Fortinet black logo

Cookbook

Home FortiGate / FortiOS 5.6.0 Cookbook

Using zones to simplify firewall policies

5.6.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:213584
Download PDF

Using zones to simplify firewall policies

This example shows how grouping multiple interfaces into a zone can simplify firewall policies. In this example, we create VLAN10, VLAN20, and VLAN30 and add them into a zone called LAN Zone. Instead of having to reference all three interfaces separately as a source interface in our firewall policy, we can just use the single zone object.

In addition to VLANs, zones can also group many other kinds of interfaces such as physical ports or IPsec tunnels.

Previous
Next

Related Videos

sidebar video

Simplifying Firewall Policies with Zones

  • 34,846 views
  • 6 years ago

Using zones to simplify firewall policies

This example shows how grouping multiple interfaces into a zone can simplify firewall policies. In this example, we create VLAN10, VLAN20, and VLAN30 and add them into a zone called LAN Zone. Instead of having to reference all three interfaces separately as a source interface in our firewall policy, we can just use the single zone object.

In addition to VLANs, zones can also group many other kinds of interfaces such as physical ports or IPsec tunnels.

Previous
Next