Skip to main content
leecholho
leecholho
New Member
January 27, 2026
Question

Adding a rule in local-in-policy fails.

  • January 27, 2026
  • 1 reply
  • 294 views

Hello.
When I try to add a rule to local-in-policy in the following environment, I get an error saying wan1 doesn't exist.

What should I do?

 

atgfw-01 # get system status
Version: FortiGate-80F v7.4.9,build2829,250924 (GA.M)
・・・・・・・・Omitted・・・・・・・
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
・・・・・・・・Omitted・・・・・・・
atgfw-01 #
atgfw-01 # show system interface
config system interface
edit "wan1"
set vdom "root"
set ip xxx.xxx.xxx.xxx 255.255.255.252
set type physical
set description "XXX"
set alias "WAN-XXX"
set snmp-index 1
next
edit "wan2"
set vdom "root"
set ip yyy.yyy.yyy.yyy 255.255.255.252
set type physical
set description "YYY"
set alias "WAN-YYY"
set snmp-index 2
next
・・・・・・・・Omitted・・・・・・・
end

atgfw-01 #

atgfw-01 # config firewall local-in-policy

atgfw-01 (local-in-policy) # edit 110
new entry '110' added

atgfw-01 (110) # set intf "wan1"
node_check_object fail! for name wan1

value parse error before 'wan1'
Command fail. Return code -651

 

 

1 reply

funkylicious
SuperUser
funkylicious
SuperUser
January 27, 2026

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Unable-to-create-local-in-policy-node-check/ta-p/369013

is the port part of sdwan ? if so, use the sdwan zone in the local-in policy instead the actual interface.

"jack of all trades, master of none"
leecholho
leecholhoAuthor
New Member
January 27, 2026

It's been resolved. Thank you.

Terms & ConditionsAccessibility statement