Configuring IPS with FortiGate Firewall

 

To configure FortiGate firewall:

  1. Select Endpoint Policy > Infranet Enforcer.
  2. Click New Infranet Enforcer and select FortiGate Firewall in the Platform drop down.
  3. Enter the name of the Infranet Enforcer in the Name box.
  4. Enter the IP address of FortiGate Firewall.
  5. Enter the shared secret.
  6. Enter the port number used for RADIUS accounting.
  7. Click Save Changes. You must create security policies on the FortiGate firewall for traffic enforcement.
  8. Check the Status > Overview page for checking the status of the connection.

Configuring Auth Table Mapping Policy

When you provision the authentication table from IPS to the firewall, ensure that the Profiler is configured with the Profiler Name and upload the FPDB, or do not configure the Profiler. If the Profiler is configured without uploading the FPDB, then the authentication table is not sent from IPS to Firewall.

To configure auth table mapping policies:

  1. Select Endpoint Policy > Infranet Enforcer > Auth Table Mapping.
  2. Click New Policy.
  3. Enter a name to label this auth table mapping policy.
  4. Select FortiGate as an enforcer in the Enforcer section, specify the Infranet Enforcer device(s) to which you want to apply this auth table mapping policy.
  5. In the Action section, specify auth table mapping rules for the specified Infranet Enforcer.
  6. Click Save Changes.