Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
darrell
New Contributor

Copy interface firewall policies

We have a couple of 300As (MR6) in a cluster managed by a FM400A (MR7p1). I am needing to duplicate all port5 policies to port6. Is there a quick way to do this either in FM or CLI?
3 REPLIES 3
rwpatterson
Valued Contributor III

Don' t have a FortiManager, but if it' s like a Fortigate it should be pretty straight forward. [ul]
  • Make a backup without a password.
  • Edit the text file, and cut out the section that refers to the policies (config system policy in Fortigate).
  • Next remove all the policies that do not have port5 in them. (Make sure your network entities are not set for only ' port5' . The policy write will fail if they are! They have to be set to ' all' if you are going to use them on multiple ports.
  • Take a look at the GUI interface at the policy section, and determine the highest policy number.
  • Do a global replace on the short section of policies (port5 => port6).
  • Renumber the policies (or you will rewrite your existing ones!) starting with the next available policy number, determined from the GUI.
  • from the CLI, paste the new section of policies back into the running unit. [/ul] That' s it! Good luck
  • Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com

    Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
    darrell
    New Contributor

    Thanks, I knew it could be done that way...just did not want to manually change all of the policy numbers if I did not have to.
    rwpatterson
    Valued Contributor III

    Sorry, you have to if you' re cloning. If you' re moving, skip that step.

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com

    Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
    Announcements

    Select Forum Responses to become Knowledge Articles!

    Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

    Labels
    Top Kudoed Authors