fortigate Mon Dec 15 08:32:04 AM EST 2025

configs/fortigate/vdom_scsd/firewall.cfg

@@ -2783,6 +2783,25 @@ config firewall address
         set allow-routing enable
         set subnet 192.168.167.0 255.255.255.0
     next
+    edit "NOCTI"
+        set type fqdn
+        set associated-interface "outside"
+        set fqdn "nocti.org"
+    next
+    edit "Shea_Secure_Wireless"
+        set type iprange
+        set comment "Test nocti.org"
+        set associated-interface "inside"
+        set start-ip 10.14.112.11
+        set end-ip 10.14.127.254
+    next
+    edit "Shea_VLAN_6"
+        set type iprange
+        set comment "Test nocti.org"
+        set associated-interface "inside"
+        set start-ip 10.1.6.20
+        set end-ip 10.1.6.254
+    next
 end
 config firewall multicast-address
     edit "all_hosts"
@@ -2990,6 +3009,9 @@ config firewall addrgrp
         set member "Clary_POS" "ITC_Cafe_POS" "Porter_POS"
         set comment "Point of Sale Machines"
     next
+    edit "NOCTI_Inside"
+        set member "Shea_Secure_Wireless" "Shea_VLAN_6"
+    next
 end
 config firewall wildcard-fqdn custom
     edit "g-Adobe Login"
@@ -4744,6 +4766,18 @@ config firewall policy
         set ips-sensor "g-default"
         set comments " (Copy of NVIDEA_LICENSING) (Reverse of NVIDEA_LICENSING)"
     next
+    edit 107
+        set name "NOCTI_In->Out"
+        set srcintf "inside"
+        set dstintf "outside"
+        set action accept
+        set srcaddr "NOCTI_Inside"
+        set dstaddr "NOCTI"
+        set schedule "always"
+        set service "HTTP" "HTTPS"
+        set logtraffic all
+        set comments "Allow nocti.org"
+    next
     edit 109
         set name "Block Countries Out -> In"
         set srcintf "outside"