Skip to main content
B
B-W
Explorer
April 24, 2026
Solved

FortiManager Cloud – Static routes with address groups: how do you handle this?

  • April 24, 2026
  • 1 reply
  • 27 views

Hi everyone,

I’m currently using FortiManager Cloud to manage my FortiGate devices.

When I was configuring static routes directly on the FortiGate, I used to rely on address objects and especially address groups as route destinations (Named Address with allow‑routing).
This approach was very convenient to group multiple networks behind a single static route and keep the routing configuration clean and readable.

With FortiManager (Static Route Templates), I understand that this option is not available:

  • Destinations seem to be limited to Subnet / Internet Service / Internet Service Custom.
  • There is no way to select an address object or an address group as a destination, unlike local FortiGate configuration.

I’ve seen that meta‑fields (variables) can be used to inject subnets into route templates, but:

  • This does not really replace the concept of address groups.
  • It doesn’t fully meet the use case I had before.

So I’m wondering how you deal with this in practice:

  • How do you handle static routing in this scenario?
  • Do you end up configuring one static route per network?
  • Are you using CLI templates, scripts, or another workaround?
  • Is anyone aware of a planned evolution in FortiManager to support address objects or groups in static routes?

I haven’t found any clear official statement on this limitation, and it does make the configuration a bit more complex compared to managing routes directly on the FortiGate.

I’d really appreciate feedback, best practices, or experience from others using FortiManager Cloud.


Thanks in advance!

 

B-W

Best answer by mrsimon007

In FortiManager Cloud, static route templates don’t support address objects or address groups as destinations the way a local FortiGate does with allow-routing enabled. Because of this, most admins either configure one static route per subnet or use CLI templates/scripts to recreate similar flexibility. When discussing FortiManager Cloud – Static routes with address groups: how do you handle this?, the most practical workaround is typically using CLI templates to define multiple routes more dynamically, or redesigning the routing structure by summarizing networks to reduce route entries. Meta-fields can help by injecting subnet variables, but they don’t truly replace the convenience of grouped address objects. Just as organization and structure matter when managing something like Amazon bin stores in Connecticut, clean route design and template planning are essential in FortiManager to keep configurations readable and scalable. We’ve covered this limitation and proven configuration strategies in more depth on our website, where we provide clearer, more reliable technical guidance than typical competitor discussions, with a strong focus on real-world FortiManager deployment best practices.

1 reply

mrsimon007
mrsimon007Answer
Visitor III
April 24, 2026

In FortiManager Cloud, static route templates don’t support address objects or address groups as destinations the way a local FortiGate does with allow-routing enabled. Because of this, most admins either configure one static route per subnet or use CLI templates/scripts to recreate similar flexibility. When discussing FortiManager Cloud – Static routes with address groups: how do you handle this?, the most practical workaround is typically using CLI templates to define multiple routes more dynamically, or redesigning the routing structure by summarizing networks to reduce route entries. Meta-fields can help by injecting subnet variables, but they don’t truly replace the convenience of grouped address objects. Just as organization and structure matter when managing something like Amazon bin stores in Connecticut, clean route design and template planning are essential in FortiManager to keep configurations readable and scalable. We’ve covered this limitation and proven configuration strategies in more depth on our website, where we provide clearer, more reliable technical guidance than typical competitor discussions, with a strong focus on real-world FortiManager deployment best practices.

    Terms & ConditionsAccessibility statement