Example: FQDN address
You have to great a policy that will govern traffic that goes to a site that has a number of servers on the Internet. Depending on the traffic or the possibility that one of the servers is down network traffic can go to any one of those sites. The consistent factor is that they all use the same Fully Qualified Domain Name.
- The FQDN of the web site: example.com
- The number of ISP connections off of the FortiGate firewall: 2
- Go to Policy & Objects> Objects > Addresses and select Create New > Address.
- Fill out the fields with the following information:
Category | Address |
Name | BigWebsite.com |
Type | FQDN |
FQDN | bigwebsite.com |
Interface | any |
Visibility | <enable> |
Comments | <Input into this field is optional> |
- Select OK.
- Enter the following CLI command:
config firewall address
edit BigWebsite.com
set type fqdn
set associated-interface any
set fqdn bigwebsite.com
end
Verification
To verify that the addresses were added correctly:
- Go to Firewall Objects > Address > Addresses. Check that the addresses have been added to the address list and that they are correct.
- Enter the following CLI command:
config firewall address
edit <the name of the address that you wish to verify>
Show full-configuration