Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Russell18
New Contributor

Way to disable the firewall temporarily.

Hi Friends,

 

I am having an issue with an application and need to disable the firewall temporarily. Can anyone help me with the same.

 

Thanks!

8 REPLIES 8
ede_pfau
Esteemed Contributor III

Put an 'allow-all' policy as the top-most policy? As in 'from any (interface), to any, src all, dst all, service ALL, action ACCEPT'.

will still be routing though.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
emnoc
Esteemed Contributor III

I would not do that, if it's one application that place a rule for just that. src host with any services. In fact you should use the diag debug flow and possible diag sniffer packet and actually trouble with diagnostics and traces on what is and is not happening.

 

Just my 2cts input

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Russell18

I suppose the Windows default Firewall will jump on once I disable my custom firewall. Do I need to follow these steps after that? Kindly guide.

SherryParket

Thanks, I was also looking for the same question. [link=https://rufusdownload.net/][/link]

ede_pfau
Esteemed Contributor III

of course @emnoc is 100% right, and thanks for calling attention to the implications.

This is BAD BAD practice.

Your question was about a quick fix for testing, and I did not mean or recommend to use it for longer than a couple of minutes.

Besides, a FGT is waay too expensive as a replacement for a wire.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
rwpatterson
Valued Contributor III

Your best course of action would be to create a policy from that one device to all with service any and place it at the top. Everything else in the organization will not be affected and only that one application (or device rather) will have unlimited internet access.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
rwpatterson
Valued Contributor III

Russell18 wrote:

I suppose the Windows default Firewall will jump on once I disable my custom firewall. Do I need to follow these steps after that? Kindly guide.

Placing an all-all policy at the top will allow everything in the organization unlimited Internet access. The Windoze firewall is useless as it it primarily for inbound traffic, not for outbound as the Fortinet is.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Miranda485

Windows Firewall will not pick up anything, be careful.

Labels
Top Kudoed Authors