Policies are applied on a top-down basis. Traffic flowing through the firewall is checked by the top policy in the policy table (determined by the Seq.#), if that policy does not apply to the traffic it is checked by the second policy and so on until it reaches the explicit deny rule at the bottom.

In order to have the correct traffic flowing through each policy, they must be arranged so that more specific policies are located at the top.

To change the order of the policies go to Policy & Objects > Policy > IPv4 and rearrange them by clicking and dragging on the Seq.# column of the affected policy to the desired position in the table.

  • fortinet/policy_table_order.txt
  • Last modified: 2019/03/15 18:03
  • by ericclaus