FortiManager CLI Templates and address object

Question

Hi everyone !

I have an issue with FortiManager and CLI Templates.

I have a script and on it an address object target. For example :

config system sdwan

config service

edit 0

set name "RULE1"

set mode sla

set dst "FMG_ADDRESS_OBJECT"

...

if FMG_ADDRESS_OBJECT is not already on my FortiGate (it's a new object only used in this script), the script failed with this error

Post vdom failed: error :131 - datasrc invalid. object: system sdwan service.1:dst. detail: FMG_ADDRESS_OBJECT. solution: datasrc invalid

Is it the normal behavior ?

amouawad · Answer

Yes this would fail as the address object FMG_ADDRESS_OBJECT doesn't yet exist in the FortiGate and you're trying to reference it in the script.

Two quick solutions:

1. Use SDWAN templates to configure SDWAN. When you reference an address object there it will add it to the FortiGate automatically when it pushes out the config

2. Create the address object in the script before pushing out the SDWAN config:

config firewall address     edit "FMG_ADDRESS_OBJECT"         set subnet 172.18.1.1 255.255.255.255     next end  config system sdwan     config service         edit 0             set name "RULE1"             set mode sla             set dst "FMG_ADDRESS_OBJECT"             ...

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded