FortiClient Manager : Configuring FortiClient agent settings : Configuring firewall address groups on a FortiClient agent
 
Configuring firewall address groups on a FortiClient agent
You can create groups of firewall addresses for use in firewall policies. The default Address Groups are Blocked-Zone, Public-Zone, and Trusted-Zone. You can edit these Address Groups or create new groups.
Create New
Select to create a firewall address group.
Override
The FortiClient agent’s configuration includes those inherited from the group to which the computer belongs.
Selecting override allows you to modify the inherited firewall address group configuration on this FortiClient agent. Deselecting override means that you want to use the firewall address group configuration inherited from the group to which the computer belongs.
Even with inherited firewall address group configurations, you can still create new firewall address groups for a FortiClient agent.
See “Adding a FortiClient agent group” and “Configuring settings for client groups”.
Name
The name of the firewall address group.
Member
The addresses in the address group.
Comments
Comments on the firewall address group.
Action
Select the Delete icon to remove a firewall address group, and Edit icon to modify a firewall address group.
To add a firewall address group:
1. In the FortiClient Manager, select Client/Group > Client > Managed Client in the navigation pane.
2. In the All Managed Clients list, select the FortiClient agent you want from the Host Name column.
3. From the FortiClient menu, select Firewall > IP Address > Address Group > Create New.
Group Name
Enter a name to identify the address group. You must not use the same name as any firewall address or virtual IP.
Comments
Optionally, add comments on the firewall address group.
Group Members
Use the arrows to move addresses between the Available Address (configured and default firewall addresses) and Selected Address lists. The list of addresses come from the IP Addresses.
4. Select OK.