I don' t recall ever having this problem on earlier firmware versions, but here is what I have just found on my FortiGate 200B-POE running v4.0 build 6390,100921 (MR2 Patch 2):
I decided I wanted to change the name of a couple of addresses that are in use in firewall policies. I changed a name slightly in the Web interface and when I submitted it, I received an error that the name was " In Use." I clicked OK and got a second error simply stating, " Not Found." However, it brought me back to the address list and the change was successfully applied. I made another change to a different address and the same two errors came up but it also made the change successfully. All policies still worked fine. Fast forward to 2 days later when I rebooted the Fortigate and traffic was suddenly not flowing. I checked the policies and any reference to the two names that were modified were replaced with blanks, meaning the source or destination field was completely empty on these policies. I had to edit each one and pick the appropriate address (the new names) and then everything was back to normal. I was surprised that the Fortigate could not automatically change any policies referring to the addresses that were modified. As I said, I' m pretty sure I' ve made such changes on other Fortigates with older firmware and this never happened.
So, is this by design or a bug?
Because I am using the FortiAPs, I can' t arbitrarily upgrade/downgrade the Fortigate' s firmware without a matching AP firmware as well.
I' ve seen similar behaviour with MR2 software. It complains about not being able to change the name but then changes it anyway. Never had it come back blank though.
In 3.0 you could change address names.
Thanks for the input, guys.
Paul, the src/dst fields in the policies didn' t show up blank until the firewall was actually rebooted. Up until that point, everything continues to work fine, so if I wasn' t physically moving this unit around forcing me to power off, I might not have found out until months down the road.
Ede, I believe I am at the latest firmware pair for the 200B-POE and FortiAPs, so I can' t upgrade until they release Patch 4 on this branch.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.