Troubleshooting Tip: CIDR Filter Not Working in Address Object Table on FortiOS v7.4.x

kjay · ‎09-17-2025

Description This article describes an issue where the Address object table on FortiGate devices cannot be filtered using CIDR notation (for example, /24) after upgrading to v7.4.x.

Scope

FortiGate v7.4.

Solution

The address object table supports only simple string-based filters and lacks IP logic-based filters like contains or overlaps, causing searches with CIDR notation (for example, 1.1.1.0/24) to return inaccurate results.

Test Environment.

Tested on these versions:

v7.2.8.
v7.4.8.
v7.6.4.

Reproduction Steps.

Go to Policy & Objects -> Addresses.
Create these address objects (IP Range/Subnet):
- 1.1.1.0/24.
- 1.1.1.1/32.
- 1.1.1.2/32.
- 1.1.1.3/32.
In the search bar, type 1.1.1.0/24.

Results.

v7.2.8: Shows matching results.

v7.4.8: non-exact matches (issue occurs).

v7.6.4: Shows matching results.

This behavior occurs only in v7.4.x and has been resolved in:

v7.6.4 (available to download from the Fortinet support portal).
v8.0.0 (scheduled to be released in February 2026).

These timelines for firmware release are estimates and may be subject to change.

Troubleshooting Tip: CIDR Filter Not Working in Address Object Table on FortiOS v7.4.x

You are leaving our website