The wildcard is working for me. This is something to do with DNS resolving as per docummentation:
When the wildcard FQDN gets the resolved IP addresses, FortiOS loads the addresses into the firewall policy for traffic matching.
I have a FortiGate in mode that the FortiGate provides DNS for clients on its local interfaces.
Unfortunately this feature is not docummented as it should be. Should the FGT be the source DNS for the clients or the clients can access external DNS server directly and the FGT will update is FQDN table according to the DNS server response? How many IP addresses can be in the buffer (cached) for one wildcard FQDN?
Why Fortinet does not give all the information about the features? ... and not only about the features.
It is very hard to get some more detailed information about anything.
If you want to see something like FortiGate 6.2.2 admin guide or handbook you will not find it. Only cookbook for 6.2.0. Why the admin guide/handbook does not exists anymore?
Where is the 6.2.2 cookbook containing information about the wildcard policy object?
Check the last Handbook for 6.0.6 FortiOS version. Very nice Hadbook where you can find information about the firewall objects.
Nobody wants the handbook anymore?
I cannot see the 6.2.2 handbook if some exists on the docs.fortinet.com.
This is very sad :(
NSE 8, CCNP R+S