Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Florian
New Contributor

FortiManager "Consolidated Policies" display option missing

Hi everyone,

 

actually we're running a FMG-VM with FOS6.2.3, and we want to use the new feature of 6.2, "Consolidated Policy".

 

As described in the cookbook https://docs.fortinet.com/document/fortimanager/6.2.0/new-features/49766/consolidated-firewall-mode, I am not able to turn on the display option for the consolidated policies, because it is simply not there:

 

 

Any clue why it behaves like that? I tried every combination of enabled and disabled consolidated policy feature on the regarding FGs and in the Policy Package option. It is a 6.2 ADOM.

It seems to be just a bug.

 

Any hint would be highly appreciated!

 

BR

Florian

 

2 Solutions
ShawnZA

Just checked ours, on 6.2.1, and also no option to enable it...

View solution in original post

chall_FTNT

That document reference was only relevant for 6.2.0.  Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)

 

Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.

Chris Hall
Fortinet Technical Support

View solution in original post

6 REPLIES 6
gabyrossi
Contributor

Hello, check out this video that shows how to enable it in the FGT and some considerations to have before.

https://www.youtube.com/watch?v=6-GBlFCGZbg

 

Rergards

 

GabyRossi

Florian

Hi GabyRossi,

 

sorry, but our FGTs are managed with our FMG. Configuring on the FGT is no problem at all, but I want and have to configure it via the FMG, where the display option "Consolidated Policy" is missing.

 

BR

Florian

ShawnZA

Just checked ours, on 6.2.1, and also no option to enable it...

chall_FTNT

That document reference was only relevant for 6.2.0.  Even so, by the time of 6.2.0 GA release, it was no longer necessary to change display options directly. Instead it is just necessary to enable consolidated policy mode for the policy package you are working on. (https://docs.fortinet.com...te-new-policy-packages)

 

Step 1: Right-click on Policy Package Step 2: Click on "Enable" Step 3: Enable "Consolidated Firewall Mode" (Those 3 steps have remained constant for all FMG 6.2.x patch releases afaik) Result (for FMG 6.2.0): Now you should see a new line item for a Consolidated policies line item under the Policy Package. Note: Later FMG 6.2 patches may have a different name for the line item that better matches the naming convention in the similar patch level of FortiOS 6.2.

Chris Hall
Fortinet Technical Support
Florian

Hi chall,

 

to be more precise, the line is not intentionally called "Consolidated Policy", you will find it under " SSL Inspection & Authentication", which is quite confusing and does not feel right. My eyes didn't catch that for a long time of toggling and trying.

 

Please take care of tracking and correcting such things in the guides.

 

But thanks for you help.

 

BR

Florian

chall_FTNT

Thank-you, Florian.  I realize that my information was actually based upon FortiManager 6.2.0 (I will retroactively go back & modify my past post).   It seems there were many changes patch by patch in terms of how that line item in the menu was named.  FortiManager GUI was just attempting to track similar changes to naming conventions occurring in FortiOS 6.2.x.

Chris Hall
Fortinet Technical Support