Skip to main content
Geezertronic
Geezertronic
New Member
June 13, 2019
Question

CLI, Sequence Grouping, and adding new policies

  • June 13, 2019
  • 1 reply
  • 26420 views

Hi.  Running a FortiGate 800D running v6.0.4 build 0231.

 

Please can someone advise how I can create Sequence Groups via CLI, then add a new IPv4 policy to be located under that sequence group again via CLI.

 

Thanks

    1 reply

    hubertzw
    hubertzw
    New Member
    June 15, 2019

    What do you mean by 'Sequence Groups'?

     

    This is how you can move policy under specific policy ID: 

    config firewall policy  move policy_ID [before|after] policy_ID

    ede_pfau
    ede_pfau
    New Member
    June 15, 2019

    There is no sequence numbering or grouping in CLI. Policies are uniquely numbered with an policy-ID. Only in the GUI, policies are grouped by source & dest interface, and sequentially re-numbered.

    That's why many users discard the "sequence ID" column and add "policyID", as then you can find it in the CLI.

    AlexS
    AlexS
    New Member
    June 18, 2019

    To set:

    config firewall policy edit <policy ID> set global-label "Sequence Group Name"

     

    Any policies below will be in that same Group until you specify another global-label.

    Terms & ConditionsCookie settingsAccessibility statement