config : router policy
 
router policy
Use this command to configure policy routes that redirect traffic away from a static route.
For example, you can divert traffic for intrusion protection scanning (IPS). It is also useful if your FortiWeb protects web servers for different customers (for example, the clients of a Managed Security Service Provider).
Policy routes can direct traffic to a specific network interface and gateway based on the packet’s source and destination IP address.
Syntax
config router policy
edit <policy_index>
set iif <incoming_interface_name>
set src <source_ip>
set dst <destination_ip>
set oif <outgoing_interface_name>
set gateway <router_ip>
next
end
Variable
Description
Default
<policy_index>
Enter the index number of the policy route.
The valid range is from 1 to 4,294,967,295.
No default.
<incoming_interface_name>
Enter the name of the interface, such as port1, on which FortiWeb receives packets it applies this routing policy to.
No default.
src <source_ip>
Enter the source IP address and netmask to match, separated with a space.
FortiWeb routes matching traffic through the specified interface and gateway.
0.0.0.0 0.0.0.0
dst <destination_ip>
Enter the destination IP address and netmask to match, separated with a space.
FortiWeb routes matching traffic through the specified interface and gateway.
0.0.0.0 0.0.0.0
<outgoing_interface_name>
Enter the name of the interface, such as port2, through which FortiWeb routes packets that match the specified IP address information.
No default.
gateway <router_ip>
Enter the IP address of a next-hop router.
0.0.0.0
Related topics
config router static
config router setting