Fortinet black logo

Cookbook

Using zones to simplify firewall policies

Using zones to simplify firewall policies

This example shows how grouping multiple interfaces into a zone can simplify firewall policies. In this example, we create VLAN10, VLAN20, and VLAN30 and add them into a zone called LAN Zone. Instead of having to reference all three interfaces separately as a source interface in our firewall policy, we can just use the single zone object.

In addition to VLANs, zones can also group many other kinds of interfaces such as physical ports or IPsec tunnels.

Related Videos

sidebar video

Simplifying Firewall Policies with Zones

  • 34,859 views
  • 6 years ago

Using zones to simplify firewall policies

This example shows how grouping multiple interfaces into a zone can simplify firewall policies. In this example, we create VLAN10, VLAN20, and VLAN30 and add them into a zone called LAN Zone. Instead of having to reference all three interfaces separately as a source interface in our firewall policy, we can just use the single zone object.

In addition to VLANs, zones can also group many other kinds of interfaces such as physical ports or IPsec tunnels.