Fortinet black logo

Online Help

7.0.1
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.2
6.2.1
6.2.0
6.0.3
6.0.2
6.0.1
6.0.0

Bluecoat start options

Bluecoat start options

Forticonverter supports conversion to either Fortigate or FortiProxy devices. The converted config would be slightly different in interface and/or Proxy Policy category.

This table lists the start settings.

Setting

Description

Profile

Description

Enter a description of the configuration.

Output Options

Output Format

Select whether to convert to FortiGate or FortiProxy device.

FOS Version

The configuration syntax is slightly different among FortiOS 6.2, 6.4, 7.0 and 7.2. Select the version that corresponds to the FortiOS version on the target.

Input

Source Configuration

Select the input file.

Conversion Options

Discard unreferenced firewall objects

Specifies whether addresses, schedules, and services that are not referenced by a policy are saved and added to the output. This option can be useful if your target device has table size limitations. You can view the unreferenced objects that FortiConverter removed in the Tuning page.

Increase Address and Service Table Sizes for High-End Models

You can customize the maximum table sizes that

FortiConverter uses when Adjust table sizes is selected. For more information, see Adjusting table sizes

Policy index start from 1 instead of 10000

When selected, the serial number of firewall policies will start from 1 instead of 10000.

Use HTTP/HTTPS as default service

Use WebOnlyProxy as default service instead of ALL.

NGFW policy-based mode

When selected, the conversion will be in NGFW policy-based mode.

"firewall policy" will become "firewall security-policy" instead, and "set application 00000" will be generated in policies, which requires manual processing. There will also be some other minor differences adapted for the NGFW policy-based CLI.

Comment Options

Include input configuration lines for each output policy

Specifies whether FortiConverter includes the input configuration lines used for each FortiGate policy in the FortiGate configuration as a policy comment.

Domain Name Conversion Options

Convert to FQDN addresses,

e.g: set fqdn "domain.name"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses.

Convert to FQDN addresses with wildcard prefix "*.", e.g: set fqdn "*.domain.name"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start with “*.”.

Convert to host-regex proxy addresses,

e.g: set host-regex "domain\.name"

Convert the Bluecoat objects which have domain names as contents into host-regex proxy addresses.

Convert to FQDN addresses with wildcard prefix and suffix "*",

e.g: set fqdn "*domain.name*"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start and end with “*”.

Previous
Next

Bluecoat start options

Forticonverter supports conversion to either Fortigate or FortiProxy devices. The converted config would be slightly different in interface and/or Proxy Policy category.

This table lists the start settings.

Setting

Description

Profile

Description

Enter a description of the configuration.

Output Options

Output Format

Select whether to convert to FortiGate or FortiProxy device.

FOS Version

The configuration syntax is slightly different among FortiOS 6.2, 6.4, 7.0 and 7.2. Select the version that corresponds to the FortiOS version on the target.

Input

Source Configuration

Select the input file.

Conversion Options

Discard unreferenced firewall objects

Specifies whether addresses, schedules, and services that are not referenced by a policy are saved and added to the output. This option can be useful if your target device has table size limitations. You can view the unreferenced objects that FortiConverter removed in the Tuning page.

Increase Address and Service Table Sizes for High-End Models

You can customize the maximum table sizes that

FortiConverter uses when Adjust table sizes is selected. For more information, see Adjusting table sizes

Policy index start from 1 instead of 10000

When selected, the serial number of firewall policies will start from 1 instead of 10000.

Use HTTP/HTTPS as default service

Use WebOnlyProxy as default service instead of ALL.

NGFW policy-based mode

When selected, the conversion will be in NGFW policy-based mode.

"firewall policy" will become "firewall security-policy" instead, and "set application 00000" will be generated in policies, which requires manual processing. There will also be some other minor differences adapted for the NGFW policy-based CLI.

Comment Options

Include input configuration lines for each output policy

Specifies whether FortiConverter includes the input configuration lines used for each FortiGate policy in the FortiGate configuration as a policy comment.

Domain Name Conversion Options

Convert to FQDN addresses,

e.g: set fqdn "domain.name"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses.

Convert to FQDN addresses with wildcard prefix "*.", e.g: set fqdn "*.domain.name"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start with “*.”.

Convert to host-regex proxy addresses,

e.g: set host-regex "domain\.name"

Convert the Bluecoat objects which have domain names as contents into host-regex proxy addresses.

Convert to FQDN addresses with wildcard prefix and suffix "*",

e.g: set fqdn "*domain.name*"

Convert the Bluecoat objects which have domain names as contents into FQDN addresses which start and end with “*”.

Previous
Next