Hot!"All other than" in Fortigate ?

Author
Tutek
Bronze Member
  • Total Posts : 21
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/03/16 08:23:40
  • Status: offline
2020/10/14 14:48:56 (permalink)
0

"All other than" in Fortigate ?

Hi,
Mikrotik have special exclamation mark in policy or firewall settings, If I put it before port number 80 it means NOT 80
so configured rule would be applyed to ALL ports but 80

Lets say I should blocking p2p, but want p2p to be available on computer 192.168.0.3
so I can configure it like src address =  !192.168.0.3
so it would apply to ALL but 192.168.0.3
 
do Fortios/Fortigate have something similar?
 
thanks.
#1

3 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2284
    • Scores: 219
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: "All other than" in Fortigate ? 2020/10/14 21:24:29 (permalink)
    0
    I think this is what you're looking for.
    https://kb.fortinet.com/kb/documentLink.do?externalID=FD33959
    But I never used it because without negate enabled, you can easily do the same thing with two policies; the first one to allow 192.168.0.3/32 then the second one to block "all" sources.
    #2
    Tutek
    Bronze Member
    • Total Posts : 21
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/16 08:23:40
    • Status: offline
    Re: "All other than" in Fortigate ? 2020/10/15 10:16:37 (permalink)
    0
    Indeed similar option but very limited.
    Doing your way I need to double policy to configure one thing, so it not help to keep all policies clean and simple.
    #3
    emnoc
    Expert Member
    • Total Posts : 5800
    • Scores: 383
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: "All other than" in Fortigate ? 2020/10/15 20:18:38 (permalink)
    0
    I all most never seen negate used for src or destinations in policyid.You allow what you want and deny what you need imho
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #4
    Jump to:
    © 2020 APG vNext Commercial Version 5.5