Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vbarrios
Staff
Staff

Created on ‎10-29-2023 10:20 PM Edited on ‎10-29-2023 10:20 PM By Community Manager

Article Id 281489

Technical Tip: Address object missing under select entries of an Address Group.

Description This article describes the case where new or existing address objects are not listed and cannot be added to an Address group. 

 

By trying to add the address object via CLI, it is possible to see the below error:

 

FGVM02TM22026828-VBA~IOS # config firewall addrgrp
FGVM02TM22026828-VBA~IOS (addrgrp) # edit Lab-Networks
FGVM02TM22026828-VBA~IOS (Lab-Networks) # set member Lab-Network-1

 

member:Lab-Network-1 is not a fabric-object.

node_check_object fail! for name Lab-Network-1

 

value parse error before 'Lab-Network-1'

Command fail. Return code -651
Scope FortiGate v6.0.x, v7.0.x, v7.2.x and 7.4.x.
Solution

When address groups are set with the 'fabric-object' feature enabled, it is only possible to add address objects with the 'Security Fabric global object setting' into the Group.

 

In order to add any type of object, remove this command: 

 

Solution.JPG

 

Then, all objects can be added to the Group: 

 

Solution2.JPG

 

251
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.