Technical Tip: Address Object behavior change in FortiGate interface creation in FortiOS v7.2.5+ and v7.4.1+

kyoneda1 · ‎10-20-2025

Description

This article describes the change in behavior of address objects that are automatically created when a new interface is configured.

Scope

FortiOS v7.2.5 or later, and FortiOS v7.4.1 or later.

Solution

When creating a new interface on FortiGate with 'Create address object matching subnet' enabled, a corresponding address object will be automatically created.

In FortiOS v7.2.4 and earlier, the interface's IP address was registered as-is.

However, starting from FortiOS v7.2.5 and FortiOS v7.4.1, the behavior has changed: the address is automatically converted to the corresponding network address and registered.

Below are examples of the GUI screens during configuration:
These examples show the case where the IP address 192.168.200.254/24 is configured on the interface via the GUI.

FortiOS v7.2.4: The interface's IP address is registered as-is.

Network -> Interfaces -> Create new:

Policy ＆ Objects -> Addresses -> Create new object.

FortiOS v7.6.4: The interface's IP address is converted to the corresponding network address.

Network -> Interfaces -> Create new:

Policy ＆ Objects -> Addresses -> Create new object:

Note: As shown above, starting from FortiOS v7.2.5 and FortiOS v7.4.1, the interface's IP address will no longer be registered during creation.

Even when upgrading from an OS version earlier than FortiOS v7.2.4, the existing settings will be automatically converted.

Technical Tip: Address Object behavior change in FortiGate interface creation in FortiOS v7.2.5+ and v7.4.1+

You are leaving our website