Created on 05-11-2005 12:00 AM
Description | Adding an ‘Encrypt’ firewall policy, prevents Antivirus/NIDS updates and FortiGuard services from working |
Components |
|
Steps or Commands | IssueUpon creating/adding an ‘Encrypt’ Firewall Policy, the following FortiGate features stop functioning:
CauseThe ‘Encrypt’ Firewall Policy was created with the external_all (0.0.0.0/0.0.0.0) as a destination subnet. This causes all FortiGate generated traffic to be inserted into the IPSec tunnel, instead of leaving un-encrypted onto the Internet. SolutionModify the ‘Encrypt’ policy to use a specific Destination (and Source) subnet value. |
Related Articles
Technical Note: Traffic Types and TCP/UDP Ports used by Fortinet Products
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.