FortiManager (7.4.6) no longer prepends policy block name to policy

DarioA · ‎01-09-2025

Hi everyone,

I've recently upgraded FortiManager from 7.4.5 to 7.4.6 and noticed a change in behavior regarding policy block names. Previously, FortiManager would prepend the name of a policy block to the name of a policy when deploying the rules to the FortiGate. However, this no longer seems to be the case in version 7.4.6.

Immediately after the update I noticed that when deploying policies to the FortiGate it would fail because of duplicate policy names.
For instance I have a rule defined on a Policy Package for FortiGate1 which is named "DNS" and I have a policy block called "global" appended to that policy package which also has a rule defined named "DNS".
If you check the names of the rules on the FortiGate directly they had the names "DNS" and "global-DNS" before the update.
After the update both rules would now be called "DNS" which leads to this duplicate issue and therefore the policy install fails from FortiManager.

Current workaround is to just make sure there are no duplicates, with that everything works as usual.
But I am still curious if there is a setting to change this behaviour, or if anyone else has encountered this issue?
I also didn't find any insights on the release notes.

Thanks in advance!

mpapisetty · ‎01-09-2025

Hi @DarioA ,

This is the new behaviour starting from 7.4.6. There is a rather cryptic note in the resolved issues that is responsible for this change -

https://docs.fortinet.com/document/fortimanager/7.4.6/release-notes/972111/resolved-issues#:~:text=i...

Due the prepend, policy name exceeded the maximum length allowed and hence the prepend is taken off to not allow the overflow to happen.

HTH
Manoj Papisetty

View solution in original post

mpapisetty · ‎01-09-2025