Fortinet

FortiGate—Restricted_Ping

Situation

# 只允許特定IP來Ping,不允許其他存取
Allow ping only from specific IP addresses and deny all other access.

Solution

[1]
Log in Fortigate WebUI

[2]
# 開啟Feature
System > Feature Visibility > Additional Features > Local-in-Plicy enable

[3]
# 新增一個local-in policy
Log in Fortigate CMD > 

config firewall local-in-policy
    edit 1
        set intf “wan1”
        set srcaddr “192.168.1.1”
        set dstaddr “all”
        set action accept
        set service “ICMP”
        set schedule “always”
        set status enable
    next

    edit 2
        set intf “wan1”
        set srcaddr “all”
        set dstaddr “all”
        set service “ICMP”
        set action deny
        set schedule “always”
        set status enable
    next
end