In this video, you will learn how to create a virtual wire pair, to make it easier to protect a web server behind a FortiGate that is acting as an Internal Segmentation Firewall, or ISFW.
A virtual wire pair is two dedicated interfaces that have no IP addresses, with all traffic received by one interface being forwarded out the other, controlled by your firewall policies. Since the interfaces have no IP addresses, you can add a virtual wire pair to any network without making any significant changes. In this example, users on the internal network will access the web server through the ISFW over the virtual wire pair.
In FortiOS 5.4, the virtual wire pair replaces the Port Pairing feature from earlier versions. Unlike port pairing, a virtual wire pair is compatible with a FortiGate in NAT/Route mode, as well as Transparent mode.
The recipe for this video is available here.
Latest posts by Fortinet Technical Documentation (see all)
- Supported Upgrade Paths – FortiAP, FortiAP-S, and FortiAP-W2 - January 25, 2019
- Resetting a lost Admin password - October 10, 2018
- Blocking malicious domains using threat feeds - September 14, 2018