-ActiveDirectory"

    set schedule "always"

    set logtraffic all

    set status enable

    set action accept

    set comments "95"

    set application-list "MS-ActiveDirectory"

    next

    NAT support

    For SRX Series gateways, supports the FortiConverter conversion of the following NAT types:

    • Destination NAT
    • Source NAT
    • Static NAT

    In ScreenOS, source NAT is implicitly enabled when: the destination zone is in the untrust-vr, the source zone is trust zone and the destination zone is untrust zone, and both belong to the trust-vr.

    Previous
    Next