Technical Tip: New Meta Variables and their usage including Jinja scripting

MartiskaM · ‎06-20-2022

Description

This article describes how Meta fields were replaced since version 7.2.0 by Meta variables and their usage including Jinja scripting.

Scope

FortiManager.

Solution

Since v7.2.0 it is possible to find the Meta Variables under Policy & Objects -> Objects Configuration -> Advanced.

Previous Meta Fields that were created beforev 7.2.0 will be converted and presented in this section as well.

(Before upgrade – Meta Fields).

(After upgrade – Meta Variables).

New Meta Variables include a Per-Device Mapping option that allows users to create unique values for each FortiGate.

Meta Variables usage in Objects, where the syntax is $(name_of_the_variable).

(It is also possible to create the variables directly from the objects pane where, when $ is typed, it will be prompted with message windows as depicted in the screenshot below).

Virtual IPs.

Addresses.

IP Pools.

Meta Variables usage in System Templates, Static Route Templates and SD-WAN Templates etc.., where syntax is $(name_of_variable).

System Template.

Static Route Template.

SD-WAN Interface Members.

Meta Variables usage in CLI Templates, where syntax is {{name_of_variable}}.

In the CLI Templates, choose the Jinja Script to have the Meta Variables working.

Meta Variables can be found using the command below at the bottom of the configuration list.

exe fmpolicy print-adom-object ?

The question mark will display ADOMs after that use it one more time to locate the object number for fmg variables.

This allows users to utilize scripting and create objects using scripts run locally on FortiManager.

In this example, the script result will look as follows the CLI.

Debug during installation:

diagnose debug application securityconsole 255

diagnose debug enable

To close debug use the following.

diagnose debug disable

diagnose debug reset

Related articles: