Created on 02-04-2017 04:21 PM Edited on 02-05-2024 12:54 AM By Jean-Philippe_P
Description
This article describes how to configure two or more firewall schedules to control when policies take effect.
The schedule parameter in the policy configuration does not allow multiple schedules into a single policy.
Solution
# config firewall schedule recurringedit "Monday_Friday"set start 08:00set end 17:30set day monday tuesday wednesday thursday fridaynextend
2) Firewall schedule for saturdays (08:00-12:00h).
# config firewall schedule recurringedit "weekend"set start 08:00set end 12:00set day saturdaynextend
3) Configure a firewall schedule group.
# config firewall service groupedit Custom_Scheduleset member Monday_Friday weekendnextend
3) Assign the schedule profile to a firewall policy and position it at the top.
# config firewall policyedit 1set srcintf "Internal"set dstintf "WAN1"set srcaddr "Internal_users"set dstaddr "all"set action acceptset schedule "Custom_Schedule"set schedule-timeout enableset service "ALL"set nat enableend
4) Enable schedule-timeout option on the firewall policy.The schedule in a security policy enables certain aspects of network traffic to occur for a specific length of time.The policy is active for a given time frame, and as long as the session is open, traffic can continue to flow.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.