Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sasad
New Contributor III

Auto update policy and objects in fortimanager cloud

Hi,

 

I've just implemented the automated stitch on Fortigate to auto block the attacker's IP that are trying to connect IP Sec VPN and it is working perfectly fine.

 

The problem is that, since we are using FortiManager Cloud where all the policies and objects are synced and we are managing the configuration from it, at every new creation of IP object in Fortigate the Fortimanager becomes out of sync and need to re import the policy. Is it possible to automate it? OR Can we exclude some address objects, groups and policies from sync?

Asad
Asad
3 REPLIES 3
johnathan
Staff
Staff

By default auto-update should automatically push any change made on the FortiGate to the FortiManager. See: https://docs.fortinet.com/document/fortimanager/7.6.0/administration-guide/229356/auto-update-and-au...
Are you able to confirm if you have this option disabled?

"Never trust a computer you can't throw out a window."
sasad
New Contributor III

Just to be more specific, I've automate the script to add the remote IP fetched from the log event and append it to the group that has been declared in local-in policy to block the external IPs.

Asad
Asad
sasad
New Contributor III

Yes, I've already enabled it but it is only for configuration changes while policy and objects will remain unchanged, as also mentioned in this link.

Asad
Asad
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors