Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
haziqsulaiman
Staff
Staff

Created on ‎10-29-2024 01:13 AM

Article Id 353560

Troubleshooting Tip: Why Wildcard FQDN or Wildcard FQDN Group Objects Cannot be Used in Policies in FortiManager

Description

This article describes why Wildcard FQDN objects are not configurable in policies in FortiManager.
Scope FortiManager.
Solution

Example Scenario:

The following firewall objects are created within FortiManager, an Address object, a Wildcard FQDN object, and a Wildcard FQDN Group object.

 

objects.png

 

When configuring policies in the Policy Package within FortiManager, notice that for the Source and Destination field, the Address object can be configured, but not the Wildcard FQDN or Wildcard FQDN Group objects.

 

policy_config.png

 

This is because Wildcard FQDN objects are only used for SSL/SSH Inspection Security Profile as shown below.

 

ssl_profile.png

 

To configure policies with wildcard FQDN, an address object must be created with the Category set as Address, and the Type set to FQDN. An example of a wildcard FQDN object that can be used in policies is shown below.

 

wildcard_address.png
119
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.