FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link FortiOS 4.3 Online Help Link

Home > Online Help

> Chapter 9 - Firewall > Building firewall objects and policies > Building firewall objects and policies

Building firewall objects and policies

The other chapters in the Firewall book have so far been concerned primarily with concepts and abstract ideas that are designed you help you understand what is going on with the firewall and what it can do. Now that we have a good grounding in the “what” it is time to get into the “how”.

This section will provide the instructions for the web-based manager (when available) and the CLI for adding and or editing FortiGate firewall objects and then how to put them together when building a policy to govern the traffic flowing through your network. To give some context, scenarios have been included. The instructions here are concerned with the creation of the objects. The inclusion of these objects into firewall policies is not shown in these instructions.

This chapter includes the instructions for building the following:

  • IPv4 Firewall Addresses
  • IPv6 Firewall Addresses
  • FQDN address
  • Changing the TTL of a FQDN address
  • New Geography-based Address
  • IPv4 Address Group
  • IPv4 Address Group
  • IPv6 Address Group
  • Multicast Address
  • Service Category
  • TCP/UDP/SCTP Service
  • ICMP Service
  • ICMPv6 Service
  • Service Group
  • Virtual IP address
  • IP Pool
  • Central NAT Table
  • Firewall Schedule - Recurring
  • Firewall Schedule - One-time
  • Schedule Group
  • Proxy Option
  • DoS Policy