I have a address group on the fortigate/fortimanager for one of our policies that I’m trying to update today. When I create the updates and add the object to the address group and push out the updated policy package it says there is no updates to push. Looking into this it seems that when I update and address object in use by the fortigate it creates a per device mapping that it will not let me remove. The issue is I can’t remove the device mapping and I can’t update the device mapping cause it says that object already exsists. How are we supposed to update address groups. The only way I have found so far is creating a new group.
Within the per-device mapping section, you should see a list of devices and the policies assigned to them. Select the device or devices for which you want to remove mappings and delete these mappings from the system.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.