FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
MartiskaM
Staff
Staff
Description

 

This article describes how Meta fields were replaced since version 7.2.0 by Meta variables and their usage including Jinja scripting.

 

Scope

 

FortiManager.

 

Solution

 

Since 7.2.0 it is possible  to find the Meta Variables under Policy & Objects -> Objects Configuration -> Advanced.

 

Previous Meta Fields that were created prior to 7.2.0 will be converted and present in this section as well.

 

(Before upgrade – Meta Fields).

 

MartiskaM_0-1655730761376.png

 

MartiskaM_0-1668956337471.png

 

(After upgrade – Meta Variables).

 

MartiskaM_1-1655730761381.png

 

MartiskaM_1-1668956416856.png

 

MartiskaM_2-1668956448323.png

 

New Meta Variables include Per-Device Mapping option that allows users to create unique value for each FortiGate.

 

MartiskaM_2-1655730761409.png

 

Meta Variables usage in Objects, where syntax is $(name_of_the_variable).

(It is also possible to create the variables directly from the objects pane where, when $ is typed, it will be prompted with a message windows as depicted on screenshot below).

 

1) Virtual IPs.

 

MartiskaM_3-1655730761415.png

 

2) Addresses.

 

MartiskaM_4-1655730761462.png

 

3) IP Pools.

 

MartiskaM_5-1655730761468.png

 

Meta Variables usage in System Templates, Static Route Templates and SD-WAN Templates etc.., where syntax is $(name_of_variable).

 

1) System Template.

 

MartiskaM_6-1655730761476.png

 

2) Static Route Template.

 

MartiskaM_7-1655730761481.png

 

3) SD-WAN Interface Members.

 

MartiskaM_8-1655730761487.png

 

Meta Variables usage in CLI Templates, where syntax is {{name_of_variable}}.

 

In the CLI Templates, choose the Jinja Script to have the Meta Variables working.

 

MartiskaM_9-1655730761492.png

 

Meta Variables can be found using the command below at the bottom of the configuration list.

 

# exe fmpolicy print-adom-object ?

 

The question mark will display ADOMs after that use it one more time to locate the object number for fmg variables.

 

MartiskaM_10-1655730761494.png

 

This allows user to utilize scripting and create objects using scripts ran locally on FortiManager.

 

MartiskaM_11-1655730761500.png

 

In this example the script result will look as following the CLI.

 

MartiskaM_12-1655730761502.png

 

 

Debug during installation:

 

# diagnose debug application securityconsole 255

# diagnose debug enable

 

 To close debug use the following.

 

# diagnose debug disable

# diagnose debug reset