Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiProxy 7.2.8 Administration Guide
    7.2.8
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.0
    7.0.19
    7.0.17
    7.0.0
    2.0.0
    1.2.0
    1.1.0
    1.0.0

    Create or edit a zone

    Create or edit a zone

    Zones are a group of one or more physical or virtual FortiProxy interfaces that you can apply security policies to control inbound and outbound traffic. Grouping interfaces into zones simplifies the creation of security policies where a number of network segments can use the same policy settings and protection profiles. Interfaces that are included in a zone must not be assigned to another zone or have firewall policies defined.

    Selecting Create New > Zone opens the New Zone page, which provides settings for configuring a new zone.

    Selecting a zone and then selecting Edit opens the Edit Zone page.

    Configure the following settings in the New Zone page or Edit Zone page and click OK:

    Name Enter a name for the zone. You can change the name of the zone after creating it.
    Interface Members Select the ports to be included in the zone.
    Comments Enter a description up to 255 characters to describe the zone.
    API Preview Select the ports to be included in the zone.
    To use the API Preview:
    1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.
    2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.
    3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
    4. Click Close to leave the preview.
    To create a zone:

    config system zone

    edit <zone_name>

    set description <string>

    set interface <interface_names>

    next

    end

    Verification

    When a client visits a HTTP website, the client will be redirected to the captive portal for authentication by HTTPS. For example, the client could be redirected to a URL by a HTTP 303 message similar to the following:

    HTTP/1.1 303 See Other

    Connection: close

    Content-Type: text/html

    Cache-Control: no-cache

    Location: https://fpx.fortinetqa.local:7831/XX/YY/ZZ/cpauth?scheme=http&4Tmthd=0&host=172.16.200.46&port=80&rule=75&uri=Lw==&

    Content-Length: 0

    The captive portal URL used for authentication is https://fpx.fortinetqa.local:7831/.... After the authentication is complete with all user credentials protected by HTTPS, the client is redirected to the original HTTP website it intended to visit.

    Previous
    Next

    Create or edit a zone

    Create or edit a zone

    Zones are a group of one or more physical or virtual FortiProxy interfaces that you can apply security policies to control inbound and outbound traffic. Grouping interfaces into zones simplifies the creation of security policies where a number of network segments can use the same policy settings and protection profiles. Interfaces that are included in a zone must not be assigned to another zone or have firewall policies defined.

    Selecting Create New > Zone opens the New Zone page, which provides settings for configuring a new zone.

    Selecting a zone and then selecting Edit opens the Edit Zone page.

    Configure the following settings in the New Zone page or Edit Zone page and click OK:

    Name Enter a name for the zone. You can change the name of the zone after creating it.
    Interface Members Select the ports to be included in the zone.
    Comments Enter a description up to 255 characters to describe the zone.
    API Preview Select the ports to be included in the zone.
    To use the API Preview:
    1. Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.
    2. Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.
    3. Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
    4. Click Close to leave the preview.
    To create a zone:

    config system zone

    edit <zone_name>

    set description <string>

    set interface <interface_names>

    next

    end

    Verification

    When a client visits a HTTP website, the client will be redirected to the captive portal for authentication by HTTPS. For example, the client could be redirected to a URL by a HTTP 303 message similar to the following:

    HTTP/1.1 303 See Other

    Connection: close

    Content-Type: text/html

    Cache-Control: no-cache

    Location: https://fpx.fortinetqa.local:7831/XX/YY/ZZ/cpauth?scheme=http&4Tmthd=0&host=172.16.200.46&port=80&rule=75&uri=Lw==&

    Content-Length: 0

    The captive portal URL used for authentication is https://fpx.fortinetqa.local:7831/.... After the authentication is complete with all user credentials protected by HTTPS, the client is redirected to the original HTTP website it intended to visit.

    Previous
    Next