Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Allwyn_Mascarenhas
Contributor

Edit multiple policies at once with CLI

Hi

Was wondering if FGT has some method such as cisco's "interface range 1-5" where i can select a range of policy ids and apply similar AV, WF or cert inspection profiles to them at once with a single cmd.

 

Also sucks that you have add all members again when you want to add one new member to an address group.

 

Thanks.

3 REPLIES 3
ede_pfau
Esteemed Contributor III

You can easily bulk-edit policies using the config file - get it, edit it, restore it, reboot. Of course it should be manually tedious, otherwise the effort is not worth it.

It's the only way to change an interface's name BTW.

 

Second, in the v5.2 FortiOS you have the option to "append" values to a list, in the CLI. Check the "What's New" for v5.2.3 for instance.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
bseklecki
New Contributor II

It would be a nice feature: "edit [RegEx]" to apply/edit/append to a range of objects 

xsilver_FTNT

FortiManager and values abstraction into object model is what I think is exactly for that.

 

El Cheap-o way is config backup -> any reasonable text editor, even cheap like Atom / Notepad++ -> Ctrl-H for Find and replace (Notepad++ -> Search mode = Regex). 

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

Labels
Top Kudoed Authors