Before you get started, here are a few tips about using the Fortinet Cookbook:

Understanding the basics

Some basic steps, such as logging into your Fortinet product, are not included in most recipes. This information can be found in the QuickStart guide for your product.

Screenshots vs. text

The Fortinet Cookbook uses both screenshots and text to explain the steps of each example. The screenshots display the entire configuration, while the text highlights key details (i.e. the settings that are strictly necessary for the configuration) and provides additional information. To get the most out of the Fortinet Cookbook, start with the screenshots and then read the text for more details.

Model and firmware

GUI menus, options, and interface names may vary depending on the which model you are using and the firmware build.

For example, some FortiGate models do not have the menu option Router > Static > Static Routes.


The specific ports being used in the documentation are chosen as examples. When you are configuring your unit, you can substitute your own ports, provided that they have the same function.

For example, in most FortiGate recipes, wan1 is the port used to provide the FortiGate with access to the Internet. If your FortiGate uses a different port for this function, you should use that port where the recipe configure uses wan1.

IP addresses and object names

IP addresses are sometimes shown in diagrams to make it easier to see the source of the addresses used in the recipe. When you are configuring your product, substitute your own addresses. You should also use your own name for any objects, including user accounts, that are created as part of the recipe. Make names as specific as possible, to make it easier to determine later what the object is used for.

Text elements

Bold text indicates the name of a GUI field or feature. When required, italic text indicates information that you must enter.

Selecting OK/Apply

Always select OK or Apply when you complete a GUI step. Because this must be done frequently, it is an assumed step and is not included in most recipes.

IPv4 vs IPv6 FortiGate policies

Most FortiGate recipes in the Fortinet Cookbook use IPv4 security policies. However, the majority of them could also be done using IPv6 policies. If you wish to create an IPv6 policy, go to Policy & Objects > Policy > IPv6.

Turning on FortiOS features

Some FortiOS features can be turned off, which means they will not appear in the GUI. If an option required for a recipe does not appear, go to System > Config > Features and make sure that option is turned on.

Also, on some FortiGate models, certain features are only available using the CLI. For more information about this, see the Feature/Platform Matrix.