Skip to main content
Belgarioz
Belgarioz
Visitor III
September 17, 2019
Question

Unable to Import Policies

  • September 17, 2019
  • 1 reply
  • 5321 views

Hello, I am unable to import firewall policies to FMG.

In the FMG I have a “never installed “ raining and it’s fine, but when I import Policies from the FGT I keep getting this:


import objs: dev(xxxx-FW),vdom(root),adom(xxx),package(xxxxx_root)
Failed to commit changes (command(set firewall policy.8:dstaddr xx.xx.xx.xx "*.xxx.com") detail(datasrc invalid. object: firewall policy dstaddr. detail: GOOGLE. solution: data cannot be used. reason: invalid value - prop[dstaddr]: Address group cannot contains wildcard-fqdn type address))


 

In the firewall there are NO wildcard-FQDN addresses in the whole firewall!!!!! The policy is working and it is making traffic, it’s just can’t be imported



    1 reply

    emnoc
    emnoc
    New Member
    September 17, 2019

    Address group cannot contains wildcard-fqdn type address))
    I would inspect the policyid#8 and triple check the error looks clearly like something has a wildcard entry and the dst addr value

    Belgarioz
    BelgariozAuthor
    Visitor III
    September 17, 2019

    Hello,

     

    I know the problem lies there, but there is NO wildcards FQDN Address in the whole firewall.

    Going to firewall -> Address list and scrolling down, there is NO FQDN address list.

     

    IT seems Fortiguard, during the import, is importing another Address Object that lies elsewhere not in the firewall itself

    brazz_FTNT
    Staff
    brazz_FTNT
    Staff
    September 17, 2019

    Hey,

     

    What is the Version of  your FMG , FGT , and ADOM in question?

     

    Cheers

    Terms & ConditionsAccessibility statement