Fortinet black logo

Administration Guide

Home FortiManager 7.2.1 Administration Guide

Create a new local-in policy

7.2.1
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0
Copy Link
Copy Doc ID 04f80bb3-e03c-11ec-bb32-fa163e15d75b:158671
Download PDF

Create a new local-in policy

The section describes how to create new IPv4 and IPv6 local-in policies to control inbound traffic that is going to a FortiGate interface.

See Local-in policy in the FortiOS Administration Guide for more information.

On the Policy & Objects pane, from the Tools menu, select Display Options, and then select the IPv4 Local In Policy and IPv6 Local In Policy checkboxes to display these options.
To create a new Local-In policy:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Policy & Objects > Policy Packages.
  3. In the tree menu for the policy package in which you will be creating the new policy, select IPv4 Local In Policy or IPv6 Local In Policy.
  4. Click Create New.
  5. Enter the following information:

    Option

    Description

    Interface

    Select the interface.

    Source Address

    Select souce addresses, address groups, virtual IPs, and virtual IP groups.

    Destination Address

    Select destination addresses, address groups, virtual IPs, and virtual IP groups.

    Service

    Select services and service groups.

    Schedule

    Select a one-time schedule, recurring schedule, or schedule group.

    Action

    Select an action for the policy to take: DENY or ACCEPT.

    HA Management Interface Only

    Enable to dedicate the interface as an HA management interface. This option is only available for IPv4 policies.

    Change Note

    		Add a description of the changes being made to the policy. This field is required.
  6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
Previous
Next

Create a new local-in policy

The section describes how to create new IPv4 and IPv6 local-in policies to control inbound traffic that is going to a FortiGate interface.

See Local-in policy in the FortiOS Administration Guide for more information.

On the Policy & Objects pane, from the Tools menu, select Display Options, and then select the IPv4 Local In Policy and IPv6 Local In Policy checkboxes to display these options.
To create a new Local-In policy:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. Go to Policy & Objects > Policy Packages.
  3. In the tree menu for the policy package in which you will be creating the new policy, select IPv4 Local In Policy or IPv6 Local In Policy.
  4. Click Create New.
  5. Enter the following information:

    Option

    Description

    Interface

    Select the interface.

    Source Address

    Select souce addresses, address groups, virtual IPs, and virtual IP groups.

    Destination Address

    Select destination addresses, address groups, virtual IPs, and virtual IP groups.

    Service

    Select services and service groups.

    Schedule

    Select a one-time schedule, recurring schedule, or schedule group.

    Action

    Select an action for the policy to take: DENY or ACCEPT.

    HA Management Interface Only

    Enable to dedicate the interface as an HA management interface. This option is only available for IPv4 policies.

    Change Note

    		Add a description of the changes being made to the policy. This field is required.
  6. Click OK to create the policy. You can select to enable or disable the policy in the right-click menu. When disabled, a disabled icon will be displayed in the Seq.# column to the left of the number. By default, policies will be added to the bottom of the list, but above the implicit policy.
Previous
Next