Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bpriya
Staff
Staff

Created on ‎05-13-2020 02:40 AM

Article Id 193231

Technical Tip: Allow creation of ISDB objects with regional information

Description
The article describes how to configure ISDB objects with regional information in the policy.

Solution
From GUI.

Go to Policy & Objects -> Internet Service Database, select 'Create New' and select 'Geographic Based'.





Go to Policy & Objects > Firewall Policy, create a new policy, for destination, select 'Internet Service' and select the ISDB object created.



From CLI.

Create Internet-service-name from CLI.
# config firewall internet-service-name
    edit "ISDB_Regionbased
        set type location
        set internet-service-id 393320
        set country-id 356
        set region-id 860
        set city-id 2139
    next
end
Create policy with Internet-service-name object.
# config firewall policy
    edit 1
        set name "Allow_Amazon_AWS"
        set uuid 6085871a-9457-51ea-c345-d2467146f17e
        set srcintf "port2"
        set dstintf "port1"
        set srcaddr "all"
        set internet-service enable
        set internet-service-name "ISDB_Regionbased"
        set action accept
        set schedule "always"
        set nat enable
    next
end

Labels:
582
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.