How to block Hamachi 1.0.2.2 using FQDN firewall addresses

Description

• All FortiGate units
• FortiOS v3.0

Hamachi 1.0.2.2 is a VPN application that can be used to bypass firewalls. The following steps describe how to create two FortiGate FQDN firewall addresses, add those address to an address group and add a deny firewall policy including this address group to block Hamachi 1.0.2.2.

To add the Hamachi FQDN addresses

1. Go to Firewall > Address.
2. Select Create New.
3. Enter an address name, for example alpha.hamachi.cc.
4. Set Type to FQDN.
5. In the FQDN field enter alpha.hamachi.cc.
6. You can leave Interface set to Any.
7. Select OK to add the address.
8. Repeat to add the FQDN address bravo.hamachi.cc.

To add an address group

1. Go to Firewall > Address > Group.
2. Select Creat New.
3. Enter an address group name, for example hamachi.
4. Move the Hamachi FQDN addresses to the Members list.
5. Select OK to add the address group.

To add the address group to a deny firewall policy

1. Go to Firewall > Policy.
2. Select Create New.
3. Set the Source interface and address to the same settings as the policy you have that allows users to access the Internet.
4. Set the destination address to the hamachi address group.
5. You can leave Service set to ANY and schedule set to always.
6. Set Action to DENY.
7. Select OK.
8. Move the deny policy above all other outbound policies that allow Internet access.
   Note: Always arrange deny policies above similar accept policies in a firewall policy list or else the deny policy will not be selected. See the FortiGate online help for more information about how policy matching works.