Monday, September 14, 2015

Various FortiOS interfaces you should know of

Here's a few virtual interface that you will find in the fortigate series of firewall. They have various purposes but outside of the  ssl.root, they are not really used for user traffic and nor can you define these in any static routes or firewall-policies

( interfaces virtual )

   port_ha  =  "used primarily for ha sync messages "
   havdlink0  =  " I have no clue ;) "

   eth0    =  used for IPS related activities ( I believe it routes interfaces to the ips engine )

   root  = "interface loopback similar to  lo in unix"

    ssl.root = "used for sslvpn access"

carries sslvpn traffic from sslvpn end users , you can define this in fw-polciies,static routes, and even use it in management applications uses ssh , https, pings, etc......

Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix  -----a----t---- socpuppets ---dot---com

    ^     ^
=(  *  * )=
      /  \

No comments:

Post a Comment