Skip to main content
jomof
jomof
New Member
February 26, 2022
Solved

Unable to see revese clone option in firewall policy on fortigaTe 80F Ver 6.4

  • February 26, 2022
  • 3 replies
  • 8470 views

Hello Expert,

 

I have fortigate 80F running version 6.4.

I create a firewall policy and would like to to Clone Reverse the Policy.

When I right click on the policy I not see the option to clone reverse.

 

Is there some feature that has to be turn on before the option becomes visible.

I humbly request some guidance  

 .

 

Thank you

Regard Jomo

Best answer by amouawad

Not sure what version of 6.4 you're running Jomo but I can see the clone reverse option on one of my devices running 6.4.7.

 

One thing to check is that the policy does not have NAT enabled. For any NAT enabled policies you can't clone reverse (the option doesn't show up).

 

Try right click on a policy with no NAT and see if clone reverse comes up as an option.

3 replies

AlexC-FTNT
Staff
AlexC-FTNT
Staff
February 26, 2022

Hello Jomo, 

Edit: I was wrong. The option is still there for policies without NAT (or VIP)

amouawad
Staff
amouawadAnswer
Staff
February 26, 2022

Not sure what version of 6.4 you're running Jomo but I can see the clone reverse option on one of my devices running 6.4.7.

 

One thing to check is that the policy does not have NAT enabled. For any NAT enabled policies you can't clone reverse (the option doesn't show up).

 

Try right click on a policy with no NAT and see if clone reverse comes up as an option.

    jomof
    jomofAuthor
    New Member
    February 26, 2022

    Hello amouawad,

     

    I will check when I am back at the office and will revert with an update.

     

    Thanks you.

     

    Regards

    AlexC-FTNT
    Staff
    AlexC-FTNT
    Staff
    February 26, 2022

    Also no VIP (even if NAT is disabled):

    AlexCFTNT_0-1645885363827.png

     

    RickySpanish
    RickySpanish
    New Member
    February 4, 2025

    Came across this post running 7.2.10. I found my missing Clone Reverse issue to be related to using a Address Group in my Source Networks field (weird). Once I swapped to an Address Object (not Group), the option to Clone Reverse was available. I want to emphasize that all my Address Objects and Groups are set for "any" interface as well. What is in the Destination Networks (Address or Group object) did not make a difference.

    Terms & ConditionsAccessibility statement